com.broadleafcommerce.data.tracking.core.policy.trackable

Interface TrackablePolicyUtils

All Superinterfaces:

PolicyUtils

All Known Implementing Classes:

DefaultTrackablePolicyUtils, VendorAwareTrackablePolicyUtils

public interface TrackablePolicyUtils
extends PolicyUtils

Version of PolicyUtils capable of validating request values against business rules related to mutability and visibility of tenant related information.

Author:

Jeff Fischer

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTH_DETAILS_ADMIN_USER_ID_KEY
static String	AUTH_DETAILS_APPLICATION_ACCESS_KEY
static String	AUTH_DETAILS_APPLICATIONS_KEY
static String	AUTH_DETAILS_CUSTOMER_CONTEXT_IDS
static String	AUTH_DETAILS_GLOBAL_KEY
static String	AUTH_DETAILS_TENANT_ACCESS_KEY
static String	AUTH_DETAILS_TENANT_KEY

Fields inherited from interface com.broadleafcommerce.data.tracking.core.policy.PolicyUtils

DEFAULT_AUTH_DETAILS_OWNER_ID, log, ROLE_ANONYMOUS

Method Summary

Modifier and Type	Method and Description
boolean	isAnonymous() Determine whether or not a user is an anonymous user.
boolean	isCatalogMutable(Application application, Catalog catalog) Check if a catalog is mutable, given an application.
boolean	isCatalogVisible(Application application, Catalog catalog) Check if a catalog is visible, given an application.
boolean	isGlobalTenantUser() Whether or not the current user is a global user.
boolean	isMutationPossibleForContext(ContextInfo contextInfo) Return whether or not the currently identified user has the necessary assigned tenant relationships to make a mutating operation possible given the requested application, and/or catalog, and/or lack thereof.
boolean	isOwnerUser(String ownerIdentifier) Detect whether or not the currently logged in user (if applicable) is a user capable of operating as a IdentityType.OWNER.
boolean	isUserApplicationLevelAccess() Whether or not the current user has access to the application level context.
boolean	isUserApplicationRestricted() Whether or not the current user has any application restrictions.
boolean	isUserTenantLevelAccess() Whether or not the current user has access to the tenant level context.
boolean	isValidApplicationUser(Application application) Check if the user described by the current Authentication is a member of the application instance provided.
boolean	isValidApplicationUser(Application application, boolean isTenantChange) Check if the user described by the current Authentication is a member of the application instance provided.
boolean	isValidApplicationUser(String applicationId) Version of isValidApplicationUser(Application) that takes just he application's ID.
boolean	isValidApplicationUser(String applicationId, boolean isTenantChange) Version of isValidApplicationUser(Application, boolean) that takes just he application's ID.
boolean	isValidSandboxUser() Return whether or not the currently identified user is capable of viewing a sandbox context.
boolean	isValidTenantUser(String tenantId, boolean isTenantLevelContext, boolean isGlobalChange) Check if the user described by the current Authentication is a member of the tenant instance provided.
PolicyResponse	validateContext(ContextInfo contextInfo) Review the ContextInfo parameter for valid tenant user membership and valid catalog visibility based on the current Authentication and requested tenant information in the contextInfo.
PolicyResponse	validateContext(ContextInfo contextInfo, String[] requiredPermissionRoots, PermissionMatchingStrategy permissionMatchingStrategy, OperationType operationType) Review the ContextInfo parameter for valid tenant user membership and valid catalog visibility based on the current Authentication and requested tenant information in the contextInfo.
PolicyResponse	validateDelete(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before deleting (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.
PolicyResponse	validateInsert(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before inserting (if catalog discrimination is in play and the current entity is catalog discriminatable) that the current catalog target for insertion is mutable.
PolicyResponse	validateOther(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before misc operation, the required permission is available
PolicyResponse	validateOwner(Object test, IdentityType[] identityTypes, String ownerIdentifier) Validate the object against the currently logged in user.
PolicyResponse	validatePermission(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate the permission against the granted authorities of the current Authentication.
PolicyResponse	validatePermission(String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType, ContextInfo contextInfo) Validate the permission against the granted authorities of the current Authentication.
PolicyResponse	validateRead(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before reading, the required permission is available.
PolicyResponse	validateUpdate(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before updating (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.

