public Result<Void> createNS(final AuthzTrans trans, REQUEST from, NsType type) {
final Result<Namespace> rnamespace = mapper.ns(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(v.ns(rnamespace).err()) {
+ if (v.ns(rnamespace).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final Namespace namespace = rnamespace.value;
final Result<NsDAO.Data> parentNs = ques.deriveNs(trans,namespace.name);
- if(parentNs.notOK()) {
+ if (parentNs.notOK()) {
return Result.err(parentNs);
}
- if(namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed
+ if (namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed
return func.createNS(trans, namespace, false);
}
private Result<NsDAO.Data> rnd;
@Override
public Result<?> mayChange() {
- if(rnd==null) {
+ if (rnd==null) {
rnd = ques.mayUser(trans, trans.user(), parentNs.value,Access.write);
}
return rnd;
switch(fd.status) {
case OK:
Result<String> rfc = func.createFuture(trans, fd.value, namespace.name, trans.user(),parentNs.value, FUTURE_OP.C);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "NS [%s] is saved for future processing",namespace.name);
} else {
return Result.err(rfc);
try {
// Check inputs
final Validator v = new ServiceValidator();
- if(v.ns(ns).err() ||
+ if (v.ns(ns).err() ||
v.key(key).err() ||
v.value(value).err()) {
return Result.err(Status.ERR_BadData,v.errs());
// Check if exists already
Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
+ if (rlnsd.notOKorIsEmpty()) {
return Result.err(rlnsd);
}
NsDAO.Data nsd = rlnsd.value.get(0);
// Check for Existence
- if(nsd.attrib.get(key)!=null) {
+ if (nsd.attrib.get(key)!=null) {
return Result.err(Status.ERR_ConflictAlreadyExists, "NS Property %s:%s exists", ns, key);
}
// Check if User may put
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
}
public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key) {
// Check inputs
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Key",key).err()) {
+ if (v.nullOrBlank("Key",key).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// May Read
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
":"+trans.org().getDomain()+".*:"+key, Question.READ)) {
return Result.err(Status.ERR_Denied,"%s may not read NS by Attrib '%s'",trans.user(),key);
}
Result<Set<String>> rsd = ques.nsDAO.dao().readNsByAttrib(trans, key);
- if(rsd.notOK()) {
+ if (rsd.notOK()) {
return Result.err(rsd);
}
return mapper().keys(rsd.value);
try {
// Check inputs
final Validator v = new ServiceValidator();
- if(v.ns(ns).err() ||
+ if (v.ns(ns).err() ||
v.key(key).err() ||
v.value(value).err()) {
return Result.err(Status.ERR_BadData,v.errs());
// Check if exists already (NS must exist)
Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
+ if (rlnsd.notOKorIsEmpty()) {
return Result.err(rlnsd);
}
NsDAO.Data nsd = rlnsd.value.get(0);
// Check for Existence
- if(nsd.attrib.get(key)==null) {
+ if (nsd.attrib.get(key)==null) {
return Result.err(Status.ERR_NotFound, "NS Property %s:%s exists", ns, key);
}
// Check if User may put
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
}
try {
// Check inputs
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS",ns).err() ||
+ if (v.nullOrBlank("NS",ns).err() ||
v.nullOrBlank("Key",key).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Check if exists already
Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
+ if (rlnsd.notOKorIsEmpty()) {
return Result.err(rlnsd);
}
NsDAO.Data nsd = rlnsd.value.get(0);
// Check for Existence
- if(nsd.attrib.get(key)==null) {
+ if (nsd.attrib.get(key)==null) {
return Result.err(Status.ERR_NotFound, "NS Property [%s:%s] does not exist", ns, key);
}
// Check if User may del
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) {
+ if (!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) {
return Result.err(Status.ERR_Denied, "%s may not delete NS Attrib [%s:%s]", trans.user(),ns, key);
}
@Override
public Result<NSS> getNSbyName(AuthzTrans trans, String ns) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
+ if (v.nullOrBlank("NS", ns).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, ns);
- if(rlnd.isOK()) {
- if(rlnd.isEmpty()) {
+ if (rlnd.isOK()) {
+ if (rlnd.isEmpty()) {
return Result.err(Status.ERR_NotFound, "No data found for %s",ns);
}
Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Namespace namespace = new Namespace(rnd.value);
Result<List<String>> rd = func.getOwners(trans, namespace.name, false);
- if(rd.isOK()) {
+ if (rd.isOK()) {
namespace.owner = rd.value;
}
rd = func.getAdmins(trans, namespace.name, false);
- if(rd.isOK()) {
+ if (rd.isOK()) {
namespace.admin = rd.value;
}
}
Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".admin", full);
- if(rn.notOK()) {
+ if (rn.notOK()) {
return Result.err(rn);
}
if (rn.isEmpty()) {
}
Result<Collection<Namespace>> rn = loadNamepace(trans, user, null, full);
- if(rn.notOK()) {
+ if (rn.notOK()) {
return Result.err(rn);
}
if (rn.isEmpty()) {
private Result<Collection<Namespace>> loadNamepace(AuthzTrans trans, String user, String endsWith, boolean full) {
Result<List<UserRoleDAO.Data>> urd = ques.userRoleDAO.readByUser(trans, user);
- if(urd.notOKorIsEmpty()) {
+ if (urd.notOKorIsEmpty()) {
return Result.err(urd);
}
Map<String, Namespace> lm = new HashMap<>();
Map<String, Namespace> other = full || endsWith==null?null:new TreeMap<>();
- for(UserRoleDAO.Data urdd : urd.value) {
- if(full) {
- if(endsWith==null || urdd.role.endsWith(endsWith)) {
+ for (UserRoleDAO.Data urdd : urd.value) {
+ if (full) {
+ if (endsWith==null || urdd.role.endsWith(endsWith)) {
RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
- if(nsd.isOK()) {
+ if (nsd.isOK()) {
Namespace namespace = lm.get(nsd.value.name);
- if(namespace==null) {
+ if (namespace==null) {
namespace = new Namespace(nsd.value);
lm.put(namespace.name,namespace);
}
Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
- if(rls.isOK()) {
+ if (rls.isOK()) {
namespace.admin=rls.value;
}
rls = func.getOwners(trans, namespace.name, false);
- if(rls.isOK()) {
+ if (rls.isOK()) {
namespace.owner=rls.value;
}
}
}
} else { // Shortened version. Only Namespace Info available from Role.
