@Override public boolean retain( UserAuthorityGroup group ) { return userCredentials != null && userCredentials.canIssueUserRole( group, canGrantOwnUserAuthorityGroups ); } }
/** * Indicates whether this user credentials can issue all of the user authority * groups in the given collection. * * @param groups the collection of user authority groups. * @param canGrantOwnUserAuthorityGroups indicates whether this users can grant * its own authority groups to others. */ public boolean canIssueUserRoles( Collection<UserAuthorityGroup> groups, boolean canGrantOwnUserAuthorityGroups ) { for ( UserAuthorityGroup group : groups ) { if ( !canIssueUserRole( group, canGrantOwnUserAuthorityGroups ) ) { return false; } } return true; }
if ( !currentUser.getUserCredentials().canIssueUserRole( ur, canGrantOwnUserAuthorityGroups ) )