private void checkCallerAccess() { if (!isEnabled()) { throw new PermissionDeniedException("Dynamic api checker is not enabled, aborting role operation"); } Account caller = getCurrentAccount(); if (caller == null || caller.getRoleId() == null) { throw new PermissionDeniedException("Restricted API called by an invalid user account"); } Role callerRole = findRole(caller.getRoleId()); if (callerRole == null || callerRole.getRoleType() != RoleType.Admin) { throw new PermissionDeniedException("Restricted API called by an user account of non-Admin role type"); } }