@Override public boolean canSetCustomUserAvatar(ApplicationUser remoteUser, ApplicationUser user) { return avatarManager.hasPermissionToEdit(remoteUser, user); }
@PUT @Path ("avatar") public Response updateProjectAvatar(final @QueryParam ("username") String username, final AvatarBean avatarBean) { final ApplicationUser userObject = getApplicationUser(username); final PropertySet propertySet = userPropertyManager.getPropertySet(userObject); String id = avatarBean.getId(); Long avatarId; try { avatarId = id == null ? null : Long.valueOf(id); } catch (NumberFormatException e) { avatarId = null; } if (!avatarManager.hasPermissionToEdit(authContext.getUser(), userObject)) { throw new NotAuthorisedWebException(); } propertySet.setLong(AvatarManager.USER_AVATAR_ID_KEY, avatarId); eventPublisher.publish(new UserAvatarUpdatedEvent(userObject, avatarId)); return Response.status(Response.Status.NO_CONTENT).cacheControl(never()).build(); }
if (!avatarManager.hasPermissionToEdit(authContext.getUser(), avatar.getAvatarType(), avatar.getOwner()))
private boolean isAllowedToPickAvatar(final String ownerId, Avatar.Type type) { final ApplicationUser user = authenticationContext.getUser(); if (type == Avatar.Type.USER) { return avatarManager.hasPermissionToEdit(user, userUtil.getUserByKey(ownerId)); } else { final Option<TypeAvatarService> avatars = Option.option(universalAvatarsService.getAvatars(type)); final Option<Boolean> canCreateAvatarOption = avatars.flatMap(new Function<TypeAvatarService, Option<Boolean>>() { @Override public Option<Boolean> apply(final TypeAvatarService typeAvatarService) { return Option.some(typeAvatarService.canUserCreateAvatar(user, ownerId)); } }); return canCreateAvatarOption.getOrElse(Boolean.FALSE); } }