Lisätty:

- LanEventDomain - Facadesäätöä - Englanninkielistä käännöstä. - Poistettu PermissionDeniedException turhana ja huonona designpatternina..

Lisätty:
- LanEventDomain - Facadesäätöä - Englanninkielistä käännöstä. - Poistettu PermissionDeniedException turhana ja huonona designpatternina..
Tuomas Riihimäki
Commit 77bd09e1 authored Apr 29, 2012 by Tuomas Riihimäki
Showing with 569 additions and 435 deletions
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/AccountEventBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/CardTemplateBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventMapBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PermissionBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceGroupBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/TestDataBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UtilBean.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccountEventFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ActionLogFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillLineFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CardTemplateFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFileFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryParticipantFacade.java
code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoFacade.java
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/AccountEventBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/AccountEventBean.java
@@ -91,7 +91,7 @@ public class AccountEventBean implements AccountEventBeanLocal {
 	 */
 	@Override
 	@RolesAllowed(ShopPermission.S_SHOP_PRODUCTS)
-	public List<AccountEvent> shopCash(User shoppingUser, Map<Product, BigDecimal> shopMap, boolean buyInstant) throws PermissionDeniedException {
+	public List<AccountEvent> shopCash(User shoppingUser, Map<Product, BigDecimal> shopMap, boolean buyInstant) {
 		logger.debug("Shoping cash. buyinstant {}", buyInstant);
 		User seller = permbean.getCurrentUser();
 		shoppingUser = userbean.findById(shoppingUser.getId());

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/BillBean.java
@@ -9,6 +9,7 @@ import java.util.List;
 import javax.annotation.security.DeclareRoles;
 import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
 import javax.persistence.EntityManager;
@@ -20,6 +21,7 @@ import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beanutil.PdfPrinter;
 import fi.insomnia.bortal.bortal.views.BillSummary;
 import fi.insomnia.bortal.enums.apps.BillPermission;
+import fi.insomnia.bortal.enums.apps.SpecialPermission;
 import fi.insomnia.bortal.facade.BillFacade;
 import fi.insomnia.bortal.facade.BillLineFacade;
 import fi.insomnia.bortal.facade.UserFacade;
@@ -37,7 +39,13 @@ import fi.insomnia.bortal.utilities.I18n;
 */
 @Stateless
 @LocalBean
-@DeclareRoles({ "USER", "BILL/WRITE_ALL", "BILL/READ_ALL", "BILL/CREATE_BILL" })
+@DeclareRoles({
+		BillPermission.S_CREATE_BILL,
+		BillPermission.S_READ_ALL,
+		BillPermission.S_VIEW_OWN,
+		BillPermission.S_WRITE_ALL,
+		SpecialPermission.S_USER
+})
 public class BillBean implements BillBeanLocal {
 	private static final Logger logger = LoggerFactory.getLogger(BillBean.class);
@@ -66,6 +74,9 @@ public class BillBean implements BillBeanLocal {
 	@EJB
 	private UtilBean utilbean;
+	@EJB
+	private LoggingBeanLocal loggingBean;
 	/**
 	 * Default constructor.
 	 */
@@ -74,7 +85,7 @@ public class BillBean implements BillBeanLocal {
 	}
 	@Override
-	@RolesAllowed("USER")
+	@RolesAllowed(BillPermission.S_VIEW_OWN)
 	public Bill findById(int id) {
 		LanEvent event = eventbean.getCurrentEvent();
 		if (id <= 0) {
@@ -180,14 +191,14 @@ public class BillBean implements BillBeanLocal {
 	// }
 	@Override
-	@RolesAllowed("BILL/READ_ALL")
+	@RolesAllowed(BillPermission.S_READ_ALL)
 	public List<Bill> findAll() {
 		return billFacade.findAll(eventbean.getCurrentEvent());
 	}
 	@Override
-	@RolesAllowed("BILL/READ_ALL")
+	@RolesAllowed(BillPermission.S_READ_ALL)
 	public Collection<BillSummary> getBillLineSummary() {
 		Collection<BillSummary> ret = billLineFacade.getLineSummary(eventbean.getCurrentEvent());
@@ -195,7 +206,7 @@ public class BillBean implements BillBeanLocal {
 	}
 	@Override
-	@RolesAllowed("BILL/WRITE_ALL")
+	@RolesAllowed(BillPermission.S_WRITE_ALL)
 	public void markPaid(Bill bill, Calendar when) {
 		Product creditproduct = productBean.findCreditProduct();
@@ -233,10 +244,11 @@ public class BillBean implements BillBeanLocal {
 	}
 	@Override
-	@RolesAllowed("BILL/CREATE_BILL")
+	@RolesAllowed({ BillPermission.S_CREATE_BILL, BillPermission.S_WRITE_ALL })
-	public void createBill(Bill bill) throws PermissionDeniedException {
+	public void createBill(Bill bill) {
-		if (!permbean.isCurrentUser(bill.getUser())) {
+		if (!permbean.hasPermission(BillPermission.WRITE_ALL) || !permbean.isCurrentUser(bill.getUser())) {
-			permbean.fatalPermission(BillPermission.WRITE_ALL, "Not enought rights to create bill for user ", bill.getUser());
+			loggingBean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "Not enought rights to create bill for user ");
+			throw new EJBAccessException("Could not create bill for another user");
 		}
 		User user = userfacade.find(bill.getUser().getId());
 		if (user.getBills() == null) {

