[New] Requiring TX for privilege services

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegePoliciesService.java

@@ -1,12 +1,12 @@
 /*
  * Copyright 2015 Robert von Burg <eitch@eitchnet.ch>
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -15,6 +15,9 @@
  */
 package li.strolch.rest.endpoint;
 
+import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_ACTION;
+import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_ACTION_GET_POLICIES;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
@@ -26,8 +29,10 @@ import java.util.Map;
 
 import com.google.gson.JsonObject;
 import li.strolch.agent.api.ComponentContainer;
+import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.privilege.handler.PrivilegeHandler;
 import li.strolch.privilege.model.Certificate;
+import li.strolch.privilege.model.SimpleRestrictable;
 import li.strolch.rest.RestfulStrolchComponent;
 import li.strolch.rest.StrolchRestfulConstants;
 
@@ -44,18 +49,27 @@ public class PrivilegePoliciesService {
 		return container.getPrivilegeHandler().getPrivilegeHandler();
 	}
 
+	private static String getContext() {
+		StackTraceElement element = new Throwable().getStackTrace()[2];
+		return element.getClassName() + "." + element.getMethodName();
+	}
+
 	@GET
 	@Produces(MediaType.APPLICATION_JSON)
-	public Response getRoles(@Context HttpServletRequest request) {
+	public Response getPrivilegePolicies(@Context HttpServletRequest request) {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		Map<String, String> policyDefs = privilegeHandler.getPolicyDefs(cert);
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
+			tx.validateAction(new SimpleRestrictable(PRIVILEGE_ACTION, PRIVILEGE_ACTION_GET_POLICIES));
 
-		JsonObject policiesJ = new JsonObject();
+			Map<String, String> policyDefs = privilegeHandler.getPolicyDefs(cert);
-		for (String key : policyDefs.keySet()) {
+
-			policiesJ.addProperty(key, policyDefs.get(key));
+			JsonObject policiesJ = new JsonObject();
+			for (String key : policyDefs.keySet()) {
+				policiesJ.addProperty(key, policyDefs.get(key));
+			}
+			return Response.ok(policiesJ.toString(), MediaType.APPLICATION_JSON).build();
 		}
-		return Response.ok(policiesJ.toString(), MediaType.APPLICATION_JSON).build();
 	}
 }

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeRolesService.java

@@ -16,6 +16,7 @@
 package li.strolch.rest.endpoint;
 
 import static java.util.Comparator.comparing;
+import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_GET_ROLE;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.*;
@@ -27,6 +28,7 @@ import com.google.gson.JsonArray;
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.model.json.PrivilegeElementFromJsonVisitor;
 import li.strolch.model.json.PrivilegeElementToJsonVisitor;
+import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.privilege.handler.PrivilegeHandler;
 import li.strolch.privilege.model.Certificate;
 import li.strolch.privilege.model.PrivilegeRep;
@@ -48,20 +50,29 @@ public class PrivilegeRolesService {
 		return container.getPrivilegeHandler().getPrivilegeHandler();
 	}
 
+	private static String getContext() {
+		StackTraceElement element = new Throwable().getStackTrace()[2];
+		return element.getClassName() + "." + element.getMethodName();
+	}
+
 	@GET
 	@Produces(MediaType.APPLICATION_JSON)
 	public Response getRoles(@Context HttpServletRequest request) {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
-		JsonArray rolesJ = privilegeHandler.getRoles(cert).stream() //
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_ROLE);
-				.sorted(comparing(roleRep -> roleRep.getName().toLowerCase())) //
-				.collect(JsonArray::new, //
-						(array, role) -> array.add(role.accept(visitor)), //
-						JsonArray::addAll);
 
-		return Response.ok(rolesJ.toString(), MediaType.APPLICATION_JSON).build();
+			PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
+			JsonArray rolesJ = privilegeHandler.getRoles(cert).stream() //
+					.sorted(comparing(roleRep -> roleRep.getName().toLowerCase())) //
+					.collect(JsonArray::new, //
+							(array, role) -> array.add(role.accept(visitor)), //
+							JsonArray::addAll);
+
+			return Response.ok(rolesJ.toString(), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@GET
@@ -71,9 +82,12 @@ public class PrivilegeRolesService {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.getRole(cert, rolename);
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
-		return Response.ok(role.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON)
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_ROLE);
-				.build();
+
+			RoleRep role = privilegeHandler.getRole(cert, rolename);
+			return Response.ok(role.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@POST

