request.setAttribute(AUDIT_OPERATION, resourceName);
request.setAttribute(AUDIT_PARAM, request.getParameter(modeTag));
try {
AuthorizationService auth = Services.get().get(AuthorizationService.class);
auth.authorizeForAdmin(getUser(request), true);
}
catch (AuthorizationException ex) {
throw new XServletException(HttpServletResponse.SC_UNAUTHORIZED, ex);
}