common/securis.git

..	..	@@ -96,6 +96,15 @@
96	96	return Response.ok(lt).build();
97	97	}
98	98
	99	+ private boolean isCyclicalRelationship(int currentId, Organization parent) {
	100	+ while (parent != null) {
	101	+ if (parent.getId() == currentId)
	102	+ return true;
	103	+ parent = parent.getParentOrganization();
	104	+ }
	105	+ return false;
	106	+ }
	107	+
99	108	@POST
100	109	@Path("/")
101	110	@Consumes(MediaType.APPLICATION_JSON)
..	..	@@ -157,6 +166,10 @@
157	166	log.error("Organization parent with id {} not found in DB", org.getParentOrgId());
158	167	return Response.status(Status.NOT_FOUND).header(SecurisErrorHandler.HEADER_ERROR_MESSAGE, "Organization's parent not found with ID: " + org.getParentOrgId()).build();
159	168	}
	169	+ if (isCyclicalRelationship(currentOrg.getId(), parentOrg)) {
	170	+ log.error("Organization parent generate a cyclical relationship, parent id {}, current id: {}", org.getParentOrgId(), currentOrg.getId());
	171	+ return Response.status(Status.FORBIDDEN).header(SecurisErrorHandler.HEADER_ERROR_MESSAGE, "Cyclical relationships are not allowed, please change the parent organization, current Parent: " + parentOrg.getName()).build();
	172	+ }
160	173	}
161	174
162	175	List<User> users = null;
..	..	@@ -165,8 +178,8 @@
165	178	users = new ArrayList<>();
166	179	for (String username : usersIds) {
167	180	User user = em.find(User.class, username);
168		- if (parentOrg == null) {
169		- log.error("Organization user with id {} not found in DB", username);
	181	+ if (user == null) {
	182	+ log.error("Organization user with id '{}' not found in DB", username);
170	183	return Response.status(Status.NOT_FOUND).header(SecurisErrorHandler.HEADER_ERROR_MESSAGE, "Organization's user not found with ID: " + username).build();
171	184	}
172	185	users.add(user);