From c33e7181ba9b6424f6f25cc69ad4f39ebbdfe99a Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Thu, 30 Mar 2023 15:35:15 +0200
Subject: [PATCH] WIP: fix #196

---
 .../server/jobs/core/AccessControl.java       | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
index af7de1a8..5c63f941 100644
--- a/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
+++ b/src/main/java/org/caosdb/server/jobs/core/AccessControl.java
@@ -28,6 +28,7 @@ import org.caosdb.server.accessControl.ACMPermissions;
 import org.caosdb.server.entity.DeleteEntity;
 import org.caosdb.server.entity.EntityInterface;
 import org.caosdb.server.entity.InsertEntity;
+import org.caosdb.server.entity.Role;
 import org.caosdb.server.entity.UpdateEntity;
 import org.caosdb.server.jobs.ContainerJob;
 import org.caosdb.server.jobs.JobAnnotation;
@@ -47,12 +48,15 @@ public class AccessControl extends ContainerJob {
       super(permission, description);
     }
 
-    public final String toString(String entityRole) {
-      return toString().replace(ENTITY_ROLE_PARAMETER, entityRole);
+    public final String toString(Role entityRole) {
+      String roleString = entityRole == null ? "" : entityRole.toString();
+      return toString().replace(ENTITY_ROLE_PARAMETER, roleString);
     }
 
-    public final String toString(String transaction, String entityRole) {
-      return "TRANSACTION:" + transaction + (entityRole != null ? (":" + entityRole) : "");
+    public final String toString(String transaction, Role entityRole) {
+      return "TRANSACTION:"
+          + transaction
+          + (entityRole != null ? (":" + entityRole.toString()) : "");
     }
 
     public static String init() {
@@ -87,17 +91,16 @@ public class AccessControl extends ContainerJob {
 
     for (final EntityInterface e : getContainer()) {
 
-      // per role permission
       if (e instanceof InsertEntity) {
-        if (subject.isPermitted(INSERT.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(INSERT.toString(e.getRole()))) {
           continue;
         }
       } else if (e instanceof DeleteEntity) {
-        if (subject.isPermitted(DELETE.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(DELETE.toString(e.getRole()))) {
           continue;
         }
       } else if (e instanceof UpdateEntity) {
-        if (subject.isPermitted(UPDATE.toString(e.getRole().toString()))) {
+        if (subject.isPermitted(UPDATE.toString(e.getRole()))) {
           continue;
         }
       }
-- 
GitLab