sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
return;\r
}\r
- /*\r
- * START - AAF changes\r
- * TDP EPIC US# 307413\r
- * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
- */\r
- String aafInstance = sub.getAafInstance();\r
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
- AuthorizationResponse aresp = authz.decide(req);\r
- if (!aresp.isAuthorized()) {\r
- message = POLICY_ENGINE;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- } else {\r
- String permission = getSubscriberPermission(aafInstance, BaseServlet.DELETE_PERMISSION);\r
- eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
- if (!req.isUserInRole(permission)) {\r
- message = "AAF disallows access to permission - " + permission;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- }\r
- /*\r
- * END - AAF changes\r
- */\r
// Delete Subscription\r
if (doDelete(sub)) {\r
activeSubs--;\r
sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
return;\r
}\r
-\r
- /*\r
- * START - AAF changes\r
- * TDP EPIC US# 307413\r
- * CADI code - check on permissions based on Legacy/AAF users to allow to delete/remove subscription\r
- */\r
- String aafInstance = sub.getAafInstance();\r
- if (aafInstance == null || "".equals(aafInstance) || "legacy".equalsIgnoreCase(aafInstance)) {\r
- AuthorizationResponse aresp = authz.decide(req);\r
- if (!aresp.isAuthorized()) {\r
- message = POLICY_ENGINE;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- } else {\r
- String permission = getSubscriberPermission(aafInstance, BaseServlet.EDIT_PERMISSION);\r
- eventlogger.info("SubscriptionServlet.doDelete().. Permission String - " + permission);\r
- if (!req.isUserInRole(permission)) {\r
- message = "AAF disallows access to permission - " + permission;\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.error(elr.toString());\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- }\r
- /*\r
- * END - AAF changes\r
- */\r
sub.setSubid(oldsub.getSubid());\r
sub.setFeedid(oldsub.getFeedid());\r
sub.setSubscriber(bhdr); // set from X-DMAAP-DR-ON-BEHALF-OF header\r