CustomerStatusPermission.java example

Explorer
head-master
package org.mifos.security.rolesandpermission.authorization.permissions;

import org.mifos.customers.util.helpers.CustomerConstants;
import org.mifos.framework.exceptions.ServiceException;
import org.mifos.security.MifosUser;
import org.springframework.security.core.Authentication;

public class CustomerStatusPermission implements MifosPermission {

    @Override
    public boolean isAllowed(Authentication authentication, Object targetDomainObject) throws ServiceException {

        MifosUser user = (MifosUser) authentication.getPrincipal();
        return checkPermissionToEditCustomerInformation(user, targetDomainObject);
    }

    private boolean checkPermissionToEditCustomerInformation(MifosUser user, Object status)
            throws ServiceException {
        boolean isAllowed = false;
        if(status instanceof String){
        	if (status.equals(CustomerConstants.CLIENT_STATUS_PARTIAL)) {
        		isAllowed = true;
        	} 
        }
        else {
        	if (((Short)status).intValue() == user.getUserId()) {
        		isAllowed = true;
        	}
        }
        return isAllowed;
    }

}