Class DefaultSavedPaymentMethodAccessValidationService
java.lang.Object
com.broadleafcommerce.paymenttransaction.service.validation.DefaultSavedPaymentMethodAccessValidationService
- All Implemented Interfaces:
SavedPaymentMethodAccessValidationService
public class DefaultSavedPaymentMethodAccessValidationService
extends Object
implements SavedPaymentMethodAccessValidationService
Default implementation of
SavedPaymentMethodAccessValidationService
.- Author:
- Sunny Yu
-
Field Summary
-
Constructor Summary
ConstructorDescriptionDefaultSavedPaymentMethodAccessValidationService
(SavedPaymentMethodManagementService savedPaymentMethodManagementService) -
Method Summary
Modifier and TypeMethodDescriptionprotected com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils
protected SavedPaymentMethodManagementService
void
setAuthenticationUtils
(com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils authenticationUtils) void
validateOwnershipMatchWithPayment
(@NonNull OwnershipSummary savedPaymentOwnership, @NonNull Payment payment) Validates the ownership of the saved payment method matches the ownership of the givenPayment
.protected void
validatePaymentOwnershipForAccount
(@NonNull OwnershipSummary savedPaymentOwnership, @NonNull Payment payment) Validates that thePayment
is in the same account hierarchy as theSavedPaymentMethod
it was created from.void
validateSavedPaymentMethodOwnership
(@NonNull String savedPaymentId, @NonNull CustomerRef customerRef, com.broadleafcommerce.data.tracking.core.context.ContextInfo context) Validates access to the saved payment method based on the passed in context.
-
Field Details
-
ANONYMOUS_AUTHENTICATION_FAILURE
- See Also:
-
CUSTOMER_AUTHENTICATION_FAILURE
- See Also:
-
ACCOUNT_AUTHENTICATION_FAILURE
- See Also:
-
UNSUPPORTED_OWNER_TYPE
- See Also:
-
OWNERSHIP_MISMATCH
- See Also:
-
-
Constructor Details
-
DefaultSavedPaymentMethodAccessValidationService
public DefaultSavedPaymentMethodAccessValidationService(SavedPaymentMethodManagementService savedPaymentMethodManagementService)
-
-
Method Details
-
validateSavedPaymentMethodOwnership
public void validateSavedPaymentMethodOwnership(@NonNull @NonNull String savedPaymentId, @NonNull @NonNull CustomerRef customerRef, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo context) Description copied from interface:SavedPaymentMethodAccessValidationService
Validates access to the saved payment method based on the passed in context.This ensures that the given saved payment method being accessed by the given
CustomerRef
has the correct ownership.- Specified by:
validateSavedPaymentMethodOwnership
in interfaceSavedPaymentMethodAccessValidationService
- Parameters:
savedPaymentId
- the id of the saved payment method requiring accesscustomerRef
- theCustomerRef
to validate againstcontext
- context information surrounding multitenant state- See Also:
-
validateOwnershipMatchWithPayment
public void validateOwnershipMatchWithPayment(@NonNull @NonNull OwnershipSummary savedPaymentOwnership, @NonNull @NonNull Payment payment) Description copied from interface:SavedPaymentMethodAccessValidationService
Validates the ownership of the saved payment method matches the ownership of the givenPayment
.This ensures the owning user of the
Payment
matches with the owning user of the saved payment method.- Specified by:
validateOwnershipMatchWithPayment
in interfaceSavedPaymentMethodAccessValidationService
- Parameters:
savedPaymentOwnership
- theOwnershipSummary
of the saved payment methodpayment
- thePayment
to validate the ownership against
-
validatePaymentOwnershipForAccount
protected void validatePaymentOwnershipForAccount(@NonNull @NonNull OwnershipSummary savedPaymentOwnership, @NonNull @NonNull Payment payment) Validates that thePayment
is in the same account hierarchy as theSavedPaymentMethod
it was created from.- The saved payment must be visible to sub-accounts.
- The current user's account must be the same or a descendent of the saved payment's owning account.
- The payment's owner must be the current user's account or an ancestor of it.
- Parameters:
savedPaymentOwnership
- Details about the ownership of theSavedPaymentMethod
that produced thepayment
.payment
- ThePayment
to validate.
-
getSavedPaymentMethodManagementService
-
setAuthenticationUtils
@Autowired public void setAuthenticationUtils(com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils authenticationUtils) -
getAuthenticationUtils
protected com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils getAuthenticationUtils()
-