Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2025 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.control.user.payment.server.command;
018
019import com.echothree.control.user.payment.common.form.DeletePartyPaymentMethodForm;
020import com.echothree.model.control.party.common.PartyTypes;
021import com.echothree.model.control.payment.server.control.PartyPaymentMethodControl;
022import com.echothree.model.control.payment.server.logic.PartyPaymentMethodLogic;
023import com.echothree.model.control.security.common.SecurityRoleGroups;
024import com.echothree.model.control.security.common.SecurityRoles;
025import com.echothree.model.data.user.common.pk.UserVisitPK;
026import com.echothree.util.common.command.BaseResult;
027import com.echothree.util.common.command.SecurityResult;
028import com.echothree.util.common.validation.FieldDefinition;
029import com.echothree.util.common.validation.FieldType;
030import com.echothree.util.server.control.BaseSimpleCommand;
031import com.echothree.util.server.control.CommandSecurityDefinition;
032import com.echothree.util.server.control.PartyTypeDefinition;
033import com.echothree.util.server.control.SecurityRoleDefinition;
034import com.echothree.util.server.persistence.Session;
035import java.util.Arrays;
036import java.util.Collections;
037import java.util.List;
038import javax.enterprise.context.RequestScoped;
039
040@RequestScoped
041public class DeletePartyPaymentMethodCommand
042        extends BaseSimpleCommand<DeletePartyPaymentMethodForm> {
043    
044    private final static CommandSecurityDefinition COMMAND_SECURITY_DEFINITION;
045    private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS;
046    
047    static {
048        COMMAND_SECURITY_DEFINITION = new CommandSecurityDefinition(Collections.unmodifiableList(Arrays.asList(
049                new PartyTypeDefinition(PartyTypes.UTILITY.name(), null),
050                new PartyTypeDefinition(PartyTypes.CUSTOMER.name(), null),
051                new PartyTypeDefinition(PartyTypes.EMPLOYEE.name(), Collections.unmodifiableList(Arrays.asList(
052                        new SecurityRoleDefinition(SecurityRoleGroups.PartyPaymentMethod.name(), SecurityRoles.Delete.name())
053                        )))
054                )));
055
056        FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList(
057                new FieldDefinition("PartyPaymentMethodName", FieldType.ENTITY_NAME, true, null, null)
058                ));
059    }
060    
061    /** Creates a new instance of DeletePartyPaymentMethodCommand */
062    public DeletePartyPaymentMethodCommand() {
063        super(COMMAND_SECURITY_DEFINITION, FORM_FIELD_DEFINITIONS, false);
064    }
065
066    @Override
067    protected SecurityResult security() {
068        // Execute the standard security check using COMMAND_SECURITY_DEFINITION.
069        var securityResult = super.security();
070
071        // If that passed, continue checking the executing Party vs. the Party owning the
072        // PartyPaymentMethod.
073        if(securityResult == null) {
074            var party = getParty();
075            var partyTypeName = party.getLastDetail().getPartyType().getPartyTypeName();
076
077            // If the executing Party is a CUSTOMER...
078            if(partyTypeName.equals(PartyTypes.CUSTOMER.name())) {
079                var partyPaymentMethodControl = Session.getModelController(PartyPaymentMethodControl.class);
080                var partyPaymentMethodName = form.getPartyPaymentMethodName();
081                var partyPaymentMethod = partyPaymentMethodControl.getPartyPaymentMethodByNameForUpdate(partyPaymentMethodName);
082
083                if(partyPaymentMethod != null) {
084                    // ...and the PartyPaymentMethod isn't for the executing Party, return an
085                    // InsufficientSecurity error.
086                    if(!partyPaymentMethod.getLastDetail().getParty().equals(party)) {
087                        securityResult = getInsufficientSecurityResult();
088                    }
089                }
090            }
091        }
092
093        return securityResult;
094    }
095
096    @Override
097    protected BaseResult execute() {
098        var partyPaymentMethodName = form.getPartyPaymentMethodName();
099
100        PartyPaymentMethodLogic.getInstance().deletePartyPaymentMethod(this, partyPaymentMethodName, getPartyPK());
101
102        return null;
103    }
104    
105}