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/CardTemplateBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/CardTemplateBean.java
@@ -87,7 +87,7 @@ public class CardTemplateBean implements CardTemplateBeanLocal {
 	}
 	@Override
-	public void checkAllUsersCardRights() throws PermissionDeniedException {
+	public void checkAllUsersCardRights() {
 		for (User u : userbean.getUsers()) {
 			checkPrintedCard(u);
 		}
@@ -99,7 +99,7 @@ public class CardTemplateBean implements CardTemplateBeanLocal {
 	 * @throws PermissionDeniedException
 	 */
 	@Override
-	public PrintedCard checkPrintedCard(User user) throws PermissionDeniedException {
+	public PrintedCard checkPrintedCard(User user) {
 		logger.info("Checking printed card");
 		user = userfacade.find(user.getId());
@@ -166,7 +166,7 @@ public class CardTemplateBean implements CardTemplateBeanLocal {
 	}
 	@RolesAllowed(UserPermission.S_WRITE_ROLES)
-	public CardTemplate getUsersCardtype(User user) throws PermissionDeniedException {
+	public CardTemplate getUsersCardtype(User user) {
 		List<Role> roles = userbean.findUsersRoles(user);
 		CardTemplate greatestTemplate = null;
@@ -182,7 +182,7 @@ public class CardTemplateBean implements CardTemplateBeanLocal {
 	}
 	@Override
-	public PrintedCard setRfidUid(String tag, User user) throws PermissionDeniedException {
+	public PrintedCard setRfidUid(String tag, User user) {
 		PrintedCard ct = checkPrintedCard(user);
 		return setRfidUid(tag, ct);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventBean.java
 package fi.insomnia.bortal.beans;
+import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
@@ -10,10 +11,13 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.clientutils.BortalLocalContextHolder;
+import fi.insomnia.bortal.enums.apps.SpecialPermission;
 import fi.insomnia.bortal.facade.EventFacade;
 import fi.insomnia.bortal.facade.EventOrganiserFacade;
+import fi.insomnia.bortal.facade.LanEventDomainFacade;
 import fi.insomnia.bortal.model.EventOrganiser;
 import fi.insomnia.bortal.model.LanEvent;
+import fi.insomnia.bortal.model.LanEventDomain;
 import fi.insomnia.bortal.model.User;
 /**
@@ -26,6 +30,7 @@ public class EventBean implements EventBeanLocal {
 	private static final String DEFAULT_EVENT_NAME = "Default event";
 	private static final String DEFAULT_ORGANISATION_NAME = "Default organisation";
 	private static final Logger logger = LoggerFactory.getLogger(EventBean.class);
+	private static final String DEFAULT_EVENT_DOMAIN = null;
 	@EJB
 	private EventFacade eventFacade;
@@ -38,6 +43,8 @@ public class EventBean implements EventBeanLocal {
 	private LoggingBeanLocal loggingbean;
 	@EJB
 	private PermissionBeanLocal permbean;
+	@EJB
+	private LanEventDomainFacade domainfacade;
 	@Override
 	public LanEvent getEventByHostname(String hostname) {
@@ -80,28 +87,49 @@ public class EventBean implements EventBeanLocal {
 	@Override
 	public LanEvent getCurrentEvent() {
+		String hostname = BortalLocalContextHolder.getHostname();
+		// logger.info("Current hostname from context: {}", hostname);
+		LanEvent ret = null;
+		if (BortalLocalContextHolder.getHostnameId() != null) {
+			ret = eventFacade.find(BortalLocalContextHolder.getHostnameId());
+			if (ret != null) {
+				return ret;
+			}
+		}
+		if (hostname == null || hostname.isEmpty()) {
+			hostname = DEFAULT_EVENT_DOMAIN;
+		}
+		LanEventDomain domain = domainfacade.findByDomain(hostname);
-		LanEvent ret = getEventByHostname(BortalLocalContextHolder.getHostname());
+		if (domain != null)
+		{
+			ret = domain.getEvent();
+		}
+		if (ret == null) {
+			ret = this.findOrCreateDefaultEvent();
+		}
+		BortalLocalContextHolder.setHostnameId(ret.getId());
 		return ret;
 	}
 	@Override
-	public LanEvent mergeChanges(LanEvent event) throws PermissionDeniedException {
+	@RolesAllowed({ SpecialPermission.S_SUPERADMIN, SpecialPermission.S_ORGANISATION_ADMIN })
-		// TODO: Hmm..
+	public LanEvent mergeChanges(LanEvent event) {
-		if (!permbean.isCurrentUser(event.getOrganiser().getAdmin()) && !permbean.getCurrentUser().isSuperadmin()) {
-			throw new PermissionDeniedException(loggingbean, permbean.getCurrentUser(), "User tried to merge event: " + event + " without being admin of that group");
-		}
 		return eventFacade.merge(event);
 	}
 	@Override
-	public void create(LanEvent event) throws PermissionDeniedException {
+	@RolesAllowed({ SpecialPermission.S_SUPERADMIN, SpecialPermission.S_ORGANISATION_ADMIN })
-		// TODO: Hmm..
+	public void create(LanEvent event) {
-		if (!permbean.isCurrentUser(event.getOrganiser().getAdmin()) && !permbean.getCurrentUser().isSuperadmin()) {
-			throw new PermissionDeniedException(loggingbean, permbean.getCurrentUser(), "User tried to create a new event for organiser " + event.getOrganiser() + " without being admin of that group");
-		}
 		eventFacade.create(event);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventMapBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/EventMapBean.java
@@ -8,6 +8,7 @@ import javax.ejb.Stateless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import fi.insomnia.bortal.enums.apps.MapPermission;
 import fi.insomnia.bortal.facade.EventMapFacade;
 import fi.insomnia.bortal.model.EventMap;
 import fi.insomnia.bortal.model.LanEvent;
@@ -16,7 +17,7 @@ import fi.insomnia.bortal.model.LanEvent;
 * Session Bean implementation class EventMapBean
 */
 @Stateless
-@DeclareRoles({ "MAP/MANAGE_MAPS" })
+@DeclareRoles({ MapPermission.S_MANAGE_MAPS })
 public class EventMapBean implements EventMapBeanLocal {
 	@EJB
@@ -28,15 +29,15 @@ public class EventMapBean implements EventMapBeanLocal {
 	private static final Logger logger = LoggerFactory.getLogger(EventMapBean.class);
 	@Override
-	@RolesAllowed("MAP/MANAGE_MAPS")
+	@RolesAllowed(MapPermission.S_MANAGE_MAPS)
 	public EventMap saveMap(EventMap eventmap) {
 		return eventmapfacade.merge(eventmap);
 	}
 	@Override
-	@RolesAllowed("MAP/MANAGE_MAPS")
+	@RolesAllowed(MapPermission.S_MANAGE_MAPS)
-	public EventMap create(String mapname) throws PermissionDeniedException {
+	public EventMap create(String mapname) {
 		EventMap ret = new EventMap(eventbean.getCurrentEvent());
 		ret.setName(mapname);
 		LanEvent event = eventbean.getCurrentEvent();
@@ -47,7 +48,7 @@ public class EventMapBean implements EventMapBeanLocal {
 	}
 	@Override
-	@RolesAllowed("MAP/MANAGE_MAPS")
+	@RolesAllowed(MapPermission.S_MANAGE_MAPS)
 	public void sendImage(int destId, byte[] imagedata) {
 		EventMap map = eventmapfacade.find(destId);
 		logger.debug("Setting mapdata for map {}", map);
@@ -58,7 +59,7 @@ public class EventMapBean implements EventMapBeanLocal {
 	}
 	@Override
-	@RolesAllowed("MAP/MANAGE_MAPS")
+	@RolesAllowed(MapPermission.S_MANAGE_MAPS)
 	public EventMap find(Integer mapId) {
 		return eventmapfacade.find(mapId);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PermissionBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PermissionBean.java
@@ -17,9 +17,9 @@ import fi.insomnia.bortal.enums.apps.ContentPermission;
 import fi.insomnia.bortal.enums.apps.IAppPermission;
 import fi.insomnia.bortal.enums.apps.MapPermission;
 import fi.insomnia.bortal.enums.apps.PollPermission;
-import fi.insomnia.bortal.enums.apps.TerminalPermission;
 import fi.insomnia.bortal.enums.apps.ShopPermission;
 import fi.insomnia.bortal.enums.apps.SpecialPermission;
+import fi.insomnia.bortal.enums.apps.TerminalPermission;
 import fi.insomnia.bortal.enums.apps.UserPermission;
 import fi.insomnia.bortal.facade.UserFacade;
 import fi.insomnia.bortal.model.User;
@@ -66,7 +66,7 @@ import fi.insomnia.bortal.model.User;
 		SpecialPermission.S_SUPERADMIN,
 		SpecialPermission.S_USER,
 		SpecialPermission.S_ANONYMOUS,
 		TerminalPermission.S_TERMINAL,
 		TerminalPermission.S_CASHIER_TERMINAL,
 		TerminalPermission.S_CUSTOMER_TERMINAL,
@@ -102,32 +102,36 @@ public class PermissionBean implements PermissionBeanLocal {
 	}
-	@Override
+	// @Override
-	public boolean fatalPermission(IAppPermission permission, Object... failmessage) throws PermissionDeniedException {
+	// public boolean fatalPermission(IAppPermission permission, Object...
-		boolean ret = hasPermission(permission);
+	// failmessage) {
-		if (!ret) {
+	// boolean ret = hasPermission(permission);
-			StringBuilder message = new StringBuilder().append(" permission: ").append(permission);
+	// if (!ret) {
-			if (failmessage == null || failmessage.length == 0) {
+	// StringBuilder message = new
-				message.append(" MSG: SessionHandler mbean permission exception: Permission: ")
+	// StringBuilder().append(" permission: ").append(permission);
-						.append(permission);
+	// if (failmessage == null || failmessage.length == 0) {
-			} else {
+	// message.append(" MSG: SessionHandler mbean permission exception: Permission: ")
-				for (Object part : failmessage) {
+	// .append(permission);
-					message.append(part == null ? "NULL" : part.toString());
+	// } else {
-				}
+	// for (Object part : failmessage) {
-			}
+	// message.append(part == null ? "NULL" : part.toString());
-			// throw new SecurityException("Foobar");
+	// }
+	// }
-			throw new PermissionDeniedException(loggingbean, getCurrentUser(), message.toString());
+	// // throw new SecurityException("Foobar");
-		}
+	//
-		return true;
+	// throw new PermissionDeniedException(loggingbean, getCurrentUser(),
-	}
+	// message.toString());
+	// }
-	@Override
+	// return true;
-	public void fatalNotLoggedIn() throws PermissionDeniedException {
+	// }
-		if (!isLoggedIn()) {
+	//
-			throw new PermissionDeniedException(loggingbean, getCurrentUser(), "User is not logged in!");
+	// @Override
-		}
+	// public void fatalNotLoggedIn() throws PermissionDeniedException {
-	}
+	// if (!isLoggedIn()) {
+	// throw new PermissionDeniedException(loggingbean, getCurrentUser(),
+	// "User is not logged in!");
+	// }
+	// }
 	@Override
 	public boolean isCurrentUser(User user) {
@@ -168,31 +172,31 @@ public class PermissionBean implements PermissionBeanLocal {
 		}
 		return defaultUser;
 	}
 	public String getPrincipal() {
 		Principal principal = context.getCallerPrincipal();
 		logger.debug("Principal: {}", principal);
 		String principalName = principal.getName();
 		logger.debug("Principal is {}", principalName);
 		return principalName;
 	}
 	@Override
 	public String getCommonName() throws IllegalStateException {
 		String dn = context.getCallerPrincipal().getName();
 		String[] parts = dn.split(",");
 		for (String part : parts) {
 			if (part.trim().toUpperCase().startsWith("CN=")) {
 				String cn = part.substring("CN=".length());
 				return cn;
 			}
 		}
 		throw new IllegalStateException("Current security principal has no CN");
 	}
 }
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceBean.java
@@ -19,6 +19,7 @@ import javax.annotation.Resource;
 import javax.annotation.security.DeclareRoles;
 import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
 import javax.ejb.Timeout;
@@ -29,6 +30,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.enums.apps.MapPermission;
+import fi.insomnia.bortal.enums.apps.SpecialPermission;
 import fi.insomnia.bortal.exceptions.BortalCatchableException;
 import fi.insomnia.bortal.facade.GroupMembershipFacade;
 import fi.insomnia.bortal.facade.PlaceFacade;
@@ -48,7 +50,6 @@ import fi.insomnia.bortal.model.User;
 @Stateless
 @LocalBean
 @DeclareRoles({ MapPermission.S_BUY_PLACES,
-		"MAP/BUY_PLACES",
 		MapPermission.S_MANAGE_MAPS })
 public class PlaceBean implements PlaceBeanLocal {
 	private static final String PLACE_RESERVE_TIMEOUTER = "Map reserve timeouter";
@@ -75,6 +76,8 @@ public class PlaceBean implements PlaceBeanLocal {
 	private PermissionBeanLocal permbean;
 	@EJB
 	private UserFacade userfacade;
+	@EJB
+	private LoggingBeanLocal loggerbean;
 	@Override
 	@RolesAllowed(MapPermission.S_MANAGE_MAPS)
@@ -90,18 +93,24 @@ public class PlaceBean implements PlaceBeanLocal {
 	 * logged in user, but if user does not have enough rights an exception will
 	 * be thrown
 	 * 
-	 * @throws PermissionDeniedException
-	 * 
 	 */
+	@RolesAllowed(SpecialPermission.S_USER)
 	@Override
-	public BigDecimal totalReservationPrice(User user, Place newPlace) throws PermissionDeniedException {
+	public BigDecimal getTotalReservationPrice(Place newPlace)
-		if (user == null) {
+	{
-			user = permbean.getCurrentUser();
+		return addAndCalcPrice(permbean.getCurrentUser(), newPlace);
-		} else if (!permbean.isCurrentUser(user) &&
+	}
-				!permbean.hasPermission(MapPermission.MANAGE_OTHERS)) {
-			throw new PermissionDeniedException(logbean,
+	@RolesAllowed(MapPermission.S_MANAGE_OTHERS)
-					permbean.getCurrentUser(), "No right to impersonate another user");
+	@Override
-		}
+	public BigDecimal getTotalReservationPrice(User user, Place newPlace)
+	{
+		return addAndCalcPrice(user, newPlace);
+	}
+	private BigDecimal addAndCalcPrice(User user, Place newPlace) {
 		Set<Place> places = new HashSet<Place>();
 		places.addAll(placeFacade.findUsersReservations(eventBean.getCurrentEvent(), user));
@@ -207,12 +216,13 @@ public class PlaceBean implements PlaceBeanLocal {
 	@Override
 	@RolesAllowed(MapPermission.S_BUY_PLACES)
-	public PlaceGroup buySelectedPlaces(User user) throws BortalCatchableException, PermissionDeniedException {
+	public PlaceGroup buySelectedPlaces(User user) throws BortalCatchableException {
 		if (user == null) {
 			user = permbean.getCurrentUser();
 		} else {
 			if (!user.equals(permbean.getCurrentUser())) {
-				permbean.fatalPermission(MapPermission.MANAGE_OTHERS, "Can not buy places for user ", user);
+				loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "Can not buy places for user " + user);
+				throw new EJBAccessException("Not enough permissions to buy place");
 			}
 			user = userfacade.find(user.getId());
 		}
@@ -225,7 +235,7 @@ public class PlaceBean implements PlaceBeanLocal {
 		// PlaceGroup pg = pgbean.createPlaceGroup(user);
-		BigDecimal totalprice = totalReservationPrice(user, null);
+		BigDecimal totalprice = addAndCalcPrice(user, null);
 		BigDecimal balance = user.getAccountBalance();
 		if (balance.compareTo(totalprice) < 0) {
 			logger.info("User {} Could not buy things because account balance {} is too low for purchase {}", new Object[] { user, balance, totalprice });