Methods inherited from interface com.broadleafcommerce.data.tracking.core.policy.PolicyUtils

getAuthDetailsOwnerIdentifier, getAuthentication, getAuthenticationAttributes, validatePermissions

Field Detail

AUTH_DETAILS_TENANT_ACCESS_KEY

static final String AUTH_DETAILS_TENANT_ACCESS_KEY

See Also:

Constant Field Values

AUTH_DETAILS_APPLICATION_ACCESS_KEY

static final String AUTH_DETAILS_APPLICATION_ACCESS_KEY

See Also:

Constant Field Values

AUTH_DETAILS_APPLICATIONS_KEY

static final String AUTH_DETAILS_APPLICATIONS_KEY

See Also:

Constant Field Values

AUTH_DETAILS_TENANT_KEY

static final String AUTH_DETAILS_TENANT_KEY

See Also:

Constant Field Values

AUTH_DETAILS_CUSTOMER_CONTEXT_IDS

static final String AUTH_DETAILS_CUSTOMER_CONTEXT_IDS

See Also:

Constant Field Values

AUTH_DETAILS_GLOBAL_KEY

static final String AUTH_DETAILS_GLOBAL_KEY

See Also:

Constant Field Values

AUTH_DETAILS_ADMIN_USER_ID_KEY

static final String AUTH_DETAILS_ADMIN_USER_ID_KEY

See Also:

Constant Field Values

Method Detail

validateContext

PolicyResponse validateContext(@Nullable
                               ContextInfo contextInfo)

Review the ContextInfo parameter for valid tenant user membership and valid catalog visibility based on the current Authentication and requested tenant information in the contextInfo.

Parameters:

contextInfo - the context containing multitenant application, tenant and catalog information

Returns:

Whether or not the contextInfo contains valid tenant information

validateContext

PolicyResponse validateContext(@Nullable
                               ContextInfo contextInfo,
                               @Nullable
                               String[] requiredPermissionRoots,
                               @Nullable
                               PermissionMatchingStrategy permissionMatchingStrategy,
                               @Nullable
                               OperationType operationType)

Review the ContextInfo parameter for valid tenant user membership and valid catalog visibility based on the current Authentication and requested tenant information in the contextInfo.

Additionally allows supplying policy requirements to inform validation decisions.

Parameters:

contextInfo - the context containing multitenant application, tenant and catalog information

requiredPermissionRoots - the permission roots required by the policy

permissionMatchingStrategy - how to validate multiple permissions

operationType - the operation type required by the policy

Returns:

Whether or not the contextInfo is valid with consideration to the current authentication and provided policy requirements

isValidSandboxUser

boolean isValidSandboxUser()

Return whether or not the currently identified user is capable of viewing a sandbox context. This can be fulfilled with an empty authentication for the request (i.e. anonymous security), or with an admin user identification.

Returns:

Whether or not the user identified for the current request is permitted to resolve sandbox state.

isMutationPossibleForContext

boolean isMutationPossibleForContext(@Nullable
                                     ContextInfo contextInfo)

Return whether or not the currently identified user has the necessary assigned tenant relationships to make a mutating operation possible given the requested application, and/or catalog, and/or lack thereof.

Parameters:

contextInfo - The requested context

Returns:

Whether or not the current user is permitted

isValidTenantUser

boolean isValidTenantUser(@Nullable
                          String tenantId,
                          boolean isTenantLevelContext,
                          boolean isGlobalChange)

Check if the user described by the current Authentication is a member of the tenant instance provided. This is generally determined by looking at PolicyUtils.getAuthenticationAttributes().

Parameters:

tenantId - The ID of the tenant instance with which to check user membership

isTenantLevelContext - Whether or not the current context is for the tenant level itself

isGlobalChange - Whether or not the current change is mutating a "global" resource, belonging to no particular tenant

Returns:

Whether or not the current user has access given the tenant and global change status

isUserTenantLevelAccess

boolean isUserTenantLevelAccess()

Whether or not the current user has access to the tenant level context. This is usually determined by examining the details in PolicyUtils.getAuthenticationAttributes().

Returns:

Whether or not the current user has tenant level access

isValidApplicationUser

boolean isValidApplicationUser(Application application)

Check if the user described by the current Authentication is a member of the application instance provided. This is generally determined by looking at PolicyUtils.getAuthenticationAttributes().

