/** * Check if the current user is allowed to access the requested resource. * * @param httpRequest * @throws AccessDeniedException If the request is not allowed considering the resource * permissions. */ public boolean isAllowed(HttpServletRequest httpRequest) throws AccessDeniedException { final String requestURI = httpRequest.getRequestURI(); Set<Entry<String, String[]>> entrySet = this.roleProtectedResources.entrySet(); for (Entry<String, String[]> entry : entrySet) { if (matches(entry.getKey(), requestURI)) { Identity identity = getIdentity(); if (!identity.isLoggedIn()) { return false; } else { String[] roles = entry.getValue(); for (String roleName : roles) { IdentityManager identityManager = getIdentityManager(); Role role = BasicModel.getRole(identityManager, roleName.trim()); if (role == null) { throw new IllegalStateException( "The specified role does not exists [" + role + "]. Check your configuration."); } if (!BasicModel.hasRole(getRelationshipManager(), identity.getAccount(), role)) { return false; } } } } } return true; }
public boolean hasRole(String roleName) { Account account = getIdentity().getAccount(); Role role = getRole(this.identityManager.get(), roleName); if (role == null) return false; return BasicModel.hasRole(this.relationshipManager.get(), account, role); }
public boolean isAdmin() { if (isUserLoggedIn()) { IdentityManager identityManager = getIdentityManager(); RelationshipManager relationshipManager = getRelationshipManager(); return BasicModel.hasRole( relationshipManager, identity.getAccount(), BasicModel.getRole(identityManager, "Administrator")); } return false; }