Uses of Class
com.broadleafcommerce.data.tracking.core.policy.PolicyResponse
Package
Description
-
Uses of PolicyResponse in com.broadleafcommerce.data.tracking.core.policy
Modifier and TypeFieldDescriptionstatic final PolicyResponse
PolicyResponse.NOT_MUTABLE
static final PolicyResponse
PolicyResponse.NOT_PERMITTED
static final PolicyResponse
PolicyResponse.NOT_VISIBLE
static final PolicyResponse
PolicyResponse.VALID
Modifier and TypeMethodDescriptionPolicyResponse.log()
PolicyResponse.trace()
PolicyEvaluator.validate
(Map<Integer, Object> methodParams, PolicyInformation policy, ContextInfo contextInfo, OperationType operationType) Validate security context required to execute a method annotated withPolicy
.default PolicyResponse
PolicyUtils.validatePermissions
(String[] permissions, ContextInfo contextInfo) Determine if the current security context (e.g.PolicyEvaluator.validateReadOutput
(Object output, PolicyInformation policy) Validate the output of a read method for methods annotated with a Policy of theIdentityType.OWNER
type and a matching user of the owner type (seeTrackablePolicyUtils#isOwnerUser()
).PolicyResponse.with
(String reason, Map<String, Object> authenticationDetails, ContextInfo contextInfo) PolicyResponse.with
(String reason, Map<String, Object> authenticationDetails, org.apache.commons.lang3.tuple.Pair<String, String>... keyValue) Modifier and TypeMethodDescriptionprotected void
DefaultPolicyAspectProcessor.notify
(PolicyResponse policyResponse) Raise an exception for a failedPolicyResponse
-
Uses of PolicyResponse in com.broadleafcommerce.data.tracking.core.policy.trackable
Modifier and TypeMethodDescriptionprotected PolicyResponse
DefaultTrackablePolicyUtils.invalidPolicyResponse
(PolicyResponse response, String reason, ContextInfo contextInfo) protected PolicyResponse
DefaultTrackablePolicyUtils.invalidPolicyResponse
(PolicyResponse response, String reason, org.apache.commons.lang3.tuple.Pair<String, String>... details) TrackableEntityPolicyEvaluator.validate
(Map<Integer, Object> methodParams, PolicyInformation policy, ContextInfo contextInfo, OperationType operationType) protected PolicyResponse
DefaultTrackablePolicyUtils.validateApplicationCatalogUpdate
(@NonNull Trackable entity, @NonNull Application application) If a catalog discriminated entity, validate that the current user is capable of updating an entity via the catalogs visible to the current application.protected PolicyResponse
DefaultTrackablePolicyUtils.validateApplicationUpdate
(@NonNull Trackable entity, @NonNull Application application) If an application discriminated entity, validate that the current user is capable of updating an entity via the application requested in the context.DefaultTrackablePolicyUtils.validateContext
(ContextInfo contextInfo) DefaultTrackablePolicyUtils.validateContext
(ContextInfo contextInfo, String[] requiredPermissionRoots, PermissionMatchingStrategy permissionMatchingStrategy, OperationType operationType) TrackablePolicyUtils.validateContext
(ContextInfo contextInfo) Review theContextInfo
parameter for valid tenant user membership and valid catalog visibility based on the currentAuthentication
and requested tenant information in the contextInfo.TrackablePolicyUtils.validateContext
(ContextInfo contextInfo, String[] requiredPermissionRoots, PermissionMatchingStrategy permissionMatchingStrategy, OperationType operationType) Review theContextInfo
parameter for valid tenant user membership and valid catalog visibility based on the currentAuthentication
and requested tenant information in the contextInfo.DefaultTrackablePolicyUtils.validateDelete
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) TrackablePolicyUtils.validateDelete
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before deleting (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.protected PolicyResponse
DefaultTrackablePolicyUtils.validateEntityOperation
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType) protected PolicyResponse
DefaultTrackablePolicyUtils.validateEntityUpdate
(Trackable entity, @NonNull ContextInfo contextInfo) Check update validity for a given entity instanceprotected PolicyResponse
DefaultTrackablePolicyUtils.validateEntityUpdateForTenantFactors
(Trackable entity, Application application, String tenantId, TrackableBehaviorPackage behavior) protected PolicyResponse
DefaultTrackablePolicyUtils.validateGlobalMutateToInheritedCatalog
(Trackable entity, ContextInfo contextInfo) protected PolicyResponse
DefaultTrackablePolicyUtils.validateGlobalUpdateToHiddenCatalog
(Trackable entity) DefaultTrackablePolicyUtils.validateInsert
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) TrackablePolicyUtils.validateInsert
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before inserting (if catalog discrimination is in play and the current entity is catalog discriminatable) that the current catalog target for insertion is mutable.protected PolicyResponse
DefaultTrackablePolicyUtils.validateOperation
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) protected PolicyResponse
DefaultTrackablePolicyUtils.validateOperation
