From a2bf9162c1f630f00bd89657c3373fd11639e1b4 Mon Sep 17 00:00:00 2001
From: Ray Lee <ray.lee@lyrasis.org>
Date: Fri, 5 Jun 2020 23:00:03 -0400
Subject: [PATCH] DRYD-861: Fix getAccountRole sometimes including null role.

---
 .../services/account/AccountResource.java     |   2 +-
 .../nuxeo/BatchDocumentModelHandler.java      |  78 ++++++-------
 .../common/storage/jpa/JpaStorageUtils.java   |  22 ++--
 .../nuxeo/ReportDocumentModelHandler.java     | 109 +++++++++---------
 4 files changed, 105 insertions(+), 106 deletions(-)

diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
index cd06e8bd4..970212295 100644
--- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
@@ -195,7 +195,7 @@ public class AccountResource extends SecurityResourceBase<AccountsCommon, Accoun
      * @param userId
      * @return
      */
-    public List<String> getAccountRoles(String userId, String tenantId) {
+    public List<String> getAccountRoleDisplayNames(String userId, String tenantId) {
     	List<String> result = null;
 
     	String accountCsid = getAccountCsid(userId);
diff --git a/services/batch/service/src/main/java/org/collectionspace/services/batch/nuxeo/BatchDocumentModelHandler.java b/services/batch/service/src/main/java/org/collectionspace/services/batch/nuxeo/BatchDocumentModelHandler.java
index 096e4033b..20fb1a55e 100644
--- a/services/batch/service/src/main/java/org/collectionspace/services/batch/nuxeo/BatchDocumentModelHandler.java
+++ b/services/batch/service/src/main/java/org/collectionspace/services/batch/nuxeo/BatchDocumentModelHandler.java
@@ -67,17 +67,17 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 	private final Logger logger = LoggerFactory.getLogger(BatchDocumentModelHandler.class);
 
 	protected final int BAD_REQUEST_STATUS = Response.Status.BAD_REQUEST.getStatusCode();
-	
+
 	/**
 	 * Return true if the batch job supports the requested mode.
 	 * @param invocationCtx
 	 * @param batchCommon
 	 * @return
-	 * @throws BadRequestException 
+	 * @throws BadRequestException
 	 */
 	protected boolean supportsInvokationMode(InvocationContext invocationCtx, BatchCommon batchCommon) throws BadRequestException {
 		boolean result = false;
-		
+
 		String invocationMode = invocationCtx.getMode().toLowerCase();
 		if (BatchInvocable.INVOCATION_MODE_SINGLE.equalsIgnoreCase(invocationMode)) {
 			result = batchCommon.isSupportsSingleDoc(); //BatchJAXBSchema.SUPPORTS_SINGLE_DOC;
@@ -92,43 +92,43 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 					invocationMode, batchCommon.getName());
 			throw new BadRequestException(msg);
 		}
-		
+
 		return result;
 	}
-	
+
 	/**
 	 * Returns true if we found any required permissions.
-	 * 
+	 *
 	 * @param batchCommon
 	 * @return
 	 */
 	private boolean hasRequiredPermissions(BatchCommon batchCommon) {
 		boolean result = false;
-		
+
 		try {
 			result = batchCommon.getResourceActionGroupList().getResourceActionGroup().size() > 0;
 		} catch (NullPointerException e) {
 			// ignore exception, we're just testing to see if we have any list elements
 		}
-		
+
 		return result;
 	}
-	
+
 	/**
 	 * Returns true if we found any required roles.
-	 * 
+	 *
 	 * @param batchCommon
 	 * @return
 	 */
 	private boolean hasRequiredRoles(BatchCommon batchCommon) {
 		boolean result = false;
-		
+
 		try {
 			result = batchCommon.getForRoles().getRoleDisplayName().size() > 0;
 		} catch (NullPointerException e) {
 			// ignore exception, we're just testing to see if we have any list elements
 		}
-		
+
 		return result;
 	}
 
