@Override
public MidPointPrincipal createDonorPrincipal(MidPointPrincipal attorneyPrincipal, String attorneyAuthorizationAction, PrismObject<UserType> donor, Task task, OperationResult result) throws SchemaException, ObjectNotFoundException, ExpressionEvaluationException, CommunicationException, ConfigurationException, SecurityViolationException {
if (attorneyPrincipal.getAttorney() != null) {
throw new UnsupportedOperationException("Transitive attorney is not supported yet");
}
AuthorizationLimitationsCollector limitationsCollector = new AuthorizationLimitationsCollector();
AuthorizationParameters<UserType, ObjectType> autzParams = AuthorizationParameters.Builder.buildObject(donor);
AccessDecision decision = isAuthorizedInternal(attorneyPrincipal, attorneyAuthorizationAction, null, autzParams, null, limitationsCollector, task, result);
if (!decision.equals(AccessDecision.ALLOW)) {
failAuthorization(attorneyAuthorizationAction, null, autzParams, result);
}
MidPointPrincipal donorPrincipal = securityContextManager.getUserProfileService().getPrincipal(donor, limitationsCollector, result);
donorPrincipal.setAttorney(attorneyPrincipal.getUser());
donorPrincipal.setPreviousPrincipal(attorneyPrincipal);
return donorPrincipal;
}