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceGroupBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/PlaceGroupBean.java
@@ -6,6 +6,7 @@ import java.util.List;
 import javax.annotation.security.DeclareRoles;
 import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
 import javax.ejb.Stateless;
 import org.slf4j.Logger;
@@ -44,6 +45,8 @@ public class PlaceGroupBean implements PlaceGroupBeanLocal {
 	@EJB
 	private PermissionBeanLocal permbean;
+	@EJB
+	private LoggingBeanLocal loggerbean;
 	/**
 	 * Default constructor.
@@ -83,11 +86,10 @@ public class PlaceGroupBean implements PlaceGroupBeanLocal {
 	@Override
 	@RolesAllowed(MapPermission.S_BUY_PLACES)
-	public boolean associateToToken(User user, String token) throws PermissionDeniedException {
+	public boolean associateToToken(User user, String token) {
-		if (!permbean.isCurrentUser(user)) {
-			permbean.fatalPermission(MapPermission.MANAGE_OTHERS);
+		if (!permbean.isCurrentUser(user) && !permbean.hasPermission(MapPermission.MANAGE_OTHERS)) {
+			throw new EJBAccessException();
 		}
 		token = token.trim();
 		GroupMembership mem = gmemfacade.findByToken(token);
@@ -161,10 +163,11 @@ public class PlaceGroupBean implements PlaceGroupBeanLocal {
 	}
 	@Override
-	public void releaseAndGenerateToken(GroupMembership gmem) throws PermissionDeniedException {
+	public void releaseAndGenerateToken(GroupMembership gmem) {
 		gmem = gmemfacade.find(gmem.getId());
 		if (!(permbean.getCurrentUser().getId().equals(gmem.getPlaceGroup().getCreator().getId()) || permbean.hasPermission(MapPermission.MANAGE_OTHERS))) {
-			throw new PermissionDeniedException(loggingbean, permbean.getCurrentUser(), "User tried to release and generate group membership: " + gmem);
+			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "User tried to release and generate group membership: " + gmem);
+			throw new EJBAccessException("Not enough rights to release token");
 		}
 		gmem.setUser(null);
 		gmem.setInviteToken(gmemfacade.createInviteToken());

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/TestDataBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/TestDataBean.java
@@ -5,8 +5,6 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.net.URISyntaxException;
 import java.util.Calendar;
-import java.util.logging.Level;
-import java.util.logging.Logger;
 import javax.ejb.EJB;
 import javax.ejb.Stateless;
@@ -235,9 +233,9 @@ public class TestDataBean implements TestDataBeanLocal {
 			return map;
 		} catch (URISyntaxException ex) {
-			Logger.getLogger(getClass().getName()).log(Level.SEVERE, null, ex);
+			logger.warn("Exception while generating testmap", ex);
 		} catch (IOException ex) {
-			Logger.getLogger(getClass().getName()).log(Level.SEVERE, null, ex);
+			logger.warn("Exception while generating testmap", ex);
 		} finally
 		{

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UserBean.java
@@ -14,6 +14,7 @@ import java.util.Set;
 import javax.annotation.security.DeclareRoles;
 import javax.annotation.security.RolesAllowed;
 import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
 import javax.imageio.ImageIO;
@@ -83,6 +84,9 @@ public class UserBean implements UserBeanLocal {
 	@EJB
 	private UserImageFacade imagefacade;
+	@EJB
+	private LoggingBeanLocal loggerbean;
 	@Override
 	@RolesAllowed(UserPermission.S_VIEW_ALL)
 	public List<User> getUsers() {
@@ -93,10 +97,10 @@ public class UserBean implements UserBeanLocal {
 	@Override
 	@RolesAllowed(SpecialPermission.S_USER)
-	public User mergeChanges(User user) throws PermissionDeniedException {
+	public User mergeChanges(User user) {
-		if (!permbean.isCurrentUser(user)) {
+		if (!permbean.isCurrentUser(user) && !permbean.hasPermission(UserPermission.MODIFY)) {
+			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "User tried to save another user: " + user);
-			permbean.fatalPermission(UserPermission.MODIFY);
+			throw new EJBAccessException("Not enough rights to save user");
 		}
 		User ret = userFacade.merge(user);
@@ -111,10 +115,11 @@ public class UserBean implements UserBeanLocal {
 	}
 	@Override
-	public List<Role> findUsersRoles(User u) throws PermissionDeniedException {
+	public List<Role> findUsersRoles(User u) {
 		User currusr = permbean.getCurrentUser();
-		if (!currusr.equals(u)) {
+		if (!currusr.equals(u) && !permbean.hasPermission(UserPermission.MODIFY)) {
-			permbean.fatalNotLoggedIn();
+			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "User tried to fetc another users roles: " + u);
+			throw new EJBAccessException("Not enough rights to find roles");
 		}
 		return localFindUsersRoles(u);
@@ -164,13 +169,15 @@ public class UserBean implements UserBeanLocal {
 	@Override
 	@RolesAllowed(SpecialPermission.S_USER)
-	public UserImage uploadImage(User user, String contentType, byte[] image, String filename, String description) throws PermissionDeniedException {
+	public UserImage uploadImage(User user, String contentType, byte[] image, String filename, String description) {
 		user = userFacade.merge(user);
 		logger.debug("uploading image to userid {}", user);
-		if (!user.equals(permbean.getCurrentUser())) {
+		User curruser = permbean.getCurrentUser();
-			permbean.fatalPermission(UserPermission.MODIFY, "usert tried to save picture to userid " + user + " without sufficient permissions!");
+		if (!curruser.equals(user) && !permbean.hasPermission(UserPermission.MODIFY)) {
+			loggerbean.logMessage(SecurityLogType.permissionDenied, curruser, "user tried to save picture to userid " + user + " without sufficient permissions!");
+			throw new EJBAccessException("No permission to upload image as another user");
 		}
 		UserImage userimage = new UserImage(user);
@@ -194,16 +201,18 @@ public class UserBean implements UserBeanLocal {
 	}
 	@Override
-	public UserImage findUserImage(int id) throws PermissionDeniedException {
+	public UserImage findUserImage(int id) {
 		UserImage ret = null;
 		if (id == 0 && permbean.isLoggedIn()) {
 			ret = permbean.getCurrentUser().getCurrentImage();
 		} else {
 			ret = userimagefacade.find(id);
-			if (ret != null && !permbean.isCurrentUser(ret.getUser())) {
+			if (ret != null && !permbean.isCurrentUser(ret.getUser()) && permbean.hasPermission(UserPermission.MODIFY)) {
-				permbean.fatalPermission(UserPermission.MODIFY, "Not enough rights to access image id: " + id + " for user " + ret.getUser());
+				loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(), "Not enough rights to access image id: " + id + " for user " + ret.getUser());
+				throw new EJBAccessException("Not enough permissions to fetch image");
 			}
 		}
 		return ret;
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UtilBean.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/beans/UtilBean.java
@@ -87,7 +87,7 @@ public class UtilBean implements UtilBeanLocal {
 	// }
 	@Override
-	public boolean convertImage(User user) throws PermissionDeniedException {
+	public boolean convertImage(User user) {
 		user = userbean.mergeChanges(user);
 		UserImage oldpic = user.getCurrentImage();

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccountEventFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/AccountEventFacade.java
@@ -24,13 +24,6 @@ public class AccountEventFacade extends EventChildGenericFacade<AccountEvent> {
 		super(AccountEvent.class);
 	}
-	// @Override
-	// public void create(AccountEvent event) {
-	// user = userfacade
-	//
-	// userfacade.evict(event.getUser());
-	// }
 	public List<Role> findProvidedRoles(LanEvent event, User u) {
 		CriteriaBuilder cb = getEm().getCriteriaBuilder();

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ActionLogFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ActionLogFacade.java
@@ -18,6 +18,7 @@ import fi.insomnia.bortal.model.ActionLogMessageResponse_;
 public class ActionLogFacade extends IntegerPkGenericFacade<ActionLogMessage> {
 	public ActionLogFacade() {
 		super(ActionLogMessage.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillFacade.java
@@ -25,6 +25,7 @@ public class BillFacade extends EventChildGenericFacade<Bill> {
 	public BillFacade() {
 		super(Bill.class);
 	}
 	// @Override

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillLineFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/BillLineFacade.java
@@ -21,6 +21,7 @@ public class BillLineFacade extends EventChildGenericFacade<BillLine> {
 	private static final Logger logger = LoggerFactory.getLogger(BillLineFacade.class);
 	public BillLineFacade() {
 		super(BillLine.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CardTemplateFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CardTemplateFacade.java
@@ -21,6 +21,7 @@ public class CardTemplateFacade extends IntegerPkGenericFacade<CardTemplate> {
 	private EventBeanLocal eventbean;
 	public CardTemplateFacade() {
 		super(CardTemplate.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.CompoEntry;
 public class CompoEntryFacade extends EventChildGenericFacade<CompoEntry> {
 	public CompoEntryFacade() {
 		super(CompoEntry.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFileFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryFileFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.CompoEntryFile;
 public class CompoEntryFileFacade extends EventChildGenericFacade<CompoEntryFile> {
 	public CompoEntryFileFacade() {
 		super(CompoEntryFile.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryParticipantFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoEntryParticipantFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.CompoEntryParticipant;
 public class CompoEntryParticipantFacade extends EventChildGenericFacade<CompoEntryParticipant> {
 	public CompoEntryParticipantFacade() {
 		super(CompoEntryParticipant.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/CompoFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.Compo;
 public class CompoFacade extends EventChildGenericFacade<Compo> {
 	public CompoFacade() {
 		super(Compo.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/DiscountFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/DiscountFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.Discount;
 public class DiscountFacade extends EventChildGenericFacade<Discount> {
 	public DiscountFacade() {
 		super(Discount.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/DiscountInstanceFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/DiscountInstanceFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.DiscountInstance;
 public class DiscountInstanceFacade extends EventChildGenericFacade<DiscountInstance> {
 	public DiscountInstanceFacade() {
 		super(DiscountInstance.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventChildGenericFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventChildGenericFacade.java
@@ -21,10 +21,11 @@ import fi.insomnia.bortal.model.LanEvent;
 * Session Bean implementation class GenericFacade
 */
 public abstract class EventChildGenericFacade<T extends GenericEventChild> extends GenericFacade<EventPk, T> {
 	@PersistenceContext
 	private EntityManager em;
-	protected final EntityManager getEm() {
+	protected EntityManager getEm() {
 		return em;
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventFacade.java
@@ -14,6 +14,7 @@ import fi.insomnia.bortal.model.LanEvent_;
 public class EventFacade extends IntegerPkGenericFacade<LanEvent> {
 	public EventFacade() {
 		super(LanEvent.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventMapFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventMapFacade.java
@@ -32,6 +32,7 @@ public class EventMapFacade extends IntegerPkGenericFacade<EventMap> {
 				);
 		return getSingleNullableResult(getEm().createQuery(cq));
 	}
 	public Long countSelectable(EventMap map) {

