@Override public boolean archiveEvents(final ArchiveEventsCmd cmd) { final Account caller = getCaller(); final List<Long> ids = cmd.getIds(); boolean result = true; List<Long> permittedAccountIds = new ArrayList<Long>(); if (_accountService.isNormalUser(caller.getId()) || caller.getType() == Account.ACCOUNT_TYPE_PROJECT) { permittedAccountIds.add(caller.getId()); } else { final DomainVO domain = _domainDao.findById(caller.getDomainId()); final List<Long> permittedDomainIds = _domainDao.getDomainChildrenIds(domain.getPath()); permittedAccountIds = _accountDao.getAccountIdsForDomains(permittedDomainIds); } final List<EventVO> events = _eventDao.listToArchiveOrDeleteEvents(ids, cmd.getType(), cmd.getStartDate(), cmd.getEndDate(), permittedAccountIds); final ControlledEntity[] sameOwnerEvents = events.toArray(new ControlledEntity[events.size()]); _accountMgr.checkAccess(CallContext.current().getCallingAccount(), null, false, sameOwnerEvents); if (ids != null && events.size() < ids.size()) { result = false; return result; } _eventDao.archiveEvents(events); return result; }
@Override public boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException { if (caller.getState() != Account.State.enabled) { throw new PermissionDeniedException(caller + " is disabled."); } long domainId = domain.getId(); if (_accountService.isNormalUser(caller.getId())) { if (caller.getDomainId() != domainId) { throw new PermissionDeniedException(caller + " does not have permission to operate within domain id=" + domain.getUuid()); } } else if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) { throw new PermissionDeniedException(caller + " does not have permission to operate within domain id=" + domain.getUuid()); } return true; }
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN || _accountService.isDomainAdmin(account.getId())
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN || _accountService.isDomainAdmin(account.getId())
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
return false; } else { if (_accountService.isNormalUser(caller.getId())) { Account account = _accountDao.findById(entity.getAccountId());