@@ -137,29 +137,29 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 	 * 	1. No permissions or roles are specified in the batch job
 	 *  2. No roles are specified, but permissions are specified and the current user has those permissions
 	 *  3. Roles are specified and the current user is a member of at least one of the roles.
-	 * 
+	 *
 	 * @param batchCommon
 	 * @return
 	 */
 	protected boolean isAuthoritzed(BatchCommon batchCommon) {
 		boolean result = true;
-		
-		if (hasRequiredRoles(batchCommon)) { 
+
+		if (hasRequiredRoles(batchCommon)) {
 			result = isAuthorizedWithRoles(batchCommon);
 		} else if (hasRequiredPermissions(batchCommon)) {
 			result = isAuthoritzedWithPermissions(batchCommon);
 		}
-		 		
+
 		return result;
 	}
-	
+
 	protected boolean isAuthorizedWithRoles(BatchCommon batchCommon) {
 		boolean result = false;
-		
+
 		ForRoles forRolesList = batchCommon.getForRoles();
 		if (forRolesList != null) {
 			AccountResource accountResource = new AccountResource();
-			List<String> roleDisplayNameList = accountResource.getAccountRoles(AuthN.get().getUserId(), AuthN.get().getCurrentTenantId());
+			List<String> roleDisplayNameList = accountResource.getAccountRoleDisplayNames(AuthN.get().getUserId(), AuthN.get().getCurrentTenantId());
 			for (String target : forRolesList.getRoleDisplayName()) {
 				if (Tools.listContainsIgnoreCase(roleDisplayNameList, target)) {
 					result = true;
@@ -167,10 +167,10 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 				}
 			}
 		}
-		
+
 		return result;
 	}
-	
+
 	/**
 	 * Check to see if the current user is authorized to run/invoke this batch job.  If the batch job
 	 * did not specify any permissions, we assume that the current user is authorized to run the job.
@@ -179,7 +179,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 	 */
 	protected boolean isAuthoritzedWithPermissions(BatchCommon batchCommon) {
 		boolean result = true;
-		
+
 		ResourceActionGroupList resourceActionGroupList = batchCommon.getResourceActionGroupList();
 		if (resourceActionGroupList != null) {
 			String tenantId = AuthN.get().getCurrentTenantId();
@@ -194,19 +194,19 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 				}
 			}
 		}
-		
+
 		return result;
 	}
-	
+
 	/**
 	 * Returns a copy of the incoming list of strings all lower-cased.  Also removes any duplicates.
-	 * 
+	 *
 	 * @param listOfStrings
 	 * @return
 	 */
 	private List<String> toLowerCase(List<String> listOfStrings) {
 		List<String> result = null;
-		
+
 		if (listOfStrings != null) {
 			Set<String> stringSet = new HashSet<String>();
 			for (String s : listOfStrings) {
@@ -214,7 +214,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 			}
 			result = new ArrayList<String>(stringSet);
 		}
-		
+
 		return result;
 	}
 