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventOrganiserFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/EventOrganiserFacade.java
@@ -16,6 +16,7 @@ import fi.insomnia.bortal.model.EventOrganiser_;
 public class EventOrganiserFacade extends IntegerPkGenericFacade<EventOrganiser> {
 	public EventOrganiserFacade() {
 		super(EventOrganiser.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/FoodWaveFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/FoodWaveFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.FoodWave;
 public class FoodWaveFacade extends EventChildGenericFacade<FoodWave> {
 	public FoodWaveFacade() {
 		super(FoodWave.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/FoodWaveTemplateFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/FoodWaveTemplateFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.FoodWaveTemplate;
 public class FoodWaveTemplateFacade extends EventChildGenericFacade<FoodWaveTemplate> {
 	public FoodWaveTemplateFacade() {
 		super(FoodWaveTemplate.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/GenericFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/GenericFacade.java
@@ -23,18 +23,6 @@ import fi.insomnia.bortal.utilities.jpa.ModelInterface;
 public abstract class GenericFacade<I extends Serializable, C extends ModelInterface<I>> {
-	// protected static <T, C extends ModelInterface<T>>
-	// List<SingularAttribute<C, T>> mkAttrlist(SingularAttribute<C, T>...
-	// types) {
-	// List<SingularAttribute<C, T>> ret = new ArrayList<SingularAttribute<C,
-	// T>>();
-	// for (SingularAttribute<C, T> a : types) {
-	// ret.add(a);
-	// }
-	// return Collections.unmodifiableList(ret);
-	//
-	// }
 	private final Class<C> entClass;
 	private static final Logger logger = LoggerFactory.getLogger(GenericFacade.class);
@@ -76,8 +64,8 @@ public abstract class GenericFacade<I extends Serializable, C extends ModelInter
 	/**
 	 * Deprekoitu! Yleensä ei haluta palauttaa kaikkia entryjä kannasta, vaan
-	 * vain ko. tapahtumaan / käyttäjään / muuhun olioon liittyvät Jos
+	 * vain ko. tapahtumaan / käyttäjään / muuhun olioon liittyvät Jos oikeasti
-	 * oikeasti tarpeellinen luo funktio facadeen!
+	 * tarpeellinen luo funktio facadeen!
 	 */
 	// @Deprecated
 	// public List<C> findAll() {

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/GroupMembershipFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/GroupMembershipFacade.java
@@ -32,6 +32,7 @@ public class GroupMembershipFacade extends IntegerPkGenericFacade<GroupMembershi
 	private EventBeanLocal eventbean;
 	public GroupMembershipFacade() {
 		super(GroupMembership.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/IntegerPkGenericFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/IntegerPkGenericFacade.java
@@ -9,10 +9,11 @@ import fi.insomnia.bortal.utilities.jpa.ModelInterface;
 * Session Bean implementation class GenericFacade
 */
 public abstract class IntegerPkGenericFacade<T extends ModelInterface<Integer>> extends GenericFacade<Integer, T> {
 	@PersistenceContext
 	private EntityManager em;
-	protected final EntityManager getEm() {
+	protected EntityManager getEm() {
 		return em;
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LanEventDomainFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LanEventDomainFacade.java
@@ -2,8 +2,15 @@ package fi.insomnia.bortal.facade;
 import javax.ejb.LocalBean;
 import javax.ejb.Stateless;
+import javax.persistence.TypedQuery;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Path;
+import javax.persistence.criteria.Root;
 import fi.insomnia.bortal.model.LanEventDomain;
+import fi.insomnia.bortal.model.LanEventDomain_;
+import fi.insomnia.bortal.model.LanEvent_;
 @Stateless
 @LocalBean
@@ -13,4 +20,20 @@ public class LanEventDomainFacade extends IntegerPkGenericFacade<LanEventDomain>
 		super(LanEventDomain.class);
 	}
+	public LanEventDomain findByDomain(String hostname) {
+		CriteriaBuilder cb = getEm().getCriteriaBuilder();
+		CriteriaQuery<LanEventDomain> cq = cb.createQuery(LanEventDomain.class);
+		Root<LanEventDomain> root = cq.from(LanEventDomain.class);
+		Path<String> domainPath = root.get(LanEventDomain_.domain);
+		cq.where(cb.like(cb.lower(domainPath), "%" + hostname.toLowerCase().trim()));
+		cq.orderBy(cb.asc(root.get(LanEventDomain_.overridePriority)), cb.desc(root.get(LanEventDomain_.event).get(LanEvent_.startTime)), cb.asc(cb.length(root.get(LanEventDomain_.domain))));
+		TypedQuery<LanEventDomain> query = getEm().createQuery(cq);
+		query.setMaxResults(1);
+		return super.getSingleNullableResult(query);
+	}
 }
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LocationFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LocationFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.Location;
 public class LocationFacade extends IntegerPkGenericFacade<Location> {
 	public LocationFacade() {
 		super(Location.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LogEntryFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LogEntryFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.LogEntry;
 public class LogEntryFacade extends IntegerPkGenericFacade<LogEntry> {
 	public LogEntryFacade() {
 		super(LogEntry.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LogEntryTypeFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/LogEntryTypeFacade.java
@@ -12,6 +12,7 @@ import fi.insomnia.bortal.model.LogEntryType;
 public class LogEntryTypeFacade extends IntegerPkGenericFacade<LogEntryType> {
 	public LogEntryTypeFacade() {
 		super(LogEntryType.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/MenuNavigationFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/MenuNavigationFacade.java
@@ -25,7 +25,6 @@ public class MenuNavigationFacade extends IntegerPkGenericFacade<MenuNavigation>
 	public MenuNavigationFacade() {
 		super(MenuNavigation.class);
-		// TODO Auto-generated constructor stub
 	}
 	@EJB

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/MenuitemFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/MenuitemFacade.java
@@ -14,6 +14,7 @@ import fi.insomnia.bortal.model.Menuitem_;
 public class MenuitemFacade extends IntegerPkGenericFacade<Menuitem> {
 	public MenuitemFacade() {
 		super(Menuitem.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/NewsFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/NewsFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.News;
 public class NewsFacade extends IntegerPkGenericFacade<News> {
 	public NewsFacade() {
 		super(News.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/NewsGroupFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/NewsGroupFacade.java
@@ -18,6 +18,7 @@ import fi.insomnia.bortal.model.NewsGroup_;
 public class NewsGroupFacade extends IntegerPkGenericFacade<NewsGroup> {
 	public NewsGroupFacade() {
 		super(NewsGroup.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PageContentFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PageContentFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.PageContent;
 public class PageContentFacade extends IntegerPkGenericFacade<PageContent> {
 	public PageContentFacade() {
 		super(PageContent.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PlaceFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PlaceFacade.java
@@ -28,6 +28,7 @@ public class PlaceFacade extends IntegerPkGenericFacade<Place> {
 	private static final Logger logger = LoggerFactory.getLogger(PlaceFacade.class);
 	public PlaceFacade() {
 		super(Place.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PlaceGroupFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PlaceGroupFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.PlaceGroup;
 public class PlaceGroupFacade extends IntegerPkGenericFacade<PlaceGroup> {
 	public PlaceGroupFacade() {
 		super(PlaceGroup.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollAnswerFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollAnswerFacade.java
@@ -10,7 +10,7 @@ import fi.insomnia.bortal.model.PollAnswer;
 public class PollAnswerFacade extends IntegerPkGenericFacade<PollAnswer> {
 	public PollAnswerFacade() {
 		super(PollAnswer.class);
 	}
 }
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollFacade.java
@@ -18,6 +18,7 @@ import fi.insomnia.bortal.model.Poll_;
 public class PollFacade extends IntegerPkGenericFacade<Poll> {
 	public PollFacade() {
 		super(Poll.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollQuestionFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PollQuestionFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.PollQuestion;
 public class PollQuestionFacade extends IntegerPkGenericFacade<PollQuestion> {
 	public PollQuestionFacade() {
 		super(PollQuestion.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PossibleAnswerFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PossibleAnswerFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.PossibleAnswer;
 public class PossibleAnswerFacade extends IntegerPkGenericFacade<PossibleAnswer> {
 	public PossibleAnswerFacade() {
 		super(PossibleAnswer.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PrintedCardFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/PrintedCardFacade.java
@@ -21,6 +21,7 @@ import fi.insomnia.bortal.model.User;
 public class PrintedCardFacade extends IntegerPkGenericFacade<PrintedCard> {
 	public PrintedCardFacade() {
 		super(PrintedCard.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ProductFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ProductFacade.java
@@ -23,6 +23,7 @@ public class ProductFacade extends IntegerPkGenericFacade<Product> {
 	private EventBeanLocal eventbean;
 	public ProductFacade() {
 		super(Product.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ReaderFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/ReaderFacade.java
@@ -23,6 +23,7 @@ public class ReaderFacade extends IntegerPkGenericFacade<Reader> {
 	private EventBeanLocal eventbean;
 	public ReaderFacade() {
 		super(Reader.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/RoleFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/RoleFacade.java
@@ -18,6 +18,7 @@ import fi.insomnia.bortal.model.User;
 public class RoleFacade extends IntegerPkGenericFacade<Role> {
 	public RoleFacade() {
 		super(Role.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/SalesEntityFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/SalesEntityFacade.java
@@ -13,6 +13,7 @@ import fi.insomnia.bortal.model.salespoint.SalesEntity;
 public class SalesEntityFacade extends IntegerPkGenericFacade<SalesEntity> {
 	public SalesEntityFacade() {
 		super(SalesEntity.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/SitePageFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/SitePageFacade.java
@@ -25,6 +25,7 @@ public class SitePageFacade extends IntegerPkGenericFacade<SitePage> {
 	private EventBeanLocal eventbean;
 	public SitePageFacade() {
 		super(SitePage.class);
 	}

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/UserFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/UserFacade.java
@@ -26,21 +26,6 @@ public class UserFacade extends IntegerPkGenericFacade<User> {
 	private static final Logger logger = LoggerFactory.getLogger(UserFacade.class);
-	// private enum Userfields implements StringPredicateField<User> {
-	// nick(User_.nick), login(User_.login), firstnames(User_.firstnames),
-	// lastname(User_.lastname), email(User_.email);
-	// private SingularAttribute<User, String> field;
-	//
-	// Userfields(SingularAttribute<User, String> f) {
-	// field = f;
-	// }
-	//
-	// @Override
-	// public SingularAttribute<User, String> getField() {
-	// return field;
-	// }
-	// }
 	private static List<SingularAttribute<User, String>> SEARCHATTRS;
 	private List<SingularAttribute<User, String>> getAttrlist() {

