Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2024 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.model.control.party.server.graphql;
018
019import com.echothree.control.user.customer.common.CustomerUtil;
020import com.echothree.control.user.customer.server.command.GetCustomerCommand;
021import com.echothree.control.user.employee.common.EmployeeUtil;
022import com.echothree.control.user.employee.server.command.GetEmployeeCommand;
023import com.echothree.control.user.party.common.PartyUtil;
024import com.echothree.control.user.party.server.command.GetCompanyCommand;
025import com.echothree.control.user.party.server.command.GetDateTimeFormatCommand;
026import com.echothree.control.user.party.server.command.GetDepartmentCommand;
027import com.echothree.control.user.party.server.command.GetDepartmentsCommand;
028import com.echothree.control.user.party.server.command.GetDivisionCommand;
029import com.echothree.control.user.party.server.command.GetDivisionsCommand;
030import com.echothree.control.user.party.server.command.GetLanguageCommand;
031import com.echothree.control.user.party.server.command.GetPartyAliasCommand;
032import com.echothree.control.user.party.server.command.GetPartyAliasTypeCommand;
033import com.echothree.control.user.party.server.command.GetPartyAliasTypesCommand;
034import com.echothree.control.user.party.server.command.GetPartyAliasesCommand;
035import com.echothree.control.user.party.server.command.GetPartyRelationshipCommand;
036import com.echothree.control.user.party.server.command.GetPartyRelationshipsCommand;
037import com.echothree.control.user.party.server.command.GetPartyTypeCommand;
038import com.echothree.control.user.party.server.command.GetPartyTypesCommand;
039import com.echothree.control.user.party.server.command.GetTimeZoneCommand;
040import com.echothree.control.user.vendor.common.VendorUtil;
041import com.echothree.control.user.vendor.server.command.GetVendorCommand;
042import com.echothree.control.user.warehouse.server.command.GetWarehouseCommand;
043import com.echothree.model.control.graphql.server.util.BaseGraphQl;
044import com.echothree.model.control.party.common.PartyTypes;
045import com.echothree.model.data.party.server.entity.Party;
046import com.echothree.util.common.form.BaseForm;
047import com.echothree.util.server.control.GraphQlSecurityCommand;
048import graphql.schema.DataFetchingEnvironment;
049import javax.naming.NamingException;
050
051public interface PartySecurityUtils {
052
053    static boolean getHasPartyTypeAccess(final DataFetchingEnvironment env) {
054        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyTypeCommand.class);
055    }
056
057    static boolean getHasPartyTypesAccess(final DataFetchingEnvironment env) {
058        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyTypesCommand.class);
059    }
060
061    static boolean getHasPartyAliasTypeAccess(final DataFetchingEnvironment env) {
062        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyAliasTypeCommand.class);
063    }
064
065    static boolean getHasPartyAliasTypesAccess(final DataFetchingEnvironment env) {
066        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyAliasTypesCommand.class);
067    }
068
069    static boolean getHasPartyAliasAccess(final DataFetchingEnvironment env, final Party targetParty) {
070        try {
071            var commandForm = PartyUtil.getHome().getGetPartyAliasForm();
072
073            commandForm.setPartyName(targetParty.getLastDetail().getPartyName());
074
075            return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyAliasCommand.class, commandForm);
076        } catch (NamingException ex) {
077            throw new RuntimeException(ex);
078        }
079    }
080
081    static boolean getHasPartyAliasesAccess(final DataFetchingEnvironment env, final Party targetParty) {
082        try {
083            var commandForm = PartyUtil.getHome().getGetPartyAliasesForm();
084
085            commandForm.setPartyName(targetParty.getLastDetail().getPartyName());
086
087            return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyAliasesCommand.class, commandForm);
088        } catch (NamingException ex) {
089            throw new RuntimeException(ex);
090        }
091    }
092
093    static boolean getHasPartyRelationshipAccess(final DataFetchingEnvironment env) {
094        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyRelationshipCommand.class);
095    }
096
097    static boolean getHasPartyRelationshipsAccess(final DataFetchingEnvironment env) {
098        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetPartyRelationshipsCommand.class);
099    }
100
101    static boolean getHasLanguageAccess(final DataFetchingEnvironment env) {
102        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetLanguageCommand.class);
103    }
104
105    static boolean getHasTimeZoneAccess(final DataFetchingEnvironment env) {
106        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetTimeZoneCommand.class);
107    }
108
109    static boolean getHasDateTimeFormatAccess(final DataFetchingEnvironment env) {
110        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetDateTimeFormatCommand.class);
111    }
112
113    static boolean getHasDivisionsAccess(final DataFetchingEnvironment env) {
114        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetDivisionsCommand.class);
115    }
116
117    static boolean getHasDepartmentsAccess(final DataFetchingEnvironment env) {
118        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(GetDepartmentsCommand.class);
119    }
120
121    static boolean getHasPartyAccess(final DataFetchingEnvironment env, final Party targetParty) {
122        var partyDetail = targetParty.getLastDetail();
123        var partyTypeEnum = PartyTypes.valueOf(partyDetail.getPartyType().getPartyTypeName());
124        Class<? extends GraphQlSecurityCommand> command;
125        BaseForm baseForm = null;
126
127        switch(partyTypeEnum) {
128            case CUSTOMER ->
129            {
130                command = GetCustomerCommand.class;
131
132                // GetCustomerCommand has a security() function that needs the form to be available.
133                try {
134                    var commandForm = CustomerUtil.getHome().getGetCustomerForm();
135
136                    commandForm.setPartyName(partyDetail.getPartyName());
137                    baseForm = commandForm;
138                } catch (NamingException ex) {
139                    throw new RuntimeException(ex);
140                }
141            }
142            case EMPLOYEE ->
143            {
144                command = GetEmployeeCommand.class;
145
146                // GetEmployeeCommand has a security() function that needs the form to be available.
147                try {
148                    var commandForm = EmployeeUtil.getHome().getGetEmployeeForm();
149
150                    commandForm.setPartyName(partyDetail.getPartyName());
151                    baseForm = commandForm;
152                } catch (NamingException ex) {
153                    throw new RuntimeException(ex);
154                }
155            }
156            case VENDOR ->
157            {
158                command = GetVendorCommand.class;
159
160                // GetVendorCommand has a security() function that needs the form to be available.
161                try {
162                    var commandForm = VendorUtil.getHome().getGetVendorForm();
163
164                    commandForm.setPartyName(partyDetail.getPartyName());
165                    baseForm = commandForm;
166                } catch (NamingException ex) {
167                    throw new RuntimeException(ex);
168                }
169            }
170            case COMPANY ->
171            {
172                command = GetCompanyCommand.class;
173            }
174            case DIVISION ->
175            {
176                command = GetDivisionCommand.class;
177            }
178            case DEPARTMENT ->
179            {
180                command = GetDepartmentCommand.class;
181            }
182            case WAREHOUSE ->
183            {
184                command = GetWarehouseCommand.class;
185            }
186            default -> throw new RuntimeException("Unhandled PartyType: " + partyTypeEnum);
187        };
188
189        return BaseGraphQl.getGraphQlExecutionContext(env).hasAccess(command, baseForm);
190    }
191
192}