Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2024 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.control.user.payment.server.command;
018
019import com.echothree.control.user.payment.common.form.DeletePartyPaymentMethodForm;
020import com.echothree.model.control.party.common.PartyTypes;
021import com.echothree.model.control.payment.server.control.PartyPaymentMethodControl;
022import com.echothree.model.control.payment.server.logic.PartyPaymentMethodLogic;
023import com.echothree.model.control.security.common.SecurityRoleGroups;
024import com.echothree.model.control.security.common.SecurityRoles;
025import com.echothree.model.data.user.common.pk.UserVisitPK;
026import com.echothree.util.common.command.BaseResult;
027import com.echothree.util.common.command.SecurityResult;
028import com.echothree.util.common.validation.FieldDefinition;
029import com.echothree.util.common.validation.FieldType;
030import com.echothree.util.server.control.BaseSimpleCommand;
031import com.echothree.util.server.control.CommandSecurityDefinition;
032import com.echothree.util.server.control.PartyTypeDefinition;
033import com.echothree.util.server.control.SecurityRoleDefinition;
034import com.echothree.util.server.persistence.Session;
035import java.util.Arrays;
036import java.util.Collections;
037import java.util.List;
038
039public class DeletePartyPaymentMethodCommand
040        extends BaseSimpleCommand<DeletePartyPaymentMethodForm> {
041    
042    private final static CommandSecurityDefinition COMMAND_SECURITY_DEFINITION;
043    private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS;
044    
045    static {
046        COMMAND_SECURITY_DEFINITION = new CommandSecurityDefinition(Collections.unmodifiableList(Arrays.asList(
047                new PartyTypeDefinition(PartyTypes.UTILITY.name(), null),
048                new PartyTypeDefinition(PartyTypes.CUSTOMER.name(), null),
049                new PartyTypeDefinition(PartyTypes.EMPLOYEE.name(), Collections.unmodifiableList(Arrays.asList(
050                        new SecurityRoleDefinition(SecurityRoleGroups.PartyPaymentMethod.name(), SecurityRoles.Delete.name())
051                        )))
052                )));
053
054        FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList(
055                new FieldDefinition("PartyPaymentMethodName", FieldType.ENTITY_NAME, true, null, null)
056                ));
057    }
058    
059    /** Creates a new instance of DeletePartyPaymentMethodCommand */
060    public DeletePartyPaymentMethodCommand(UserVisitPK userVisitPK, DeletePartyPaymentMethodForm form) {
061        super(userVisitPK, form, COMMAND_SECURITY_DEFINITION, FORM_FIELD_DEFINITIONS, false);
062    }
063
064    @Override
065    protected SecurityResult security() {
066        // Execute the standard security check using COMMAND_SECURITY_DEFINITION.
067        var securityResult = super.security();
068
069        // If that passed, continue checking the executing Party vs. the Party owning the
070        // PartyPaymentMethod.
071        if(securityResult == null) {
072            var party = getParty();
073            var partyTypeName = party.getLastDetail().getPartyType().getPartyTypeName();
074
075            // If the executing Party is a CUSTOMER...
076            if(partyTypeName.equals(PartyTypes.CUSTOMER.name())) {
077                var partyPaymentMethodControl = Session.getModelController(PartyPaymentMethodControl.class);
078                var partyPaymentMethodName = form.getPartyPaymentMethodName();
079                var partyPaymentMethod = partyPaymentMethodControl.getPartyPaymentMethodByNameForUpdate(partyPaymentMethodName);
080
081                if(partyPaymentMethod != null) {
082                    // ...and the PartyPaymentMethod isn't for the executing Party, return an
083                    // InsufficientSecurity error.
084                    if(!partyPaymentMethod.getLastDetail().getParty().equals(party)) {
085                        securityResult = getInsufficientSecurityResult();
086                    }
087                }
088            }
089        }
090
091        return securityResult;
092    }
093
094    @Override
095    protected BaseResult execute() {
096        var partyPaymentMethodName = form.getPartyPaymentMethodName();
097
098        PartyPaymentMethodLogic.getInstance().deletePartyPaymentMethod(this, partyPaymentMethodName, getPartyPK());
099
100        return null;
101    }
102    
103}