--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/UserImageFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/UserImageFacade.java
@@ -17,12 +17,4 @@ public class UserImageFacade extends IntegerPkGenericFacade<UserImage> {
 		super(UserImage.class);
 	}
-	// @Override
-	// public void create(UserImage entity)
-	// {
-	// super.create(entity);
-	// userfacade.evict(entity.getUser());
-	//
-	// }
 }
--- a/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/VoteFacade.java
+++ b/code/LanBortalBeans/ejbModule/fi/insomnia/bortal/facade/VoteFacade.java
@@ -10,6 +10,7 @@ import fi.insomnia.bortal.model.Vote;
 public class VoteFacade extends EventChildGenericFacade<Vote> {
 	public VoteFacade() {
 		super(Vote.class);
 	}

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/AccountEventBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/AccountEventBeanLocal.java
@@ -24,6 +24,6 @@ public interface AccountEventBeanLocal {
 	List<Role> getRolesFromAccountEvents(User u);
 	List<AccountEvent> shopCash(User shoppingUser, Map<Product, BigDecimal>
-			shopMap, boolean buyInstant) throws PermissionDeniedException;
+			shopMap, boolean buyInstant);
 }
--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/BillBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/BillBeanLocal.java
@@ -13,7 +13,7 @@ import fi.insomnia.bortal.model.Bill;
 @Local
 public interface BillBeanLocal {
-	Bill findById(int id) throws PermissionDeniedException;
+	Bill findById(int id);
 	//
 	// Bill createEmptyBill(User shoppingUser) throws PermissionDeniedException;
@@ -29,6 +29,6 @@ public interface BillBeanLocal {
 	void getPdfBillStream(Bill bill, OutputStream ostream);
-	void createBill(Bill bill) throws PermissionDeniedException;
+	void createBill(Bill bill);
 }
--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/CardTemplateBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/CardTemplateBeanLocal.java
@@ -19,11 +19,11 @@ public interface CardTemplateBeanLocal extends EntityFinderBean<CardTemplate> {
 	CardTemplate find(Integer id);
-	PrintedCard checkPrintedCard(User user) throws PermissionDeniedException;
+	PrintedCard checkPrintedCard(User user);
-	void checkAllUsersCardRights() throws PermissionDeniedException;
+	void checkAllUsersCardRights();
-	PrintedCard setRfidUid(String tag, User user) throws PermissionDeniedException;
+	PrintedCard setRfidUid(String tag, User user);
 	PrintedCard setRfidUid(String tag, PrintedCard card);

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/EventBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/EventBeanLocal.java
@@ -12,9 +12,9 @@ public interface EventBeanLocal {
 	LanEvent getCurrentEvent();
-	LanEvent mergeChanges(LanEvent event) throws PermissionDeniedException;
+	LanEvent mergeChanges(LanEvent event);
-	void create(LanEvent event) throws PermissionDeniedException;
+	void create(LanEvent event);
 	String flushCache();
 }
--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/EventMapBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/EventMapBeanLocal.java
@@ -9,7 +9,7 @@ public interface EventMapBeanLocal {
 	EventMap saveMap(EventMap eventmap);
-	EventMap create(String mapname) throws PermissionDeniedException;
+	EventMap create(String mapname);
 	void sendImage(int destId, byte[] imagedata);

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PermissionBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PermissionBeanLocal.java
@@ -17,20 +17,22 @@ public interface PermissionBeanLocal {
 	boolean isCurrentUser(User thisuser);
-	boolean fatalPermission(IAppPermission perm, Object... failmessage) throws PermissionDeniedException;
+	// boolean fatalPermission(IAppPermission perm, Object... failmessage);
 	// throws PermissionDeniedException;
-	void fatalNotLoggedIn() throws PermissionDeniedException;
+	// void fatalNotLoggedIn();
 	User getAnonUser();
 	String getPrincipal();
 	/**
 	 * Get common name of the logged in cert like "customer-01"
+	 * 
 	 * @return CN of the certificate
-	 * @throws IllegalStateException Principal has no CN
+	 * @throws IllegalStateException
+	 *             Principal has no CN
 	 */
 	String getCommonName() throws IllegalStateException;

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PermissionDeniedException.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PermissionDeniedException.java
-package fi.insomnia.bortal.beans;
-import fi.insomnia.bortal.model.User;
-public class PermissionDeniedException extends Exception {
-	public PermissionDeniedException(LoggingBeanLocal bean, User user, String message) {
-		super(message);
-		bean.logMessage(SecurityLogType.permissionDenied, user, this.getMessage());
-	}
-	/**
-     * 
-     */
-	private static final long serialVersionUID = -5845504817243929548L;
-}
--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PlaceBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PlaceBeanLocal.java
@@ -35,9 +35,7 @@ public interface PlaceBeanLocal {
 	Place mergeChanges(Place place);
-	PlaceGroup buySelectedPlaces(User user) throws BortalCatchableException, PermissionDeniedException;
+	PlaceGroup buySelectedPlaces(User user) throws BortalCatchableException;
-	BigDecimal totalReservationPrice(User user, Place newPlace) throws PermissionDeniedException;
 	// void releaseUsersPlaces(User user) throws PermissionDeniedException;
@@ -45,4 +43,8 @@ public interface PlaceBeanLocal {
 	void unbuyPlace(Place place);
+	BigDecimal getTotalReservationPrice(User user, Place newPlace);
+	BigDecimal getTotalReservationPrice(Place newPlace);
 }
--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PlaceGroupBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/PlaceGroupBeanLocal.java
@@ -17,9 +17,9 @@ public interface PlaceGroupBeanLocal {
 	// List<GroupMembership> getMemberships(User user);
-	boolean associateToToken(User user, String token) throws PermissionDeniedException;
+	boolean associateToToken(User user, String token);
-	void releaseAndGenerateToken(GroupMembership gmem) throws PermissionDeniedException;
+	void releaseAndGenerateToken(GroupMembership gmem);
 	void getGroupMembershipPdf(List<GroupMembership> memberships, OutputStream ostream);

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UserBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UserBeanLocal.java
@@ -20,7 +20,7 @@ public interface UserBeanLocal {
 	User getUser(String login);
-	User mergeChanges(User currentUser) throws PermissionDeniedException;
+	User mergeChanges(User currentUser);
 	// boolean hasCurrentUserPermission(Permission userManagement,
 	// RolePermission execute);
@@ -30,9 +30,9 @@ public interface UserBeanLocal {
 	// void fatalNotLoggedIn();
-	UserImage uploadImage(User user, String contentType, byte[] image, String filename, String description) throws PermissionDeniedException;
+	UserImage uploadImage(User user, String contentType, byte[] image, String filename, String description);
-	UserImage findUserImage(int id) throws PermissionDeniedException;
+	UserImage findUserImage(int id);
 	// List<User> searchName(String name);
@@ -44,7 +44,7 @@ public interface UserBeanLocal {
 	User initPasswordReset(User user, String hash, String mailpath);
-	List<Role> findUsersRoles(User u) throws PermissionDeniedException;
+	List<Role> findUsersRoles(User u);
 	User findById(Integer integer);

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UtilBeanLocal.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/beans/UtilBeanLocal.java
@@ -12,7 +12,7 @@ public interface UtilBeanLocal {
 	boolean sendMail(MailMessage message);
-	boolean convertImage(User user) throws PermissionDeniedException;
+	boolean convertImage(User user);
 	// void checkAllUsersImages() throws PermissionDeniedException;

--- a/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/clientutils/BortalLocalContextHolder.java
+++ b/code/LanBortalBeansClient/ejbModule/fi/insomnia/bortal/clientutils/BortalLocalContextHolder.java
@@ -10,8 +10,10 @@ public class BortalLocalContextHolder {
 	private static final ThreadLocal<BortalLocalContextHolder> THREAD_WITH_CONTEXT = new ThreadLocal<BortalLocalContextHolder>();
 	private String hostname;
+	private Integer hostnameId;
 	private final Map<IAppPermission, Boolean> rightcache = new HashMap<IAppPermission, Boolean>();
 	private static boolean inDevelopmentMode = false;
 	public BortalLocalContextHolder() {
@@ -72,9 +74,14 @@ public class BortalLocalContextHolder {
 	public static void setInDevelopmentMode(boolean developmentMode) {
 		inDevelopmentMode = developmentMode;
 	}
+	public static Integer getHostnameId() {
+		return getThread().hostnameId;
+	}
+	public static void setHostnameId(Integer id)
+	{
+		getThread().hostnameId = id;
+	}
 }
\ No newline at end of file
--- a/code/LanBortalDatabase/src/fi/insomnia/bortal/model/Bill.java
+++ b/code/LanBortalDatabase/src/fi/insomnia/bortal/model/Bill.java
@@ -137,6 +137,7 @@ public class Bill extends GenericEventChild {
     * User who should pay this bill.
     */
    @ManyToOne(optional = false)
+    @JoinColumn(updatable = false)
    private User user;
    private static final Logger logger = LoggerFactory.getLogger(Bill.class);

