private boolean evaluateSecurityAccess(Right right, DocumentReference userReference, EntityReference entityReference, boolean check) throws AuthorizationException { SecurityAccess securityAccess = getAccess( securityReferenceFactory.newUserReference(userReference), securityReferenceFactory.newEntityReference(entityReference) ); RuleState access = securityAccess.get(right); String info = check ? "security checkpoint" : "access inquiry"; if (check && access != RuleState.ALLOW) { logDeny(userReference, entityReference, right, info); } else { logAccess(access, userReference, entityReference, right, info, true); } return access == RuleState.ALLOW; }
logDeny(userReference, entityReference, right, "no such right");