Package com.broadleafcommerce.auth.security.service

Class DefaultAccountAncestorService

java.lang.Object

com.broadleafcommerce.auth.security.service.DefaultAccountAncestorService

All Implemented Interfaces:

AccountAncestorService

public class DefaultAccountAncestorService
extends Object
implements AccountAncestorService

Constructor Summary

Constructors

Constructor	Description
DefaultAccountAncestorService(CustomerAccountService<CustomerAccount> customerAccountService)

Method Summary

Modifier and Type	Method	Description
protected boolean	accountAndParentsAreActive(String requestedAccountId)	Determine if the given account and all of its ancestors are active.
List<String>	getAccountAncestors(String accountId)	Defers to CustomerAccountService.getAccountAncestors(String).
Set<String>	getAllActiveAccountIdsForUser(User user)	Get the set of account ids for all accounts where the user has an active AccountRole.
Set<String>	getAllActiveAccountRoleIdsForUser(User user)	Get the set of role ids for all of a user's active AccountRoles.
Stream<AccountRole>	getAllUserRolesForAccount(User user, String accountId)	Gets all the user's AccountRoles given an accountId including inherited roles from ancestor accounts.
protected boolean	hasActiveRoleForAccount(String requestedAccountId, Set<String> allActiveAccountsForUser)	Determine if the requested account id in the set of a user's accounts.
protected boolean	hasActiveRoleForParentOfAccount(String requestedAccountId, Set<String> allActiveAccountsForUser)	Determine if the User has access to a parent of the requested account.
boolean	userHasAccessToRequestedAccount(String requestedAccountId, User user)	Determine if the user has access to the given account or any parent of the given account.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultAccountAncestorService

public DefaultAccountAncestorService(CustomerAccountService<CustomerAccount> customerAccountService)

Method Details

getAccountAncestors

public List<String> getAccountAncestors(String accountId)

Description copied from interface: AccountAncestorService

Defers to CustomerAccountService.getAccountAncestors(String). Get a list of all parent accounts for the account with the given id. The returned list does not include the given account id.

Specified by:

getAccountAncestors in interface AccountAncestorService

Parameters:

accountId - The id of the account for which to lookup ancestors

Returns:

A list of ids of ancestors to the given account id.

getAllActiveAccountIdsForUser

public Set<String> getAllActiveAccountIdsForUser(User user)

Description copied from interface: AccountAncestorService

Get the set of account ids for all accounts where the user has an active AccountRole.

Specified by:

getAllActiveAccountIdsForUser in interface AccountAncestorService

Parameters:

user - The current authenticated user.

Returns:

A set of ids for all accounts for which the user has an active role.

getAllActiveAccountRoleIdsForUser

public Set<String> getAllActiveAccountRoleIdsForUser(User user)

Description copied from interface: AccountAncestorService

Get the set of role ids for all of a user's active AccountRoles.

Specified by:

getAllActiveAccountRoleIdsForUser in interface AccountAncestorService

Parameters:

user - The current authenticated user.

Returns:

The set of active account role ids for all of a user's accounts.

getAllUserRolesForAccount

public Stream<AccountRole> getAllUserRolesForAccount(User user,
 String accountId)

Description copied from interface: AccountAncestorService

Gets all the user's AccountRoles given an accountId including inherited roles from ancestor accounts.

Specified by:

getAllUserRolesForAccount in interface AccountAncestorService

Parameters:

user - The user to find roles for.

accountId - The account to find roles in.

Returns:

All the user's AccountRoles given an accountId including inherited roles from ancestor accounts.

userHasAccessToRequestedAccount

public boolean userHasAccessToRequestedAccount(String requestedAccountId,
 User user)

Description copied from interface: AccountAncestorService

Determine if the user has access to the given account or any parent of the given account. This also verifies that the requested account and its parents are active.

Specified by:

userHasAccessToRequestedAccount in interface AccountAncestorService

Parameters:

requestedAccountId - The account for which the user is requesting authorization.

user - The current authenticated user.

Returns:

True if the user has an active role in the requested account or a parent of the requested account.

accountAndParentsAreActive

protected boolean accountAndParentsAreActive(String requestedAccountId)

Determine if the given account and all of its ancestors are active.

Parameters:

requestedAccountId - The id of the account to check.

Returns:

True if the given account and all of its ancestors are active. False if any are not active.

hasActiveRoleForAccount

protected boolean hasActiveRoleForAccount(String requestedAccountId,
 Set<String> allActiveAccountsForUser)

Determine if the requested account id in the set of a user's accounts.

Parameters:

requestedAccountId - The id of the account to check.

allActiveAccountsForUser - List of CustomerAccount ids that the User has active roles.

Returns:

True if the requested account is in the list of all of a User's accounts.

hasActiveRoleForParentOfAccount

protected boolean hasActiveRoleForParentOfAccount(String requestedAccountId,
 Set<String> allActiveAccountsForUser)

Determine if the User has access to a parent of the requested account.

Parameters:

requestedAccountId - The id of the account to check.

allActiveAccountsForUser - List of CustomerAccount ids that the User has active roles.

Returns:

True if an ancestor of the requested account is in the list of all of a User's accounts.