--- a/code/LanBortalDatabase/src/fi/insomnia/bortal/model/LanEvent.java
+++ b/code/LanBortalDatabase/src/fi/insomnia/bortal/model/LanEvent.java
 package fi.insomnia.bortal.model;
+import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.List;
@@ -18,6 +19,7 @@ import javax.persistence.TemporalType;
 import org.eclipse.persistence.annotations.OptimisticLocking;
 import org.eclipse.persistence.annotations.OptimisticLockingType;
+import org.eclipse.persistence.annotations.PrivateOwned;
 import fi.insomnia.bortal.enums.EventStatus;
 import fi.insomnia.bortal.model.salespoint.Salespoint;
@@ -96,7 +98,12 @@ public class LanEvent extends GenericEntity {
    @OneToMany(mappedBy = "event", cascade = CascadeType.ALL)
    private List<Salespoint> salespoints;
+    @OneToMany(mappedBy = "event", cascade = CascadeType.ALL)
+    @PrivateOwned
+    private List<LanEventDomain> domains = new ArrayList<LanEventDomain>();
    public LanEvent() {
    }
    public Calendar getStartTime() {
@@ -265,4 +272,12 @@ public class LanEvent extends GenericEntity {
        this.salespoints = salespoints;
    }
+    public List<LanEventDomain> getDomains() {
+        return domains;
+    }
+    public void setDomains(List<LanEventDomain> domains) {
+        this.domains = domains;
+    }
 }
--- a/code/LanBortalDatabase/src/fi/insomnia/bortal/model/LanEventDomain.java
+++ b/code/LanBortalDatabase/src/fi/insomnia/bortal/model/LanEventDomain.java
+package fi.insomnia.bortal.model;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.JoinColumn;
+import javax.persistence.Lob;
+import javax.persistence.ManyToOne;
+import javax.persistence.Table;
+import org.eclipse.persistence.annotations.OptimisticLocking;
+import org.eclipse.persistence.annotations.OptimisticLockingType;
+@Entity
+@Table(name = "event_domains")
+@OptimisticLocking(type = OptimisticLockingType.CHANGED_COLUMNS)
+public class LanEventDomain extends GenericEntity {
+    public LanEventDomain() {
+        super();
+    }
+    public LanEventDomain(LanEvent e, String dom) {
+        super();
+        event = e;
+        domain = dom;
+    }
+    private static final long serialVersionUID = -8050125804595746831L;
+    @Column(name = "domainname", nullable = false, unique = true)
+    private String domain;
+    @Lob
+    @Column(name = "description")
+    private String description;
+    @ManyToOne(optional = false)
+    @JoinColumn(name = "event_id", nullable = false)
+    private LanEvent event;
+    private int overridePriority;
+    public String getDomain() {
+        return domain;
+    }
+    public void setDomain(String domain) {
+        this.domain = domain;
+    }
+    public String getDescription() {
+        return description;
+    }
+    public void setDescription(String description) {
+        this.description = description;
+    }
+    public LanEvent getEvent() {
+        return event;
+    }
+    public void setEvent(LanEvent event) {
+        this.event = event;
+    }
+    public int getOverridePriority() {
+        return overridePriority;
+    }
+    public void setOverridePriority(int overridePriority) {
+        this.overridePriority = overridePriority;
+    }
+}
--- a/code/LanBortalTerminalWeb/src/fi/insomnia/bortal/terminal/exceptions/BortalTerminalExceptionHandler.java
+++ b/code/LanBortalTerminalWeb/src/fi/insomnia/bortal/terminal/exceptions/BortalTerminalExceptionHandler.java
@@ -17,8 +17,6 @@ import javax.faces.event.ExceptionQueuedEventContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 public class BortalTerminalExceptionHandler extends ExceptionHandlerWrapper {
 	private static final Logger logger = LoggerFactory
@@ -57,8 +55,7 @@ public class BortalTerminalExceptionHandler extends ExceptionHandlerWrapper {
 				logger.debug(
 						"Cause not null, but {}: {}, checking"
 								+ cause.getClass(), cause.getMessage());
-				if (cause instanceof PermissionDeniedException
+				if (cause instanceof EJBAccessException
-						|| cause instanceof EJBAccessException
 						|| cause instanceof AccessLocalException) {
 					logger.debug("Found Permission Denied cause: {}, {}",
 							cause.getClass(), cause.getMessage());

--- a/code/LanBortalUtilities/src/fi/insomnia/bortal/enums/apps/SpecialPermission.java
+++ b/code/LanBortalUtilities/src/fi/insomnia/bortal/enums/apps/SpecialPermission.java
 package fi.insomnia.bortal.enums.apps;
 public enum SpecialPermission {
-	SUPERADMIN, USER, ANONYMOUS;
+	SUPERADMIN, USER, ANONYMOUS, ORGANISATION_ADMIN;
 	public static final String S_USER = "USER";
 	public static final String S_SUPERADMIN = "SUPERADMIN";
 	public static final String S_ANONYMOUS = "ANONYMOUS";
+	public static final String S_ORGANISATION_ADMIN = "ORGANISATION_ADMIN";
 }
--- a/code/LanBortalWeb/WebContent/eventorg/editEvent.xhtml
+++ b/code/LanBortalWeb/WebContent/eventorg/editEvent.xhtml
@@ -42,6 +42,22 @@
 					<h:commandButton id="commitbtn" action="#{eventorgView.saveEvent()}" value="#{i18n['event.save']}" />
 				</h:panelGrid>
 			</h:form>
+			<h:form>
+				<h:inputText value="#{eventorgView.newdomain}" />
+				<h:commandButton action="#{eventorgView.addDomain()}" />
+				<h:dataTable var="domain" value="#{eventorgView.eventdomains}">
+					<h:column>
+						<f:facet name="header">
+							<h:outputText value="#{i18n['eventdomain.domainname']}" />
+						</f:facet>
+						<h:outputText value="#{domain.domain}" />
+					</h:column>
+					<h:column>
+						<h:commandButton action="#{eventorgView.removeDomain()}" />
+					</h:column>
+				</h:dataTable>
+			</h:form>
 		</ui:define>

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/exceptions/BortalExceptionHandler.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/exceptions/BortalExceptionHandler.java
@@ -17,8 +17,6 @@ import javax.faces.event.ExceptionQueuedEventContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 public class BortalExceptionHandler extends ExceptionHandlerWrapper {
 	private static final Logger logger = LoggerFactory.getLogger(BortalExceptionHandler.class);
@@ -51,9 +49,8 @@ public class BortalExceptionHandler extends ExceptionHandlerWrapper {
 			Throwable cause = t.getCause();
 			for (int loop = 0; loop < 20 && cause != null; ++loop) {
 				logger.debug("Cause not null, but {}: {}, checking" + cause.getClass(), cause.getMessage());
-				if (cause instanceof PermissionDeniedException ||
+				if (cause instanceof EJBAccessException ||
-							cause instanceof EJBAccessException ||
+						cause instanceof AccessLocalException) {
-							cause instanceof AccessLocalException) {
 					logger.debug("Found Permission Denied cause: {}, {}", cause.getClass(), cause.getMessage());
 					// errorpage(i, t, "permissionDenied");