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java

@@ -16,6 +16,7 @@
 package li.strolch.rest.endpoint;
 
 import static java.util.Comparator.comparing;
+import static li.strolch.privilege.handler.PrivilegeHandler.PRIVILEGE_GET_USER;
 import static li.strolch.rest.helper.RestfulHelper.toJson;
 import static li.strolch.search.SearchBuilder.buildSimpleValueSearch;
 
@@ -34,6 +35,7 @@ import com.google.gson.*;
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.model.json.PrivilegeElementFromJsonVisitor;
 import li.strolch.model.json.PrivilegeElementToJsonVisitor;
+import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.privilege.handler.PrivilegeHandler;
 import li.strolch.privilege.model.Certificate;
 import li.strolch.privilege.model.UserRep;
@@ -65,27 +67,36 @@ public class PrivilegeUsersService {
 		return container.getPrivilegeHandler().getPrivilegeHandler();
 	}
 
+	private static String getContext() {
+		StackTraceElement element = new Throwable().getStackTrace()[2];
+		return element.getClassName() + "." + element.getMethodName();
+	}
+
 	@GET
 	@Produces(MediaType.APPLICATION_JSON)
 	public Response queryUsers(@Context HttpServletRequest request, @BeanParam QueryData queryData) {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		String query = queryData.getQuery();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
-		List<UserRep> users = privilegeHandler.getUsers(cert);
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
-		SearchResult<UserRep> result = buildSimpleValueSearch(new ValueSearch<UserRep>(), query, Arrays.asList( //
-				UserRep::getUsername, //
-				UserRep::getFirstname,  //
-				UserRep::getLastname,  //
-				userRep -> userRep.getUserState().name(),  //
-				UserRep::getRoles)) //
-				.search(users) //
-				.orderBy(comparing(r -> r.getUsername().toLowerCase()));
 
-		PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
+			String query = queryData.getQuery();
-		JsonObject root = toJson(queryData, users.size(), result, t -> t.accept(visitor));
+			List<UserRep> users = privilegeHandler.getUsers(cert);
-		Gson gson = new GsonBuilder().setPrettyPrinting().create();
+			SearchResult<UserRep> result = buildSimpleValueSearch(new ValueSearch<UserRep>(), query, Arrays.asList( //
-		return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
+					UserRep::getUsername, //
+					UserRep::getFirstname,  //
+					UserRep::getLastname,  //
+					userRep -> userRep.getUserState().name(),  //
+					UserRep::getRoles)) //
+					.search(users) //
+					.orderBy(comparing(r -> r.getUsername().toLowerCase()));
+
+			PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
+			JsonObject root = toJson(queryData, users.size(), result, t -> t.accept(visitor));
+			Gson gson = new GsonBuilder().setPrettyPrinting().create();
+			return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@POST
@@ -96,16 +107,20 @@ public class PrivilegeUsersService {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
 
-		UserRep queryRep = new PrivilegeElementFromJsonVisitor().userRepFromJson(query);
+			PrivilegeElementToJsonVisitor visitor = new PrivilegeElementToJsonVisitor();
-		JsonArray usersArr = privilegeHandler.queryUsers(cert, queryRep).stream() //
-				.sorted(comparing(r -> r.getUsername().toLowerCase())) //
-				.collect(JsonArray::new, //
-						(array, user) -> array.add(user.accept(visitor)), //
-						JsonArray::addAll);
 
-		return Response.ok(usersArr.toString(), MediaType.APPLICATION_JSON).build();
+			UserRep queryRep = new PrivilegeElementFromJsonVisitor().userRepFromJson(query);
+			JsonArray usersArr = privilegeHandler.queryUsers(cert, queryRep).stream() //
+					.sorted(comparing(r -> r.getUsername().toLowerCase())) //
+					.collect(JsonArray::new, //
+							(array, user) -> array.add(user.accept(visitor)), //
+							JsonArray::addAll);
+
+			return Response.ok(usersArr.toString(), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@GET
@@ -115,9 +130,12 @@ public class PrivilegeUsersService {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		PrivilegeHandler privilegeHandler = getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.getUser(cert, username);
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
-		return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON)
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_USER);
-				.build();
+
+			UserRep user = privilegeHandler.getUser(cert, username);
+			return Response.ok(user.accept(new PrivilegeElementToJsonVisitor()).toString(), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@POST

