+
+ if(!UserUtils.getUserSession(request).getOrgUserId().equalsIgnoreCase(userId)) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Not authorized to view roles of others ");
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ response.getWriter().flush();
+ return null;
+ }
+