public Result<Roles> roles(AuthzTrans trans, List<RoleDAO.Data> from, Roles to, boolean filter) {
final boolean needNS = trans.requested(REQD_TYPE.ns);
for(RoleDAO.Data frole : from) {
- // Only Add Data to view if User is allowed to see this Role
- //if(!filter || q.mayUserViewRole(trans, trans.user(), frole).isOK()) {
+ // Only Add Data to view if User is allowed to see this Role
if(!filter || q.mayUser(trans, trans.user(), frole,Access.read).isOK()) {
Role role = new Role();
role.setName(frole.ns + '.' + frole.name);
}
for(String p : frole.perms(false)) { // can see any Perms in the Role he has permission for
Result<String[]> rpa = PermDAO.Data.decodeToArray(trans,q,p);
- if(rpa.notOK()) return Result.err(rpa);
+ if(rpa.notOK())
+ return Result.err(rpa);
String[] pa = rpa.value;
Pkey pKey = new Pkey();
return Result.ok(to);
}
- /**
- *
- * @param base
- * @param start
- * @return
- */
@Override
public Result<UserRoleDAO.Data> userRole(AuthzTrans trans, Request base) {
try {
// Setup UserRoleData, either for immediate placement, or for futureIt i
UserRoleDAO.Data to = new UserRoleDAO.Data();
if (from.getUser() != null) {
- String user = from.getUser();
- to.user = user;
+ to.user = from.getUser();
}
if (from.getRole() != null) {
to.role(trans,q,from.getRole());
Code Review / aaf / authz.git / blobdiff