private void updateAdminStatus(Permissions perm) {
   // if the role of the permission is of type admin update the user
   // lastAdminCheckStatus to true
   Role role = getRoleDao().get(perm.getrole_id());
   if (role.getType() == RoleType.ADMIN) {
     MultiLevelAdministrationHandler.setIsAdminGUIFlag(perm.getad_element_id(), true);
   }
 }
  @Override
  protected boolean canDoAction() {
    Permissions perm = getParameters().getPermission();
    if (perm == null) {
      addCanDoActionMessage(VdcBllMessages.PERMISSION_ADD_FAILED_PERMISSION_NOT_SENT);
      return false;
    }

    Role role = getRoleDao().get(perm.getrole_id());
    Guid adElementId = perm.getad_element_id();

    if (role == null) {
      addCanDoActionMessage(VdcBllMessages.PERMISSION_ADD_FAILED_INVALID_ROLE_ID);
      return false;
    }

    if (perm.getObjectType() == null || getVdcObjectName() == null) {
      addCanDoActionMessage(VdcBllMessages.PERMISSION_ADD_FAILED_INVALID_OBJECT_ID);
      return false;
    }

    // if user and group not sent check user/group is in the db in order to
    // give permission
    if (getParameters().getUser() == null
        && getParameters().getGroup() == null
        && getDbUserDAO().get(adElementId) == null
        && getAdGroupDAO().get(adElementId) == null) {
      getReturnValue()
          .getCanDoActionMessages()
          .add(VdcBllMessages.USER_MUST_EXIST_IN_DB.toString());
      return false;
    }

    // only system super user can give permissions with admin roles
    if (!isSystemSuperUser() && role.getType() == RoleType.ADMIN) {
      addCanDoActionMessage(
          VdcBllMessages.PERMISSION_ADD_FAILED_ONLY_SYSTEM_SUPER_USER_CAN_GIVE_ADMIN_ROLES);
      return false;
    }

    // don't allow adding permissions to vms from pool externally
    if (!isInternalExecution() && perm.getObjectType() == VdcObjectType.VM) {
      VM vm = getVmDAO().get(perm.getObjectId());
      if (vm != null && vm.getVmPoolId() != null) {
        addCanDoActionMessage(VdcBllMessages.PERMISSION_ADD_FAILED_VM_IN_POOL);
        return false;
      }
    }

    return true;
  }