- if(Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) {
+ if (Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) {
RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
- if(nsd.isOK()) {
+ if (nsd.isOK()) {
Namespace namespace = lm.get(nsd.value.name);
- if(namespace==null) {
- if(other!=null) {
+ if (namespace==null) {
+ if (other!=null) {
namespace = other.remove(nsd.value.name);
}
- if(namespace==null) {
+ if (namespace==null) {
namespace = new Namespace(nsd.value);
namespace.admin=new ArrayList<>();
namespace.owner=new ArrayList<>();
}
- if(endsWith==null || urdd.role.endsWith(endsWith)) {
+ if (endsWith==null || urdd.role.endsWith(endsWith)) {
lm.put(namespace.name,namespace);
} else {
other.put(namespace.name,namespace);
}
}
- if(Question.OWNER.equals(urdd.rname)) {
+ if (Question.OWNER.equals(urdd.rname)) {
namespace.owner.add(urdd.user);
} else {
namespace.admin.add(urdd.user);
return Result.err(Status.ERR_BadData, v.errs());
}
Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".owner",full);
- if(rn.notOK()) {
+ if (rn.notOK()) {
return Result.err(rn);
}
if (rn.isEmpty()) {
@Override
public Result<NSS> getNSsChildren(AuthzTrans trans, String parent) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", parent).err()) {
+ if (v.nullOrBlank("NS", parent).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<NsDAO.Data> rnd = ques.deriveNs(trans, parent);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Set<Namespace> lm = new HashSet<>();
Result<List<NsDAO.Data>> rlnd = ques.nsDAO.dao().getChildren(trans, parent);
- if(rlnd.isOK()) {
- if(rlnd.isEmpty()) {
+ if (rlnd.isOK()) {
+ if (rlnd.isEmpty()) {
return Result.err(Status.ERR_NotFound, "No data found for %s",parent);
}
- for(NsDAO.Data ndd : rlnd.value) {
+ for (NsDAO.Data ndd : rlnd.value) {
Namespace namespace = new Namespace(ndd);
Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
- if(rls.isOK()) {
+ if (rls.isOK()) {
namespace.admin=rls.value;
}
rls = func.getOwners(trans, namespace.name, false);
- if(rls.isOK()) {
+ if (rls.isOK()) {
namespace.owner=rls.value;
}
public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST from) {
final Result<Namespace> nsd = mapper.ns(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(v.ns(nsd).err()) {
+ if (v.ns(nsd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
- if(v.nullOrBlank("description", nsd.value.description).err()) {
+ if (v.nullOrBlank("description", nsd.value.description).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Namespace namespace = nsd.value;
Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, namespace.name);
- if(rlnd.notOKorIsEmpty()) {
+ if (rlnd.notOKorIsEmpty()) {
return Result.err(Status.ERR_NotFound, "Namespace [%s] does not exist",namespace.name);
}
}
Result<Void> rdr = ques.nsDAO.dao().addDescription(trans, namespace.name, namespace.description);
- if(rdr.isOK()) {
+ if (rdr.isOK()) {
return Result.ok();
} else {
return Result.err(rdr);
public Result<Void> createPerm(final AuthzTrans trans,REQUEST rreq) {
final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
final ServiceValidator v = new ServiceValidator();
- if(v.perm(newPd).err()) {
+ if (v.perm(newPd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), newPd.value, Access.write);
}
return nsd;
}
});
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, newPd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
switch(fd.status) {
trans.user(),
nsr.value.get(0),
FUTURE_OP.C);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
newPd.value.ns,
newPd.value.type,
@Override
public Result<PERMS> getPermsByType(AuthzTrans trans, final String permType) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("PermType", permType).err()) {
+ if (v.nullOrBlank("PermType", permType).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<PermDAO.Data>> rlpd = ques.getPermsByType(trans, permType);
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
// We don't have instance & action for mayUserView... do we want to loop through all returned here as well as in mapper?
// Result<NsDAO.Data> r;
-// if((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r);
+// if ((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r);
PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
+ if (!rlpd.isEmpty()) {
// Note: Mapper will restrict what can be viewed
return mapper.perms(trans, rlpd.value, perms, true);
}
@Override
public Result<PERMS> getPermsByName(AuthzTrans trans, String type, String instance, String action) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("PermType", type).err()
+ if (v.nullOrBlank("PermType", type).err()
|| v.nullOrBlank("PermInstance", instance).err()
|| v.nullOrBlank("PermAction", action).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<PermDAO.Data>> rlpd = ques.getPermsByName(trans, type, instance, action);
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
+ if (!rlpd.isEmpty()) {
// Note: Mapper will restrict what can be viewed
return mapper.perms(trans, rlpd.value, perms, true);
}
@Override
public Result<PERMS> getPermsByUser(AuthzTrans trans, String user) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,
trans.requested(force));
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
PERMS perms = mapper.newInstance(API.PERMS);
- if(rlpd.isEmpty()) {
+ if (rlpd.isEmpty()) {
return Result.ok(perms);
}
// Note: Mapper will restrict what can be viewed
@Override
public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user, trans.requested(force));
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
PERMS perms = mapper.newInstance(API.PERMS);
- if(rlpd.isEmpty()) {
+ if (rlpd.isEmpty()) {
return Result.ok(perms);
}
// Note: Mapper will restrict what can be viewed
public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS _perms, String user) {
PERMS perms = _perms;
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
//////////////
Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,trans.requested(force));
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
2) See if User is allowed
*/
Result<List<PermDAO.Data>> in = mapper.perms(trans, perms);
- if(in.isOKhasData()) {
+ if (in.isOKhasData()) {
List<PermDAO.Data> out = rlpd.value;
boolean ok;
- for(PermDAO.Data pdd : in.value) {
+ for (PermDAO.Data pdd : in.value) {
ok = false;
- if("access".equals(pdd.type)) {
+ if ("access".equals(pdd.type)) {
Access access = Access.valueOf(pdd.action);
String[] mdkey = Split.splitTrim(':',pdd.instance);
- if(mdkey.length>1) {
+ if (mdkey.length>1) {
String type = mdkey[1];
- if("role".equals(type)) {
- if(mdkey.length>2) {
+ if ("role".equals(type)) {
+ if (mdkey.length>2) {
RoleDAO.Data rdd = new RoleDAO.Data();
rdd.ns=pdd.ns;
rdd.name=mdkey[2];
ok = ques.mayUser(trans, trans.user(), rdd, Access.read).isOK() && ques.mayUser(trans, user, rdd , access).isOK();
}
- } else if("perm".equals(type)) {
- if(mdkey.length>4) { // also need instance/action
+ } else if ("perm".equals(type)) {
+ if (mdkey.length>4) { // also need instance/action
PermDAO.Data p = new PermDAO.Data();
p.ns=pdd.ns;
p.type=mdkey[2];
p.action=mdkey[4];
ok = ques.mayUser(trans, trans.user(), p, Access.read).isOK() && ques.mayUser(trans, user, p , access).isOK();
}
- } else if("ns".equals(type)) {
+ } else if ("ns".equals(type)) {
NsDAO.Data ndd = new NsDAO.Data();
ndd.name=pdd.ns;
ok = ques.mayUser(trans, trans.user(), ndd, Access.read).isOK() && ques.mayUser(trans, user, ndd , access).isOK();
}
}
}
- if(ok) {
+ if (ok) {
out.add(pdd);
}
}
}
perms = mapper.newInstance(API.PERMS);
- if(rlpd.isEmpty()) {
+ if (rlpd.isEmpty()) {
return Result.ok(perms);
}
// Note: Mapper will restrict what can be viewed
@Override
public Result<PERMS> getPermsByRole(AuthzTrans trans,String role) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role", role).err()) {
+ if (v.nullOrBlank("Role", role).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques,role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
Result<NsDAO.Data> r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
- if(r.notOK()) {
+ if (r.notOK()) {
return Result.err(r);
}
PERMS perms = mapper.newInstance(API.PERMS);
Result<List<PermDAO.Data>> rlpd = ques.getPermsByRole(trans, role, trans.requested(force));
- if(rlpd.isOKhasData()) {
+ if (rlpd.isOKhasData()) {
// Note: Mapper will restrict what can be viewed
return mapper.perms(trans, rlpd.value, perms, true);
}
@Override
public Result<PERMS> getPermsByNS(AuthzTrans trans,String ns) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
+ if (v.nullOrBlank("NS", ns).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<NsDAO.Data> rnd = ques.deriveNs(trans, ns);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Result<List<PermDAO.Data>> rlpd = ques.permDAO.readNS(trans, ns);
- if(rlpd.notOK()) {
+ if (rlpd.notOK()) {
return Result.err(rlpd);
}
PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