Parameters:

application - The application instance with which to check user membership

Returns:

Whether or not the current user is a member of the application, or the user is a global user.

isValidApplicationUser

boolean isValidApplicationUser(@NonNull
                               String applicationId)

Version of isValidApplicationUser(Application) that takes just he application's ID. If null, that means this is the global application.

Parameters:

applicationId - The ID of the application instance with which to check user membership

Returns:

Whether or not the current user is capable of the change given the application and global status of the change

isValidApplicationUser

boolean isValidApplicationUser(Application application,
                               boolean isTenantChange)

Check if the user described by the current Authentication is a member of the application instance provided. This is generally determined by looking at PolicyUtils.getAuthenticationAttributes().

Parameters:

application - The application instance with which to check user membership

isTenantChange - Whether or not the current mutating change is against a "tenant" resource, belonging to a tenant but not particular application

Returns:

Whether or not the current user is capable of the change given the application and global status of the change

isValidApplicationUser

boolean isValidApplicationUser(@Nullable
                               String applicationId,
                               boolean isTenantChange)

Version of isValidApplicationUser(Application, boolean) that takes just he application's ID. If null, that means this is the global application.

Parameters:

applicationId - The ID of the application instance with which to check user membership

isTenantChange - Whether or not the current mutating change is against a "tenant" resource, belonging to a tenant but not particular application

Returns:

Whether or not the current user is capable of the change given the application and global status of the change

isUserApplicationLevelAccess

boolean isUserApplicationLevelAccess()

Whether or not the current user has access to the application level context. This is usually determined by examining the details in PolicyUtils.getAuthenticationAttributes().

Returns:

Whether or not the current user has application level access

isUserApplicationRestricted

boolean isUserApplicationRestricted()

Whether or not the current user has any application restrictions. This is usually determined by examining the details in PolicyUtils.getAuthenticationAttributes().

Returns:

Whether or not the current user has any application restrictions

isGlobalTenantUser

boolean isGlobalTenantUser()

Whether or not the current user is a global user. This is usually determined by examining the details in PolicyUtils.getAuthenticationAttributes().

Returns:

Whether or not the current user is a global user

isOwnerUser

boolean isOwnerUser(@Nullable
                    String ownerIdentifier)

Detect whether or not the currently logged in user (if applicable) is a user capable of operating as a IdentityType.OWNER. If so, the user may participate in validation for owned entities. See Policy.identityTypes().

Parameters:

ownerIdentifier - The identifier key to use when verifying ownership.

Returns:

Detect whether or not the currently logged in user can validate against IdentityType.OWNER.

See Also:

DefaultTrackablePolicyUtils.getAuthDetailsOwnerIdentifier(), Policy.ownerIdentifier(), Owned

isAnonymous

boolean isAnonymous()

Determine whether or not a user is an anonymous user.

Returns:

true if anonymous, else false.

isCatalogVisible

boolean isCatalogVisible(Application application,
                         Catalog catalog)

Check if a catalog is visible, given an application. This should also take into account any * qualifying information regarding the current Authentication, especially details * regarding application membership.

Parameters:

application - The application instance with which to weigh catalog visibility against

catalog - The catalog for which visibility status is being checked

Returns:

Whether or not the catalog is visible

isCatalogMutable

boolean isCatalogMutable(Application application,
                         Catalog catalog)

Check if a catalog is mutable, given an application. This should also take into account any qualifying information regarding the current Authentication, especially details regarding application membership.

Parameters:

application - The application instance with which to weigh catalog mutability against

catalog - The catalog for which mutability status is being checked

Returns:

Whether or not the catalog is mutable

validateInsert

PolicyResponse validateInsert(@Nullable
                              Trackable entity,
                              @Nullable
                              ContextInfo contextInfo,
                              @Nullable
                              String[] permissionRoots,
                              @Nullable
                              PermissionMatchingStrategy strategy)

Validate that before inserting (if catalog discrimination is in play and the current entity is catalog discriminatable) that the current catalog target for insertion is mutable.

Parameters:

entity - The item being inserted

contextInfo - the context containing multitenant application and catalog information

permissionRoots - The permission roots to validate. If not specified, then permission validation will not be performed.

strategy - how to treat multiple permissions

Returns:

Whether or not the update request on the entity should be allowed

validateRead

PolicyResponse validateRead(@Nullable
                            ContextInfo contextInfo,
                            @Nullable
                            String[] permissionRoots,
                            @Nullable
                            PermissionMatchingStrategy strategy)

Validate that before reading, the required permission is available.

