public void updateTemplate(Template updateTemplate)
{
LOG.debug("updating template");
Date now = new Date();
String action = "update template";
User loggedInUser = getLoggedInUser();
Template template = templateDAO.findUpdatableTemplateById(updateTemplate.getId(), loggedInUser);
if (template != null)
{
String templateMessage = (updateTemplate.getName().equals(template.getName())) ? "" : ("was: "+templateTarget(template));
// update simple fields
template.setName(updateTemplate.getName());
// only change sharing status if original owner is updating or special bypass authz
if ((template.getUser().getId() == loggedInUser.getId()) ||
authorizer.isAuthorized(loggedInUser, Function.BYPASS_TEMPLATE_SHARING.name()))
{
template.setShared(updateTemplate.isShared());
}
// update details
// keep the permissions that haven't changed
template.getTemplateDetails().retainAll(updateTemplate.getTemplateDetails());
// add the permissions that have changed
for (TemplateDetail templateDetail : updateTemplate.getTemplateDetails())
{
if (templateDetail.getId() == 0)
{
template.addDetail(templateDetail);
}
}
auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, templateTarget(updateTemplate), true, templateMessage);
}
else
{
auditLogger.log(now, loggedInUser.getUsername(), ServerSessionUtil.getIP(), action, templateTarget(updateTemplate), false, "invalid id or no access");
}
}