com.broadleafcommerce.tenant.admin.security.service

Class MultiTenantNonSandboxableEntityRowLevelSecurityProvider

java.lang.Object

org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

com.broadleafcommerce.tenant.admin.security.service.MultiTenantNonSandboxableEntityRowLevelSecurityProvider

All Implemented Interfaces:

org.broadleafcommerce.openadmin.server.security.service.RowLevelSecurityProvider

public class MultiTenantNonSandboxableEntityRowLevelSecurityProvider
extends org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

Don't allow edit or delete on a non-Sandboxable entity unless it has a site discriminator equal to the current site

Author:

Jeff Fischer

Field Summary

Fields

Modifier and Type	Field and Description
protected org.broadleafcommerce.common.site.service.SiteService	siteService

Constructor Summary

Constructors

Constructor and Description
MultiTenantNonSandboxableEntityRowLevelSecurityProvider()

Method Summary

Modifier and Type	Method and Description
boolean	canRemove(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser, org.broadleafcommerce.openadmin.dto.Entity entity)
boolean	canUpdate(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser, org.broadleafcommerce.openadmin.dto.Entity entity)
protected boolean	testEntity(org.broadleafcommerce.openadmin.dto.Entity entity, org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)
protected boolean	userHasSitePermissions(Long userSite, org.broadleafcommerce.common.site.domain.Site requestSite)
org.broadleafcommerce.openadmin.server.service.persistence.validation.GlobalValidationResult	validateRemoveRequest(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser, org.broadleafcommerce.openadmin.dto.Entity entity, org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)
org.broadleafcommerce.openadmin.server.service.persistence.validation.GlobalValidationResult	validateUpdateRequest(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser, org.broadleafcommerce.openadmin.dto.Entity entity, org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)

Methods inherited from class org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

addFetchRestrictions, canAdd, getFetchRestrictionRoot, validateAddRequest

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

siteService

protected org.broadleafcommerce.common.site.service.SiteService siteService

Constructor Detail

MultiTenantNonSandboxableEntityRowLevelSecurityProvider

public MultiTenantNonSandboxableEntityRowLevelSecurityProvider()

Method Detail

canUpdate

public boolean canUpdate(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser,
                         org.broadleafcommerce.openadmin.dto.Entity entity)

Specified by:

canUpdate in interface org.broadleafcommerce.openadmin.server.security.service.RowLevelSecurityProvider

Overrides:

canUpdate in class org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

canRemove

public boolean canRemove(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser,
                         org.broadleafcommerce.openadmin.dto.Entity entity)

Specified by:

canRemove in interface org.broadleafcommerce.openadmin.server.security.service.RowLevelSecurityProvider

Overrides:

canRemove in class org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

validateUpdateRequest

public org.broadleafcommerce.openadmin.server.service.persistence.validation.GlobalValidationResult validateUpdateRequest(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser,
                                                                                                                          org.broadleafcommerce.openadmin.dto.Entity entity,
                                                                                                                          org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)

Specified by:

validateUpdateRequest in interface org.broadleafcommerce.openadmin.server.security.service.RowLevelSecurityProvider

Overrides:

validateUpdateRequest in class org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

validateRemoveRequest

public org.broadleafcommerce.openadmin.server.service.persistence.validation.GlobalValidationResult validateRemoveRequest(org.broadleafcommerce.openadmin.server.security.domain.AdminUser currentUser,
                                                                                                                          org.broadleafcommerce.openadmin.dto.Entity entity,
                                                                                                                          org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)

Specified by:

validateRemoveRequest in interface org.broadleafcommerce.openadmin.server.security.service.RowLevelSecurityProvider

Overrides:

validateRemoveRequest in class org.broadleafcommerce.openadmin.server.security.service.AbstractRowLevelSecurityProvider

testEntity

protected boolean testEntity(org.broadleafcommerce.openadmin.dto.Entity entity,
                             org.broadleafcommerce.openadmin.dto.PersistencePackage persistencePackage)

userHasSitePermissions

protected boolean userHasSitePermissions(Long userSite,
                                         org.broadleafcommerce.common.site.domain.Site requestSite)