Package com.broadleafcommerce.auth.resource.service

Interface UserOperationService

All Known Implementing Classes:
DefaultUserOperationService
public interface UserOperationService
Service API for UserOperation.
Author:
Nick Crum (ncrum)

  • Method Details

    • findAllByScopeIn

      @Deprecated List<UserOperation> findAllByScopeIn(@NonNull Collection<String> scopes)
      Deprecated.
      use getUserOperationInformation(Collection, String) instead
      Finds all user operations tied to the provided set of scopes.
      Parameters:
      scopes - the set of scopes to retrieve operations for
      Returns:
      all `UserOperation` matching at least one of the scopes

    • getUserOperationInformation

      UserOperationInformation getUserOperationInformation(@NonNull Collection<String> scopes, @Nullable String clientId)

      Finds the UserOperationInformation for the current user and the given scopes.

      Note that if this is called with a Bearer token authentication, the authorities from the token itself are ignored/unused. The full user will be read from the datastore and _all_ their authorities will be considered.

      Parameters:
      scopes - the set of scopes to retrieve operation info for
      clientId - (optional) if the current user authentication is a Bearer token, then this parameter is required to successfully find the user. This parameter is not required if the current user authentication is a session token.
      Returns:
      the operation information on the current user for the given scopes

    • getUserOperationInformation

      UserOperationInformation getUserOperationInformation(@NonNull Collection<String> scopes, @Nullable String clientId, String accountId)

      Finds the UserOperationInformation for the current user and the given scopes by mapping their roles via the current user's account information.

      Note that if this is called with a Bearer token authentication, the authorities from the token itself are ignored/unused. The full user will be read from the datastore and _all_ their authorities will be considered.

      Parameters:
      scopes - the set of scopes to retrieve operation info for
      clientId - (optional) if the current user authentication is a Bearer token, then this parameter is required to successfully find the user. This parameter is not required if the current user authentication is a session token.
      accountId - the id to use to check if the current user has permissions for the account
      Returns:
      the operation information on the current user for the given scopes