From f433b120c09c5c792c5685abf60b952d3db59628 Mon Sep 17 00:00:00 2001
From: Ainur <yagudin10@yandex.ru>
Date: Wed, 20 Sep 2023 14:47:38 +0200
Subject: [PATCH] CB-3945 check rm admin permission

---
 .../src/io/cloudbeaver/service/security/SMUtils.java          | 4 ++++
 .../server/events/WSSubjectPermissionUpdatedEventHandler.java | 3 +--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/service/security/SMUtils.java b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/service/security/SMUtils.java
index c24b70d2f5..508d3f61be 100644
--- a/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/service/security/SMUtils.java
+++ b/server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/service/security/SMUtils.java
@@ -30,6 +30,10 @@ public static boolean isRMAdmin(SMCredentialsProvider webSession) {
         return isAdmin(webSession) || webSession.hasPermission(RMConstants.PERMISSION_RM_ADMIN);
     }
 
+    public static boolean isRMAdmin(@NotNull Set<String> permissions) {
+        return isAdmin(permissions) || permissions.contains(RMConstants.PERMISSION_RM_ADMIN);
+    }
+
     public static boolean hasProjectPermission(
         SMCredentialsProvider credentialsProvider,
         RMProject project,
diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/events/WSSubjectPermissionUpdatedEventHandler.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/events/WSSubjectPermissionUpdatedEventHandler.java
index 93741136e0..d71b7131ae 100644
--- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/events/WSSubjectPermissionUpdatedEventHandler.java
+++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/events/WSSubjectPermissionUpdatedEventHandler.java
@@ -16,7 +16,6 @@
  */
 package io.cloudbeaver.server.events;
 
-import io.cloudbeaver.DBWConstants;
 import io.cloudbeaver.model.session.BaseWebSession;
 import io.cloudbeaver.service.security.SMUtils;
 import org.jkiss.code.NotNull;
@@ -42,7 +41,7 @@ protected void updateSessionData(@NotNull BaseWebSession activeUserSession, @Not
         }
         activeUserSession.refreshUserData();
         var newUserPermissions = activeUserSession.getUserContext().getUserPermissions();
-        boolean shouldUpdateData = !(SMUtils.isAdmin(oldUserPermissions) && SMUtils.isAdmin(newUserPermissions));
+        boolean shouldUpdateData = !(SMUtils.isRMAdmin(oldUserPermissions) && SMUtils.isRMAdmin(newUserPermissions));
         if (shouldUpdateData) {
             super.updateSessionData(activeUserSession, event);
         }