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/UserSessionsService.java

@@ -16,6 +16,7 @@
 package li.strolch.rest.endpoint;
 
 import static li.strolch.rest.helper.RestfulHelper.toJson;
+import static li.strolch.runtime.StrolchConstants.StrolchPrivilegeConstants.PRIVILEGE_GET_SESSION;
 import static li.strolch.search.SearchBuilder.buildSimpleValueSearch;
 
 import javax.servlet.http.HttpServletRequest;
@@ -31,6 +32,7 @@ import java.util.Locale;
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
 import com.google.gson.JsonObject;
+import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.privilege.model.Certificate;
 import li.strolch.rest.RestfulStrolchComponent;
 import li.strolch.rest.StrolchRestfulConstants;
@@ -48,6 +50,11 @@ public class UserSessionsService {
 
 	private static final Logger logger = LoggerFactory.getLogger(UserSessionsService.class);
 
+	private static String getContext() {
+		StackTraceElement element = new Throwable().getStackTrace()[2];
+		return element.getClassName() + "." + element.getMethodName();
+	}
+
 	@GET
 	@Produces(MediaType.APPLICATION_JSON)
 	public Response querySessions(@Context HttpServletRequest request, @BeanParam QueryData queryData) {
@@ -56,19 +63,23 @@ public class UserSessionsService {
 		logger.info("[" + cert.getUsername() + "] Querying user sessions...");
 		StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
 
-		String query = queryData.getQuery();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
-		List<UserSession> sessions = sessionHandler.getSessions(cert, source);
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
 
-		SearchResult<UserSession> result = buildSimpleValueSearch(new ValueSearch<UserSession>(), query,
+			String query = queryData.getQuery();
-				Arrays.asList( //
+			List<UserSession> sessions = sessionHandler.getSessions(cert, source);
-						UserSession::getUsername, //
-						UserSession::getFirstname,  //
-						UserSession::getLastname,  //
-						UserSession::getUserRoles)).search(sessions);
 
-		JsonObject root = toJson(queryData, sessions.size(), result, UserSession::toJson);
+			SearchResult<UserSession> result = buildSimpleValueSearch(new ValueSearch<UserSession>(), query,
-		Gson gson = new GsonBuilder().setPrettyPrinting().create();
+					Arrays.asList( //
-		return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
+							UserSession::getUsername, //
+							UserSession::getFirstname,  //
+							UserSession::getLastname,  //
+							UserSession::getUserRoles)).search(sessions);
+
+			JsonObject root = toJson(queryData, sessions.size(), result, UserSession::toJson);
+			Gson gson = new GsonBuilder().setPrettyPrinting().create();
+			return Response.ok(gson.toJson(root), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@GET
@@ -79,8 +90,13 @@ public class UserSessionsService {
 		String source = (String) request.getAttribute(StrolchRestfulConstants.STROLCH_REQUEST_SOURCE);
 		logger.info("[" + cert.getUsername() + "] Returning session " + sessionId);
 		StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
-		UserSession session = sessionHandler.getSession(cert, source, sessionId);
+
-		return Response.ok(session.toJson().toString(), MediaType.APPLICATION_JSON).build();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
+
+			UserSession session = sessionHandler.getSession(cert, source, sessionId);
+			return Response.ok(session.toJson().toString(), MediaType.APPLICATION_JSON).build();
+		}
 	}
 
 	@DELETE
@@ -90,8 +106,13 @@ public class UserSessionsService {
 		Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE);
 		logger.info("[" + cert.getUsername() + "] Invalidating session " + sessionId);
 		StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler();
-		sessionHandler.invalidate(cert, sessionId);
+
-		return ResponseUtil.toResponse();
+		try (StrolchTransaction tx = RestfulStrolchComponent.getInstance().openTx(cert, getContext())) {
+			tx.getPrivilegeContext().assertHasPrivilege(PRIVILEGE_GET_SESSION);
+
+			sessionHandler.invalidate(cert, sessionId);
+			return ResponseUtil.toResponse();
+		}
 	}
 
