// Shows how to add/check/remove permissions for a n entity (resource) of a user or a group entity
func Example_acl() {
	entityManager := initEntityManager()
	fmt.Println("ExampleShowACLAddCheckRemovePermissions")
	fmt.Printf("User %q permission %q is %v\n", userName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userName1, resourceName, en.Permission(canUsePermission)))
	data, _ := entityManager.GetPropertyAttachedToEntity(resourceName, defs.AclPropertyName)
	a, ok := data.(*acl.Acl)
	if ok == false {
		fmt.Println("Error: Cannot get property", defs.AclPropertyName, "attached to resource", resourceName)
		return
	}
	a.AddPermissionToEntity(entityManager, userName1, en.Permission(canUsePermission))
	fmt.Printf("User %q permission %q is: %v\n", userName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userName1, resourceName, en.Permission(canUsePermission)))
	a.AddPermissionToEntity(entityManager, groupName, en.Permission(supportPermission))
	a.AddPermissionToEntity(entityManager, groupName, en.Permission(canUsePermission))
	a.AddPermissionToEntity(entityManager, defs.AclAllEntryName, en.Permission(allPermission))
	a.AddPermissionToEntity(entityManager, userInGroupName1, en.Permission(usersPermission))
	permissions, _ := acl.GetUserPermissions(entityManager, userInGroupName1, resourceName)
	fmt.Printf("All the permissions for user %q on resource %q are: %q\n",
		userInGroupName1, resourceName, permissions)
	permissions, _ = acl.GetUserPermissions(entityManager, groupName, resourceName)
	fmt.Printf("All the permissions for group %q on resource %q are: %q\n", groupName, resourceName, permissions)
	a.RemovePermissionFromEntity(groupName, en.Permission(canUsePermission))
	fmt.Printf("After remove permission: %q from group %q\n", canUsePermission, groupName)
	fmt.Printf("User %q permission %q is: %v\n", userInGroupName1, canUsePermission,
		acl.CheckUserPermission(entityManager, userInGroupName1, resourceName, en.Permission(canUsePermission)))
	fmt.Printf("All the permissions are: %q\n", a.GetAllPermissions())
}
func (a AclRestful) restCheckPermission(request *restful.Request, response *restful.Response) {
	a1, aclInfo, err := a.getResourceAclData(request, response)
	if err != nil {
		a.setError(response, http.StatusNotFound, err)
		return
	}
	if a1 == nil {
		a.setError(response, http.StatusNotFound, err)
		return
	}
	ok := false
	status := http.StatusOK
	if a1 != nil && aclInfo != nil {
		ok = acl.CheckUserPermission(a.st.UsersList, aclInfo.UserName, aclInfo.ResourceName, en.Permission(aclInfo.Permission))
	}
	str := fmt.Sprintf("Permission '%v' is allowed", aclInfo.Permission)
	if ok == false {
		str = fmt.Sprintf("Permission '%v' doesn't allowed", aclInfo.Permission)
		status = http.StatusNotFound
	}
	res := cr.Match{Match: ok, Message: str}
	response.WriteHeaderAndEntity(status, res)
}