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n.properties
-global.copyright=Verkkopeliyhdistys Insomnia ry
-global.productname=Omnia
+global.copyright   = Verkkopeliyhdistys Insomnia ry
+global.productname = Omnia
-navi.auth.login=frontpage
-navi.auth.loginerror=frontpage
-navi.auth.logout=frontpage
-pagegroup.auth.login=frontpage
-page.index.pagegroup=frontpage
-page.auth.login.pagegroup=login
-page.auth.loginerror.pagegroup=frontpage
-page.auth.logout.pagegroup=login
-page.auth.logoutsuccess.pagegroup=frontpage
-page.auth.notauthorized.pagegroup=frontpage
-page.bill.list.pagegroup=shop
-page.viewexpired.pagegroup=frontpage
-page.eventorg.list.pagegroup=admin
-page.eventorg.edit.pagegroup=admin
-page.eventorg.create.pagegroup=admin
-page.eventorg.editEvent.pagegroup=admin
-page.product.create.pagegroup=admin
-page.product.createBill.pagegroup=shop
-page.product.edit.pagegroup=admin
-page.product.list.pagegroup=admin
-product.providedRole=Tuote tarjoaa roolin
-product.createDiscount=Lis mralennus
-product.saved=Tuote tallennettu
-product.returnProductEdit=Palaa tuotteeseen: 
-page.role.create.pagegroup=admin
-page.role.edit.pagegroup=admin
-page.role.list.pagegroup=admin
-page.place.placemap.pagegroup=placemap
-page.place.mygroups.pagegroup=user
-page.place.insertToken.pagegroup=user
-page.place.edit.pagegroup=admin
-page.account.edit.pagegroup=admin
-page.user.create.pagegroup=user
-page.user.edit.pagegroup=user
-page.user.list.pagegroup=user
-page.user.editself.pagegroup=user
-page.user.mygroups.pagegroup=user
-page.admin.sendimage.pagegroup=admin
-page.auth.login.loginerror.pagegroup=frontpage
-page.auth.login.logout.pagegroup=frontpage
-page.permissionDenied.pagegroup=frontpage
-page.bill.placemap.pagegroup=placemap
-page.bill.listAll.pagegroup=shop
-page.bill.edit.pagegroup=shop
-page.bill.billSummary.pagegroup=shop
-page.account.list.pagegroup=user
-page.auth.resetPassword.pagegroup=user
-page.shop.readerevents.pagegroup=rfidshop
-page.game.start.pagegroup=game
-page.game.list.pagegroup=game
-page.poll.start.pagegroup=poll
-page.poll.answer.pagegroup=poll
-page.poll.answered.pagegroup=poll
-poll.edit=edit
+httpsession.creationTime          = Luotu
 #Bill number
 # Validationmessages
-httpsession.id=ID
+httpsession.id                    = ID
-httpsession.creationTime=Luotu
+httpsession.invalidate            = Mit\uFFFDt\uFFFDi
-httpsession.lastAccessedTime=Viimeksi nhty
+httpsession.invalidateSuccessfull = Sessio onnistuneesti mit\uFFFDt\uFFFDity
-httpsession.sessionHasExisted=Ollut elossa (s)
+httpsession.isSessionNew          = Uusi sessio
-httpsession.maxInactiveInterval=Aikakatkaisu (s)
+httpsession.lastAccessedTime      = Viimeksi n\uFFFDhty
-httpsession.isSessionNew=Uusi sessio
+httpsession.maxInactiveInterval   = Aikakatkaisu (s)
-httpsession.invalidate=Mitti
+httpsession.sessionHasExisted     = Ollut elossa (s)
-httpsession.user=Tunnus
+httpsession.user                  = Tunnus
-httpsession.invalidateSuccessfull=Sessio onnistuneesti mittity
-user.unauthenticated=Kirjautumaton
+map.id   = #
+navi.auth.login      = frontpage
+navi.auth.loginerror = frontpage
+navi.auth.logout     = frontpage
+page.account.edit.pagegroup          = admin
+page.account.list.pagegroup          = user
+page.admin.sendimage.pagegroup       = admin
+page.auth.login.loginerror.pagegroup = frontpage
+page.auth.login.logout.pagegroup     = frontpage
+page.auth.login.pagegroup            = login
+page.auth.loginerror.pagegroup       = frontpage
+page.auth.logout.pagegroup           = login
+page.auth.logoutsuccess.pagegroup    = frontpage
+page.auth.notauthorized.pagegroup    = frontpage
+page.auth.resetPassword.pagegroup    = user
+page.bill.billSummary.pagegroup      = shop
+page.bill.edit.pagegroup             = shop
+page.bill.list.pagegroup             = shop
+page.bill.listAll.pagegroup          = shop
+page.bill.placemap.pagegroup         = placemap
+page.eventorg.create.pagegroup       = admin
+page.eventorg.edit.pagegroup         = admin
+page.eventorg.editEvent.pagegroup    = admin
+page.eventorg.list.pagegroup         = admin
+page.game.list.pagegroup             = game
+page.game.start.pagegroup            = game
+page.index.pagegroup                 = frontpage
+page.permissionDenied.pagegroup      = frontpage
+page.place.edit.pagegroup            = admin
+page.place.insertToken.pagegroup     = user
+page.place.mygroups.pagegroup        = user
+page.place.placemap.pagegroup        = placemap
+page.poll.answer.pagegroup           = poll
+page.poll.answered.pagegroup         = poll
+page.poll.start.pagegroup            = poll
+page.product.create.pagegroup        = admin
+page.product.createBill.pagegroup    = shop
+page.product.edit.pagegroup          = admin
+page.product.list.pagegroup          = admin
+page.role.create.pagegroup           = admin
+page.role.edit.pagegroup             = admin
+page.role.list.pagegroup             = admin
+page.shop.readerevents.pagegroup     = rfidshop
+page.user.create.pagegroup           = user
+page.user.edit.pagegroup             = user
+page.user.editself.pagegroup         = user
+page.user.list.pagegroup             = user
+page.user.mygroups.pagegroup         = user
+page.viewexpired.pagegroup           = frontpage
+pagegroup.auth.login = frontpage
+poll.edit        = edit
+product.providedRole      = Tuote tarjoaa roolin
+product.returnProductEdit = Palaa tuotteeseen: 
+product.saved             = Tuote tallennettu
+user.unauthenticated = Kirjautumaton
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en.properties
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en_ST.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en_ST.properties
+#Generated by ResourceBundle Editor (http://eclipse-rbe.sourceforge.net)
 #Bill number
 # Validationmessages
-global.infomail=info@streamparty.org
-global.webpage=http\u003A//www.streamparty.org
+bill.billMarkedPaidMail.message = Your deposit number {0} has been marked as paid.
+bill.billMarkedPaidMail.subject = [Streamparty] Your credits have been updated
-bill.billMarkedPaidMail.message=Your bill number {0} has been marked as paid.
+global.infomail = info@streamparty.org
-bill.billMarkedPaidMail.subject=[INSOMNIA] Lasku merkitty maksetuksi
+global.webpage  = http://www.streamparty.org
\ No newline at end of file
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en_ST_v7.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_en_ST_v7.properties
+#Generated by ResourceBundle Editor (http://eclipse-rbe.sourceforge.net)
 #Bill number
 # Validationmessages
-global.eventname=Stream seven
+global.eventname = Stream seven
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi.properties
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN.properties
+#Generated by ResourceBundle Editor (http://eclipse-rbe.sourceforge.net)
 #Bill number
 # Validationmessages
-global.infomail=info@insomnia.fi
-global.webpage=http\u003A//www.insomnia.fi
+bill.billMarkedPaidMail.message = Laskusi numero {0} on merkitty maksetuksi. Voit nyt siirty\u00E4 lippukauppaan varamaamaan haluamasi paikat. \nTervetuloa tapahtumaan!\n\nTerveisin,\nInsomnia lippupalvelu\nwww.insomnia.fi
+bill.billMarkedPaidMail.subject = [INSOMNIA] Lasku merkitty maksetuksi
-bill.billMarkedPaidMail.message=Laskusi numero {0} on merkitty maksetuksi. Voit nyt siirty\u2030 lippukauppaan varamaamaan haluamasi paikat. \nTervetuloa tapahtumaan!\n\nTerveisin,\nInsomnia lippupalvelu\nwww.insomnia.fi
+global.infomail = info@insomnia.fi
-bill.billMarkedPaidMail.subject=[INSOMNIA] Lasku merkitty maksetuksi
+global.webpage  = http://www.insomnia.fi
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN_XII.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN_XII.properties
+#Generated by ResourceBundle Editor (http://eclipse-rbe.sourceforge.net)
 #Bill number
 # Validationmessages
-global.eventname=Insomnia XII
+global.eventname = Insomnia XII
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN_XIII.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_fi_IN_XIII.properties
+#Generated by ResourceBundle Editor (http://eclipse-rbe.sourceforge.net)
 #Bill number
 # Validationmessages
-global.eventname=Insomnia XIII
+global.eventname = Insomnia XIII
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_se.properties
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/resources/i18n_se.properties
-#Bill number
-# Validationmessages
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/PlaceMap.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/PlaceMap.java
@@ -15,6 +15,8 @@ import java.util.Date;
 import java.util.List;
 import javax.ejb.EJB;
+import javax.ejb.EJBAccessException;
+import javax.ejb.EJBException;
 import javax.imageio.ImageIO;
 import javax.servlet.ServletException;
 import javax.servlet.ServletOutputStream;
@@ -25,9 +27,10 @@ import javax.servlet.http.HttpServletResponse;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import fi.insomnia.bortal.beans.LoggingBeanLocal;
 import fi.insomnia.bortal.beans.PermissionBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceMapBeanLocal;
+import fi.insomnia.bortal.beans.SecurityLogType;
 import fi.insomnia.bortal.enums.apps.MapPermission;
 import fi.insomnia.bortal.model.EventMap;
 import fi.insomnia.bortal.model.Place;
@@ -49,6 +52,9 @@ public class PlaceMap extends HttpServlet {
 	@EJB
 	private transient PermissionBeanLocal permbean;
+	@EJB
+	private LoggingBeanLocal loggerbean;
 	private static final String PARAMETER_EVENT_MAP_ID = "mapid";
 	/**
@@ -102,7 +108,7 @@ public class PlaceMap extends HttpServlet {
 			 * out.println("<h1>Servlet PlaceMap at " + request.getContextPath
 			 * () + "</h1>"); out.println("</body>"); out.println("</html>");
 			 */
-		} catch (PermissionDeniedException e) {
+		} catch (EJBException e) {
 			logger.debug("Permission denied. Returning SC_FORBIDDEN!");
 			response.setContentType("text/html;charset=UTF-8");
 			response.setStatus(HttpServletResponse.SC_FORBIDDEN);
@@ -116,12 +122,15 @@ public class PlaceMap extends HttpServlet {
 	}
 	private void printPlaceMapToStream(OutputStream outputStream,
-			String filetype, EventMap map) throws IOException,
+			String filetype, EventMap map) throws IOException
-			PermissionDeniedException {
+	{
-		permbean.fatalPermission(MapPermission.VIEW,
+		if (!permbean.hasPermission(MapPermission.VIEW))
-				"User tried to print the placemap to Stream");
+		{
+			loggerbean.logMessage(SecurityLogType.permissionDenied, permbean.getCurrentUser(),
+					"User tried to print the placemap to stream without sufficient permissions");
+			throw new EJBAccessException("Not enough permissions to print placemap");
+		}
 		long begin = new Date().getTime();
 		// List<Place> selectedPlaceList = placeBean.findPlaces(placeIds);
@@ -251,7 +260,7 @@ public class PlaceMap extends HttpServlet {
 		} else if (p.isTaken()) {
 			color = RESERVED_COLOR;
 		} else if (p.getProduct().getColor() != null) {
 			try {
 				color = Color.decode(p.getProduct().getColor());
 			} catch (NumberFormatException x) {

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/PrintBill.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/PrintBill.java
@@ -5,6 +5,7 @@ import java.io.IOException;
 import javax.ejb.EJB;
 import javax.ejb.EJBAccessException;
+import javax.ejb.EJBException;
 import javax.servlet.ServletException;
 import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServlet;
@@ -13,7 +14,6 @@ import javax.servlet.http.HttpServletResponse;
 import fi.insomnia.bortal.beans.BillBeanLocal;
 import fi.insomnia.bortal.beans.EventBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.model.Bill;
 /**
@@ -68,7 +68,7 @@ public class PrintBill extends HttpServlet {
 			ostream.close();
 			return;
 		} catch (EJBAccessException e) {
-		} catch (PermissionDeniedException e) {
+		} catch (EJBException e) {
 		}
 		response.setStatus(HttpServletResponse.SC_FORBIDDEN);

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/UploadServlet.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/servlet/UploadServlet.java
@@ -4,6 +4,7 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import javax.ejb.EJB;
+import javax.ejb.EJBException;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
@@ -18,7 +19,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.EventMapBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.beans.UtilBeanLocal;
 import fi.insomnia.bortal.model.UserImage;
@@ -121,7 +121,7 @@ public class UploadServlet extends HttpServlet {
 		} catch (FileUploadException e) {
 			logger.warn("Error uploading image", e);
 			retmsg = "Tiedoston tallennuksessa tapahtui virhe!";
-		} catch (PermissionDeniedException e) {
+		} catch (EJBException e) {
 			logger.warn("Error uploading image", e);
 			retmsg = "Tiedoston tallennuksessa tapahtui virhe!";

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/MapManageView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/MapManageView.java
@@ -12,7 +12,6 @@ import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.EventBeanLocal;
 import fi.insomnia.bortal.beans.EventMapBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceBeanLocal;
 import fi.insomnia.bortal.beans.ProductBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
@@ -110,11 +109,8 @@ public class MapManageView extends GenericCDIView {
 	public String createMap() {
-		try {
+		map = eventmapBean.create(getMapname());
-			map = eventmapBean.create(getMapname());
-		} catch (PermissionDeniedException e) {
-			logger.info("Permission denied", e);
-		}
 		return "edit";
 	}

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/MapView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/MapView.java
@@ -12,7 +12,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.EventBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceBeanLocal;
 import fi.insomnia.bortal.beans.PlaceMapBeanLocal;
 import fi.insomnia.bortal.enums.apps.MapPermission;
@@ -53,8 +52,15 @@ public class MapView extends GenericCDIView {
 		return user.getAccountBalance().compareTo(BigDecimal.ZERO) > 0;
 	}
-	public BigDecimal getReservationPrice() throws PermissionDeniedException {
+	public BigDecimal getReservationPrice() {
-		return placeBean.totalReservationPrice(user, null);
+		BigDecimal ret = null;
+		if (permbean.isCurrentUser(user))
+			ret = placeBean.getTotalReservationPrice(null);
+		else {
+			ret = placeBean.getTotalReservationPrice(user, null);
+		}
+		return ret;
 	}
 	public Long getPlacesLeftToSelect() {

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/PlaceView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/PlaceView.java
@@ -14,7 +14,6 @@ import javax.inject.Named;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.enums.apps.MapPermission;
@@ -57,7 +56,7 @@ public class PlaceView extends GenericCDIView {
 		return permbean.hasPermission(MapPermission.MANAGE_MAPS);
 	}
-	public String buySelectedPlaces() throws PermissionDeniedException {
+	public String buySelectedPlaces() {
 		try {
 			placebean.buySelectedPlaces(user);
 			return "/place/myGroups";
@@ -67,8 +66,7 @@ public class PlaceView extends GenericCDIView {
 		return null;
 	}
+	public void placeSelectActionListener(ActionEvent e) {
-	public void placeSelectActionListener(ActionEvent e) throws PermissionDeniedException {
 		super.beginConversation();
 		FacesContext context = FacesContext.getCurrentInstance();
@@ -95,7 +93,13 @@ public class PlaceView extends GenericCDIView {
 			} else if (place.isBuyable() && !place.isTaken()) {
 				BigDecimal balance = permbean.getCurrentUser().getAccountBalance();
-				BigDecimal price = placebean.totalReservationPrice(user, place);
+				BigDecimal price = null;
+				if (permbean.isCurrentUser(user)) {
+					price = placebean.getTotalReservationPrice(place);
+				} else {
+					price = placebean.getTotalReservationPrice(user, place);
+				}
 				logger.debug("Balance {}, price {}", balance, price);
 				if (price.compareTo(balance) <= 0) {
 					logger.debug("Place was free. Marking for user.");
@@ -124,7 +128,7 @@ public class PlaceView extends GenericCDIView {
 	}
-	public String reserveForUser() throws PermissionDeniedException {
+	public String reserveForUser() {
 		try {
 			User user = userlist.getRowData();

