All Known Implementing Classes:: DefaultAccountAncestorService

public interface AccountAncestorService

Common functionality for evaluating account access

Method Summary

Modifier and Type

Method

Description

List<String>

getAccountAncestors(String accountId)

Defers to CustomerAccountService.getAccountAncestors(String).

Set<String>

getAllActiveAccountIdsForUser(User user)

Get the set of account ids for all accounts where the user has an active AccountRole.

Set<String>

getAllActiveAccountRoleIdsForUser(User user)

Get the set of role ids for all of a user's active AccountRoles.

Stream<AccountRole>

getAllUserRolesForAccount(User user, String accountId)

Gets all the user's AccountRoles given an accountId including inherited roles from ancestor accounts.

boolean

userHasAccessToRequestedAccount(String requestedAccountId, User user)

Determine if the user has access to the given account or any parent of the given account.

Method Details
- getAccountAncestors
  
  List<String> getAccountAncestors(String accountId)
  
  Defers to CustomerAccountService.getAccountAncestors(String). Get a list of all parent accounts for the account with the given id. The returned list does not include the given account id.
  
  Parameters:
  
  accountId - The id of the account for which to lookup ancestors
  
  Returns:
  
  A list of ids of ancestors to the given account id.
- getAllActiveAccountIdsForUser
  
  Set<String> getAllActiveAccountIdsForUser(User user)
  
  Get the set of account ids for all accounts where the user has an active AccountRole.
  
  Parameters:
  
  user - The current authenticated user.
  
  Returns:
  
  A set of ids for all accounts for which the user has an active role.
- getAllActiveAccountRoleIdsForUser
  
  Set<String> getAllActiveAccountRoleIdsForUser(User user)
  
  Get the set of role ids for all of a user's active AccountRoles.
  
  Parameters:
  
  user - The current authenticated user.
  
  Returns:
  
  The set of active account role ids for all of a user's accounts.
- getAllUserRolesForAccount
  
  Stream<AccountRole> getAllUserRolesForAccount(User user, String accountId)
  
  Gets all the user's AccountRoles given an accountId including inherited roles from ancestor accounts.
  
  Parameters:
  
  user - The user to find roles for.
  
  accountId - The account to find roles in.
  
  Returns:
  
  All the user's AccountRoles given an accountId including inherited roles from ancestor accounts.
- userHasAccessToRequestedAccount
  
  boolean userHasAccessToRequestedAccount(String requestedAccountId, User user)
  
  Determine if the user has access to the given account or any parent of the given account. This also verifies that the requested account and its parents are active.
  
  Parameters:
  
  requestedAccountId - The account for which the user is requesting authorization.
  
  user - The current authenticated user.
  
  Returns:
  
  True if the user has an active role in the requested account or a parent of the requested account.

Interface AccountAncestorService

Method Summary

Method Details

getAccountAncestors

getAllActiveAccountIdsForUser

getAllActiveAccountRoleIdsForUser

getAllUserRolesForAccount

userHasAccessToRequestedAccount