*/
public static void accessAllowed( String target, long targetId, int requestedPermission )
{
if (SAcl.PERMISSION_PASS == requestedPermission) return;
SAclDao aclDao = new SAclDao();
// -> if an annoymous request, then canonicalUserId is an empty string
String userId = UserContext.current().getCanonicalUserId();
if ( 0 == userId.length())
{
// -> is an anonymous principal ACL set for this <target, targetId>?
if (hasPermission( aclDao.listGrants( target, targetId, "A" ), requestedPermission )) return;
}
else
{ // -> no priviledges means no access allowed
if (hasPermission( aclDao.listGrants( target, targetId, userId ), requestedPermission )) return;
// -> or maybe there is any principal authenticated ACL set for this <target, targetId>?
if (hasPermission( aclDao.listGrants( target, targetId, "*" ), requestedPermission )) return;
}
throw new PermissionDeniedException( "Access Denied - ACLs do not give user the required permission" );
}