Skip to Content
0
Jul 31, 2014 at 02:13 PM

Granting rights programatically (through Jalo layer) ends up with inverted results

85 Views

Hello everybody,

I'm trying to set up the permissions for a certain user group on certain types (or attributes thereof). I have written myself a custom hook that does this when updating the running system, calling, for each type/attribute obj to be updated, the following function:

 protected void grant(Item obj, Principal target, int permissionMask) throws JaloSecurityException
     {
         final AccessManager accessManager = AccessManager.getInstance();
 
         final boolean isAttribute = (obj instanceof AttributeDescriptor);
         List<UserRight> allRightsList = isAttribute ?   accessManager.getDescriptorUserRights() :
                                                         accessManager.getTypeUserRights();
 
         List<UserRight> rights = new ArrayList<UserRight>();
 
         rights.add(allRightsList.get(accessManager.getRightIndex(AccessManager.READ)));
         rights.add(allRightsList.get(accessManager.getRightIndex(AccessManager.CHANGE)));
         if (!isAttribute) {
             rights.add(allRightsList.get(accessManager.getRightIndex(AccessManager.CREATE)));
             rights.add(allRightsList.get(accessManager.getRightIndex(AccessManager.REMOVE)));
         }
 
 
         List<Boolean> permissionList = new ArrayList<Boolean>(rights.size());
         Map<Principal, List<Boolean>> rightsMap = new HashMap<Principal, List<Boolean>>(1);
 
         for (int i = 0; i < rights.size(); i++)
         {
             if ((permissionMask & (1 << i)) > 0)
                 permissionList.add(Boolean.TRUE);
             else
                 permissionList.add(Boolean.FALSE);
         }
 
         rightsMap.put(target, permissionList);
 
         obj.setPermissionsByMap(rights, rightsMap);
     }


Everything works pretty nicely, except for the fact that the rights for target on obj are set reversed. I.e, rights granted programatically are shown as "forbidden" in the hMC, while rights that are programatically removed are shown in the hMC as "granted". Now, the obvious solution is to revert the boolean values passed to the permissionList.add() functions, but I'm wondering if there is a reason why hybris behaves as it does.

Best regards, Vlad