bff4cec894e59ba15c265cb4cd20fda365d5f7e8,alien4cloud-rest-api/src/main/java/alien4cloud/rest/orchestrator/LocationResourcesSecurityController.java,LocationResourcesSecurityController,grantAccessToGroups,#String#String#String#String[]#,144
Before Change
public synchronized RestResponse<List<GroupDTO>> grantAccessToGroups(@PathVariable String orchestratorId, @PathVariable String locationId,
@PathVariable String resourceId, @RequestBody String[] groupIds) {
LocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
hasAuthorizationOrFailed(resourceTemplate, Subject.GROUP, groupIds);
resourcePermissionService.grantPermission(resourceTemplate, Subject.GROUP, groupIds);
List<GroupDTO> groups = LocationSecurityController.convertListGroupToListGroupDTO(resourcePermissionService.getAuthorizedGroups(resourceTemplate));
return RestResponseBuilder.<List<GroupDTO>> builder().data(groups).build();
After Change
@Audit
public synchronized RestResponse<List<GroupDTO>> grantAccessToGroups(@PathVariable String orchestratorId, @PathVariable String locationId,
@PathVariable String resourceId, @RequestBody String[] groupIds) {
Location location = locationService.getLocation(orchestratorId, locationId);
hasAuthorizationOrFailed(location, Subject.GROUP, groupIds);
LocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
resourcePermissionService.grantPermission(resourceTemplate, Subject.GROUP, groupIds);
List<GroupDTO> groups = LocationSecurityController.convertListGroupToListGroupDTO(resourcePermissionService.getAuthorizedGroups(resourceTemplate));