+ if (!rlpd.isEmpty()) {
// Note: Mapper will restrict what can be viewed
return mapper.perms(trans, rlpd.value,perms, true);
}
public Result<Void> renamePerm(final AuthzTrans trans,REQUEST rreq, String origType, String origInstance, String origAction) {
final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
final ServiceValidator v = new ServiceValidator();
- if(v.perm(newPd).err()) {
+ if (v.perm(newPd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<NsSplit> nss = ques.deriveNsSplit(trans, origType);
Result<List<PermDAO.Data>> origRlpd = ques.permDAO.read(trans, nss.value.ns, nss.value.name, origInstance, origAction);
- if(origRlpd.notOKorIsEmpty()) {
+ if (origRlpd.notOKorIsEmpty()) {
return Result.err(Status.ERR_PermissionNotFound,
"Permission [%s|%s|%s] does not exist",
origType,origInstance,origAction);
public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST from) {
final Result<PermDAO.Data> pd = mapper.perm(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(v.perm(pd).err()) {
+ if (v.perm(pd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
- if(v.nullOrBlank("description", pd.value.description).err()) {
+ if (v.nullOrBlank("description", pd.value.description).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final PermDAO.Data perm = pd.value;
- if(ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) {
+ if (ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) {
return Result.err(Status.ERR_NotFound, "Permission [%s.%s|%s|%s] does not exist",
perm.ns,perm.type,perm.instance,perm.action);
}
}
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<Void> rdr = ques.permDAO.addDescription(trans, perm.ns, perm.type, perm.instance,
perm.action, perm.description);
- if(rdr.isOK()) {
+ if (rdr.isOK()) {
return Result.ok();
} else {
return Result.err(rdr);
@Override
public Result<Void> resetPermRoles(final AuthzTrans trans, REQUEST rreq) {
final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
- if(updt.notOKorIsEmpty()) {
+ if (updt.notOKorIsEmpty()) {
return Result.err(updt);
}
final ServiceValidator v = new ServiceValidator();
- if(v.perm(updt).err()) {
+ if (v.perm(updt).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
updt.value.instance,
updt.value.action);
- if(rcurr.notOKorIsEmpty()) {
+ if (rcurr.notOKorIsEmpty()) {
return Result.err(Status.ERR_PermissionNotFound,
"Permission [%s.%s|%s|%s] does not exist",
updt.value.ns,updt.value.type,updt.value.instance,updt.value.action);
// Create a set of Update Roles, which are in Internal Format
Set<String> updtRoles = new HashSet<>();
Result<NsSplit> nss;
- for(String role : updt.value.roles(false)) {
+ for (String role : updt.value.roles(false)) {
nss = ques.deriveNsSplit(trans, role);
- if(nss.isOK()) {
+ if (nss.isOK()) {
updtRoles.add(nss.value.ns + '|' + nss.value.name);
} else {
trans.error().log(nss.errorString());
Result<Void> rv = null;
- for(PermDAO.Data curr : rcurr.value) {
+ for (PermDAO.Data curr : rcurr.value) {
Set<String> currRoles = curr.roles(false);
// must add roles to this perm, and add this perm to each role
// in the update, but not in the current
for (String role : updtRoles) {
if (!currRoles.contains(role)) {
Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
- if(key.isOKhasData()) {
+ if (key.isOKhasData()) {
Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, key.value);
- if(rrd.isOKhasData()) {
- for(RoleDAO.Data r : rrd.value) {
+ if (rrd.isOKhasData()) {
+ for (RoleDAO.Data r : rrd.value) {
rv = func.addPermToRole(trans, r, curr, false);
if (rv.notOK() && rv.status!=Result.ERR_ConflictAlreadyExists) {
return Result.err(rv);
for (String role : currRoles) {
if (!updtRoles.contains(role)) {
Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
- if(key.isOKhasData()) {
+ if (key.isOKhasData()) {
Result<List<RoleDAO.Data>> rdd = ques.roleDAO.read(trans, key.value);
- if(rdd.isOKhasData()) {
- for(RoleDAO.Data r : rdd.value) {
+ if (rdd.isOKhasData()) {
+ for (RoleDAO.Data r : rdd.value) {
rv = func.delPermFromRole(trans, r, curr, true);
if (rv.notOK() && rv.status!=Status.ERR_PermissionNotFound) {
return Result.err(rv);
@Override
public Result<Void> deletePerm(final AuthzTrans trans, REQUEST from) {
Result<PermDAO.Data> pd = mapper.perm(trans, from);
- if(pd.notOK()) {
+ if (pd.notOK()) {
return Result.err(pd);
}
final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(pd.value).err()) {
+ if (v.nullOrBlank(pd.value).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final PermDAO.Data perm = pd.value;
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), perm, Access.write);
}
return nsd;
switch(fd.status) {
case OK:
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, perm.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<String> rfc = func.createFuture(trans, fd.value,
perm.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Perm Deletion [%s] is saved for future processing",perm.encode());
} else {
return Result.err(rfc);
@Override
public Result<Void> deletePerm(AuthzTrans trans, String type, String instance, String action) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
+ if (v.nullOrBlank("Type",type)
.nullOrBlank("Instance",instance)
.nullOrBlank("Action",action)
.err()) {
}
Result<PermDAO.Data> pd = ques.permFrom(trans, type, instance, action);
- if(pd.isOK()) {
+ if (pd.isOK()) {
return func.deletePerm(trans, pd.value, trans.requested(force), false);
} else {
return Result.err(pd);
public Result<Void> createRole(final AuthzTrans trans, REQUEST from) {
final Result<RoleDAO.Data> rd = mapper.role(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(v.role(rd).err()) {
+ if (v.role(rd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) {
+ if (ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) {
return Result.err(Status.ERR_ConflictAlreadyExists, "Role [" + role.fullName() + "] already exists");
}
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), role, Access.write);
}
return nsd;
});
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
case OK:
Result<String> rfc = func.createFuture(trans, fd.value,
role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.C);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Role [%s.%s] is saved for future processing",
rd.value.ns,
rd.value.name);
}
case Status.ACC_Now:
Result<RoleDAO.Data> rdr = ques.roleDAO.create(trans, role);
- if(rdr.isOK()) {
+ if (rdr.isOK()) {
return Result.ok();
} else {
return Result.err(rdr);
@Override
public Result<ROLES> getRolesByName(AuthzTrans trans, String role) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role", role).err()) {
+ if (v.nullOrBlank("Role", role).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Determine if User can ask this question
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.isOKhasData()) {
+ if (rrdd.isOKhasData()) {
Result<NsDAO.Data> r;
- if((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) {
+ if ((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) {
return Result.err(r);
}
} else {
// Look up data
int query = role.indexOf('?');
Result<List<RoleDAO.Data>> rlrd = ques.getRolesByName(trans, query<0?role:role.substring(0, query));
- if(rlrd.isOK()) {
+ if (rlrd.isOK()) {
// Note: Mapper will restrict what can be viewed
ROLES roles = mapper.newInstance(API.ROLES);
return mapper.roles(trans, rlrd.value, roles, true);
@Override
public Result<ROLES> getRolesByUser(AuthzTrans trans, String user) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Get list of roles per user, then add to Roles as we go
Result<List<RoleDAO.Data>> rlrd;
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
- if(rlurd.isOKhasData()) {
- for(UserRoleDAO.Data urd : rlurd.value ) {
+ if (rlurd.isOKhasData()) {
+ for (UserRoleDAO.Data urd : rlurd.value ) {
rlrd = ques.roleDAO.read(trans, urd.ns,urd.rname);
// Note: Mapper will restrict what can be viewed
// if user is the same as that which is looked up, no filtering is required
- if(rlrd.isOKhasData()) {
+ if (rlrd.isOKhasData()) {
mapper.roles(trans, rlrd.value,roles, !user.equals(trans.user()));
}
}
@Override
public Result<ROLES> getRolesByNS(AuthzTrans trans, String ns) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
+ if (v.nullOrBlank("NS", ns).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// check if user is allowed to view NS
Result<NsDAO.Data> rnsd = ques.deriveNs(trans, ns);
- if(rnsd.notOK()) {
+ if (rnsd.notOK()) {
return Result.err(rnsd);
}
rnsd = ques.mayUser(trans, trans.user(), rnsd.value, Access.read);
- if(rnsd.notOK()) {
+ if (rnsd.notOK()) {
return Result.err(rnsd);
}
ROLES roles = mapper.newInstance(API.ROLES);
// Get list of roles per user, then add to Roles as we go
Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readNS(trans, ns);
- if(rlrd.isOK()) {
- if(!rlrd.isEmpty()) {
+ if (rlrd.isOK()) {
+ if (!rlrd.isEmpty()) {
// Note: Mapper doesn't need to restrict what can be viewed, because we did it already.
