Revision 47:0d0bf7125ea8
src/main/java/my/com/upass/MinimalUPassControllerV2.java | ||
---|---|---|
511 | 511 |
return result; |
512 | 512 |
} |
513 | 513 |
|
514 |
/** |
|
515 |
* This methods identifies the target app using <code>appAccessId</code>, |
|
516 |
* hence meant for {@link ClientApp}s |
|
517 |
* |
|
518 |
* @see #findProfile(String, String, String, Integer, Session) |
|
519 |
*/ |
|
514 | 520 |
public UserProfile findProfile( |
515 | 521 |
String appAccessId, String hashedSecretKey, |
516 | 522 |
String username, Session txSession) |
... | ... | |
519 | 525 |
return findProfile(appAccessId, hashedSecretKey, username, null, txSession); |
520 | 526 |
} |
521 | 527 |
|
528 |
/** |
|
529 |
* Because of the ability to choose the target app, |
|
530 |
* this method is meant for USS mainly. |
|
531 |
* |
|
532 |
* @see #findProfile(String, String, String, Session) |
|
533 |
*/ |
|
522 | 534 |
public UserProfile findProfile( |
523 | 535 |
String appAccessId, String hashedSecretKey, |
524 | 536 |
String username, Integer targetAppId, Session txSession) |
... | ... | |
526 | 538 |
|
527 | 539 |
try { |
528 | 540 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
529 |
if (checkResult.invokerAppId == null && !checkResult.hasUPassAdminAccess()) |
|
530 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
541 |
final boolean upassAdmin = checkResult.hasUPassAdminAccess(); |
|
542 |
if (upassAdmin) { |
|
543 |
if (targetAppId == null) |
|
544 |
throw new UPassException(MinimalConstants.ERR_INVALID_INPUT); |
|
531 | 545 |
|
532 |
if (targetAppId == null) { |
|
533 |
targetAppId = checkResult.invokerAppId; |
|
546 |
} else { |
|
547 |
if (checkResult.invokerAppId == null) |
|
548 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
534 | 549 |
|
535 |
} else if (!targetAppId.equals(checkResult.invokerAppId)) { |
|
536 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
550 |
if (targetAppId == null) { |
|
551 |
targetAppId = checkResult.invokerAppId; |
|
552 |
|
|
553 |
} else if (!targetAppId.equals(checkResult.invokerAppId)) { |
|
554 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
555 |
} |
|
537 | 556 |
} |
538 | 557 |
List profiles = modifyUserService.listProfiles(username, txSession); |
539 |
|
|
540 | 558 |
for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) { |
541 | 559 |
UserProfile profile = (UserProfile) profileIter.next(); |
542 | 560 |
|
... | ... | |
582 | 600 |
} |
583 | 601 |
} |
584 | 602 |
List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, txSession); |
585 |
if (!upassAdmin)
|
|
603 |
if (targetAppId != null)
|
|
586 | 604 |
for (Iterator iterator = profiles.iterator(); iterator.hasNext();) { |
587 | 605 |
UserProfile profile = (UserProfile) iterator.next(); |
588 | 606 |
|
Also available in: Unified diff