violations.add(newSecurityViolation(infoProducer.getViolationInfo(invocationContext, newSecurityViolation("Employees can only view their own card or manager of the employee"))));
}
}
private void checkEmployeeAccess(InvocationContext invocationContext, Set<SecurityViolation> violations) {
UserPrincipal parameter = methodParameterCheckUtil.getAssignableParameter(invocationContext, UserPrincipal.class);
if (!userPrincipal.equals(parameter)) {
SecurityViolationInfoProducer infoProducer = CodiUtils.getContextualReferenceByClass(SecurityViolationInfoProducer.class);
violations.add(newSecurityViolation(infoProducer.getViolationInfo(invocationContext, newSecurityViolation("Employees can only view their own card"))));
}