mapper.roles(trans,rlrd.value,roles,false);
}
@Override
public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Name", name).err()) {
+ if (v.nullOrBlank("Name", name).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
ROLES roles = mapper.newInstance(API.ROLES);
// Get list of roles per user, then add to Roles as we go
Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readName(trans, name);
- if(rlrd.isOK()) {
- if(!rlrd.isEmpty()) {
+ if (rlrd.isOK()) {
+ if (!rlrd.isEmpty()) {
// Note: Mapper will restrict what can be viewed
mapper.roles(trans,rlrd.value,roles,true);
}
@Override
public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action) {
final Validator v = new ServiceValidator();
- if(v.permType(type)
+ if (v.permType(type)
.permInstance(instance)
.permAction(action)
.err()) {
ROLES roles = mapper.newInstance(API.ROLES);
// Get list of roles per user, then add to Roles as we go
Result<NsSplit> nsSplit = ques.deriveNsSplit(trans, type);
- if(nsSplit.isOK()) {
+ if (nsSplit.isOK()) {
PermDAO.Data pdd = new PermDAO.Data(nsSplit.value, instance, action);
Result<?> res;
- if((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) {
+ if ((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) {
return Result.err(res);
}
Result<List<PermDAO.Data>> pdlr = ques.permDAO.read(trans, pdd);
- if(pdlr.isOK())for(PermDAO.Data pd : pdlr.value) {
+ if (pdlr.isOK())for (PermDAO.Data pd : pdlr.value) {
Result<List<RoleDAO.Data>> rlrd;
- for(String r : pd.roles) {
+ for (String r : pd.roles) {
Result<String[]> rs = RoleDAO.Data.decodeToArray(trans, ques, r);
- if(rs.isOK()) {
+ if (rs.isOK()) {
rlrd = ques.roleDAO.read(trans, rs.value[0],rs.value[1]);
// Note: Mapper will restrict what can be viewed
- if(rlrd.isOKhasData()) {
+ if (rlrd.isOKhasData()) {
mapper.roles(trans,rlrd.value,roles,true);
}
}
public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST from) {
final Result<RoleDAO.Data> rd = mapper.role(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(v.role(rd).err()) {
+ if (v.role(rd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
} {
- if(v.nullOrBlank("description", rd.value.description).err()) {
+ if (v.nullOrBlank("description", rd.value.description).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
}
final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) {
+ if (ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) {
return Result.err(Status.ERR_NotFound, "Role [" + role.fullName() + "] does not exist");
}
}
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<Void> rdr = ques.roleDAO.addDescription(trans, role.ns, role.name, role.description);
- if(rdr.isOK()) {
+ if (rdr.isOK()) {
return Result.ok();
} else {
return Result.err(rdr);
public Result<Void> addPermToRole(final AuthzTrans trans, REQUEST rreq) {
// Translate Request into Perm and Role Objects
final Result<PermDAO.Data> rpd = mapper.permFromRPRequest(trans, rreq);
- if(rpd.notOKorIsEmpty()) {
+ if (rpd.notOKorIsEmpty()) {
return Result.err(rpd);
}
final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
- if(rrd.notOKorIsEmpty()) {
+ if (rrd.notOKorIsEmpty()) {
return Result.err(rrd);
}
// Validate Role and Perm values
final ServiceValidator v = new ServiceValidator();
- if(v.perm(rpd.value)
+ if (v.perm(rpd.value)
.role(rrd.value)
.err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.read(trans, rrd.value.ns, rrd.value.name);
- if(rlrd.notOKorIsEmpty()) {
+ if (rlrd.notOKorIsEmpty()) {
return Result.err(Status.ERR_RoleNotFound, "Role [%s] does not exist", rrd.value.fullName());
}
Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, rpd.value.ns,
rpd.value.type, rpd.value.instance, rpd.value.action);
PermDAO.Data createPerm = null; // if not null, create first
- if(rlpd.notOKorIsEmpty()) { // Permission doesn't exist
- if(trans.requested(force)) {
+ if (rlpd.notOKorIsEmpty()) { // Permission doesn't exist
+ if (trans.requested(force)) {
// Remove roles from perm data object so we just create the perm here
createPerm = rpd.value;
createPerm.roles.clear();
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), rpd.value, Access.write);
}
return nsd;
}
});
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rpd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
switch(fd.status) {
trans.user(),
nsr.value.get(0),
FUTURE_OP.G);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
rpd.value.ns,
rpd.value.type,
}
case Status.ACC_Now:
Result<Void> rv = null;
- if(createPerm!=null) {// has been validated for creating
+ if (createPerm!=null) {// has been validated for creating
rv = func.createPerm(trans, createPerm, false);
}
- if(rv==null || rv.isOK()) {
+ if (rv==null || rv.isOK()) {
rv = func.addPermToRole(trans, rrd.value, rpd.value, false);
}
return rv;
@Override
public Result<Void> delPermFromRole(final AuthzTrans trans, REQUEST rreq) {
final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
- if(updt.notOKorIsEmpty()) {
+ if (updt.notOKorIsEmpty()) {
return Result.err(updt);
}
final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
- if(rrd.notOKorIsEmpty()) {
+ if (rrd.notOKorIsEmpty()) {
return Result.err(rrd);
}
final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(updt.value)
+ if (v.nullOrBlank(updt.value)
.nullOrBlank(rrd.value)
.err()) {
return Result.err(Status.ERR_BadData,v.errs());
Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, pdd.ns, pdd.type,
pdd.instance, pdd.action);
- if(rlpd.notOKorIsEmpty()) {
+ if (rlpd.notOKorIsEmpty()) {
return Result.err(Status.ERR_PermissionNotFound,
"Permission [%s.%s|%s|%s] does not exist",
pdd.ns,pdd.type,pdd.instance,pdd.action);
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), pdd, Access.write);
}
return nsd;
}
});
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pdd.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
switch(fd.status) {
nsr.value.get(0),
FUTURE_OP.UG
);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
pdd.ns,
pdd.type,
@Override
public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action) {
Result<Data> rpns = ques.deriveNs(trans, type);
- if(rpns.notOKorIsEmpty()) {
+ if (rpns.notOKorIsEmpty()) {
return Result.err(rpns);
}
final Validator v = new ServiceValidator();
- if(v.role(role)
+ if (v.role(role)
.permType(rpns.value.name,rpns.value.parent)
.permInstance(instance)
.permAction(action)
}
Result<Data> rrns = ques.deriveNs(trans, role);
- if(rrns.notOKorIsEmpty()) {
+ if (rrns.notOKorIsEmpty()) {
return Result.err(rrns);
}
final Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, rrns.value.parent, rrns.value.name);
- if(rrd.notOKorIsEmpty()) {
+ if (rrd.notOKorIsEmpty()) {
return Result.err(rrd);
}
final Result<List<PermDAO.Data>> rpd = ques.permDAO.read(trans, rpns.value.parent, rpns.value.name, instance, action);
- if(rpd.notOKorIsEmpty()) {
+ if (rpd.notOKorIsEmpty()) {
return Result.err(rpd);
}
@Override
public Result<Void> deleteRole(AuthzTrans trans, String role) {
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.isOKhasData()) {
+ if (rrdd.isOKhasData()) {
final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(rrdd.value).err()) {
+ if (v.nullOrBlank(rrdd.value).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
return func.deleteRole(trans, rrdd.value, false, false);
public Result<Void> deleteRole(final AuthzTrans trans, REQUEST from) {
final Result<RoleDAO.Data> rd = mapper.role(trans, from);
final ServiceValidator v = new ServiceValidator();
- if(rd==null) {
+ if (rd==null) {
return Result.err(Status.ERR_BadData,"Request does not contain Role");
}
- if(v.nullOrBlank(rd.value).err()) {
+ if (v.nullOrBlank(rd.value).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) {
+ if (ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) {
return Result.err(Status.ERR_RoleNotFound, "Role [" + role.fullName() + "] does not exist");
}
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.mayUser(trans, trans.user(), role, Access.write);
}
return nsd;
switch(fd.status) {
case OK:
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<String> rfc = func.createFuture(trans, fd.value,
role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Role Deletion [%s.%s] is saved for future processing",
rd.value.ns,
rd.value.name);
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.validNSOfDomain(trans, cred.id);
}
// is Ns of CredID valid?
