/**
* Perform security check on this action to verify user can execute. Throw appropriate
* AuthorizationException in needed.
*
* @param inActionContext {@link PrincipalActionContext}.
* @throws AuthorizationException thrown if the user does not have proper access
*/
@Override
public void authorize(final PrincipalActionContext inActionContext)
throws AuthorizationException {
AddGadgetRequest request = (AddGadgetRequest) inActionContext.getParams();
Long tabId = request.getTabId();
// get the Tab we're inserting the Gadget into
if (tabId == null) {
// if client passes null for id, find the first tab
Person person = personMapper.findByAccountId(inActionContext.getPrincipal().getAccountId());
tabId = person.getStartTabGroup().getTabs().get(0).getId();
}
// This will throw AuthorizationException if user doesn't have permissions.
if (!tabPermission.canModifyGadgets(
inActionContext.getPrincipal().getAccountId(), tabId, true)) {
throw new AuthorizationException("Failed to authorize adding of the supplied gadget.");
}
}
@Override
public Serializable execute(final PrincipalActionContext inActionContext)
throws ExecutionException {
SetTabOrderRequest currentRequest = (SetTabOrderRequest) inActionContext.getParams();
Person person = personMapper.findByAccountId(inActionContext.getPrincipal().getAccountId());
List<Tab> tabs = person.getTabs(currentRequest.getTabType());
// Find the tab to be moved
int oldIndex = findTabIndex(tabs, currentRequest.getTabId());
Tab movingTab = tabs.get(oldIndex);
// move the tab
tabs.remove(oldIndex);
tabs.add(currentRequest.getNewIndex(), movingTab);
personMapper.flush();
return Boolean.TRUE;
}