diff --git a/src/main/java/ch/ethz/seb/sebserver/gbl/api/API.java b/src/main/java/ch/ethz/seb/sebserver/gbl/api/API.java index bea28beb..e7208849 100644 --- a/src/main/java/ch/ethz/seb/sebserver/gbl/api/API.java +++ b/src/main/java/ch/ethz/seb/sebserver/gbl/api/API.java @@ -74,9 +74,7 @@ public final class API { public static final String REGISTER_ENDPOINT = "/register"; public static final String NAMES_PATH_SEGMENT = "/names"; - public static final String LIST_PATH_SEGMENT = "/list"; - public static final String ACTIVE_PATH_SEGMENT = "/active"; public static final String TOGGLE_ACTIVITY_PATH_SEGMENT = "/toggle-activity"; public static final String INACTIVE_PATH_SEGMENT = "/inactive"; diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationService.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationService.java index 992a80c2..55730e2b 100644 --- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationService.java +++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/authorization/AuthorizationService.java @@ -194,47 +194,6 @@ public interface AuthorizationService { } - /** Check grant by using corresponding hasGrant(XY) method and throws PermissionDeniedException - * on deny. - * - * @param privilegeType the privilege type to check - * @param userInfo the the user - * @param grantEntity the entity */ - default T check( - final PrivilegeType privilegeType, - final UserInfo userInfo, - final T grantEntity) { - - // check institutional grant - if (hasGrant( - PrivilegeType.MODIFY, - EntityType.CONFIGURATION_NODE, - grantEntity.getInstitutionId(), - userInfo.uuid, - userInfo.uuid, - userInfo.institutionId, - userInfo.getUserRoles())) { - return grantEntity; - } - - // if there is no institutional grant the user may have owner based grant on the specified realm - // TODO -// return userInfo.getUserRoles() -// .stream() -// .map(role -> new RoleTypeKey(entityType, role)) -// .map(this.privileges::get) -// .anyMatch(privilege -> (privilege != null) && privilege.hasOwnershipPrivilege(privilegeType)); -// if (hasOwnerPrivilege(privilegeType, entityType, institutionId)) { -// return; -// } - - throw new PermissionDeniedException( - grantEntity.entityType(), - privilegeType, - getUserService().getCurrentUser().getUserInfo()); - - } - /** Indicates if the current user has an owner privilege for this give entity type and institution * * @param privilegeType the privilege type to check