Class DefaultAccountAncestorService
java.lang.Object
com.broadleafcommerce.auth.security.service.DefaultAccountAncestorService
- All Implemented Interfaces:
AccountAncestorService
-
Constructor Summary
ConstructorDescriptionDefaultAccountAncestorService
(CustomerAccountService<CustomerAccount> customerAccountService) -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
accountAndParentsAreActive
(String requestedAccountId) Determine if the given account and all of its ancestors are active.getAccountAncestors
(String accountId) Get the set of account ids for all accounts where the user has an activeAccountRole
.Get the set of role ids for all of a user's activeAccountRoles
.getAllUserRolesForAccount
(User user, String accountId) Gets all the user'sAccountRoles
given anaccountId
including inherited roles from ancestor accounts.protected boolean
hasActiveRoleForAccount
(String requestedAccountId, Set<String> allActiveAccountsForUser) Determine if the requested account id in the set of a user's accounts.protected boolean
hasActiveRoleForParentOfAccount
(String requestedAccountId, Set<String> allActiveAccountsForUser) Determine if the User has access to a parent of the requested account.boolean
userHasAccessToRequestedAccount
(String requestedAccountId, User user) Determine if the user has access to the given account or any parent of the given account.
-
Constructor Details
-
DefaultAccountAncestorService
public DefaultAccountAncestorService(CustomerAccountService<CustomerAccount> customerAccountService)
-
-
Method Details
-
getAccountAncestors
Description copied from interface:AccountAncestorService
Defers toCustomerAccountService.getAccountAncestors(String)
. Get a list of all parent accounts for the account with the given id. The returned list does not include the given account id.- Specified by:
getAccountAncestors
in interfaceAccountAncestorService
- Parameters:
accountId
- The id of the account for which to lookup ancestors- Returns:
- A list of ids of ancestors to the given account id.
-
getAllActiveAccountIdsForUser
Description copied from interface:AccountAncestorService
Get the set of account ids for all accounts where the user has an activeAccountRole
.- Specified by:
getAllActiveAccountIdsForUser
in interfaceAccountAncestorService
- Parameters:
user
- The current authenticated user.- Returns:
- A set of ids for all accounts for which the user has an active role.
-
getAllActiveAccountRoleIdsForUser
Description copied from interface:AccountAncestorService
Get the set of role ids for all of a user's activeAccountRoles
.- Specified by:
getAllActiveAccountRoleIdsForUser
in interfaceAccountAncestorService
- Parameters:
user
- The current authenticated user.- Returns:
- The set of active account role ids for all of a user's accounts.
-
getAllUserRolesForAccount
Description copied from interface:AccountAncestorService
Gets all the user'sAccountRoles
given anaccountId
including inherited roles from ancestor accounts.- Specified by:
getAllUserRolesForAccount
in interfaceAccountAncestorService
- Parameters:
user
- The user to find roles for.accountId
- The account to find roles in.- Returns:
- All the user's
AccountRoles
given anaccountId
including inherited roles from ancestor accounts.
-
userHasAccessToRequestedAccount
Description copied from interface:AccountAncestorService
Determine if the user has access to the given account or any parent of the given account. This also verifies that the requested account and its parents are active.- Specified by:
userHasAccessToRequestedAccount
in interfaceAccountAncestorService
- Parameters:
requestedAccountId
- The account for which the user is requesting authorization.user
- The current authenticated user.- Returns:
- True if the user has an active role in the requested account or a parent of the requested account.
-
accountAndParentsAreActive
Determine if the given account and all of its ancestors are active.- Parameters:
requestedAccountId
- The id of the account to check.- Returns:
- True if the given account and all of its ancestors are active. False if any are not active.
-
hasActiveRoleForAccount
protected boolean hasActiveRoleForAccount(String requestedAccountId, Set<String> allActiveAccountsForUser) Determine if the requested account id in the set of a user's accounts.- Parameters:
requestedAccountId
- The id of the account to check.allActiveAccountsForUser
- List ofCustomerAccount
ids that the User has active roles.- Returns:
- True if the requested account is in the list of all of a User's accounts.
-
hasActiveRoleForParentOfAccount
protected boolean hasActiveRoleForParentOfAccount(String requestedAccountId, Set<String> allActiveAccountsForUser) Determine if the User has access to a parent of the requested account.- Parameters:
requestedAccountId
- The id of the account to check.allActiveAccountsForUser
- List ofCustomerAccount
ids that the User has active roles.- Returns:
- True if an ancestor of the requested account is in the list of all of a User's accounts.
-