 	@PUT

li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddOrReplacePrivilegeOnRoleService.java

@@ -46,11 +46,13 @@ public class PrivilegeAddOrReplacePrivilegeOnRoleService
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep);
+		RoleRep role;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
+
+			role = privilegeHandler.addOrReplacePrivilegeOnRole(getCertificate(), arg.roleName, arg.privilegeRep);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
 							role.getName());

li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeAddRoleService.java

@@ -44,11 +44,13 @@ public class PrivilegeAddRoleService extends AbstractService<PrivilegeRoleArgume
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.addRole(getCertificate(), arg.role);
+		RoleRep role;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE)) {
 			tx.setSuppressAudits(true);
+
+			role = privilegeHandler.addRole(getCertificate(), arg.role);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
 							role.getName());

li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemovePrivilegeFromRoleService.java

@@ -46,11 +46,13 @@ public class PrivilegeRemovePrivilegeFromRoleService
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName);
+		RoleRep role;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, StrolchPrivilegeConstants.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
+
+			role = privilegeHandler.removePrivilegeFromRole(getCertificate(), arg.roleName, arg.privilegeName);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
 							role.getName());

li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeRemoveRoleService.java

@@ -45,11 +45,13 @@ public class PrivilegeRemoveRoleService extends AbstractService<PrivilegeRoleNam
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.removeRole(getCertificate(), arg.roleName);
+		RoleRep role;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE)) {
 			tx.setSuppressAudits(true);
+
+			role = privilegeHandler.removeRole(getCertificate(), arg.roleName);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
 							role.getName());

li.strolch.service/src/main/java/li/strolch/service/privilege/roles/PrivilegeUpdateRoleService.java

@@ -45,11 +45,13 @@ public class PrivilegeUpdateRoleService extends AbstractService<PrivilegeRoleArg
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		RoleRep role = privilegeHandler.replaceRole(getCertificate(), arg.role);
+		RoleRep role;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_ROLE)) {
 			tx.setSuppressAudits(true);
+
+			role = privilegeHandler.replaceRole(getCertificate(), arg.role);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.ROLE,
 							role.getName());

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeAddRoleToUserService.java

@@ -46,11 +46,13 @@ public class PrivilegeAddRoleToUserService
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.addRoleToUser(getCertificate(), arg.username, arg.rolename);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveRoleFromUserService.java

@@ -45,11 +45,13 @@ public class PrivilegeRemoveRoleFromUserService
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_ROLE_FROM_USER)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.removeRoleFromUser(getCertificate(), arg.username, arg.rolename);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeRemoveUserService.java

@@ -45,11 +45,13 @@ public class PrivilegeRemoveUserService extends AbstractService<PrivilegeUserNam
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.removeUser(getCertificate(), arg.username);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_REMOVE_USER)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.removeUser(getCertificate(), arg.username);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.DELETE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserLocaleService.java

@@ -46,11 +46,13 @@ public class PrivilegeSetUserLocaleService
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_LOCALE)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.setUserLocale(getCertificate(), arg.username, arg.locale);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());
@@ -59,14 +61,4 @@ public class PrivilegeSetUserLocaleService
 
 		return new PrivilegeUserResult(user);
 	}
-
-	@Override
-	public String getPrivilegeName() {
-		return StrolchPrivilegeConstants.PRIVILEGE_SET_USER_LOCALE;
-	}
-
-	@Override
-	public String getPrivilegeValue() {
-		return null;
-	}
 }

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserPasswordService.java

@@ -42,19 +42,20 @@ public class PrivilegeSetUserPasswordService extends AbstractService<PrivilegeSe
 	@Override
 	protected ServiceResult internalDoService(PrivilegeSetUserPasswordArgument arg) throws Exception {
 
