Profile myProfile = usrSess.getProfile();
String myUserId = usrSess.getUserId();
final UserRepository userRepository = context.getBean(UserRepository.class);
final GroupRepository groupRepository = context.getBean(GroupRepository.class);
final UserGroupRepository userGroupRepository = context.getBean(UserGroupRepository.class);
if (myProfile == Profile.Administrator || myProfile == Profile.UserAdmin || myUserId.equals(id)) {
// -- get the profile of the user id supplied
User user = userRepository.findOne(Integer.valueOf(id));
if (user == null) {
throw new IllegalArgumentException("user "+id+" doesn't exist");
}
String theProfile = user.getProfile().name();
//--- retrieve user groups of the user id supplied
Element elGroups = new Element(Geonet.Elem.GROUPS);
List<Group> theGroups;
List<UserGroup> userGroups;
if (myProfile == Profile.Administrator && theProfile.equals(Profile.Administrator.name())) {
theGroups = groupRepository.findAll();
for (Group group : theGroups) {
final Element element = group.asXml();
element.addContent(new Element("profile").setText(Profile.Administrator.name()));
elGroups.addContent(element);
}
} else {
userGroups = userGroupRepository.findAll(UserGroupSpecs.hasUserId(Integer.valueOf(id)));
for (UserGroup userGroup : userGroups) {
final Element element = userGroup.getGroup().asXml();
element.addContent(new Element("profile").setText(userGroup.getProfile().name()));
elGroups.addContent(element);
}
}
if (!(myUserId.equals(id)) && myProfile == Profile.UserAdmin) {
//--- retrieve session user groups and check to see whether this user is
//--- allowed to get this info
List<Integer> adminList = userGroupRepository.findGroupIds(where(UserGroupSpecs.hasUserId(Integer.valueOf(myUserId)))
.or(UserGroupSpecs.hasUserId(Integer.valueOf(id))));
if (adminList.isEmpty()) {
throw new OperationNotAllowedEx("You don't have rights to do this because the user you want is not part of your group");
}
}