-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added more guards for dealing with 'special' authorities scopes
- Loading branch information
1 parent
979be89
commit 6e549d2
Showing
20 changed files
with
371 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
38 changes: 38 additions & 0 deletions
38
src/main/java/com/example/usermanagement/dto/permissions/CreatePermissionDTO.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package com.example.usermanagement.dto.permissions; | ||
|
||
import com.example.usermanagement.entities.Permission; | ||
import com.example.usermanagement.exceptions.InputValidationException; | ||
import com.example.usermanagement.interfaces.dto.IEntityDTO; | ||
import lombok.Getter; | ||
import lombok.NoArgsConstructor; | ||
import lombok.Setter; | ||
|
||
@Getter | ||
@Setter | ||
@NoArgsConstructor | ||
public class CreatePermissionDTO implements IEntityDTO<Permission,Void> { | ||
private String name; | ||
private String scope; | ||
private String description; | ||
|
||
@Override | ||
public Permission toEntity(Void aVoid) { | ||
if(name == null || name.isBlank()) | ||
throw new InputValidationException("Permission name is required"); | ||
if(scope == null || scope.isBlank()) | ||
throw new InputValidationException("Permission scope is required"); | ||
if(!name.matches("[a-zA-Z_]+")) | ||
throw new InputValidationException("Permission name can only contain letters and _ : " + name); | ||
if(!scope.matches("[a-zA-Z_]+")) | ||
throw new InputValidationException("Permission scope can only contain letters and _ : " + scope); | ||
if(scope.equals("special")){ | ||
throw new InputValidationException("Permission scope cannot be 'special'"); | ||
} | ||
|
||
Permission permission = new Permission(); | ||
permission.setName(name); | ||
permission.setScope(scope); | ||
permission.setDescription(description); | ||
return permission; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
81 changes: 81 additions & 0 deletions
81
src/main/java/com/example/usermanagement/events/listeners/MainListener.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
package com.example.usermanagement.events.listeners; | ||
|
||
import com.example.usermanagement.entities.Account; | ||
import com.example.usermanagement.entities.Permission; | ||
import com.example.usermanagement.events.publishers.*; | ||
import com.example.usermanagement.exceptions.IrregularBehaviourException; | ||
import com.example.usermanagement.repositories.AccountRepository; | ||
import com.example.usermanagement.repositories.PermissionRepository; | ||
import lombok.RequiredArgsConstructor; | ||
import org.springframework.context.event.EventListener; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
@RequiredArgsConstructor | ||
public class MainListener { | ||
|
||
private final AccountRepository accountRepository; | ||
private final PermissionRepository permissionRepository; | ||
|
||
@EventListener(AccountEmailVerifiedEvent.class) | ||
public void onAccountEmailVerifiedEvent(AccountEmailVerifiedEvent event) { | ||
// this method is mainly for granting the permissions related to | ||
// having a verified email to the account | ||
String permissionPublicName = "special.perm.verified_email"; | ||
Account account = accountRepository.findByEmail(event.getEmail()).orElseThrow(() -> new IrregularBehaviourException("Account not found")); | ||
Permission permission = permissionRepository.findByPublicName(permissionPublicName).orElseThrow(() -> new IrregularBehaviourException("Permission not found")); | ||
|
||
account.getPermissions().add(permission); | ||
accountRepository.save(account); | ||
} | ||
|
||
@EventListener(AccountBecomeMemberEvent.class) | ||
public void onAccountBecomeMemberEvent(AccountBecomeMemberEvent event) { | ||
// this method is mainly for granting the permissions related to | ||
// being a member to the account | ||
String permissionPublicName = "special.perm.membership"; | ||
Account account = accountRepository.findByEmail(event.getEmail()).orElseThrow(() -> new IrregularBehaviourException("Account not found")); | ||
Permission permission = permissionRepository.findByPublicName(permissionPublicName).orElseThrow(() -> new IrregularBehaviourException("Permission not found")); | ||
|
||
account.getPermissions().add(permission); | ||