- if(nsd.isOK()) {
+ if (nsd.isOK()) {
try {
// Check Org Policy
- if(trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) {
+ if (trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) {
return Result.ok();
} else {
Result<?> rmc = ques.mayUser(trans, trans.user(), nsd.value, Access.write);
- if(rmc.isOKhasData()) {
+ if (rmc.isOKhasData()) {
return rmc;
}
}
@Override
public Result<?> mayChange() {
// User can change himself (but not create)
- if(trans.user().equals(cred.id)) {
+ if (trans.user().equals(cred.id)) {
return Result.ok();
}
- if(nsd==null) {
+ if (nsd==null) {
nsd = ques.validNSOfDomain(trans, cred.id);
}
// Get the Namespace
- if(nsd.isOK()) {
- if(ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) {
+ if (nsd.isOK()) {
+ if (ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) {
return Result.ok();
}
String user[] = Split.split('.',trans.user());
- if(user.length>2) {
+ if (user.length>2) {
String company = user[user.length-1] + '.' + user[user.length-2];
- if(ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) {
+ if (ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) {
return Result.ok();
}
}
try {
Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
- if(rcred.isOKhasData()) {
+ if (rcred.isOKhasData()) {
byte[] rawCred = rcred.value.cred.array();
rcred = ques.userCredSetup(trans, rcred.value);
final ServiceValidator v = new ServiceValidator();
- if(v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations
+ if (v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations
return Result.err(Status.ERR_BadData,v.errs());
}
} catch (Exception e1) {
trans.error().log(e1,rcred.value.id,"cannot be validated at this time");
}
- if(mechID==null || !mechID.isFound()) {
+ if (mechID==null || !mechID.isFound()) {
return Result.err(Status.ERR_Policy,"MechIDs must be registered with %s before provisioning in AAF",org.getName());
}
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(Status.ERR_NsNotFound,"Cannot provision %s on non-existent Namespace %s",mechID.id(),rcred.value.ns);
}
// password to validate char differences.
rb = ques.userCredCheck(trans, curr, rawCred);
- if(rb.notOK()) {
+ if (rb.notOK()) {
return Result.err(rb);
- } else if(rb.value){
+ } else if (rb.value){
return Result.err(Status.ERR_Policy, "Credential content cannot be reused.");
} else if (Chrono.dateOnlyStamp(curr.expires).equals(Chrono.dateOnlyStamp(rcred.value.expires)) && curr.type==rcred.value.type) {
return Result.err(Status.ERR_ConflictAlreadyExists, "Credential with same Expiration Date exists, use 'reset'");
String theMechID = rcred.value.id;
Boolean otherMechIDs = false;
// find out if this is the only mechID. other MechIDs mean special handling (not automated)
- for(CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) {
- if(!cd.id.equals(theMechID)) {
+ for (CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) {
+ if (!cd.id.equals(theMechID)) {
otherMechIDs = true;
break;
}
}
String reason;
// We can say "ID does not exist" here
- if((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) {
+ if ((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) {
return Result.err(Status.ERR_Denied, reason);
}
firstID=true;
Result<String> rfc = func.createFuture(trans, fd.value,
rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
trans.user(), nsr.value.get(0), FUTURE_OP.C);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s] is saved for future processing",
rcred.value.id,
Integer.toString(rcred.value.type),
}
case Status.ACC_Now:
try {
- if(firstID) {
+ if (firstID) {
// && !nsr.value.get(0).isAdmin(trans.getUserPrincipal().getName())) {
Result<List<String>> admins = func.getAdmins(trans, nsr.value.get(0).name, false);
// OK, it's a first ID, and not by NS Admin, so let's set TempPassword length
// Note, we only do this on First time, because of possibility of
// prematurely expiring a production id
- if(admins.isOKhasData() && !admins.value.contains(trans.user())) {
+ if (admins.isOKhasData() && !admins.value.contains(trans.user())) {
rcred.value.expires = org.expiration(null, Expiration.TempPassword).getTime();
}
}
trans.error().log(e, "While setting expiration to TempPassword");
}
Result<?>udr = ques.credDAO.create(trans, rcred.value);
- if(udr.isOK()) {
+ if (udr.isOK()) {
return Result.ok();
}
return Result.err(udr);
@Override
public Result<USERS> getCredsByNS(AuthzTrans trans, String ns) {
final Validator v = new ServiceValidator();
- if(v.ns(ns).err()) {
+ if (v.ns(ns).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// check if user is allowed to view NS
Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
USERS users = mapper.newInstance(API.USERS);
Result<List<CredDAO.Data>> rlcd = ques.credDAO.readNS(trans, ns);
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
+ if (rlcd.isOK()) {
+ if (!rlcd.isEmpty()) {
return mapper.cred(rlcd.value, users);
}
return Result.ok(users);
@Override
public Result<USERS> getCredsByID(AuthzTrans trans, String id) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("ID",id).err()) {
+ if (v.nullOrBlank("ID",id).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
String ns = Question.domain2ns(id);
// check if user is allowed to view NS
Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
USERS users = mapper.newInstance(API.USERS);
Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, id);
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
+ if (rlcd.isOK()) {
+ if (!rlcd.isEmpty()) {
return mapper.cred(rlcd.value, users);
}
return Result.ok(users);
CERTS certs = mapper.newInstance(API.CERTS);
Result<List<CertDAO.Data>> rlcd = ques.certDAO.readID(trans, id);
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
+ if (rlcd.isOK()) {
+ if (!rlcd.isEmpty()) {
return mapper.cert(rlcd.value, certs);
}
return Result.ok(certs);
TimeTaken tt = trans.start(cmdDescription, Env.SUB);
try {
Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
- if(rcred.isOKhasData()) {
+ if (rcred.isOKhasData()) {
rcred = ques.userCredSetup(trans, rcred.value);
final ServiceValidator v = new ServiceValidator();
- if(v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations
+ if (v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id);
- if(rlcd.notOKorIsEmpty()) {
+ if (rlcd.notOKorIsEmpty()) {
return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
}
}
Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
- if(ri.notOK()) {
+ if (ri.notOK()) {
return Result.err(ri);
}
int entry = ri.value;
mc);
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<String> rfc = func.createFuture(trans, fd.value,
rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
trans.user(), nsr.value.get(0), FUTURE_OP.U);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s]",
rcred.value.id,
Integer.toString(rcred.value.type),
// If we are Resetting Password on behalf of someone else (am not the Admin)
// use TempPassword Expiration time.
Expiration exp;
- if(ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) {
+ if (ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) {
exp = Expiration.Password;
} else {
exp = Expiration.TempPassword;
rcred.value.notes=current.notes;
udr = ques.credDAO.create(trans, rcred.value);
- if(udr.isOK()) {
+ if (udr.isOK()) {
udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
}
if (udr.isOK()) {
Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
Organization org = trans.org();
final ServiceValidator v = new ServiceValidator();
- if(v.notOK(cred).err() ||
+ if (v.notOK(cred).err() ||
v.nullOrBlank(cred.value.id, "Invalid ID").err() ||
v.user(org,cred.value.id).err()) {
return Result.err(Status.ERR_BadData,v.errs());
// Get the list of Cred Entries
Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
- if(rlcd.notOKorIsEmpty()) {
+ if (rlcd.notOKorIsEmpty()) {
return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
}
//Need to do the "Pick Entry" mechanism
Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
- if(ri.notOK()) {
+ if (ri.notOK()) {
return Result.err(ri);
}
cd.expires = org.expiration(null, Expiration.ExtendPassword,days).getTime();
cred = ques.credDAO.create(trans, cd);
- if(cred.isOK()) {
+ if (cred.isOK()) {
return Result.ok();
}
return Result.err(cred);
errMessage.append(' ');
}
errMessage.append(" Type Expires" + '\n');
- for(int i=0;i<value.size();++i) {
+ for (int i=0;i<value.size();++i) {
errMessage.append(" %s\n");
}
errMessage.append("Run same command again with chosen entry as last parameter");
public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST from) {
final Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("cred", cred.value.id).err()) {
+ if (v.nullOrBlank("cred", cred.value.id).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
- if(rlcd.notOKorIsEmpty()) {
+ if (rlcd.notOKorIsEmpty()) {
// Empty Creds should have no user_roles.