@@ -234,19 +234,19 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 			//
 			// Ensure the current user has permission to run this batch job
 			if (isAuthoritzed(batchCommon) == false) {
-				String msg = String.format("BatchResource: The user '%s' does not have permission to run the batch job '%s' CSID='%s'", 
+				String msg = String.format("BatchResource: The user '%s' does not have permission to run the batch job '%s' CSID='%s'",
 						AuthN.get().getUserId(), batchCommon.getName(), csid);
 				throw new PermissionException(msg);
 			}
-			
+
 			//
 			// Ensure the batch job supports the requested invocation context's mode type
 			if (supportsInvokationMode(invocationCtx, batchCommon) == false) {
-				String msg = String.format("BatchResource: The batch job '%s' CSID='%s' does not support the invocation mode '%s'.", 
+				String msg = String.format("BatchResource: The batch job '%s' CSID='%s' does not support the invocation mode '%s'.",
 						batchCommon.getName(), csid, invocationCtx.getMode());
 				throw new BadRequestException(msg);
 			}
-			
+
 			//
 			// Ensure the batch job supports the requested invocation context's document type
 			if (!Invocable.INVOCATION_MODE_NO_CONTEXT.equalsIgnoreCase(invocationCtx.getMode())) {
@@ -254,7 +254,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 				if (forDocTypes != null) {
 					List<String> forDocTypeList = toLowerCase(forDocTypes.getForDocType()); // convert all strings to lowercase.
 					if (forDocTypeList == null || !forDocTypeList.contains(invocationCtx.getDocType().toLowerCase())) {
-						String msg = String.format("BatchResource: The batch job '%s' CSID='%s' does not support the invocation document type '%s'.", 
+						String msg = String.format("BatchResource: The batch job '%s' CSID='%s' does not support the invocation document type '%s'.",
 								batchCommon.getName(), csid, invocationCtx.getDocType());
 						throw new BadRequestException(msg);
 					}
@@ -265,7 +265,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 			// Now that we've ensure all the prerequisites have been met, let's try to
 			// instantiate and run the batch job.
 			//
-			
+
 			String className = batchCommon.getClassName().trim();
 			ClassLoader tccl = Thread.currentThread().getContextClassLoader();
 			Class<?> c = tccl.loadClass(className);
@@ -273,7 +273,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 			if (!BatchInvocable.class.isAssignableFrom(c)) {
 				throw new RuntimeException("BatchResource: Class: " + className + " does not implement BatchInvocable!");
 			}
-	
+
 			BatchInvocable batchInstance = (BatchInvocable) c.newInstance();
 			List<String> modes = batchInstance.getSupportedInvocationModes();
 			if (!modes.contains(invocationCtx.getMode().toLowerCase())) {
@@ -281,10 +281,10 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 						invocationCtx.getMode().toLowerCase(), className, modes.toString());
 				throw new BadRequestException(msg);
 			}
-	
+
 			batchInstance.setInvocationContext(invocationCtx);
 			batchInstance.setServiceContext(ctx);
-			
+
 			if (resourceMap != null) {
 				batchInstance.setResourceMap(resourceMap);
 			} else {
@@ -295,7 +295,7 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 					logger.warn("BatchResource.invoke did not get a resourceMapHolder in context!");
 				}
 			}
-	
+
 			batchInstance.run(batchCommon);
 			int status = batchInstance.getCompletionStatus();
 			if (status == Invocable.STATUS_ERROR) {
@@ -306,10 +306,10 @@ public class BatchDocumentModelHandler extends NuxeoDocumentModelHandler<BatchCo
 				} else {
 					throw new RuntimeException("BatchResouce: batchProcess encountered error: "
 							+ batchInstance.getErrorInfo());
-	
+
 				}
 			}
-	
+
 			InvocationResults results = batchInstance.getResults();
 			return results;
 		} catch (PermissionException e) {
diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java
index 0b70abee9..111b4e69f 100644
--- a/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java
+++ b/services/common/src/main/java/org/collectionspace/services/common/storage/jpa/JpaStorageUtils.java
@@ -335,12 +335,6 @@ public class JpaStorageUtils {
 
 	//FIXME: REM - This method should probably be moved to the AccountPermissionDocumentHandler
 	public static AccountRole getAccountRoles(String csid)
-		throws UnauthorizedException, DocumentNotFoundException {
-		return getAccountRoles(csid, null, null);
-	}
-
-	//FIXME: REM - This method should probably be moved to the AccountPermissionDocumentHandler
-	public static AccountRole getAccountRoles(String csid, String currentResource, String permissionResource)
 		throws UnauthorizedException, DocumentNotFoundException {
 		//
 		// Make sure the user asking for this list has the correct
@@ -381,12 +375,18 @@ public class JpaStorageUtils {
 			Query q = em.createQuery(queryStr);
 			resultList = q.getResultList().iterator();
 
