001// -------------------------------------------------------------------------------- 002// Copyright 2002-2024 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.control.user.security.server.command; 018 019import com.echothree.control.user.security.common.form.CheckSecurityRolesForm; 020import com.echothree.control.user.security.common.result.CheckSecurityRolesResult; 021import com.echothree.control.user.security.common.result.SecurityResultFactory; 022import com.echothree.model.control.security.server.logic.SecurityRoleLogic; 023import com.echothree.model.data.party.server.entity.Party; 024import com.echothree.model.data.user.common.pk.UserVisitPK; 025import com.echothree.model.data.user.server.entity.UserKeyDetail; 026import com.echothree.model.data.user.server.entity.UserVisit; 027import com.echothree.util.common.message.ExecutionErrors; 028import com.echothree.util.common.validation.FieldDefinition; 029import com.echothree.util.common.validation.FieldType; 030import com.echothree.util.common.command.BaseResult; 031import com.echothree.util.server.control.BaseSimpleCommand; 032import com.google.common.base.Splitter; 033import java.util.Arrays; 034import java.util.Collections; 035import java.util.List; 036 037public class CheckSecurityRolesCommand 038 extends BaseSimpleCommand<CheckSecurityRolesForm> { 039 040 private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS; 041 042 static { 043 FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList( 044 new FieldDefinition("SecurityRoles", FieldType.STRING, true, 1L, null) 045 )); 046 } 047 048 /** Creates a new instance of CheckSecurityRolesCommand */ 049 public CheckSecurityRolesCommand(UserVisitPK userVisitPK, CheckSecurityRolesForm form) { 050 super(userVisitPK, form, null, FORM_FIELD_DEFINITIONS, false); 051 } 052 053 @Override 054 protected BaseResult execute() { 055 CheckSecurityRolesResult result = SecurityResultFactory.getCheckSecurityRolesResult(); 056 UserVisit userVisit = getUserVisit(); 057 StringBuilder resultSecurityRoles = new StringBuilder(); 058 059 if(userVisit != null) { 060 UserKeyDetail userKeyDetail = userVisit.getUserKey().getLastDetail(); 061 Party party = userKeyDetail.getParty(); 062 063 if(party != null) { 064 SecurityRoleLogic securityRoleLogic = SecurityRoleLogic.getInstance(); 065 String formSecurityRoles = form.getSecurityRoles(); 066 String []securityRolesToCheck = Splitter.on(':').trimResults().omitEmptyStrings().splitToList(formSecurityRoles).toArray(new String[0]); 067 int securityRolesToCheckLength = securityRolesToCheck.length; 068 069 for(int i = 0; i < securityRolesToCheckLength; i++) { 070 String []securityRoleToCheck = Splitter.on('.').trimResults().omitEmptyStrings().splitToList(securityRolesToCheck[i]).toArray(new String[0]); 071 int securityRoleToCheckLength = securityRoleToCheck.length; 072 073 if(securityRoleToCheckLength == 2) { 074 if(securityRoleLogic.hasSecurityRoleUsingNames(null, party, securityRoleToCheck[0], securityRoleToCheck[1])) { 075 if(resultSecurityRoles.length() > 0) { 076 resultSecurityRoles.append(':'); 077 } 078 resultSecurityRoles.append(securityRolesToCheck[i]); 079 } 080 } else { 081 addExecutionError(ExecutionErrors.InvalidSecurityRoleToCheckFormat.name(), securityRolesToCheck[i]); 082 } 083 } 084 } 085 } 086 087 result.setSecurityRoles(resultSecurityRoles.toString()); 088 089 return result; 090 } 091 092}