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
ques.userRoleDAO.delete(trans, data, false);
}
}
}
int entry = 0;
- if(!trans.requested(force)) {
+ if (!trans.requested(force)) {
if (rlcd.value.size() > 1) {
CredRequest cr = (CredRequest)from;
String inputOption = cr.getEntry();
return Result.err(Status.ERR_ChoiceNeeded, message, variables);
} else {
try {
- if(inputOption.length()>5) { // should be a date
+ if (inputOption.length()>5) { // should be a date
Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime();
entry = 0;
- for(CredDAO.Data cd : rlcd.value) {
- if(cd.type.equals(cr.getType()) && cd.expires.equals(d)) {
+ for (CredDAO.Data cd : rlcd.value) {
+ if (cd.type.equals(cr.getType()) && cd.expires.equals(d)) {
break;
}
++entry;
} else {
entry = Integer.parseInt(inputOption) - 1;
}
- } catch(NullPointerException e) {
+ } catch (NullPointerException e) {
return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry");
- } catch(NumberFormatException e) {
+ } catch (NumberFormatException e) {
return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
}
}
mc);
Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, cred.value.ns);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Result<String> rfc = func.createFuture(trans, fd.value, cred.value.id,
trans.user(), nsr.value.get(0), FUTURE_OP.D);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Credential Delete [%s] is saved for future processing",cred.value.id);
} else {
return Result.err(rfc);
case Status.ACC_Now:
Result<?>udr = null;
if (!trans.requested(force)) {
- if(entry<0 || entry >= rlcd.value.size()) {
+ if (entry<0 || entry >= rlcd.value.size()) {
return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id);
}
udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
}
}
}
- if(isLastCred) {
+ if (isLastCred) {
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
ques.userRoleDAO.delete(trans, data, false);
}
}
}
- if(udr==null) {
+ if (udr==null) {
return Result.err(Result.ERR_NotFound,"No User Data found");
}
if (udr.isOK()) {
try {
// Note: Mapper assigns RAW type
Result<CredDAO.Data> data = mapper.cred(trans, credReq,false);
- if(data.notOKorIsEmpty()) {
+ if (data.notOKorIsEmpty()) {
return Result.err(data);
}
CredDAO.Data cred = data.value; // of the Mapped Cred
- if(cred.cred==null) {
+ if (cred.cred==null) {
return Result.err(Result.ERR_BadData,"No Password");
} else {
return ques.doesUserCredMatch(trans, cred.id, cred.cred.array());
BasicPrincipal bp = new BasicPrincipal(basicAuth,trans.org().getRealm());
Result<Date> rq = ques.doesUserCredMatch(trans, bp.getName(), bp.getCred());
// Note: Only want to log problem, don't want to send back to end user
- if(rq.isOK()) {
+ if (rq.isOK()) {
return rq;
} else {
trans.audit().log(rq.errorString());
TimeTaken tt = trans.start("Create UserRole", Env.SUB);
try {
Result<UserRoleDAO.Data> urr = mapper.userRole(trans, from);
- if(urr.notOKorIsEmpty()) {
+ if (urr.notOKorIsEmpty()) {
return Result.err(urr);
}
final UserRoleDAO.Data userRole = urr.value;
final ServiceValidator v = new ServiceValidator();
- if(v.user_role(userRole).err() ||
+ if (v.user_role(userRole).err() ||
v.user(trans.org(), userRole.user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
private Result<NsDAO.Data> nsd;
@Override
public Result<?> mayChange() {
- if(nsd==null) {
+ if (nsd==null) {
RoleDAO.Data r = RoleDAO.Data.decode(userRole);
nsd = ques.mayUser(trans, trans.user(), r, Access.write);
}
}
});
Result<NsDAO.Data> nsr = ques.deriveNs(trans, userRole.role);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
case OK:
Result<String> rfc = func.createFuture(trans, fd.value, userRole.user+'|'+userRole.ns + '.' + userRole.rname,
userRole.user, nsr.value, FUTURE_OP.C);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "UserRole [%s - %s.%s] is saved for future processing",
userRole.user,
userRole.ns,
@Override
public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
+ if (v.nullOrBlank("Role",role).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<RoleDAO.Data> rrdd;
rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
// May Requester see result?
// Get list of roles per user, then add to Roles as we go
HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
userSet.add(data);
}
}
@Override
public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User",user).err()) {
+ if (v.nullOrBlank("User",user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Get list of roles per user, then add to Roles as we go
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
- if(rlurd.notOK()) {
+ if (rlurd.notOK()) {
return Result.err(rlurd);
}
String callingUser = trans.getUserPrincipal().getName();
NsDAO.Data ndd = new NsDAO.Data();
- if(user.equals(callingUser)) {
+ if (user.equals(callingUser)) {
mustFilter = false;
} else {
Organization org = trans.org();
try {
Identity orgID = org.getIdentity(trans, user);
Identity manager = orgID==null?null:orgID.responsibleTo();
- if(orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) {
+ if (orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) {
mustFilter = false;
- } else if(ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) {
+ } else if (ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) {
mustFilter=false;
} else {
mustFilter = true;
}
List<UserRoleDAO.Data> content;
- if(mustFilter) {
+ if (mustFilter) {
content = new ArrayList<>(rlurd.value.size()); // avoid multi-memory redos
- for(UserRoleDAO.Data data : rlurd.value) {
+ for (UserRoleDAO.Data data : rlurd.value) {
ndd.name=data.ns;
Result<Data> mur = ques.mayUser(trans, callingUser, ndd, Access.read);
- if(mur.isOK()){
+ if (mur.isOK()){
content.add(data);
}
}
public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST rreq) {
Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
final ServiceValidator v = new ServiceValidator();
- if(rurdd.notOKorIsEmpty()) {
+ if (rurdd.notOKorIsEmpty()) {
return Result.err(rurdd);
}
if (v.user(trans.org(), rurdd.value.user).err()) {
Set<String> currRoles = new HashSet<>();
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, rurdd.value.user);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
currRoles.add(data.role);
}
}
Result<Void> rv = null;
String[] roles;
- if(rurdd.value.role==null) {
+ if (rurdd.value.role==null) {
roles = new String[0];
} else {
roles = rurdd.value.role.split(",");
return Result.err(Status.ERR_BadData,v.errs());
}
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
return Result.err(nsd);
}
Result<NsDAO.Data> nsr = ques.deriveNs(trans, role);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
- if(currRoles.contains(role)) {
+ if (currRoles.contains(role)) {
currRoles.remove(role);
} else {
rv = func.addUserRole(trans, rurdd.value);
for (String role : currRoles) {
rurdd.value.role(trans,ques,role);
rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
- if(rv.notOK()) {
+ if (rv.notOK()) {
trans.info().log(rurdd.value.user,"/",rurdd.value.role, "expected to be deleted, but does not exist");
// return rv; // if it doesn't exist, don't error out
}
@Override
public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST rreq) {
Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
- if(rurdd.notOKorIsEmpty()) {
+ if (rurdd.notOKorIsEmpty()) {
return Result.err(rurdd);
}
final ServiceValidator v = new ServiceValidator();
}
Result<NsDAO.Data> nsr = ques.deriveNs(trans, rurdd.value.role);
- if(nsr.notOKorIsEmpty()) {
+ if (nsr.notOKorIsEmpty()) {
return Result.err(nsr);
}
Set<String> currUsers = new HashSet<>();
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, rurdd.value.role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
currUsers.add(data.user);
}
}
}
rurdd.value.user = user;
- if(currUsers.contains(user)) {
+ if (currUsers.contains(user)) {
currUsers.remove(user);
} else {
rv = func.addUserRole(trans, rurdd.value);
for (String user : currUsers) {
rurdd.value.user = user;
rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
- if(rv.notOK()) {
+ if (rv.notOK()) {
trans.info().log(rurdd.value, "expected to be deleted, but not exists");
return rv;
}
public Result<Void> extendUserRole(AuthzTrans trans, String user, String role) {
Organization org = trans.org();
final ServiceValidator v = new ServiceValidator();
- if(v.user(org, user)
+ if (v.user(org, user)
.role(role)
.err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
Result<NsDAO.Data> rcr = ques.mayUser(trans, trans.user(), rrdd.value, Access.write);
boolean mayNotChange;
- if((mayNotChange = rcr.notOK()) && !trans.requested(future)) {
+ if ((mayNotChange = rcr.notOK()) && !trans.requested(future)) {
return Result.err(rcr);
}
