deleteCW.comment("Approval is Orphaned");
Approval.row(deleteCW, appr);
} else {
- ticket.approvals.add(appr); // add to found Ticket
- approvers.add(appr.getApprover());
+ // for users and approvers still valid
+ String user = appr.getUser();
+
+ if(org.isRevoked(noAvg, appr.getApprover())) {
+ deleteCW.comment("Approver ID is revoked");
+ Approval.row(deleteCW, appr);
+ } else if(user!=null && !user.isEmpty() && org.isRevoked(noAvg, user)) {
+ deleteCW.comment("USER ID is revoked");
+ Approval.row(deleteCW, appr);
+ } else {
+ ticket.approvals.add(appr); // add to found Ticket
+ approvers.add(appr.getApprover());
+ }
}
}
} finally {
approver = appr.getApprover();
Pending n = pendingTemp.get(approver);
if(n==null) {
- Date lastNotified = ln.lastNotified(approver,"ur",ticket.f.fdd.target_key);
+ Date lastNotified = ln.lastNotified(approver,"pending",null);
pendingTemp.put(approver,new Pending(lastNotified));
} else {
n.inc();
for(Entry<String, Pending> es : pendingApprs.entrySet()) {
Pending p = es.getValue();
if(p.newApprovals()
- || p.earliest() == null
+ || p.earliest() == LastNotified.NEVER // yes, equals.
|| p.earliest().after(remind)) {
p.row(needApproveCW,es.getKey());
}
if(linst!=null) {
Instance lastBath = null;
for(Instance inst : linst) {
- // if(inst.attn>0) {
- // writeAnalysis(trans, cred, inst);
- // // Special Behavior: only eval the LAST Instance
- // } else
// All Creds go through Life Cycle
if(deleteDate!=null && inst.expires.before(deleteDate)) {
writeAnalysis(noAvg, cred, inst); // will go to Delete
return existing;
}
- private Range writeAnalysis(AuthzTrans trans, UserRole ur) {
+ private Range writeAnalysis(AuthzTrans noAvg, UserRole ur) {
Range r = expireRange.getRange("ur", ur.expires());
if(r!=null) {
Date lnd = ln.lastNotified(LastNotified.newKey(ur));
// Note: lnd is NEVER null
Identity i;
try {
- i = org.getIdentity(trans, ur.user());
+ i = org.getIdentity(noAvg, ur.user());
} catch (OrganizationException e) {
i=null;
}
return r;
}
- private void writeAnalysis(AuthzTrans trans, Cred cred, Instance inst) {
+ private void writeAnalysis(AuthzTrans noAvg, Cred cred, Instance inst) {
if(cred!=null && inst!=null) {
Range r = expireRange.getRange("cred", inst.expires);
if(r!=null) {
// Note: lnd is NEVER null
Identity i;
try {
- i = org.getIdentity(trans, cred.id);
+ i = org.getIdentity(noAvg, cred.id);
} catch (OrganizationException e) {
i=null;
}
}
}
- private void writeAnalysis(AuthzTrans trans, X509 x509, X509Certificate x509Cert) throws IOException {
+ private void writeAnalysis(AuthzTrans noAvg, X509 x509, X509Certificate x509Cert) throws IOException {
Range r = expireRange.getRange("x509", x509Cert.getNotAfter());
if(r!=null) {
Date lnd = ln.lastNotified(LastNotified.newKey(x509,x509Cert));
// Note: lnd is NEVER null
Identity i;
try {
- i = org.getIdentity(trans, x509.id);
+ i = org.getIdentity(noAvg, x509.id);
} catch (OrganizationException e) {
i=null;
}