001// -------------------------------------------------------------------------------- 002// Copyright 2002-2025 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.control.user.security.server.command; 018 019import com.echothree.control.user.security.common.form.CheckSecurityRolesForm; 020import com.echothree.control.user.security.common.result.SecurityResultFactory; 021import com.echothree.model.control.security.server.logic.SecurityRoleLogic; 022import com.echothree.model.data.user.common.pk.UserVisitPK; 023import com.echothree.util.common.message.ExecutionErrors; 024import com.echothree.util.common.validation.FieldDefinition; 025import com.echothree.util.common.validation.FieldType; 026import com.echothree.util.common.command.BaseResult; 027import com.echothree.util.server.control.BaseSimpleCommand; 028import com.google.common.base.Splitter; 029import java.util.Arrays; 030import java.util.Collections; 031import java.util.List; 032import javax.enterprise.context.RequestScoped; 033 034@RequestScoped 035public class CheckSecurityRolesCommand 036 extends BaseSimpleCommand<CheckSecurityRolesForm> { 037 038 private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS; 039 040 static { 041 FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList( 042 new FieldDefinition("SecurityRoles", FieldType.STRING, true, 1L, null) 043 )); 044 } 045 046 /** Creates a new instance of CheckSecurityRolesCommand */ 047 public CheckSecurityRolesCommand() { 048 super(null, FORM_FIELD_DEFINITIONS, false); 049 } 050 051 @Override 052 protected BaseResult execute() { 053 var result = SecurityResultFactory.getCheckSecurityRolesResult(); 054 var userVisit = getUserVisit(); 055 var resultSecurityRoles = new StringBuilder(); 056 057 if(userVisit != null) { 058 var userKeyDetail = userVisit.getUserKey().getLastDetail(); 059 var party = userKeyDetail.getParty(); 060 061 if(party != null) { 062 var securityRoleLogic = SecurityRoleLogic.getInstance(); 063 var formSecurityRoles = form.getSecurityRoles(); 064 var securityRolesToCheck = Splitter.on(':').trimResults().omitEmptyStrings().splitToList(formSecurityRoles).toArray(new String[0]); 065 var securityRolesToCheckLength = securityRolesToCheck.length; 066 067 for(var i = 0; i < securityRolesToCheckLength; i++) { 068 var securityRoleToCheck = Splitter.on('.').trimResults().omitEmptyStrings().splitToList(securityRolesToCheck[i]).toArray(new String[0]); 069 var securityRoleToCheckLength = securityRoleToCheck.length; 070 071 if(securityRoleToCheckLength == 2) { 072 if(securityRoleLogic.hasSecurityRoleUsingNames(null, party, securityRoleToCheck[0], securityRoleToCheck[1])) { 073 if(resultSecurityRoles.length() > 0) { 074 resultSecurityRoles.append(':'); 075 } 076 resultSecurityRoles.append(securityRolesToCheck[i]); 077 } 078 } else { 079 addExecutionError(ExecutionErrors.InvalidSecurityRoleToCheckFormat.name(), securityRolesToCheck[i]); 080 } 081 } 082 } 083 } 084 085 result.setSecurityRoles(resultSecurityRoles.toString()); 086 087 return result; 088 } 089 090}