Class CatalogVendorAwareCacheKeyEnhancer
- java.lang.Object
-
- com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.DefaultVendorAwareCacheKeyEnhancer
-
- com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.CatalogVendorAwareCacheKeyEnhancer
-
- All Implemented Interfaces:
VendorAwareCacheKeyEnhancer
public class CatalogVendorAwareCacheKeyEnhancer extends DefaultVendorAwareCacheKeyEnhancer
An extension ofDefaultVendorAwareCacheKeyEnhanceroptimized for requests on catalog-discriminated entities.
-
-
Constructor Summary
Constructors Constructor Description CatalogVendorAwareCacheKeyEnhancer(VendorAwareTrackablePolicyUtils vendorAwareTrackablePolicyUtils)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidaddPropertiesToCacheKey(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedCatalogVendorRef, com.fasterxml.jackson.databind.node.ObjectNode cacheKey)voidenhanceCacheKeyWithVendorConsiderations(com.fasterxml.jackson.databind.node.ObjectNode cacheKey, ContextInfo contextInfo)This method is specifically intended to determine vendor-privileges available for the vendor which theContextRequest.getCatalog()isrelated to.protected Set<String>getRestrictedAuthoritiesGrantedToRequestedVendor(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedVendor)Caching will pretty much only ever be used on read operations, but we can't just filter to vendor restrictions matching the current policy requirements since theContextStateBuilder's mutability check to setContextState.getMutable()will perform policy validation against _updates_ as well.-
Methods inherited from class com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.DefaultVendorAwareCacheKeyEnhancer
addPropertiesToCacheKey, containsAuthorityRoot, getCurrentPolicyRequirements, getPermissionRoots, getVendorAwareTrackablePolicyUtils, getVendorRefsByRelevantRestrictedAuthority
-
-
-
-
Constructor Detail
-
CatalogVendorAwareCacheKeyEnhancer
public CatalogVendorAwareCacheKeyEnhancer(VendorAwareTrackablePolicyUtils vendorAwareTrackablePolicyUtils)
-
-
Method Detail
-
enhanceCacheKeyWithVendorConsiderations
public void enhanceCacheKeyWithVendorConsiderations(com.fasterxml.jackson.databind.node.ObjectNode cacheKey, ContextInfo contextInfo)This method is specifically intended to determine vendor-privileges available for the vendor which theContextRequest.getCatalog()isrelated to. It differs from the more generalDefaultVendorAwareCacheKeyEnhancer.enhanceCacheKeyWithVendorConsiderations(ObjectNode, ContextInfo)method, since it can actually be more optimized by the fact that we know exactly which vendor ref the authentication is attempting to access. With this knowledge, we can produce a cache key purely based on authorities which have been granted to the authentication for the requested vendor. This is better, since it means authentications with different sets of vendors for each authority will still ultimately produce the same cache key as long as the authorities for the requested vendor match.- Specified by:
enhanceCacheKeyWithVendorConsiderationsin interfaceVendorAwareCacheKeyEnhancer- Overrides:
enhanceCacheKeyWithVendorConsiderationsin classDefaultVendorAwareCacheKeyEnhancer- Parameters:
cacheKey- the cache key object on which to add any vendor privilege considerationscontextInfo- the context info supplied to the operation being cached. If this is an "application" request, then the optimizations of this method will be skipped andDefaultVendorAwareCacheKeyEnhancer.enhanceCacheKeyWithVendorConsiderations(ObjectNode, ContextInfo)will be called instead.
-
addPropertiesToCacheKey
protected void addPropertiesToCacheKey(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedCatalogVendorRef, com.fasterxml.jackson.databind.node.ObjectNode cacheKey)
-
getRestrictedAuthoritiesGrantedToRequestedVendor
protected Set<String> getRestrictedAuthoritiesGrantedToRequestedVendor(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedVendor)
Caching will pretty much only ever be used on read operations, but we can't just filter to vendor restrictions matching the current policy requirements since theContextStateBuilder's mutability check to setContextState.getMutable()will perform policy validation against _updates_ as well. Thus, to be safe, we will include all restricted authorities sharing the same _root_ as the current policy requirements.Furthermore, since
requestedVendoris known, we can further optimize to only return the authorities which the authentication has been granted for that vendor. This means even authentications with different sets of vendors for each authority will still ultimately produce the same cache key as long as the authorities for the requested vendor match.This should eliminate irrelevant roots from the cache key (preventing unnecessarily unique keys) while protecting against a situation where an authentication with READ_* sees the same mutability as an authentication with READ_* and UPDATE_*.
- Parameters:
currentRequiredPolicyRoots- the permission roots required by the current policy requirements. Authorities will be filtered to only include those matching these roots.vendorPrivilegesSummary- the summary of vendor privileges granted to the current authenticationrequestedVendor- the vendorRef of the vendor in which which data is being requested- Returns:
- a set containing all of the relevant
restricted authoritiesmatching the required policy roots which have been granted for the requested vendor
-
-