Example 1 with ProjectIdAndInitiator
use of com.walmartlabs.concord.server.process.queue.ProcessQueueDao.ProjectIdAndInitiator in project concord by walmartlabs.
the class ProcessEventResource method assertAccessRights.
private void assertAccessRights(PartialProcessKey processKey) {
if (Roles.isAdmin()) {
// an admin can access any project
return;
}
UserPrincipal p = UserPrincipal.getCurrent();
if (p == null) {
return;
}
ProjectIdAndInitiator ids = queueDao.getProjectIdAndInitiator(processKey);
if (ids.getProjectId() != null) {
// access extended event data
if (projectAccessManager.assertAccess(ids.getProjectId(), ResourceAccessLevel.WRITER, true) != null) {
return;
}
}
if (p.getId().equals(ids.getInitiatorId())) {
// if it is a standalone process, only the initator can access extended event data
return;
}
throw new UnauthorizedException("Only admins, process initiators and those who have READER access to " + "the process' projects can access the extended process event data");
}
Also used :
UnauthorizedException(org.apache.shiro.authz.UnauthorizedException)
ProjectIdAndInitiator(com.walmartlabs.concord.server.process.queue.ProcessQueueDao.ProjectIdAndInitiator)
UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal)
Aggregations
ProjectIdAndInitiator (com.walmartlabs.concord.server.process.queue.ProcessQueueDao.ProjectIdAndInitiator)1
UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)1
UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)1
