Package com.broadleafcommerce.paymenttransaction.service.validation

Class DefaultSavedPaymentMethodAccessValidationService

java.lang.Object
com.broadleafcommerce.paymenttransaction.service.validation.DefaultSavedPaymentMethodAccessValidationService
All Implemented Interfaces:
SavedPaymentMethodAccessValidationService
public class DefaultSavedPaymentMethodAccessValidationService extends Object implements SavedPaymentMethodAccessValidationService
Default implementation of SavedPaymentMethodAccessValidationService.
Author:
Sunny Yu

  • Field Details

  • Constructor Details

    • DefaultSavedPaymentMethodAccessValidationService

      public DefaultSavedPaymentMethodAccessValidationService(SavedPaymentMethodManagementService savedPaymentMethodManagementService)

  • Method Details

    • validateSavedPaymentMethodOwnership

      public void validateSavedPaymentMethodOwnership(@NonNull @NonNull String savedPaymentId, @NonNull @NonNull CustomerRef customerRef, @Nullable com.broadleafcommerce.data.tracking.core.context.ContextInfo context)
      Description copied from interface: SavedPaymentMethodAccessValidationService
      Validates access to the saved payment method based on the passed in context.

      This ensures that the given saved payment method being accessed by the given CustomerRef has the correct ownership.

      Specified by:
      validateSavedPaymentMethodOwnership in interface SavedPaymentMethodAccessValidationService
      Parameters:
      savedPaymentId - the id of the saved payment method requiring access
      customerRef - the CustomerRef to validate against
      context - context information surrounding multitenant state
      See Also:

    • validateOwnershipMatchWithPayment

      public void validateOwnershipMatchWithPayment(@NonNull @NonNull OwnershipSummary savedPaymentOwnership, @NonNull @NonNull Payment payment)
      Description copied from interface: SavedPaymentMethodAccessValidationService
      Validates the ownership of the saved payment method matches the ownership of the given Payment.

      This ensures the owning user of the Payment matches with the owning user of the saved payment method.

      Specified by:
      validateOwnershipMatchWithPayment in interface SavedPaymentMethodAccessValidationService
      Parameters:
      savedPaymentOwnership - the OwnershipSummary of the saved payment method
      payment - the Payment to validate the ownership against

    • validatePaymentOwnershipForAccount

      protected void validatePaymentOwnershipForAccount(@NonNull @NonNull OwnershipSummary savedPaymentOwnership, @NonNull @NonNull Payment payment)
      Validates that the Payment is in the same account hierarchy as the SavedPaymentMethod it was created from.
      • The saved payment must be visible to sub-accounts.
      • The current user's account must be the same or a descendent of the saved payment's owning account.
      • The payment's owner must be the current user's account or an ancestor of it.
      Parameters:
      savedPaymentOwnership - Details about the ownership of the SavedPaymentMethod that produced the payment.
      payment - The Payment to validate.

    • getSavedPaymentMethodManagementService

      protected SavedPaymentMethodManagementService getSavedPaymentMethodManagementService()

    • setAuthenticationUtils

      @Autowired public void setAuthenticationUtils(com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils authenticationUtils)

    • getAuthenticationUtils

      protected com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils getAuthenticationUtils()