Code with Misuse: |
class ItemManager { /** * @param data * @param path Path to be used for the permission check or <code>null</code> * in which case the itemId present with the specified <code>data</code> is used. * @return true if the item with the given <code>data</code> can be read; * <code>false</code> otherwise. * @throws AccessDeniedException * @throws RepositoryException */ private boolean canRead(ItemData data, Path path) throws AccessDeniedException, RepositoryException { if (data.getState().getStatus() == ItemState.STATUS_NEW && !data.getDefinition().isProtected()) { // NEW items can always be read as long they have been added // through the API and NOT by the system (i.e. protected props). return true; } else { return (path == null) ? canRead(data.getId()) : session.getAccessManager().canRead(path); } }
}
|