public List<Authorization> find(final Application application, final User user) throws RequiredException { this.validateFind(application, user); final List<Authorization> result = new ArrayList<Authorization>(); final List<Authorization> allowed = this.authorizationManager.find(application, user, true); final List<Authorization> revoked = this.authorizationManager.find(application, user, false); boolean valid; for (final Authorization authorization : allowed) { valid = true; for (final Authorization deniedAuthorization : revoked) { if (authorization.getPermission().equals(deniedAuthorization.getPermission())) { valid = false; break; } } if (valid) { result.add(authorization); } } return result; }
private void validatePersist(final Authorization authorization) throws RequiredException { this.serviceValidator.validateRequired("authorization", authorization); this.serviceValidator.validateRequired( "authorization.permission", authorization.getPermission()); this.serviceValidator.validateRequired("authorization.role", authorization.getRole()); this.serviceValidator.validateRequired( "authorization.permission.operation", authorization.getPermission().getOperation()); this.serviceValidator.validateRequired( "authorization.permission.resource", authorization.getPermission().getResource()); this.serviceValidator.validateRequired( "authorization.role.id", authorization.getRole().getId()); this.serviceValidator.validateRequired( "authorization.permission.operation.id", authorization.getPermission().getOperation().getId()); this.serviceValidator.validateRequired( "authorization.permission.resource.id", authorization.getPermission().getResource().getId()); }
@Transactional(TransactionPropagationType.REQUIRED) public void delete(final Authorization authorization) throws RequiredException { this.validateDelete(authorization); final Authorization authz = this.load(authorization.getPermission(), authorization.getRole()); if (authz != null) { this.authorizationManager.delete(authorization); } }
@Transactional(TransactionPropagationType.REQUIRED) public void insert(final Authorization authorization) throws RequiredException { this.validatePersist(authorization); final Authorization authz = this.load(authorization.getPermission(), authorization.getRole()); if (authz == null) { this.authorizationManager.insert(authorization); } else if (authz.isAllowed() != authorization.isAllowed()) { this.authorizationManager.update(authorization); } }