Class SearchCatalogAccessPolicyUtils
java.lang.Object
com.broadleafcommerce.search.core.utils.SearchCatalogAccessPolicyUtils
-
Constructor Summary
ConstructorsConstructorDescriptionSearchCatalogAccessPolicyUtils(com.broadleafcommerce.common.extension.TypeFactory typeFactory, com.broadleafcommerce.search.autoconfigure.SearchCatalogAccessPolicyProperties searchCatalogAccessPolicyProperties, com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils authenticationUtils) -
Method Summary
Modifier and TypeMethodDescriptioncom.broadleafcommerce.search.api.domain.accesspolicy.SearchCatalogAccessPolicyContextbuildSearchCatalogAccessPolicyContext(jakarta.servlet.http.HttpServletRequest webRequest) Retrieves the additional auth claims that should be placed on theSearchCatalogAccessPolicyContextthat theCatalogAccessPoliciesare evaluated against.protected com.broadleafcommerce.resource.security.utils.service.AuthenticationUtilsjakarta.servlet.http.HttpServletRequestgetRequestAttributes(jakarta.servlet.http.HttpServletRequest webRequest) Retrieves the request attributes that should be placed on theSearchCatalogAccessPolicyContextthat theSearchCatalogAccessPoliciesare evaluated against.protected com.broadleafcommerce.search.autoconfigure.SearchCatalogAccessPolicyPropertiesprotected com.broadleafcommerce.common.extension.TypeFactorybooleanChecks if the authenticated caller is one of the whitelisted microservices allowed to bypass Catalog Access Policy restrictions due to not being commerce-facing.
-
Constructor Details
-
SearchCatalogAccessPolicyUtils
public SearchCatalogAccessPolicyUtils(com.broadleafcommerce.common.extension.TypeFactory typeFactory, com.broadleafcommerce.search.autoconfigure.SearchCatalogAccessPolicyProperties searchCatalogAccessPolicyProperties, com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils authenticationUtils)
-
-
Method Details
-
buildSearchCatalogAccessPolicyContext
public com.broadleafcommerce.search.api.domain.accesspolicy.SearchCatalogAccessPolicyContext buildSearchCatalogAccessPolicyContext(@Nullable jakarta.servlet.http.HttpServletRequest webRequest) -
getRequestAttributes
public Map<String,Object> getRequestAttributes(@Nullable jakarta.servlet.http.HttpServletRequest webRequest) Retrieves the request attributes that should be placed on theSearchCatalogAccessPolicyContextthat theSearchCatalogAccessPoliciesare evaluated against.- Parameters:
webRequest- The incoming web request.- Returns:
- The request attributes that should be placed on the
SearchCatalogAccessPolicyContextthat theSearchCatalogAccessPoliciesare evaluated against.
-
getAdditionalClaims
Retrieves the additional auth claims that should be placed on theSearchCatalogAccessPolicyContextthat theCatalogAccessPoliciesare evaluated against.- Returns:
- The additional auth claims that should be placed on the
SearchCatalogAccessPolicyContextthat theCatalogAccessPoliciesare evaluated against.
-
getCurrentHttpRequest
@Nullable public jakarta.servlet.http.HttpServletRequest getCurrentHttpRequest() -
isCallerWhitelistedService
public boolean isCallerWhitelistedService()Checks if the authenticated caller is one of the whitelisted microservices allowed to bypass Catalog Access Policy restrictions due to not being commerce-facing. This is used for bulk operations by default since those are triggered by admins.- Returns:
- Whether the authenticated caller is whitelisted to bypass Catalog Access Policies.
- See Also:
-
SearchCatalogAccessPolicyProperties.getWhitelistedServiceCallers()
-
getTypeFactory
protected com.broadleafcommerce.common.extension.TypeFactory getTypeFactory() -
getSearchCatalogAccessPolicyProperties
protected com.broadleafcommerce.search.autoconfigure.SearchCatalogAccessPolicyProperties getSearchCatalogAccessPolicyProperties() -
getAuthenticationUtils
protected com.broadleafcommerce.resource.security.utils.service.AuthenticationUtils getAuthenticationUtils()
-