Class DefaultAccountPermissionContextValidator<P extends AccountPermission>
- java.lang.Object
-
- com.broadleafcommerce.customer.service.validation.DefaultAccountPermissionContextValidator<P>
-
- All Implemented Interfaces:
AccountPermissionContextValidator<P>
public class DefaultAccountPermissionContextValidator<P extends AccountPermission> extends Object implements AccountPermissionContextValidator<P>
Default validator for use onAccountPermission
creation/modification/deletion. Verifies the following:- the current authentication is not application restricted (and can therefore modify these account-level entities)
- the current context is able to create/modify the permission
- the account ID of a permission can never be changed
- the name of a permission is non-empty and unique within its context
- Author:
- Samarth Dhruva (samarthd), Chris Kittrell (ckittrell)
-
-
Constructor Summary
Constructors Constructor Description DefaultAccountPermissionContextValidator()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected AccountPermissionService<P>
getAdminPermissionService()
protected org.springframework.validation.Errors
getErrors(P permission)
protected String
prefixWithEntityValidationMessageKey(@NonNull String errorCode)
void
setAccountPermissionService(AccountPermissionService<P> adminPermissionService)
Lazy injection since this validator is itself a service component.void
validateCreate(P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates a create operation is allowed in the current context.org.springframework.validation.Errors
validateCreate(P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates a create operation is allowed in the current context.void
validateDelete(P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates a delete operation is allowed in the current context.org.springframework.validation.Errors
validateDelete(P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates a delete operation is allowed in the current context.protected void
validateNameUniqueInContext(String id, P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
While it is perfectly valid for two account-level permissions in different accounts to have the same name, we want to avoid having duplicate names from the perspective of a particular account context (to prevent confusion).void
validateUpdate(@NonNull String id, P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates an update operation is allowed in the current context.org.springframework.validation.Errors
validateUpdate(@NonNull String id, P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Validates an update operation is allowed in the current context.
-
-
-
Method Detail
-
setAccountPermissionService
@Autowired @Lazy public void setAccountPermissionService(AccountPermissionService<P> adminPermissionService)
Lazy injection since this validator is itself a service component. This avoids circular dependency exceptions- Parameters:
adminPermissionService
- the permission service
-
validateCreate
public org.springframework.validation.Errors validateCreate(@NonNull P permission, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates a create operation is allowed in the current context.- Specified by:
validateCreate
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
permission
- The permission to validatecontextInfo
- The current context- Returns:
- An
Errors
object bound to a {code permission} - See Also:
AccountPermissionContextValidator.validateCreate(AccountPermission, Errors, ContextInfo)
-
getErrors
protected org.springframework.validation.Errors getErrors(@NonNull P permission)
-
validateUpdate
public org.springframework.validation.Errors validateUpdate(@NonNull @NonNull String id, @NonNull P permission, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates an update operation is allowed in the current context.- Specified by:
validateUpdate
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
id
- the id of the permission being updated, explicitly provided such that it can be used to find the existing record even ifAccountPermission.getId()
is unsupplied inpermission
.permission
- The permission to validatecontextInfo
- The current context- Returns:
- An
Errors
object bound to a {code permission} - See Also:
AccountPermissionContextValidator.validateUpdate(String, AccountPermission, Errors, ContextInfo)
-
validateDelete
public org.springframework.validation.Errors validateDelete(@NonNull P permission, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates a delete operation is allowed in the current context.- Specified by:
validateDelete
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
permission
- the permission being deleted to validatecontextInfo
- The current context- Returns:
- An
Errors
object bound to a {code permission} - See Also:
AccountPermissionContextValidator.validateDelete(AccountPermission, Errors, ContextInfo)
-
validateCreate
public void validateCreate(@NonNull P permission, @NonNull @NonNull org.springframework.validation.Errors errors, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates a create operation is allowed in the current context.- Specified by:
validateCreate
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
permission
- The permission to validateerrors
- An errors object bound to thepermission
to be validatedcontextInfo
- The current context
-
prefixWithEntityValidationMessageKey
protected String prefixWithEntityValidationMessageKey(@NonNull @NonNull String errorCode)
-
validateNameUniqueInContext
protected void validateNameUniqueInContext(@Nullable String id, @NonNull P permission, @NonNull @NonNull org.springframework.validation.Errors errors, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
While it is perfectly valid for two account-level permissions in different accounts to have the same name, we want to avoid having duplicate names from the perspective of a particular account context (to prevent confusion).This means that:
- a account-level permission's name must be unique among permissions with the same account id and global permissions (which would be accessible from any account-context)
- a global permission's name must be unique among all permissions in all contexts
- Parameters:
id
- the id of thepermission
, explicitly provided as it may be null on thepermission
. May be null as in the case of a create.permission
- the permission whose name should be validated for uniqueness in its contexterrors
- the errors object bound to the givenpermission
on which errors can becontextInfo
-
-
validateUpdate
public void validateUpdate(@NonNull @NonNull String id, @NonNull P permission, @NonNull @NonNull org.springframework.validation.Errors errors, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates an update operation is allowed in the current context.- Specified by:
validateUpdate
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
id
- the id of the permission being updated, explicitly provided such that it can be used to find the existing record even ifAccountPermission.getId()
is unsupplied inpermission
.permission
- The permission to validateerrors
- An errors object bound to thepermission
to be validatedcontextInfo
- The current context
-
validateDelete
public void validateDelete(@NonNull P permission, @NonNull @NonNull org.springframework.validation.Errors errors, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
Description copied from interface:AccountPermissionContextValidator
Validates a delete operation is allowed in the current context.- Specified by:
validateDelete
in interfaceAccountPermissionContextValidator<P extends AccountPermission>
- Parameters:
permission
- The permission being deleted to validateerrors
- An errors object bound to thepermission
to be validatedcontextInfo
- The current context
-
getAdminPermissionService
protected AccountPermissionService<P> getAdminPermissionService()
-
-