package Permissions;

import java.security.Principal;

import org.jboss.seam.security.permission.PermissionCheck;
import org.jboss.seam.security.Role;

/******************************************************************************************
 This rule supports the administration of users and roles using Seam's identity management.
 ******************************************************************************************/
rule ManageAccount
   no-loop
   // The first rule in an activation-group to fire will cancel the
   // other rules activations (stop them from firing). The activation
   // group can be any string, as long as the string is identical for
   // all the rules you need to be in the one group.
   activation-group "permissions"
when
   $perm: PermissionCheck(name == "seam.user" || == "seam.role", granted == false)
   Role(name == "admin")
then
   $perm.grant();
end
/******************************************************************************************
 This rules supports the administration of users and roles using Seam's identity management.
 ******************************************************************************************/
 
rule canInitializeVariables
when
	c: PermissionCheck(name == "ConfigurationManager", action == "initializeVariables")
	Role(     name ==  net.ihe.gazelle.simulator.users.model.UserRole.ADMINISTRATOR_ROLE
	 	 ) 
then
  c.grant();
end

rule canSaveVariables
when
	c: PermissionCheck(name == "ConfigurationManager", action == "saveVariables")
	Role(     name ==  net.ihe.gazelle.simulator.users.model.UserRole.ADMINISTRATOR_ROLE
	 	 ) 
then
  c.grant();
end

rule canStartServer
when
	c: PermissionCheck(name == "PIXPDQManager", action == "startServer")
	Role(     name ==  net.ihe.gazelle.simulator.users.model.UserRole.ADMINISTRATOR_ROLE
	 	 ) 
then
  c.grant();
end

rule canStopServer
when
	c: PermissionCheck(name == "PIXPDQManager", action == "stopServer")
	Role(     name ==  net.ihe.gazelle.simulator.users.model.UserRole.ADMINISTRATOR_ROLE
	 	 ) 
then
  c.grant();
end