-			if (resultList.hasNext()) {
-				List<RoleValue> roleValues = new ArrayList<RoleValue>();
-				while (resultList.hasNext()) {
-					AccountRoleRel accountRolRel = (AccountRoleRel)resultList.next();
-					roleValues.add(AuthorizationRoleRel.buildRoleValue(accountRolRel));
+			List<RoleValue> roleValues = new ArrayList<RoleValue>();
+
+			while (resultList.hasNext()) {
+				AccountRoleRel accountRolRel = (AccountRoleRel) resultList.next();
+				RoleValue roleValue = AuthorizationRoleRel.buildRoleValue(accountRolRel);
+
+				if (roleValue != null) {
+					roleValues.add(roleValue);
 				}
+			}
+
+			if (roleValues.size() > 0) {
 				result.setRole(roleValues);
 			}
 		} catch (NoResultException nre) {
diff --git a/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportDocumentModelHandler.java b/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportDocumentModelHandler.java
index 9b43a3662..64923f024 100644
--- a/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportDocumentModelHandler.java
+++ b/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportDocumentModelHandler.java
@@ -114,12 +114,12 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
     private final Logger logger = LoggerFactory.getLogger(ReportDocumentModelHandler.class);
     private static String REPORTS_FOLDER = "reports";
     private static String CSID_LIST_SEPARATOR = ",";
-    
+
     private static String REPORTS_STD_CSID_PARAM = "csid";
     private static String REPORTS_STD_GROUPCSID_PARAM = "groupcsid";
     private static String REPORTS_STD_CSIDLIST_PARAM = "csidlist";
     private static String REPORTS_STD_TENANTID_PARAM = "tenantid";
-    
+
     //
     // Map the MIME types from the service bindings to our payload output
     //
@@ -134,7 +134,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
     		result.setMIMETypeList(resultMIMEType = new MIMEType());
     	}
     	List<MIMETypeItemType> resultMIMETypeItemList = resultMIMEType.getMIMEType();
-    	
+
     	//
     	// Read the MIME type values from the service bindings and put into our response payload
     	//
@@ -142,7 +142,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
                 ServiceMain.getInstance().getTenantBindingConfigReader();
         ServiceBindingType reportServiceBinding = tReader.getServiceBinding(ctx.getTenantId(), ctx.getServiceName());
         List<PropertyItemType> bindingsMIMETypeList = ServiceBindingUtils.getPropertyValueList(reportServiceBinding, ServiceBindingUtils.OUTPUT_MIME_PROP);
-        
+
         if (bindingsMIMETypeList != null) {
         	for (PropertyItemType bindingItemMimeType : bindingsMIMETypeList) {
         		MIMETypeItemType resultMimeTypeItem = new MIMETypeItemType();
@@ -159,7 +159,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 
         return result;
     }
-    
+
     private String getInvocationContextLogging(InvocationContext invContext, Map<String, Object> params) {
 		String outputMIME = invContext.getOutputMIME();
 		String mode = invContext.getMode();
@@ -190,10 +190,10 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 			StringBuffer outReportFileName) throws Exception {
 		CoreSessionInterface repoSession = null;
 		boolean releaseRepoSession = false;
-		
+
 		// Ensure the current user has permission to run this report
 		if (isAuthoritzed(reportsCommon) == false) {
-			String msg = String.format("Report Resource: The user '%s' is not authorized to run the report '%s' CSID='%s'", 
+			String msg = String.format("Report Resource: The user '%s' is not authorized to run the report '%s' CSID='%s'",
 					AuthN.get().getUserId(), reportsCommon.getName(), csid);
 			throw new PermissionException(msg);
 		}
@@ -203,10 +203,10 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 		HashMap<String, Object> params = new HashMap<String, Object>();
 		params.put(REPORTS_STD_TENANTID_PARAM, ctx.getTenantId());
 		boolean checkDocType = true;
-		
+
 		// Note we set before we put in the default ones, so they cannot override tenant or CSID.
 		setParamsFromContext(params, invContext);
-		
+
 		if (Invocable.INVOCATION_MODE_SINGLE.equalsIgnoreCase(invocationMode)) {
 			modeProperty = InvocableJAXBSchema.SUPPORTS_SINGLE_DOC;
     		params.put(REPORTS_STD_CSID_PARAM, invContext.getSingleCSID());
@@ -241,11 +241,11 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 			throw new BadRequestException("ReportResource: unknown Invocation Mode: "
         			+invocationMode);
 		}
-		
+
 		logger.debug("The invocation context is: \n " + getInvocationContextLogging(invContext, params));
 		logger.debug("The report is being called with the following parameters, which are being passed to Jasper: \n" + params.toString());
 		logger.debug("The mode being passed to Jasper is: " + invocationMode);
-		
+
 		NuxeoRepositoryClientImpl repoClient = (NuxeoRepositoryClientImpl)this.getRepositoryClient(ctx);
 		repoSession = this.getRepositorySession();
 		if (repoSession == null) {
@@ -265,7 +265,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 	        			+invocationMode);
 			}
 	    	if (checkDocType) {
-	    		List<String> forDocTypeList = 
+	    		List<String> forDocTypeList =
 	    			(List<String>) NuxeoUtils.getProperyValue(docModel, InvocableJAXBSchema.FOR_DOC_TYPES); //docModel.getPropertyValue(InvocableJAXBSchema.FOR_DOC_TYPES);
 	    		if (forDocTypeList==null || !forDocTypeList.contains(invContext.getDocType())) {
 	        		throw new BadRequestException(
@@ -312,10 +312,10 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 				repoClient.releaseRepositorySession(ctx, repoSession);
 			}
 		}
-		
+
        	return buildReportResult(csid, params, reportFileNameProperty, outMimeType.toString(), outReportFileName);
 	}
-	
+
 	private void setParamsFromContext(Map<String, Object> params, InvocationContext invContext) {
 		InvocationContext.Params icParams = invContext.getParams();
 		if(icParams!= null) {
@@ -330,31 +330,31 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 				}
 			}
 		}
-		
+
 	}
 
