@Override public boolean isAuthorized(String userId, ProposalTask task) { boolean hasPermission = true; ProposalDevelopmentDocument doc = task.getDocument(); String proposalNbr = doc.getDevelopmentProposal().getProposalNumber(); if (proposalNbr == null) { // We have to consider the case when we are saving the document for the first time. String unitNumber = doc.getDevelopmentProposal().getOwnedByUnitNumber(); // If the unit number is not specified, we will let the save operation continue because it // will fail with an error. But if the user tries to save a proposal for a wrong unit, then // we will indicate that the user does not have permission to do that. if (unitNumber != null) { UnitAuthorizationService auth = KcServiceLocator.getService(UnitAuthorizationService.class); hasPermission = auth.hasPermission( userId, unitNumber, Constants.MODULE_NAMESPACE_PROPOSAL_DEVELOPMENT, PermissionConstants.CREATE_PROPOSAL); } } else { /* * After the initial save, the proposal can have new notes added by users with the modify proposal role. */ hasPermission = hasProposalPermission(userId, doc, PermissionConstants.VIEW_PROPOSAL) || kraWorkflowService.hasWorkflowPermission(userId, doc); } return hasPermission; }