- if ((oldFeed.getVersion() != null) && (feed.getVersion() != null)) {
- if (!oldFeed.getVersion().equals(feed.getVersion())) {
- message = "The version of the feed may not be updated.";
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
- return;
- }
- }
-
- /*
- * START - AAF changes
- * TDP EPIC US# 307413
- * CADI code - check on permissions based on Legacy/AAF users to allow feed edit/update/modify
- */
- String aafInstance = feed.getAafInstance();
- if (aafInstance == null || aafInstance.equals("") || aafInstance.equalsIgnoreCase("legacy")) {
- // Check with the Authorizer
- AuthorizationResponse aresp = authz.decide(req);
- if (!aresp.isAuthorized()) {
- message = "Policy Engine disallows access.";
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
- } else {
- String permission = getFeedPermission(aafInstance, BaseServlet.EDIT_PERMISSION);
- eventlogger.info("FeedServlet.doPut().. Permission String - " + permission);
- if (!req.isUserInRole(permission)) {
- message = "AAF disallows access to permission - " + permission;
- elr.setMessage(message);
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);
- eventlogger.error(elr.toString());
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);
- return;
- }
+ if ((oldFeed.getVersion() != null) && (feed.getVersion() != null)
+ && !oldFeed.getVersion().equals(feed.getVersion())) {
+ message = "The version of the feed may not be updated.";
+ elr.setMessage(message);
+ elr.setResult(HttpServletResponse.SC_BAD_REQUEST);
+ eventlogger.error(elr.toString());
+ sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);
+ return;