-    private InputStream buildReportResult(String reportCSID, 
+    private InputStream buildReportResult(String reportCSID,
     		HashMap<String, Object> params, String reportFileName, String outputMimeType, StringBuffer outReportFileName)
     				throws Exception {
 		Connection conn = null;
 		InputStream result = null;
-		
+
     	try {
     		String fileNameBase = Tools.getFilenameBase(reportFileName);
     		String compiledReportFilename = fileNameBase+ReportClient.COMPILED_REPORT_EXTENSION;
     		String reportDescriptionFilename = fileNameBase+ReportClient.REPORT_DECSRIPTION_EXTENSION;
-    		
+
 			String basePath = ServiceMain.getInstance().getServerRootDir() +
-								File.separator + JEEServerDeployment.CSPACE_DIR_NAME + 
+								File.separator + JEEServerDeployment.CSPACE_DIR_NAME +
 								File.separator + REPORTS_FOLDER +
 								// File.separator + tenantName +
 								File.separator; // + reportFileName;
-			
-			String compiledFilePath = basePath+compiledReportFilename; 
+
+			String compiledFilePath = basePath+compiledReportFilename;
 			File f = new File(compiledFilePath);
 			if(!f.exists()) { // Need to compile the file
 				// First verify that there is a source file.
-				String sourceFilePath = basePath+reportDescriptionFilename; 
+				String sourceFilePath = basePath+reportDescriptionFilename;
 				File f2 = new File(sourceFilePath);
 				if(!f2.exists()) { // Missing source file - error!
 					logger.error("Report for csid={} is missing the specified source file: {}",
@@ -364,28 +364,28 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
             	logger.info("Report for csid={} is not compiled. Compiling first, and saving to: {}",
             			reportCSID, compiledFilePath);
             	JasperCompileManager.compileReportToFile(sourceFilePath, compiledFilePath);
-			}				
-				
+			}
+
 			conn = getConnection();
-	
+
             if (logger.isTraceEnabled()) {
             	logger.trace("ReportResource for csid=" + reportCSID
             			+" output as "+outputMimeType+" using report file: "+compiledFilePath);
             }
 			FileInputStream fileStream = new FileInputStream(compiledFilePath);
-	
+
 			// export report to pdf and build a response with the bytes
 			//JasperExportManager.exportReportToPdf(jasperprint);
-			
+
 			JRExporter exporter = null;
 			// Strip extension from report filename.
 			String outputFilename = reportFileName;
 			// Strip extension from report filename.
-			int idx = outputFilename.lastIndexOf("."); 
+			int idx = outputFilename.lastIndexOf(".");
 			if(idx>0)
 				outputFilename = outputFilename.substring(0, idx);
 			// Strip any sub-dir from report filename.
-			idx = outputFilename.lastIndexOf(File.separator); 
+			idx = outputFilename.lastIndexOf(File.separator);
 			if(idx>0)
 				outputFilename = outputFilename.substring(idx+1);
 			if(outputMimeType.equals(MediaType.APPLICATION_XML)) {
@@ -433,15 +433,15 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
                         }
                         // fill the report
 			JasperPrint jasperPrint = JasperFillManager.fillReport(fileStream, params,conn);
-				
+
 			// Report will be to a temporary file.
 			File tempOutputFile = Files.createTempFile("report-", null).toFile();
-			FileOutputStream tempOutputStream = new FileOutputStream(tempOutputFile);			
+			FileOutputStream tempOutputStream = new FileOutputStream(tempOutputFile);
 			exporter.setParameter(JRExporterParameter.JASPER_PRINT, jasperPrint);
 			exporter.setParameter(JRExporterParameter.OUTPUT_STREAM, tempOutputStream);
 			exporter.exportReport();
 			tempOutputStream.close();
-			
+
 			result = new FileInputStream(tempOutputFile);
 	       	return result;
         } catch (SQLException sqle) {
@@ -452,7 +452,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 	            SQLException tempException = sqle;
 	            while (null != tempException) {
 	                	logger.debug("SQL Exception: " + sqle.getLocalizedMessage());
-	
+
 	                // loop to the next exception
 	                tempException = tempException.getNextException();
 	            }
@@ -486,7 +486,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
                     // set up a loop to make sure we let the user know about all of them
                     // if there happens to be more than one.
                     if (logger.isDebugEnabled()) {
-   	                	logger.debug("SQL Exception closing connection: " 
+   	                	logger.debug("SQL Exception closing connection: "
    	                			+ sqle.getLocalizedMessage());
                     }
                 } catch (Exception e) {
@@ -500,7 +500,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 
     private Connection getConnection() throws NamingException, SQLException {
     	Connection result = null;
-    	
+
     	ServiceContext<PoxPayloadIn, PoxPayloadOut> ctx = this.getServiceContext();
     	try {
     		String repositoryName = ctx.getRepositoryName();
@@ -513,7 +513,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 			Log.error(e);
 			throw new NamingException();
 		}
-    	
+
     	return result;
     }
 
