Segurança e ajustes nos pacotes

PauloGladson
1 parent 7e9edf1d
Showing 2 changed files with 3 additions and 3 deletions Show diff stats
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java
@@ -51,9 +51,9 @@ public class SecurityContextImpl implements SecurityContext {
     @Override
     public boolean hasRole(String role) {
         if (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() <= 0) {
-            return true;
+            return false;
         }
-        return false;
+        return true;
     }
     /**
@@ -77,7 +77,7 @@ public class RequiredPermissionInterceptor implements Serializable {
             logger.finest(bundle.accessCheckingPermission(username, operation, resource));
         }
-        if (securityContext.hasPermission(resource, operation)) {
+        if (!securityContext.hasPermission(resource, operation)) {
             logger.severe(bundle.doesNotHavePermission(username, operation, resource));
             throw new DemoiselleSecurityException(bundle.doesNotHavePermission(username, operation, resource), Response.Status.UNAUTHORIZED.getStatusCode());
         }
	@@ -51,9 +51,9 @@ public class SecurityContextImpl implements SecurityContext {		@@ -51,9 +51,9 @@ public class SecurityContextImpl implements SecurityContext {
51	@Override	51	@Override
52	public boolean hasRole(String role) {	52	public boolean hasRole(String role) {
53	if (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() <= 0) {	53	if (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() <= 0) {
54	- return true;	54	+ return false;
55	}	55	}
56	- return false;	56	+ return true;
57	}	57	}
58		58
59	/**	59	/**
	@@ -77,7 +77,7 @@ public class RequiredPermissionInterceptor implements Serializable {		@@ -77,7 +77,7 @@ public class RequiredPermissionInterceptor implements Serializable {
77	logger.finest(bundle.accessCheckingPermission(username, operation, resource));	77	logger.finest(bundle.accessCheckingPermission(username, operation, resource));
78	}	78	}
79		79
80	- if (securityContext.hasPermission(resource, operation)) {	80	+ if (!securityContext.hasPermission(resource, operation)) {
81	logger.severe(bundle.doesNotHavePermission(username, operation, resource));	81	logger.severe(bundle.doesNotHavePermission(username, operation, resource));
82	throw new DemoiselleSecurityException(bundle.doesNotHavePermission(username, operation, resource), Response.Status.UNAUTHORIZED.getStatusCode());	82	throw new DemoiselleSecurityException(bundle.doesNotHavePermission(username, operation, resource), Response.Status.UNAUTHORIZED.getStatusCode());
83	}	83	}