Parameters:

contextInfo - the context containing multitenant application and catalog information

permissionRoots - The permission roots to validate. If not specified, then permission validation will not be performed.

strategy - how to treat multiple permissions

Returns:

Whether or not the read request should be allowed

validateUpdate

PolicyResponse validateUpdate(@Nullable
                              Trackable entity,
                              @Nullable
                              ContextInfo contextInfo,
                              @Nullable
                              String[] permissionRoots,
                              @Nullable
                              PermissionMatchingStrategy strategy)

Validate that before updating (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.

Parameters:

entity - The item being updated

contextInfo - the context containing multitenant application and catalog information

permissionRoots - The permission to validate. If not specified, then permission validation will not be performed.

strategy - how to treat multiple permissions

Returns:

Whether or not the update request on the entity should be allowed

validateDelete

PolicyResponse validateDelete(@Nullable
                              Trackable entity,
                              @Nullable
                              ContextInfo contextInfo,
                              @Nullable
                              String[] permissionRoots,
                              @Nullable
                              PermissionMatchingStrategy strategy)

Validate that before deleting (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.

Parameters:

entity - The item being deleted

contextInfo - the context containing multitenant application and catalog information

permissionRoots - The permission roots to validate. If not specified, then permission validation will not be performed.

strategy - how to treat multiple permissions

Returns:

Whether or not the delete request on the entity should be allowed

validateOther

PolicyResponse validateOther(@Nullable
                             ContextInfo contextInfo,
                             @Nullable
                             String[] permissionRoots,
                             @Nullable
                             PermissionMatchingStrategy strategy)

Validate that before misc operation, the required permission is available

Parameters:

contextInfo - the context containing multitenant application and catalog information

permissionRoots - The permission roots to validate. If not specified, then permission validation will not be performed.

strategy - how to treat multiple permissions

Returns:

Whether or not the misc request should be allowed

validatePermission

PolicyResponse validatePermission(@Nullable
                                  ContextInfo contextInfo,
                                  @Nullable
                                  String[] permissionRoots,
                                  @Nullable
                                  PermissionMatchingStrategy strategy)

Validate the permission against the granted authorities of the current Authentication. If not defined, the response will be PolicyResponse.VALID.

Parameters:

contextInfo - the context containing multitenant application and catalog information

permissionRoots - the permission roots requested

strategy - how to treat multiple permissions

Returns:

Whether or not the discovered permission is in scope for the current user

validatePermission

PolicyResponse validatePermission(@Nullable
                                  String[] permissionRoots,
                                  @Nullable
                                  PermissionMatchingStrategy strategy,
                                  OperationType operationType,
                                  @Nullable
                                  ContextInfo contextInfo)

Validate the permission against the granted authorities of the current Authentication. If neither parameter is defined, the response will be PolicyResponse.VALID.

Parameters:

permissionRoots - the permission roots requested

operationType - the explicit type of operation to validate

contextInfo - the context containing multitenant application, tenant and catalog information. Not used in the default implementation, though custom implementations may use this for validation purposes.

Returns:

Whether or not the discovered permission is in scope for the current user

validateOwner

PolicyResponse validateOwner(@Nullable
                             Object test,
                             @Nullable
                             IdentityType[] identityTypes,
                             @Nullable
                             String ownerIdentifier)

Validate the object against the currently logged in user. If the test object is null, the response will be PolicyResponse.VALID. If the test object is provided, but no identityTypes are provided, the response will be PolicyResponse.NOT_PERMITTED. Furthermore, if the identityTypes are provided, and none are of the type IdentityType.OWNER, then the response will be PolicyResponse.VALID. Otherwise, the identifier from the authenticated user (if applicable) will be compared against the identifier of the Owned entity for validation.

Parameters:

test - The entity object to test for ownership agains the currently logged in user

identityTypes - The type of identities requested for the policy call. Validating ownership is only applicable against IdentityType.OWNER.

ownerIdentifier - The identifier key to use when verifying ownership.

Returns:

Whether or not the test object passed ownership validation for the logged in user

See Also:

Owned, Policy.ownerIdentifier()