@@ -525,7 +525,7 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 	 */
 	protected boolean isAuthoritzedWithPermissions(ReportsCommon reportsCommon) {
 		boolean result = true;
-		
+
 		ResourceActionGroupList resourceActionGroupList = reportsCommon.getResourceActionGroupList();
 		if (resourceActionGroupList != null) {
 			String tenantId = AuthN.get().getCurrentTenantId();
@@ -540,74 +540,74 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 				}
 			}
 		}
-		
+
 		return result;
 	}
 
 	/**
 	 * Returns true if we found any required permissions.
-	 * 
+	 *
 	 * @param reportCommon
 	 * @return
 	 */
 	private boolean hasRequiredPermissions(ReportsCommon reportCommon) {
 		boolean result = false;
-		
+
 		try {
 			result = reportCommon.getResourceActionGroupList().getResourceActionGroup().size() > 0;
 		} catch (NullPointerException e) {
 			// ignore exception, we're just testing to see if we have any list elements
 		}
-		
+
 		return result;
 	}
-	
+
 	/**
 	 * Returns true if we found any required roles.
-	 * 
+	 *
 	 * @param reportCommon
 	 * @return
 	 */
 	private boolean hasRequiredRoles(ReportsCommon reportCommon) {
 		boolean result = false;
-		
+
 		try {
 			result = reportCommon.getForRoles().getRoleDisplayName().size() > 0;
 		} catch (NullPointerException e) {
 			// ignore exception, we're just testing to see if we have any list elements
 		}
-		
+
 		return result;
 	}
-    
+
 	/**
 	 * The current user is authorized to run the report if:
 	 * 	1. No permissions or roles are specified in the report
 	 *  2. No roles are specified, but permissions are specified and the current user has those permissions
 	 *  3. Roles are specified and the current user is a member of at least one of the roles.
-	 * 
+	 *
 	 * @param reportsCommon
 	 * @return
 	 */
 	protected boolean isAuthoritzed(ReportsCommon reportsCommon) {
 		boolean result = true;
-		
-		if (hasRequiredRoles(reportsCommon)) { 
+
+		if (hasRequiredRoles(reportsCommon)) {
 			result = isAuthorizedWithRoles(reportsCommon);
 		} else if (hasRequiredPermissions(reportsCommon)) {
 			result = isAuthoritzedWithPermissions(reportsCommon);
 		}
-		 		
+
 		return result;
 	}
-	
+
 	protected boolean isAuthorizedWithRoles(ReportsCommon reportCommon) {
 		boolean result = false;
-		
+
 		ForRoles forRolesList = reportCommon.getForRoles();
 		if (forRolesList != null) {
 			AccountResource accountResource = new AccountResource();
-			List<String> roleDisplayNameList = accountResource.getAccountRoles(AuthN.get().getUserId(), AuthN.get().getCurrentTenantId());
+			List<String> roleDisplayNameList = accountResource.getAccountRoleDisplayNames(AuthN.get().getUserId(), AuthN.get().getCurrentTenantId());
 			for (String target : forRolesList.getRoleDisplayName()) {
 				if (Tools.listContainsIgnoreCase(roleDisplayNameList, target)) {
 					result = true;
@@ -615,9 +615,8 @@ public class ReportDocumentModelHandler extends NuxeoDocumentModelHandler<Report
 				}
 			}
 		}
-		
+
 		return result;
 	}
 
 }
-
-- 
2.47.3