Result<List<UserRoleDAO.Data>> rr = ques.userRoleDAO.read(trans, user,role);
- if(rr.notOK()) {
+ if (rr.notOK()) {
return Result.err(rr);
}
- for(UserRoleDAO.Data userRole : rr.value) {
- if(mayNotChange) { // Function exited earlier if !trans.futureRequested
+ for (UserRoleDAO.Data userRole : rr.value) {
+ if (mayNotChange) { // Function exited earlier if !trans.futureRequested
FutureDAO.Data fto = new FutureDAO.Data();
fto.target=UserRoleDAO.TABLE;
fto.memo = "Extend User ["+userRole.user+"] in Role ["+userRole.role+"]";
Result<String> rfc = func.createFuture(trans, fto,
userRole.user+'|'+userRole.role, userRole.user, rcr.value, FUTURE_OP.U);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
userRole.user,
userRole.role);
@Override
public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role) {
Validator val = new ServiceValidator();
- if(val.nullOrBlank("User", usr)
+ if (val.nullOrBlank("User", usr)
.nullOrBlank("Role", role).err()) {
return Result.err(Status.ERR_BadData, val.errs());
}
boolean mayNotChange;
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
Result<NsDAO.Data> rns = ques.mayUser(trans, trans.user(), rdd, Access.write);
// Make sure we don't delete the last owner of valid NS
- if(rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) {
+ if (rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) {
return Result.err(Status.ERR_Denied,"You may not delete the last Owner of " + rdd.ns );
}
- if(mayNotChange=rns.notOK()) {
- if(!trans.requested(future)) {
+ if (mayNotChange=rns.notOK()) {
+ if (!trans.requested(future)) {
return Result.err(rns);
}
}
Result<List<UserRoleDAO.Data>> rulr;
- if((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) {
+ if ((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) {
return Result.err(Status.ERR_UserRoleNotFound, "User [ "+usr+" ] is not "
+ "Assigned to the Role [ " + role + " ]");
}
UserRoleDAO.Data userRole = rulr.value.get(0);
- if(mayNotChange) { // Function exited earlier if !trans.futureRequested
+ if (mayNotChange) { // Function exited earlier if !trans.futureRequested
FutureDAO.Data fto = new FutureDAO.Data();
fto.target=UserRoleDAO.TABLE;
fto.memo = "Remove User ["+userRole.user+"] from Role ["+userRole.role+"]";
Result<String> rfc = func.createFuture(trans, fto,
userRole.user+'|'+userRole.role, userRole.user, rns.value, FUTURE_OP.D);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
userRole.user,
userRole.role);
@Override
public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role) {
final Validator v = new ServiceValidator();
- if(v.role(role).nullOrBlank("User", user).err()) {
+ if (v.role(role).nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
// May calling user see by virtue of the Role
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readUserInRole(trans, user, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
userSet.add(data);
}
}
@Override
public Result<USERS> getUsersByRole(AuthzTrans trans, String role) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
+ if (v.nullOrBlank("Role",role).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
// May calling user see by virtue of the Role
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
boolean contactOnly = false;
// Allow the request of any valid user to find the contact of the NS (Owner)
Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
- if(rnd.notOK()) {
- if(Question.OWNER.equals(rrdd.value.name)) {
+ if (rnd.notOK()) {
+ if (Question.OWNER.equals(rrdd.value.name)) {
contactOnly = true;
} else {
return Result.err(rnd);
HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- if(contactOnly) { //scrub data
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
+ if (contactOnly) { //scrub data
// Can't change actual object, or will mess up the cache.
UserRoleDAO.Data scrub = new UserRoleDAO.Data();
scrub.ns = data.ns;
@Override
public Result<USERS> getUsersByPermission(AuthzTrans trans, String type, String instance, String action) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
+ if (v.nullOrBlank("Type",type)
.nullOrBlank("Instance",instance)
.nullOrBlank("Action",action)
.err()) {
}
Result<NsSplit> nss = ques.deriveNsSplit(trans, type);
- if(nss.notOK()) {
+ if (nss.notOK()) {
return Result.err(nss);
}
Set<String> roleUsed = new HashSet<>();
Set<UserRoleDAO.Data> userSet = new HashSet<>();
- if(!nss.isEmpty()) {
+ if (!nss.isEmpty()) {
Result<List<PermDAO.Data>> rlp = ques.permDAO.readByType(trans, nss.value.ns, nss.value.name);
- if(rlp.isOKhasData()) {
- for(PermDAO.Data pd : rlp.value) {
- if((allInstance || pd.instance.equals(instance)) &&
+ if (rlp.isOKhasData()) {
+ for (PermDAO.Data pd : rlp.value) {
+ if ((allInstance || pd.instance.equals(instance)) &&
(allAction || pd.action.equals(action))) {
- if(ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) {
- for(String role : pd.roles) {
- if(!roleUsed.contains(role)) { // avoid evaluating Role many times
+ if (ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) {
+ for (String role : pd.roles) {
+ if (!roleUsed.contains(role)) { // avoid evaluating Role many times
roleUsed.add(role);
Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role.replace('|', '.'));
- if(rlurd.isOKhasData()) {
- for(UserRoleDAO.Data urd : rlurd.value) {
+ if (rlurd.isOKhasData()) {
+ for (UserRoleDAO.Data urd : rlurd.value) {
userSet.add(urd);
}
}
@Override
public Result<HISTORY> getHistoryByUser(final AuthzTrans trans, String user, final int[] yyyymm, final int sort) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User",user).err()) {
+ if (v.nullOrBlank("User",user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<NsDAO.Data> rnd;
// Users may look at their own data
- if(trans.user().equals(user)) {
+ if (trans.user().equals(user)) {
// Users may look at their own data
} else {
int at = user.indexOf('@');
- if(at>=0 && trans.org().getRealm().equals(user.substring(at+1))) {
+ if (at>=0 && trans.org().getRealm().equals(user.substring(at+1))) {
NsDAO.Data nsd = new NsDAO.Data();
nsd.name = Question.domain2ns(user);
rnd = ques.mayUser(trans, trans.user(), nsd, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
} else {
rnd = ques.validNSOfDomain(trans, user);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
}
}
Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readByUser(trans, user, yyyymm);
- if(resp.notOK()) {
+ if (resp.notOK()) {
return Result.err(resp);
}
return mapper.history(trans, resp.value,sort);
@Override
public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String role, int[] yyyymm, final int sort) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
+ if (v.nullOrBlank("Role",role).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
+ if (rrdd.notOK()) {
return Result.err(rrdd);
}
Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, role, "role", yyyymm);
- if(resp.notOK()) {
+ if (resp.notOK()) {
return Result.err(resp);
}
return mapper.history(trans, resp.value,sort);
@Override
public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String type, int[] yyyymm, final int sort) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
+ if (v.nullOrBlank("Type",type)
.err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
// May user see Namespace of Permission (since it's only one piece... we can't check for "is permission part of")
Result<NsDAO.Data> rnd = ques.deriveNs(trans,type);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, type, "perm", yyyymm);
- if(resp.notOK()) {
+ if (resp.notOK()) {
return Result.err(resp);
}
return mapper.history(trans, resp.value,sort);
@Override
public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String ns, int[] yyyymm, final int sort) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS",ns)
+ if (v.nullOrBlank("NS",ns)
.err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
+ if (rnd.notOK()) {
return Result.err(rnd);
}
Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, ns, "ns", yyyymm);
- if(resp.notOK()) {
+ if (resp.notOK()) {
return Result.err(resp);
}
return mapper.history(trans, resp.value,sort);
private Result<Void> createOrUpdateDelegate(final AuthzTrans trans, REQUEST base, final Access access) {
final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
final ServiceValidator v = new ServiceValidator();
- if(v.delegate(trans.org(),rd).err()) {
+ if (v.delegate(trans.org(),rd).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
final DelegateDAO.Data dd = rd.value;
Result<List<DelegateDAO.Data>> ddr = ques.delegateDAO.read(trans, dd);
- if(access==Access.create && ddr.isOKhasData()) {
+ if (access==Access.create && ddr.isOKhasData()) {
return Result.err(Status.ERR_ConflictAlreadyExists, "[%s] already delegates to [%s]", dd.user, ddr.value.get(0).delegate);
