Aman-Mittal commented on code in PR #6128:
URL: https://github.com/apache/fineract/pull/6128#discussion_r3577532173
##########
fineract-core/src/main/java/org/apache/fineract/commands/service/PortfolioCommandSourceWritePlatformServiceImpl.java:
##########
@@ -56,18 +59,45 @@ public class PortfolioCommandSourceWritePlatformServiceImpl
implements Portfolio
@Override
public CommandProcessingResult logCommandSource(final CommandWrapper
wrapper) {
boolean isApprovedByChecker = false;
+ final AppUser currentUser = this.context.authenticatedUser(wrapper);
// check if is update of own account details
- if
(wrapper.isChangeOfOwnUserDetails(this.context.authenticatedUser(wrapper).getId()))
{
+ if (wrapper.isChangeOfOwnUserDetails(currentUser.getId())) {
// then allow this operation to proceed.
// maker checker doesnt mean anything here.
isApprovedByChecker = true; // set to true in case permissions have
// been maker-checker enabled by
// accident.
} else {
- // if not user changing their own details - check user has
- // permission to perform specific task.
-
this.context.authenticatedUser(wrapper).validateHasPermissionTo(wrapper.getTaskPermissionName());
+ final String taskPermission = wrapper.getTaskPermissionName();
+ final boolean hasBasePermission =
!currentUser.hasNotPermissionForAnyOf(taskPermission);
+ final boolean hasCheckerPermission =
!currentUser.hasNotPermissionForAnyOf("CHECKER_SUPER_USER", taskPermission +
"_CHECKER");
Review Comment:
This Logic can be simplified more
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]