/** * Checks for draft of plugable topic if current user is granted to create topics with type. * * @param draft draft topic to be checked * @throws AccessDeniedException if user not granted to create current topic type * or if type of current topic is unknown */ private void assertCreationAllowedForPlugableTopic(TopicDraft draft) { if (!draft.isPlugable()) { return; } Authentication auth = securityContextFacade.getContext().getAuthentication(); List<Plugin> topicPlugins = pluginLoader.getPlugins(new TypeFilter(TopicPlugin.class), new StateFilter(Plugin.State.ENABLED), new TopicTypeFilter(draft.getTopicType())); if (topicPlugins.size() == 0) { throw new AccessDeniedException("Creating of unknown (" + draft.getTopicType() + ") topic type is forbidden"); } else { for (Plugin plugin : topicPlugins) { TopicPlugin topicPlugin = (TopicPlugin) plugin; if (!permissionEvaluator.hasPermission(auth, draft.getBranchId(), "BRANCH", topicPlugin.getCreateTopicPermission())) { throw new AccessDeniedException("Creating of draft topic with type " + draft.getTopicType() + " is forbidden"); } } } } }