X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-gui%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fgui%2Fpages%2FRequestDetail.java;h=8628d4be5b3e7b3f7c2b71379386c295d930eb91;hb=57effd69fb15e0c73f85296d10ff6b358a6cbebb;hp=090b6e3c60c6167b6a7afd9d52e4baf21315fae2;hpb=502da3cb1daf171395630dbaf4a2f2e2fb9aa93e;p=aaf%2Fauthz.git diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java index 090b6e3c..8628d4be 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java @@ -28,6 +28,9 @@ import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.UUID; +import javax.servlet.http.HttpServletRequest; + +import org.onap.aaf.auth.common.Define; import org.onap.aaf.auth.env.AuthzEnv; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.gui.AAF_GUI; @@ -94,9 +97,18 @@ public class RequestDetail extends Page { ); if (fa.get(AAF_GUI.TIMEOUT)) { - if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) { - return Cells.EMPTY; - } + Approval app = fa.value.getApprovals().get(0); + if(app==null) { + return Cells.EMPTY; + } else { + if (!(trans.user().equals(app.getUser()) || + trans.user().equals(app.getApprover()))) { + HttpServletRequest req = trans.get(gui.slot_httpServletRequest,null); + if(req==null || !req.isUserInRole(Define.ROOT_NS()+"|access|*|*")) { + return Cells.EMPTY; + } + } + } tt.done(); tt = trans.start("Load Data", Env.SUB); boolean first = true;