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType) DefaultTrackablePolicyUtils.validateOther
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) TrackablePolicyUtils.validateOther
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before misc operation, the required permission is availableDefaultTrackablePolicyUtils.validateOwner
(Object test, IdentityType[] identityTypes, String ownerIdentifier) TrackablePolicyUtils.validateOwner
(Object test, IdentityType[] identityTypes, String ownerIdentifier) Validate the object against the currently logged in user.DefaultTrackablePolicyUtils.validatePermission
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) DefaultTrackablePolicyUtils.validatePermission
(String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType, ContextInfo contextInfo) TrackablePolicyUtils.validatePermission
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate the permission against the granted authorities of the currentAuthentication
.TrackablePolicyUtils.validatePermission
(String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType, ContextInfo contextInfo) Validate the permission against the granted authorities of the currentAuthentication
.DefaultTrackablePolicyUtils.validateRead
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) TrackablePolicyUtils.validateRead
(ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before reading, the required permission is available.TrackableEntityPolicyEvaluator.validateReadOutput
(Object output, PolicyInformation policy) protected PolicyResponse
TrackableEntityPolicyEvaluator.validateRequestedOperation
(Map<Integer, Object> methodParams, PolicyInformation policy, ContextInfo contextInfo, OperationType operationType, TrackablePolicyUtils trackablePolicyUtils) protected PolicyResponse
DefaultTrackablePolicyUtils.validateTenantUpdate
(@NonNull Trackable entity, String tenantId) DefaultTrackablePolicyUtils.validateUpdate
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) TrackablePolicyUtils.validateUpdate
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) Validate that before updating (if the catalog discrimination is in play) that the item's catalog is both visible to the current application, and mutable.Modifier and TypeMethodDescriptionprotected PolicyResponse
DefaultTrackablePolicyUtils.invalidPolicyResponse
(PolicyResponse response, String reason, ContextInfo contextInfo) protected PolicyResponse
DefaultTrackablePolicyUtils.invalidPolicyResponse
(PolicyResponse response, String reason, org.apache.commons.lang3.tuple.Pair<String, String>... details) -
Uses of PolicyResponse in com.broadleafcommerce.data.tracking.core.policy.trackable.marketplace.vendor
Modifier and TypeMethodDescriptionVendorAwareTrackablePolicyUtils.validateContext
(ContextInfo contextInfo) VendorAwareTrackablePolicyUtils.validateContext
(ContextInfo contextInfo, String[] requiredPermissionRoots, PermissionMatchingStrategy permissionMatchingStrategy, OperationType operationType) Performs similar validation toDefaultTrackablePolicyUtils.validateContext(ContextInfo, String[], PermissionMatchingStrategy, OperationType)
, but also considers whether the catalog in thecontextInfo
is visible by the current authentication's vendor restrictions.protected PolicyResponse
VendorAwareTrackablePolicyUtils.validateEntityMutableByCurrentVendorRestrictions
(Trackable entity, ContextInfo contextInfo, String[] requiredPermissionRoots, PermissionMatchingStrategy permissionMatchingStrategy, OperationType operationType) Checks whether the givenentity
being mutated is actually mutable given the current authentication's vendor privileges and provided policy requirements.protected PolicyResponse
VendorAwareTrackablePolicyUtils.validateEntityOperation
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType) This is the method used byDefaultTrackablePolicyUtils.validateUpdate(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
andDefaultTrackablePolicyUtils.validateDelete(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
to validate an entity can be updated/deleted by the current authentication, so it is overridden here to add consideration for vendor restrictions.VendorAwareTrackablePolicyUtils.validateInsert
(Trackable entity, ContextInfo contextInfo, String[] permissionRoots, PermissionMatchingStrategy strategy) OverridesDefaultTrackablePolicyUtils.validateInsert(Trackable, ContextInfo, String[], PermissionMatchingStrategy)
to add behavior that checks whether the entity can be inserted by the current authentication's vendor restrictions.VendorAwareTrackablePolicyUtils.validatePermission
(String[] permissionRoots, PermissionMatchingStrategy strategy, OperationType operationType, ContextInfo contextInfo) OverridesDefaultTrackablePolicyUtils.validatePermission(String[], PermissionMatchingStrategy, OperationType, ContextInfo)
to give special consideration to vendor restrictions and vendor-restricted authorities.VendorAwareTrackablePolicyUtils.validatePermissions
(String[] permissions, ContextInfo contextInfo) Overridden fromPolicyUtils.validatePermissions(String[], ContextInfo)
to give special consideration to vendor restrictions and vendor-restricted authorities.