Package com.broadleafcommerce.customer.service.validation

Class DefaultAccountPermissionContextValidator<P extends AccountPermission>

  • All Implemented Interfaces:
    AccountPermissionContextValidator<P>
    public class DefaultAccountPermissionContextValidator<P extends AccountPermission>
extends Object
implements AccountPermissionContextValidator<P>
    Default validator for use on AccountPermission creation/modification/deletion. Verifies the following:
    1. the current authentication is not application restricted (and can therefore modify these account-level entities)
    2. the current context is able to create/modify the permission
    3. the account ID of a permission can never be changed
    4. the name of a permission is non-empty and unique within its context
    Author:
    Samarth Dhruva (samarthd), Chris Kittrell (ckittrell)

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected AccountPermissionService<P> getAdminPermissionService()  
      protected org.springframework.validation.Errors getErrors​(P permission)  
      protected String prefixWithEntityValidationMessageKey​(@NonNull String errorCode)  
      void setAccountPermissionService​(AccountPermissionService<P> adminPermissionService)
      Lazy injection since this validator is itself a service component.
      void validateCreate​(P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates a create operation is allowed in the current context.
      org.springframework.validation.Errors validateCreate​(P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates a create operation is allowed in the current context.
      void validateDelete​(P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates a delete operation is allowed in the current context.
      org.springframework.validation.Errors validateDelete​(P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates a delete operation is allowed in the current context.
      protected void validateNameUniqueInContext​(String id, P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      While it is perfectly valid for two account-level permissions in different accounts to have the same name, we want to avoid having duplicate names from the perspective of a particular account context (to prevent confusion).
      void validateUpdate​(@NonNull String id, P permission, @NonNull org.springframework.validation.Errors errors, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates an update operation is allowed in the current context.
      org.springframework.validation.Errors validateUpdate​(@NonNull String id, P permission, com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
      Validates an update operation is allowed in the current context.

    • Constructor Detail

      • DefaultAccountPermissionContextValidator

        public DefaultAccountPermissionContextValidator()

    • Method Detail

      • setAccountPermissionService

        @Autowired
@Lazy
public void setAccountPermissionService​(AccountPermissionService<P> adminPermissionService)
        Lazy injection since this validator is itself a service component. This avoids circular dependency exceptions
        Parameters:
        adminPermissionService - the permission service

      • getErrors

        protected org.springframework.validation.Errors getErrors​(@NonNull
                                                          P permission)

      • validateCreate

        public void validateCreate​(@NonNull
                           P permission,
                           @NonNull
                           @NonNull org.springframework.validation.Errors errors,
                           @Nullable
                           com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
        Description copied from interface: AccountPermissionContextValidator
        Validates a create operation is allowed in the current context.
        Specified by:
        validateCreate in interface AccountPermissionContextValidator<P extends AccountPermission>
        Parameters:
        permission - The permission to validate
        errors - An errors object bound to the permission to be validated
        contextInfo - The current context

      • prefixWithEntityValidationMessageKey

        protected String prefixWithEntityValidationMessageKey​(@NonNull
                                                      @NonNull String errorCode)

      • validateNameUniqueInContext

        protected void validateNameUniqueInContext​(@Nullable
                                           String id,
                                           @NonNull
                                           P permission,
                                           @NonNull
                                           @NonNull org.springframework.validation.Errors errors,
                                           @Nullable
                                           com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
        While it is perfectly valid for two account-level permissions in different accounts to have the same name, we want to avoid having duplicate names from the perspective of a particular account context (to prevent confusion).

        This means that:

        • a account-level permission's name must be unique among permissions with the same account id and global permissions (which would be accessible from any account-context)
        • a global permission's name must be unique among all permissions in all contexts
        This method first validates that the name is present, then validates its uniqueness.
        Parameters:
        id - the id of the permission, explicitly provided as it may be null on the permission. May be null as in the case of a create.
        permission - the permission whose name should be validated for uniqueness in its context
        errors - the errors object bound to the given permission on which errors can be
        contextInfo -

      • validateUpdate

        public void validateUpdate​(@NonNull
                           @NonNull String id,
                           @NonNull
                           P permission,
                           @NonNull
                           @NonNull org.springframework.validation.Errors errors,
                           @Nullable
                           com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
        Description copied from interface: AccountPermissionContextValidator
        Validates an update operation is allowed in the current context.
        Specified by:
        validateUpdate in interface AccountPermissionContextValidator<P extends AccountPermission>
        Parameters:
        id - the id of the permission being updated, explicitly provided such that it can be used to find the existing record even if AccountPermission.getId() is unsupplied in permission.
        permission - The permission to validate
        errors - An errors object bound to the permission to be validated
        contextInfo - The current context

      • validateDelete

        public void validateDelete​(@NonNull
                           P permission,
                           @NonNull
                           @NonNull org.springframework.validation.Errors errors,
                           @Nullable
                           com.broadleafcommerce.data.tracking.core.context.ContextInfo contextInfo)
        Description copied from interface: AccountPermissionContextValidator
        Validates a delete operation is allowed in the current context.
        Specified by:
        validateDelete in interface AccountPermissionContextValidator<P extends AccountPermission>
        Parameters:
        permission - The permission being deleted to validate
        errors - An errors object bound to the permission to be validated
        contextInfo - The current context