@Override public ListPartsResponse<String> listParts(final ListPartsRequest request) { // resumption token doesn't contain vulnerable security data ListPartsResponse<String> result = catalog.listParts(request); if(skipLicenses) { return result; } if (result!=null && result.getPage()!=null) { YaddaErrorAwareResult<Set<ObligationType>> secResult = licAuthzFacade.retrieveLicenseObligations( securityRequestHandler.extract(request)); Collection<ObligationType> obligations = secResult.getData(); Iterator<CatalogObject<String>> it = result.getPage().iterator(); while (it.hasNext()) { CatalogObject<String> currentObj = it.next(); LicenseEvaluatorContext<String[]> context = new LicenseEvaluatorContext<String[]>( currentObj.getId(), currentObj.getTags()); if (!evaluateAccess(obligations, context)) { log.debug("removing" + currentObj.getId() + " from result list!"); it.remove(); } } return result; } else { return result; } }