|
|
@ -57,7 +57,7 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public void saveManager(ManagerInfo manager, JSONObject loginManager) {
|
|
|
|
public void saveManager(ManagerInfo manager, JSONObject loginManager) {
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))) {
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) {
|
|
|
|
if (manager.isAdmin() || manager.isFinacial() || manager.isOperator() || manager.isServant() || manager.isSitemanager() || manager.isDeveloper()) {
|
|
|
|
if (manager.isAdmin() || manager.isFinacial() || manager.isOperator() || manager.isServant() || manager.isSitemanager() || manager.isDeveloper()) {
|
|
|
|
throw new BadRequestException("Invalid Role");
|
|
|
|
throw new BadRequestException("Invalid Role");
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -77,7 +77,7 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
|
|
|
|
throw new NotFoundException("manager not exists or invalid");
|
|
|
|
throw new NotFoundException("manager not exists or invalid");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
JSONObject obj = manager.accountJson(false);
|
|
|
|
JSONObject obj = manager.accountJson(false);
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))) {
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))) {
|
|
|
|
if (managerFromDb.getIntValue("org_id") != loginManager.getIntValue("org_id")) {
|
|
|
|
if (managerFromDb.getIntValue("org_id") != loginManager.getIntValue("org_id")) {
|
|
|
|
throw new BadRequestException("You cannot modify accounts belong to other organizations");
|
|
|
|
throw new BadRequestException("You cannot modify accounts belong to other organizations");
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -93,7 +93,7 @@ public class ManagerAccountServiceImpl implements ManagerAccountsService {
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
public void disable(String userId, JSONObject loginManager) {
|
|
|
|
public void disable(String userId, JSONObject loginManager) {
|
|
|
|
JSONObject manager = managerMapper.findById(userId);
|
|
|
|
JSONObject manager = managerMapper.findById(userId);
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role")) && !ManagerRole.BD_USER.hasRole(loginManager.getIntValue("role"))){
|
|
|
|
if (!ManagerRole.ADMIN.hasRole(loginManager.getIntValue("role"))){
|
|
|
|
if (manager.getIntValue("org_id") != loginManager.getIntValue("org_id")) {
|
|
|
|
if (manager.getIntValue("org_id") != loginManager.getIntValue("org_id")) {
|
|
|
|
throw new BadRequestException("You cannot disable accounts belong to other organizations");
|
|
|
|
throw new BadRequestException("You cannot disable accounts belong to other organizations");
|
|
|
|
}
|
|
|
|
}
|
|
|
|