001// -------------------------------------------------------------------------------- 002// Copyright 2002-2025 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.control.user.authentication.server.command; 018 019import com.echothree.control.user.authentication.common.form.VendorLoginForm; 020import com.echothree.model.control.party.common.PartyTypes; 021import com.echothree.model.control.party.server.logic.LockoutPolicyLogic; 022import com.echothree.model.control.party.server.logic.PartyLogic; 023import com.echothree.model.control.user.server.logic.UserLoginLogic; 024import com.echothree.model.control.vendor.common.workflow.VendorStatusConstants; 025import com.echothree.model.control.workflow.server.logic.WorkflowStepLogic; 026import com.echothree.model.data.user.common.pk.UserVisitPK; 027import com.echothree.util.common.command.BaseResult; 028import com.echothree.util.common.message.ExecutionErrors; 029import com.echothree.util.common.validation.FieldDefinition; 030import com.echothree.util.common.validation.FieldType; 031import java.util.Arrays; 032import java.util.Collections; 033import java.util.List; 034import javax.enterprise.context.RequestScoped; 035 036@RequestScoped 037public class VendorLoginCommand 038 extends BaseLoginCommand<VendorLoginForm> { 039 040 // No COMMAND_SECURITY_DEFINITION, anyone may execute this command. 041 private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS; 042 043 static { 044 FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList( 045 new FieldDefinition("Username", FieldType.STRING, true, 1L, 80L), 046 new FieldDefinition("Password", FieldType.STRING, true, 1L, 40L), 047 new FieldDefinition("RemoteInet4Address", FieldType.INET_4_ADDRESS, false, null, null) 048 )); 049 } 050 051 /** Creates a new instance of VendorLoginCommand */ 052 public VendorLoginCommand() { 053 super(null, FORM_FIELD_DEFINITIONS); 054 } 055 056 @Override 057 protected BaseResult execute() { 058 var userLogin = UserLoginLogic.getInstance().getUserLoginByUsername(this, form.getUsername()); 059 060 if(!hasExecutionErrors()) { 061 var party = userLogin.getParty(); 062 var partyDetail = party.getLastDetail(); 063 064 PartyLogic.getInstance().checkPartyType(this, party, PartyTypes.VENDOR.name()); 065 066 if(!hasExecutionErrors()) { 067 var userControl = getUserControl(); 068 var userLoginStatus = userControl.getUserLoginStatusForUpdate(party); 069 070 if(!WorkflowStepLogic.getInstance().isEntityInWorkflowSteps(this, VendorStatusConstants.Workflow_VENDOR_STATUS, party, 071 VendorStatusConstants.WorkflowStep_ACTIVE).isEmpty()) { 072 LockoutPolicyLogic.getInstance().checkUserLogin(session, this, party, userLoginStatus); 073 074 if(!hasExecutionErrors()) { 075 if(checkPasswords(userLoginStatus, form.getPassword(), party, true)) { 076 var strRemoteInet4Address = form.getRemoteInet4Address(); 077 var remoteInet4Address = strRemoteInet4Address == null ? null : Integer.valueOf(form.getRemoteInet4Address()); 078 079 successfulLogin(userLoginStatus, party, null, remoteInet4Address); 080 } 081 } 082 } else { 083 addExecutionError(ExecutionErrors.VendorNotActive.name(), partyDetail.getPartyName()); 084 } 085 086 if(hasExecutionErrors()) { 087 unsuccessfulLogin(userLoginStatus); 088 } 089 } 090 } 091 092 return null; 093 } 094 095}