public void validate()

in library/src/main/java/org/apache/fineract/cn/anubis/security/AccountLevelAccessVerifierCustom.java [40:54]

• 14 lines of code
• 5 McCabe index (conditional complexity)

    public void validate(String accountNo, String operation){
        if(!"true".equals(isAccountLevelAccessVerificationEnabled)) return;
        AnubisAuthentication authentication = (AnubisAuthentication)SecurityContextHolder.getContext().getAuthentication();
        String acctPermission = "ACCT_ACCESS_" + accountNo;
        final Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        final Set<String> accountOperation = authorities.stream()
                .map(x -> (ApplicationPermission) x)
                .filter(x -> x.matches(acctPermission, "get", authentication.getPrincipal().getForApplicationName(), authentication.getPrincipal()))
                .map(ApplicationPermission::getAccountOperation)
                .collect(Collectors.toSet());

        if(accountOperation.size() == 0  || !(accountOperation.contains(OWNER) || accountOperation.contains(operation))) {
            throw AccountLevelAccessDeniedException.internalError("Access Denied, " + operation + " on " + accountNo);
        }
    }