Class CatalogVendorAwareCacheKeyEnhancer
java.lang.Object
com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.DefaultVendorAwareCacheKeyEnhancer
com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.CatalogVendorAwareCacheKeyEnhancer
- All Implemented Interfaces:
VendorAwareCacheKeyEnhancer
An extension of
DefaultVendorAwareCacheKeyEnhancer
optimized for requests on
catalog-discriminated entities.-
Constructor Summary
ConstructorDescriptionCatalogVendorAwareCacheKeyEnhancer
(VendorAwareTrackablePolicyUtils vendorAwareTrackablePolicyUtils) -
Method Summary
Modifier and TypeMethodDescriptionprotected void
addPropertiesToCacheKey
(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedCatalogVendorRef, com.fasterxml.jackson.databind.node.ObjectNode cacheKey) void
enhanceCacheKeyWithVendorConsiderations
(com.fasterxml.jackson.databind.node.ObjectNode cacheKey, ContextInfo contextInfo) This method is specifically intended to determine vendor-privileges available for the vendor which theContextRequest.getCatalog()
isrelated to
.getRestrictedAuthoritiesGrantedToRequestedVendor
(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedVendor) Caching will pretty much only ever be used on read operations, but we can't just filter to vendor restrictions matching the current policy requirements since theContextStateBuilder
's mutability check to setContextState.getMutable()
will perform policy validation against _updates_ as well.Methods inherited from class com.broadleafcommerce.data.tracking.core.cache.marketplace.vendor.DefaultVendorAwareCacheKeyEnhancer
addPropertiesToCacheKey, containsAuthorityRoot, getCurrentPolicyRequirements, getPermissionRoots, getVendorAwareTrackablePolicyUtils, getVendorRefsByRelevantRestrictedAuthority
-
Constructor Details
-
CatalogVendorAwareCacheKeyEnhancer
public CatalogVendorAwareCacheKeyEnhancer(VendorAwareTrackablePolicyUtils vendorAwareTrackablePolicyUtils)
-
-
Method Details
-
enhanceCacheKeyWithVendorConsiderations
public void enhanceCacheKeyWithVendorConsiderations(com.fasterxml.jackson.databind.node.ObjectNode cacheKey, ContextInfo contextInfo) This method is specifically intended to determine vendor-privileges available for the vendor which theContextRequest.getCatalog()
isrelated to
. It differs from the more generalDefaultVendorAwareCacheKeyEnhancer.enhanceCacheKeyWithVendorConsiderations(ObjectNode, ContextInfo)
method, since it can actually be more optimized by the fact that we know exactly which vendor ref the authentication is attempting to access. With this knowledge, we can produce a cache key purely based on authorities which have been granted to the authentication for the requested vendor. This is better, since it means authentications with different sets of vendors for each authority will still ultimately produce the same cache key as long as the authorities for the requested vendor match.- Specified by:
enhanceCacheKeyWithVendorConsiderations
in interfaceVendorAwareCacheKeyEnhancer
- Overrides:
enhanceCacheKeyWithVendorConsiderations
in classDefaultVendorAwareCacheKeyEnhancer
- Parameters:
cacheKey
- the cache key object on which to add any vendor privilege considerationscontextInfo
- the context info supplied to the operation being cached. If this is an "application" request, then the optimizations of this method will be skipped andDefaultVendorAwareCacheKeyEnhancer.enhanceCacheKeyWithVendorConsiderations(ObjectNode, ContextInfo)
will be called instead.
-
addPropertiesToCacheKey
protected void addPropertiesToCacheKey(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedCatalogVendorRef, com.fasterxml.jackson.databind.node.ObjectNode cacheKey) -
getRestrictedAuthoritiesGrantedToRequestedVendor
protected Set<String> getRestrictedAuthoritiesGrantedToRequestedVendor(Set<String> currentRequiredPolicyRoots, AuthenticationVendorPrivilegesSummary vendorPrivilegesSummary, String requestedVendor) Caching will pretty much only ever be used on read operations, but we can't just filter to vendor restrictions matching the current policy requirements since theContextStateBuilder
's mutability check to setContextState.getMutable()
will perform policy validation against _updates_ as well. Thus, to be safe, we will include all restricted authorities sharing the same _root_ as the current policy requirements.Furthermore, since
requestedVendor
is known, we can further optimize to only return the authorities which the authentication has been granted for that vendor. This means even authentications with different sets of vendors for each authority will still ultimately produce the same cache key as long as the authorities for the requested vendor match.This should eliminate irrelevant roots from the cache key (preventing unnecessarily unique keys) while protecting against a situation where an authentication with READ_* sees the same mutability as an authentication with READ_* and UPDATE_*.
- Parameters:
currentRequiredPolicyRoots
- the permission roots required by the current policy requirements. Authorities will be filtered to only include those matching these roots.vendorPrivilegesSummary
- the summary of vendor privileges granted to the current authenticationrequestedVendor
- the vendorRef of the vendor in which which data is being requested- Returns:
- a set containing all of the relevant
restricted authorities
matching the required policy roots which have been granted for the requested vendor
-