- } else if(access!=Access.create && ddr.notOKorIsEmpty()) {
+ } else if (access!=Access.create && ddr.notOKorIsEmpty()) {
return Result.err(Status.ERR_NotFound, "[%s] does not have a Delegate Record to [%s].",dd.user,access.name());
}
Result<Void> rv = ques.mayUser(trans, dd, access);
- if(rv.notOK()) {
+ if (rv.notOK()) {
return rv;
}
case OK:
Result<String> rfc = func.createFuture(trans, fd.value,
dd.user, trans.user(),null, access==Access.create?FUTURE_OP.C:FUTURE_OP.U);
- if(rfc.isOK()) {
+ if (rfc.isOK()) {
return Result.err(Status.ACC_Future, "Delegate for [%s]",
dd.user);
} else {
return Result.err(rfc);
}
case Status.ACC_Now:
- if(access==Access.create) {
+ if (access==Access.create) {
Result<DelegateDAO.Data> rdr = ques.delegateDAO.create(trans, dd);
- if(rdr.isOK()) {
+ if (rdr.isOK()) {
return Result.ok();
} else {
return Result.err(rdr);
public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST base) {
final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
final Validator v = new ServiceValidator();
- if(v.notOK(rd).nullOrBlank("User", rd.value.user).err()) {
+ if (v.notOK(rd).nullOrBlank("User", rd.value.user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<DelegateDAO.Data>> ddl;
- if((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) {
+ if ((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) {
return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
}
final DelegateDAO.Data dd = ddl.value.get(0);
Result<Void> rv = ques.mayUser(trans, dd, Access.write);
- if(rv.notOK()) {
+ if (rv.notOK()) {
return rv;
}
public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {
DelegateDAO.Data dd = new DelegateDAO.Data();
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", userName).err()) {
+ if (v.nullOrBlank("User", userName).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
dd.user = userName;
Result<List<DelegateDAO.Data>> ddl;
- if((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) {
+ if ((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) {
return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
}
dd = ddl.value.get(0);
Result<Void> rv = ques.mayUser(trans, dd, Access.write);
- if(rv.notOK()) {
+ if (rv.notOK()) {
return rv;
}
@Override
public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
ddd.user = user;
ddd.delegate = null;
Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
- if(rv.notOK()) {
+ if (rv.notOK()) {
return Result.err(rv);
}
@Override
public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Delegate", delegate).err()) {
+ if (v.nullOrBlank("Delegate", delegate).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
DelegateDAO.Data ddd = new DelegateDAO.Data();
ddd.user = delegate;
Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
- if(rv.notOK()) {
+ if (rv.notOK()) {
return Result.err(rv);
}
@Override
public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals) {
Result<List<ApprovalDAO.Data>> rlad = mapper.approvals(approvals);
- if(rlad.notOK()) {
+ if (rlad.notOK()) {
return Result.err(rlad);
}
int numApprs = rlad.value.size();
- if(numApprs<1) {
+ if (numApprs<1) {
return Result.err(Status.ERR_NoApprovals,"No Approvals sent for Updating");
}
int numProcessed = 0;
Result<List<ApprovalDAO.Data>> curr;
Lookup<List<ApprovalDAO.Data>> apprByTicket=null;
- for(ApprovalDAO.Data updt : rlad.value) {
- if(updt.ticket!=null) {
+ for (ApprovalDAO.Data updt : rlad.value) {
+ if (updt.ticket!=null) {
curr = ques.approvalDAO.readByTicket(trans, updt.ticket);
- if(curr.isOKhasData()) {
+ if (curr.isOKhasData()) {
final List<ApprovalDAO.Data> add = curr.value;
apprByTicket = new Lookup<List<ApprovalDAO.Data>>() { // Store a Pre-Lookup
@Override
}
};
}
- } else if(updt.id!=null) {
+ } else if (updt.id!=null) {
curr = ques.approvalDAO.read(trans, updt);
- } else if(updt.approver!=null) {
+ } else if (updt.approver!=null) {
curr = ques.approvalDAO.readByApprover(trans, updt.approver);
} else {
return Result.err(Status.ERR_BadData,"Approvals need ID, Ticket or Approval data to update");
}
- if(curr.isOKhasData()) {
+ if (curr.isOKhasData()) {
Map<String, Result<List<DelegateDAO.Data>>> delegateCache = new HashMap<>();
Map<UUID, FutureDAO.Data> futureCache = new HashMap<>();
FutureDAO.Data hasDeleted = new FutureDAO.Data();
- for(ApprovalDAO.Data cd : curr.value) {
- if("pending".equals(cd.status)) {
+ for (ApprovalDAO.Data cd : curr.value) {
+ if ("pending".equals(cd.status)) {
// Check for right record. Need ID, or (Ticket&Trans.User==Appr)
// If Default ID
boolean delegatedAction = ques.isDelegated(trans, user, cd.approver, delegateCache);
String delegator = cd.approver;
- if(updt.id!=null ||
+ if (updt.id!=null ||
(updt.ticket!=null && user.equals(cd.approver)) ||
(updt.ticket!=null && delegatedAction)) {
- if(updt.ticket.equals(cd.ticket)) {
+ if (updt.ticket.equals(cd.ticket)) {
Changed ch = new Changed();
cd.id = ch.changed(cd.id,updt.id);
// cd.ticket = changed(cd.ticket,updt.ticket);
cd.memo = ch.changed(cd.memo,updt.memo);
cd.operation = ch.changed(cd.operation,updt.operation);
cd.updated = ch.changed(cd.updated,updt.updated==null?new Date():updt.updated);
- if(updt.status.equals("denied")) {
+ if (updt.status.equals("denied")) {
cd.last_notified = null;
}
- if(cd.ticket!=null) {
+ if (cd.ticket!=null) {
FutureDAO.Data fdd = futureCache.get(cd.ticket);
- if(fdd==null) { // haven't processed ticket yet
+ if (fdd==null) { // haven't processed ticket yet
Result<FutureDAO.Data> rfdd = ques.futureDAO.readPrimKey(trans, cd.ticket);
- if(rfdd.isOK()) {
+ if (rfdd.isOK()) {
fdd = rfdd.value; // null is ok
} else {
fdd = hasDeleted;
}
futureCache.put(cd.ticket, fdd); // processed this Ticket... don't do others on this ticket
}
- if(fdd==hasDeleted) { // YES, by Object
+ if (fdd==hasDeleted) { // YES, by Object
cd.ticket = null;
cd.status = "ticketDeleted";
ch.hasChanged(true);
} else {
FUTURE_OP fop = FUTURE_OP.toFO(cd.operation);
- if(fop==null) {
+ if (fop==null) {
trans.info().printf("Approval Status %s is not actionable",cd.status);
- } else if(apprByTicket!=null) {
+ } else if (apprByTicket!=null) {
Result<OP_STATUS> rv = func.performFutureOp(trans, fop, fdd, apprByTicket,func.urDBLookup);
if (rv.isOK()) {
switch(rv.value) {
}
++numProcessed;
}
- if(ch.hasChanged()) {
+ if (ch.hasChanged()) {
ques.approvalDAO.update(trans, cd, true);
}
}
}
}
- if(numApprs==numProcessed) {
+ if (numApprs==numProcessed) {
return Result.ok();
}
return Result.err(Status.ERR_ActionNotCompleted,numProcessed + " out of " + numApprs + " completed");
private boolean hasChanged = false;
public<T> T changed(T src, T proposed) {
- if(proposed==null || (src!=null && src.equals(proposed))) {
+ if (proposed==null || (src!=null && src.equals(proposed))) {
return src;
}
hasChanged=true;
@Override
public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
+ if (v.nullOrBlank("User", user).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByUser(trans, user);
- if(rapd.isOK()) {
+ if (rapd.isOK()) {
return mapper.approvals(rapd.value);
} else {
return Result.err(rapd);
@Override
public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Ticket", ticket).err()) {
+ if (v.nullOrBlank("Ticket", ticket).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
UUID uuid;
}
Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByTicket(trans, uuid);
- if(rapd.isOK()) {
+ if (rapd.isOK()) {
return mapper.approvals(rapd.value);
} else {
return Result.err(rapd);
@Override
public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver) {
final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Approver", approver).err()) {
+ if (v.nullOrBlank("Approver", approver).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
List<ApprovalDAO.Data> listRapds = new ArrayList<>();
Result<List<ApprovalDAO.Data>> myRapd = ques.approvalDAO.readByApprover(trans, approver);
- if(myRapd.notOK()) {
+ if (myRapd.notOK()) {
return Result.err(myRapd);
}
*/
@Override
public Result<Void> cacheClear(AuthzTrans trans, String cname) {
- if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
+ if (ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
return ques.clearCache(trans,cname);
}
return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear",
*/
@Override
public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment) {
- if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
+ if (ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
Result<Void> v=null;
- for(int i: segment) {
+ for (int i: segment) {
v=ques.cacheClear(trans,cname,i);
}
- if(v!=null) {
+ if (v!=null) {
return v;
}
}
Code Review / aaf / authz.git / blobdiff