001// -------------------------------------------------------------------------------- 002// Copyright 2002-2026 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.control.user.security.server.command; 018 019import com.echothree.control.user.security.common.form.CheckSecurityRolesForm; 020import com.echothree.control.user.security.common.result.SecurityResultFactory; 021import com.echothree.model.control.security.server.logic.SecurityRoleLogic; 022import com.echothree.model.data.user.common.pk.UserVisitPK; 023import com.echothree.util.common.message.ExecutionErrors; 024import com.echothree.util.common.validation.FieldDefinition; 025import com.echothree.util.common.validation.FieldType; 026import com.echothree.util.common.command.BaseResult; 027import com.echothree.util.server.control.BaseSimpleCommand; 028import com.google.common.base.Splitter; 029import java.util.List; 030import javax.enterprise.context.Dependent; 031 032@Dependent 033public class CheckSecurityRolesCommand 034 extends BaseSimpleCommand<CheckSecurityRolesForm> { 035 036 private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS; 037 038 static { 039 FORM_FIELD_DEFINITIONS = List.of( 040 new FieldDefinition("SecurityRoles", FieldType.STRING, true, 1L, null) 041 ); 042 } 043 044 /** Creates a new instance of CheckSecurityRolesCommand */ 045 public CheckSecurityRolesCommand() { 046 super(null, FORM_FIELD_DEFINITIONS, false); 047 } 048 049 @Override 050 protected BaseResult execute() { 051 var result = SecurityResultFactory.getCheckSecurityRolesResult(); 052 var userVisit = getUserVisit(); 053 var resultSecurityRoles = new StringBuilder(); 054 055 if(userVisit != null) { 056 var userKeyDetail = userVisit.getUserKey().getLastDetail(); 057 var party = userKeyDetail.getParty(); 058 059 if(party != null) { 060 var securityRoleLogic = SecurityRoleLogic.getInstance(); 061 var formSecurityRoles = form.getSecurityRoles(); 062 var securityRolesToCheck = Splitter.on(':').trimResults().omitEmptyStrings().splitToList(formSecurityRoles).toArray(new String[0]); 063 var securityRolesToCheckLength = securityRolesToCheck.length; 064 065 for(var i = 0; i < securityRolesToCheckLength; i++) { 066 var securityRoleToCheck = Splitter.on('.').trimResults().omitEmptyStrings().splitToList(securityRolesToCheck[i]).toArray(new String[0]); 067 var securityRoleToCheckLength = securityRoleToCheck.length; 068 069 if(securityRoleToCheckLength == 2) { 070 if(securityRoleLogic.hasSecurityRoleUsingNames(null, party, securityRoleToCheck[0], securityRoleToCheck[1])) { 071 if(resultSecurityRoles.length() > 0) { 072 resultSecurityRoles.append(':'); 073 } 074 resultSecurityRoles.append(securityRolesToCheck[i]); 075 } 076 } else { 077 addExecutionError(ExecutionErrors.InvalidSecurityRoleToCheckFormat.name(), securityRolesToCheck[i]); 078 } 079 } 080 } 081 } 082 083 result.setSecurityRoles(resultSecurityRoles.toString()); 084 085 return result; 086 } 087 088}