Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2024 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.model.control.customer.server.graphql;
018
019import com.echothree.control.user.customer.common.CustomerUtil;
020import com.echothree.control.user.customer.server.command.GetCustomerCommand;
021import com.echothree.control.user.customer.server.command.GetCustomerTypeCommand;
022import com.echothree.control.user.customer.server.command.GetCustomerTypesCommand;
023import com.echothree.control.user.customer.server.command.GetCustomersCommand;
024import com.echothree.model.control.graphql.server.util.BaseGraphQl;
025import com.echothree.model.data.party.server.entity.Party;
026import com.echothree.util.common.form.BaseForm;
027import graphql.schema.DataFetchingEnvironment;
028import javax.naming.NamingException;
029
030public interface CustomerSecurityUtils {
031
032    static boolean getHasCustomerTypeAccess(final DataFetchingEnvironment env) {
033        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetCustomerTypeCommand.class);
034    }
035
036    static boolean getHasCustomerTypesAccess(final DataFetchingEnvironment env) {
037        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetCustomerTypesCommand.class);
038    }
039
040    static boolean getHasCustomerAccess(final DataFetchingEnvironment env, final Party party) {
041        var partyDetail = party.getLastDetail();
042        BaseForm baseForm;
043
044        // GetCustomerCommand has a security() function that needs the form to be available.
045        try {
046            var commandForm = CustomerUtil.getHome().getGetCustomerForm();
047
048            commandForm.setPartyName(partyDetail.getPartyName());
049            baseForm = commandForm;
050        } catch (NamingException ex) {
051            throw new RuntimeException(ex);
052        }
053
054        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetCustomerCommand.class, baseForm);
055    }
056
057    static boolean getHasCustomersAccess(final DataFetchingEnvironment env) {
058        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetCustomersCommand.class);
059    }
060
061}