Commit aeb6242e authored by Gil Portenseigne's avatar Gil Portenseigne

Add javadoc to checkImpersonationControls and sort tests a more logical way

parent 0e1aec9f
Pipeline #129 failed with stages
in 44 seconds
......@@ -511,7 +511,12 @@ public class LoginServices {
}
/**
* Return error message if a needed control has failed
* Return error message if a needed control has failed :
* userLoginToImpersonate must exist
* Impersonation have to be enabled
* Check userLoginIdToImpersonate is active, not Admin and not equals to userLogin
* Check userLogin has enough permission
*
* @param delegator
* @param userLogin
* @param userLoginToImpersonate
......@@ -529,11 +534,19 @@ public class LoginServices {
return UtilProperties.getMessage(resource, "loginevents.impersonation_disabled", locale);
}
//Check if user is trying to impersonate a admin user
if (!LoginWorker.isUserLoginActive(userLoginToImpersonate)) {
Map<String, Object> messageMap = UtilMisc.toMap("username", userLoginIdToImpersonate);
return UtilProperties.getMessage(resource, "loginservices.account_for_user_login_id_disabled", messageMap, locale);
}
if (SecurityUtil.hasUserLoginAdminPermission(delegator, userLoginIdToImpersonate)) {
return UtilProperties.getMessage(resource, "loginevents.impersonate_notAdmin", locale);
}
if (userLoginIdToImpersonate.equals(userLoginId)) {
return UtilProperties.getMessage(resource, "loginevents.impersonate_yourself", locale);
}
//Cannot impersonate more privileged user
List<String> missingNeededPermissions = SecurityUtil.hasUserLoginMorePermissionThan(delegator, userLoginId, userLoginIdToImpersonate);
if (UtilValidate.isNotEmpty(missingNeededPermissions)) {
......@@ -542,15 +555,6 @@ public class LoginServices {
UtilMisc.toMap("missingPermissions", missingPermissionListString), locale);
}
if (userLoginIdToImpersonate.equals(userLoginId)) {
return UtilProperties.getMessage(resource, "loginevents.impersonate_yourself", locale);
}
if (!LoginWorker.isUserLoginActive(userLoginToImpersonate)) {
Map<String, Object> messageMap = UtilMisc.toMap("username", userLoginIdToImpersonate);
return UtilProperties.getMessage(resource, "loginservices.account_for_user_login_id_disabled", messageMap, locale);
}
return null;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment