From 8a45ae67ed7371a9d28cbba6de188af3270562b6 Mon Sep 17 00:00:00 2001
From: rsanchez <rsanchez@curisit.net>
Date: Mon, 17 Apr 2017 17:11:04 +0000
Subject: [PATCH] #3529 feature - Securized access for readonly users

---
 securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java |   14 ++++++++++++--
 1 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java b/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
index 3422cbb..21a819a 100644
--- a/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/LicenseTypeResource.java
@@ -74,12 +74,22 @@
 	@Path("/")
 	@Produces({ MediaType.APPLICATION_JSON })
 	@Securable
-	public Response index() {
+	public Response index(@Context BasicSecurityContext bsc) {
 		LOG.info("Getting license types list ");
 
 		// EntityManager em = emProvider.get();
 		em.clear();
-		TypedQuery<LicenseType> q = em.createNamedQuery("list-license_types", LicenseType.class);
+		TypedQuery<LicenseType> q;
+		if (bsc.isUserInRole(BasicSecurityContext.ROL_ADMIN)) {
+			q = em.createNamedQuery("list-license_types", LicenseType.class);
+		} else {
+			if (bsc.getApplicationsIds() == null || bsc.getApplicationsIds().isEmpty()) {
+				return Response.ok().build();
+			}
+			q = em.createNamedQuery("list-license_types-by_apps-id", LicenseType.class);
+
+			q.setParameter("list_ids", bsc.getApplicationsIds());
+		}
 		List<LicenseType> list = q.getResultList();
 
 		return Response.ok(list).build();

--
Gitblit v1.3.2