7,6 → 7,7 |
import pt.estgp.estgweb.domain.UserSession; |
import pt.estgp.estgweb.domain.CourseUnit; |
import pt.estgp.estgweb.domain.UserImpl; |
import pt.estgp.estgweb.domain.dao.DaoFactory; |
import pt.estgp.estgweb.Globals; |
import pt.estgp.estgweb.utils.ReflectionBean; |
import pt.utl.ist.berserk.ServiceRequest; |
42,7 → 43,8 |
{ |
CourseUnit courseUnit = (CourseUnit) LoadObjectFromParameters.loadObjectFromClassName(CourseUnit.class.getName(),filterParameters,request.getServiceParameters()); |
|
if(!((UserImpl)userSession.getUser()).isInCourseUnit(courseUnit.getId(),true)) |
if(!(((UserImpl)userSession.getUser()).isInCourseUnit(courseUnit.getId(),true) || DaoFactory.getUserDaoImpl().load(userSession.getUser().getId()).hasRole("services"))) |
//todo verificar brecha na seguranca |
{ |
logger.warn(userSession.getUser().getUsername() + ": try access restricted area"); |
throw new AccessDeniedOperationException("fail.owner"); |