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/PlacegroupView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/PlacegroupView.java
@@ -9,7 +9,6 @@ import javax.faces.model.ListDataModel;
 import javax.inject.Inject;
 import javax.inject.Named;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceGroupBeanLocal;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.enums.apps.MapPermission;
@@ -67,7 +66,7 @@ public class PlacegroupView extends GenericCDIView {
 		return memberlist;
 	}
-	public String releasePlace() throws PermissionDeniedException {
+	public String releasePlace() {
 		GroupMembership row = memberlist.getRowData();
 		if (row != null)
 		{

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/TokenView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/map/TokenView.java
@@ -5,7 +5,6 @@ import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
 import javax.inject.Named;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.PlaceGroupBeanLocal;
 import fi.insomnia.bortal.enums.apps.MapPermission;
 import fi.insomnia.bortal.model.User;
@@ -27,7 +26,7 @@ public class TokenView extends GenericCDIView {
 	@EJB
 	private transient PlaceGroupBeanLocal placegroupbean;
-	public String saveToken() throws PermissionDeniedException {
+	public String saveToken() {
 		super.requirePermissions();
 		if (!permbean.hasPermission(MapPermission.BUY_PLACES) && !permbean.isCurrentUser(user) && permbean.hasPermission(MapPermission.MANAGE_OTHERS)) {
 			this.addFaceMessage("permission.denied");

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/menu/MenuView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/menu/MenuView.java
@@ -14,10 +14,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import fi.insomnia.bortal.beans.EventBeanLocal;
 import fi.insomnia.bortal.beans.MenubeanLocal;
-import fi.insomnia.bortal.beans.PermissionBeanLocal;
-import fi.insomnia.bortal.beans.SitePageBeanLocal;
 import fi.insomnia.bortal.model.MenuNavigation;
 import fi.insomnia.bortal.web.cdiview.GenericCDIView;
@@ -35,14 +32,6 @@ public class MenuView extends GenericCDIView {
 	@EJB
 	private MenubeanLocal menubean;
-	@EJB
-	private PermissionBeanLocal permbean;
-	@EJB
-	private SitePageBeanLocal sitepagebean;
-	@EJB
-	private EventBeanLocal eventbean;
 	private LinkedList<List<JsfMenuitem>> menus;
 	private HashSet<MenuNavigation> navis;

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/organisation/EventOrgView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/organisation/EventOrgView.java
@@ -5,6 +5,7 @@ import java.util.List;
 import javax.ejb.EJB;
 import javax.enterprise.context.ConversationScoped;
+import javax.faces.model.ListDataModel;
 import javax.inject.Inject;
 import javax.inject.Named;
@@ -12,6 +13,7 @@ import fi.insomnia.bortal.beans.EventBeanLocal;
 import fi.insomnia.bortal.beans.EventOrganiserBeanLocal;
 import fi.insomnia.bortal.model.EventOrganiser;
 import fi.insomnia.bortal.model.LanEvent;
+import fi.insomnia.bortal.model.LanEventDomain;
 import fi.insomnia.bortal.model.User;
 import fi.insomnia.bortal.web.annotations.LoggedIn;
 import fi.insomnia.bortal.web.cdiview.GenericCDIView;
@@ -41,13 +43,28 @@ public class EventOrgView extends GenericCDIView {
 	private Integer eventid;
 	private LanEvent event;
+	private String newdomain;
+	private ListDataModel<LanEventDomain> eventdomains;
 	public void initCreate()
 	{
-		if (super.requirePermissions(user.isSuperadmin()))
+		if (super.requirePermissions(user.isSuperadmin())) {
-		{
 			super.beginConversation();
 		}
+	}
+	public String removeDomain()
+	{
+		event.getDomains().remove(eventdomains.getRowData());
+		setEvent(eventbean.mergeChanges(event));
+		return null;
+	}
+	public String addDomain() {
+		getEvent().getDomains().add(new LanEventDomain(getEvent(), newdomain));
+		setEvent(eventbean.mergeChanges(getEvent()));
+		return null;
 	}
 	public void initEdit() {
@@ -165,8 +182,17 @@ public class EventOrgView extends GenericCDIView {
 		return event;
 	}
+	public String getNewdomain() {
+		return newdomain;
+	}
+	public void setNewdomain(String newdomain) {
+		this.newdomain = newdomain;
+	}
 	public void setEvent(LanEvent event) {
 		this.event = event;
+		eventdomains = new ListDataModel<LanEventDomain>(event.getDomains());
 	}
 }
--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/shop/BillEditView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/shop/BillEditView.java
@@ -5,7 +5,6 @@ import javax.enterprise.context.ConversationScoped;
 import javax.inject.Named;
 import fi.insomnia.bortal.beans.BillBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.model.Bill;
 import fi.insomnia.bortal.web.cdiview.GenericCDIView;
@@ -25,7 +24,7 @@ public class BillEditView extends GenericCDIView {
 	@EJB
 	private transient BillBeanLocal billbean;
-	public void initView() throws PermissionDeniedException {
+	public void initView() {
 		if (this.requirePermissions(permbean.isLoggedIn())) {
 			if (billid <= 0 && bill != null) {
 				this.addFaceMessage("billedit.billnotfound");

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/shop/ProductShopView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/shop/ProductShopView.java
@@ -14,7 +14,6 @@ import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.BillBeanLocal;
 import fi.insomnia.bortal.beans.EventBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.ProductBeanLocal;
 import fi.insomnia.bortal.enums.apps.ShopPermission;
 import fi.insomnia.bortal.model.Bill;
@@ -76,25 +75,20 @@ public class ProductShopView extends GenericCDIView {
 		Iterator<ProductShopItem> cartIter = shoppingcart.iterator();
-		try {
+		Bill bill = new Bill(eventbean.getCurrentEvent(), user);
-			Bill bill = new Bill(eventbean.getCurrentEvent(), user);
+		bill.setOurReference(eventbean.getCurrentEvent().getName());
-			bill.setOurReference(eventbean.getCurrentEvent().getName());
-			while (cartIter.hasNext()) {
+		while (cartIter.hasNext()) {
-				ProductShopItem shopitem = cartIter.next();
+			ProductShopItem shopitem = cartIter.next();
-				if (shopitem.getCount().compareTo(BigDecimal.ZERO) > 0) {
+			if (shopitem.getCount().compareTo(BigDecimal.ZERO) > 0) {
-					bill.addProduct(shopitem.getProduct(), shopitem.getCount());
+				bill.addProduct(shopitem.getProduct(), shopitem.getCount());
-				}
 			}
-			billbean.createBill(bill);
-			addFaceMessage("productshop.billCreated");
-		} catch (PermissionDeniedException e) {
-			logger.info("Error committing bill cart", e);
-			addFaceMessage("productshop.errorCreatingBill");
-			return "failure";
 		}
+		billbean.createBill(bill);
+		addFaceMessage("productshop.billCreated");
 		return "/bill/list";
 	}

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/user/PasswordView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/user/PasswordView.java
@@ -5,7 +5,6 @@ import javax.enterprise.context.ConversationScoped;
 import javax.inject.Inject;
 import javax.inject.Named;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.enums.apps.UserPermission;
 import fi.insomnia.bortal.model.User;
@@ -35,11 +34,7 @@ public class PasswordView extends GenericCDIView {
 		if (permbean.isCurrentUser(user) || permbean.hasPermission(UserPermission.MODIFY)) {
 			if (password != null && password.equals(passwordcheck)) {
 				user.resetPassword(password);
-				try {
+				user = userbean.mergeChanges(user);
-					user = userbean.mergeChanges(user);
-				} catch (PermissionDeniedException e) {
-					return "permissionDenied";
-				}
 			} else {
 				super.addFaceMessage("userview.passwordsDontMatch");
 				return null;

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/user/UserView.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/cdiview/user/UserView.java
@@ -15,7 +15,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import fi.insomnia.bortal.beans.CardTemplateBeanLocal;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.enums.apps.UserPermission;
 import fi.insomnia.bortal.model.PrintedCard;
@@ -98,14 +97,10 @@ public class UserView extends GenericCDIView {
 	public String makeCard()
 	{
-		try {
+		PrintedCard card = cardBean.checkPrintedCard(user);
-			PrintedCard card = cardBean.checkPrintedCard(user);
+		if (card != null)
-			if (card != null)
+		{
-			{
+			user = card.getUser();
-				user = card.getUser();
-			}
-		} catch (PermissionDeniedException e) {
-			logger.info("Error printing card {}", e);
 		}
 		return null;
@@ -113,12 +108,8 @@ public class UserView extends GenericCDIView {
 	public String sendImage() {
-		try {
+		UserImage userimage = userbean.uploadImage(user, getImage().getContentType(), getImage().getContents(), getImage().getFileName(), "");
-			UserImage userimage = userbean.uploadImage(user, getImage().getContentType(), getImage().getContents(), getImage().getFileName(), "");
+		user = userimage.getUser();
-			user = userimage.getUser();
-		} catch (PermissionDeniedException e) {
-			super.addFaceMessage("user.imageUploadFailed");
-		}
 		super.addFaceMessage("user.imageUploaded");
 		return null;
@@ -156,12 +147,7 @@ public class UserView extends GenericCDIView {
 	public String saveUser() {
 		if (permbean.getCurrentUser().equals(user) || permbean.hasPermission(UserPermission.MODIFY)) {
 			this.addFaceMessage("user.successfullySaved");
-			try {
+			user = userbean.mergeChanges(user);
-				user = userbean.mergeChanges(user);
-			} catch (PermissionDeniedException e) {
-				logger.warn("Permission denied", e);
-				this.requirePermissions(false);
-			}
 		} else {
 			this.addFaceMessage("user.saveFailed");

--- a/code/LanBortalWeb/src/fi/insomnia/bortal/web/converter/UserImageConverter.java
+++ b/code/LanBortalWeb/src/fi/insomnia/bortal/web/converter/UserImageConverter.java
@@ -10,7 +10,6 @@ import javax.inject.Named;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import fi.insomnia.bortal.beans.PermissionDeniedException;
 import fi.insomnia.bortal.beans.UserBeanLocal;
 import fi.insomnia.bortal.model.UserImage;
@@ -34,12 +33,8 @@ public class UserImageConverter implements Converter {
 		}
 		int id = Integer.parseInt(value);
 		UserImage ret;
-		try {
+		ret = userbean.findUserImage(id);
-			ret = userbean.findUserImage(id);
-		} catch (PermissionDeniedException e) {
-			logger.debug("Permission denied!", e);
-			ret = null;
-		}
 		return ret;
 	}