-		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
-		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
-		privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password);
-
-		// only persist if not setting own password
-		if (!getCertificate().getUsername().equals(arg.username) && getPrivilegeContext().getPrivilegeNames()
-				.contains(PrivilegeHandler.PRIVILEGE_ACTION_PERSIST)) {
-
-			privilegeHandler.persist(getCertificate());
-		}
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_PASSWORD)) {
 			tx.setSuppressAudits(true);
+
+			li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer()
+					.getPrivilegeHandler();
+			PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
+			privilegeHandler.setUserPassword(getCertificate(), arg.username, arg.password);
+
+			// only persist if not setting own password
+			if (!getCertificate().getUsername().equals(arg.username) && getPrivilegeContext().getPrivilegeNames()
+					.contains(PrivilegeHandler.PRIVILEGE_ACTION_PERSIST)) {
+				privilegeHandler.persist(getCertificate());
+			}
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							arg.username);

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeSetUserStateService.java

@@ -45,11 +45,13 @@ public class PrivilegeSetUserStateService extends AbstractService<PrivilegeSetUs
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_SET_USER_STATE)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.setUserState(getCertificate(), arg.username, arg.userState);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());
@@ -58,14 +60,4 @@ public class PrivilegeSetUserStateService extends AbstractService<PrivilegeSetUs
 
 		return new PrivilegeUserResult(user);
 	}
-
-	@Override
-	public String getPrivilegeName() {
-		return StrolchPrivilegeConstants.PRIVILEGE_SET_USER_STATE;
-	}
-
-	@Override
-	public String getPrivilegeValue() {
-		return null;
-	}
 }

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserRolesService.java

@@ -55,28 +55,31 @@ public class PrivilegeUpdateUserRolesService extends AbstractService<JsonService
 		rolesE.forEach(e -> roles.add(e.getAsString()));
 
 		String username = arg.objectId;
-		UserRep user = privilegeHandler.getUser(getCertificate(), username);
 
-		// first add new roles
+		UserRep user;
-		boolean changed = false;
+		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
-		for (String role : roles) {
+			tx.setSuppressAudits(true);
-			if (!user.hasRole(role)) {
+
-				user = privilegeHandler.addRoleToUser(getCertificate(), username, role);
+			user = privilegeHandler.getUser(getCertificate(), username);
-				changed = true;
+
+			// first add new roles
+			boolean changed = false;
+			for (String role : roles) {
+				if (!user.hasRole(role)) {
+					user = privilegeHandler.addRoleToUser(getCertificate(), username, role);
+					changed = true;
+				}
 			}
-		}
 
-		// handle removed roles
+			// handle removed roles
-		for (String role : user.getRoles()) {
+			for (String role : user.getRoles()) {
-			if (!roles.contains(role)) {
+				if (!roles.contains(role)) {
-				user = privilegeHandler.removeRoleFromUser(getCertificate(), username, role);
+					user = privilegeHandler.removeRoleFromUser(getCertificate(), username, role);
-				changed = true;
+					changed = true;
+				}
 			}
-		}
 
-		if (changed) {
+			if (changed) {
-			try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_ADD_ROLE_TO_USER)) {
-				tx.setSuppressAudits(true);
 				Audit audit = tx.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE,
 						StrolchPrivilegeConstants.USER, user.getUsername());
 				tx.getAuditTrail().add(tx, audit);

li.strolch.service/src/main/java/li/strolch/service/privilege/users/PrivilegeUpdateUserService.java

@@ -45,11 +45,13 @@ public class PrivilegeUpdateUserService extends AbstractService<PrivilegeUserArg
 		li.strolch.runtime.privilege.PrivilegeHandler strolchPrivilegeHandler = getContainer().getPrivilegeHandler();
 		PrivilegeHandler privilegeHandler = strolchPrivilegeHandler.getPrivilegeHandler();
 
-		UserRep user = privilegeHandler.updateUser(getCertificate(), arg.user);
+		UserRep user;
-		privilegeHandler.persist(getCertificate());
-
 		try (StrolchTransaction tx = openArgOrUserTx(arg, PrivilegeHandler.PRIVILEGE_MODIFY_USER)) {
 			tx.setSuppressAudits(true);
+
+			user = privilegeHandler.updateUser(getCertificate(), arg.user);
+			privilegeHandler.persist(getCertificate());
+
 			Audit audit = tx
 					.auditFrom(AccessType.UPDATE, StrolchPrivilegeConstants.PRIVILEGE, StrolchPrivilegeConstants.USER,
 							user.getUsername());