commented some code. need to better understand if we need it or not. …

…we probably need to use the access manager.
protegeproject · Jun 26, 2024 · b43c3fd · b43c3fd
1 parent 8bd8901
commit b43c3fd
Showing 1 changed file with 24 additions and 8 deletions.
diff --git a/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java b/src/main/java/edu/stanford/protege/webprotege/authorization/GetAuthorizedActionsHandler.java
@@ -46,7 +46,30 @@ public Class<GetAuthorizedActionsRequest> getRequestClass() {
     @Override
     public Mono<GetAuthorizedActionsResponse> handleRequest(GetAuthorizedActionsRequest request, ExecutionContext executionContext) {
 
-        if(request.resource().isApplication()) {
+        /*
+        ToDo: Understand why we need this if else here
+         */
+//        if(request.resource().isApplication()) {
+//            try {
+//                List<RoleId> roleIds = tokenValidator.getTokenClaims(executionContext.jwt()).stream()
+//                        .map(RoleId::new)
+//                        .toList();
+//                Set<ActionId> actions  = new HashSet<>(roleOracle.getActionsAssociatedToRoles(roleIds));
+//                return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
+//                        request.subject(),
+//                        actions));
+//
+//            } catch (VerificationException e) {
+//                throw new RuntimeException(e);
+//            }
+//        }else {
+//            var actionClosure = accessManager.getActionClosure(request.subject(),
+//                    request.resource());
+//            return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
+//                    request.subject(),
+//                    actionClosure));
+//        }
+
             try {
                 List<RoleId> roleIds = tokenValidator.getTokenClaims(executionContext.jwt()).stream()
                         .map(RoleId::new)
@@ -59,12 +82,5 @@ public Mono<GetAuthorizedActionsResponse> handleRequest(GetAuthorizedActionsRequ
             } catch (VerificationException e) {
                 throw new RuntimeException(e);
             }
-        }else {
-            var actionClosure = accessManager.getActionClosure(request.subject(),
-                    request.resource());
-            return Mono.just(new GetAuthorizedActionsResponse(request.resource(),
-                    request.subject(),
-                    actionClosure));
-        }
     }
 }