accountRepository.save(account); | ||
} | ||
|
||
@EventListener(AccountNoLongerMemberEvent.class) | ||
public void onAccountNoLongerMemberEvent(AccountNoLongerMemberEvent event) { | ||
// this method is mainly for revoking the permissions related to | ||
// being a member from the account | ||
String permissionPublicName = "special.perm.membership"; | ||
Account account = accountRepository.findByEmail(event.getEmail()).orElseThrow(() -> new IrregularBehaviourException("Account not found")); | ||
Permission permission = permissionRepository.findByPublicName(permissionPublicName).orElseThrow(() -> new IrregularBehaviourException("Permission not found")); | ||
|
||
account.getPermissions().remove(permission); | ||
accountRepository.save(account); | ||
} | ||
|
||
@EventListener(AccountIdentityVerifiedEvent.class) | ||
public void onAccountIdentityVerifiedEvent(AccountIdentityVerifiedEvent event) { | ||
// this method is mainly for granting the permissions related to | ||
// having a verified identity to the account | ||
String permissionPublicName = "special.perm.verified_identity"; | ||
Account account = accountRepository.findByEmail(event.getEmail()).orElseThrow(() -> new IrregularBehaviourException("Account not found")); | ||
Permission permission = permissionRepository.findByPublicName(permissionPublicName).orElseThrow(() -> new IrregularBehaviourException("Permission not found")); | ||
|
||
account.getPermissions().add(permission); | ||
accountRepository.save(account); | ||
} | ||
|
||
@EventListener(AccountIdentityUnverifiedEvent.class) | ||
public void onAccountIdentityUnverifiedEvent(AccountIdentityUnverifiedEvent event) { | ||
// this method is mainly for revoking the permissions related to | ||
// having a verified identity from the account | ||
String permissionPublicName = "special.perm.verified_identity"; | ||
Account account = accountRepository.findByEmail(event.getEmail()).orElseThrow(() -> new IrregularBehaviourException("Account not found")); | ||
Permission permission = permissionRepository.findByPublicName(permissionPublicName).orElseThrow(() -> new IrregularBehaviourException("Permission not found")); | ||
|
||
account.getPermissions().remove(permission); | ||
accountRepository.save(account); | ||
} | ||
|
||
|
||
} |
14 changes: 14 additions & 0 deletions
14
src/main/java/com/example/usermanagement/events/publishers/AccountBecomeMemberEvent.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package com.example.usermanagement.events.publishers; | ||
|
||
import lombok.Getter; | ||
import org.springframework.context.ApplicationEvent; | ||
|
||
@Getter | ||
public class AccountBecomeMemberEvent extends ApplicationEvent { | ||
private final String email; | ||
|
||
public AccountBecomeMemberEvent(Object source, String email) { | ||
super(source); | ||
this.email = email; | ||
} | ||
} |
14 changes: 14 additions & 0 deletions
14
src/main/java/com/example/usermanagement/events/publishers/AccountEmailVerifiedEvent.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package com.example.usermanagement.events.publishers; | ||
|
||
import lombok.Getter; | ||
import org.springframework.context.ApplicationEvent; | ||
|
||
@Getter | ||
public class AccountEmailVerifiedEvent extends ApplicationEvent { | ||
private final String email; | ||
|
||
public AccountEmailVerifiedEvent(Object source, String email) { | ||
super(source); | ||
this.email = email; | ||
} | ||
} |
15 changes: 15 additions & 0 deletions
15
...ain/java/com/example/usermanagement/events/publishers/AccountIdentityUnverifiedEvent.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package com.example.usermanagement.events.publishers; | ||
|
||
import lombok.Getter; | ||
import org.springframework.context.ApplicationEvent; | ||
|
||
@Getter | ||
public class AccountIdentityUnverifiedEvent extends ApplicationEvent { | ||
private final String email; | ||
|
||
public AccountIdentityUnverifiedEvent(Object source, String email) { | ||
super(source); | ||
this.email = email; | ||
} | ||
|
||
} |
15 changes: 15 additions & 0 deletions
15
src/main/java/com/example/usermanagement/events/publishers/AccountIdentityVerifiedEvent.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
package com.example.usermanagement.events.publishers; | ||
|
||
import lombok.Getter; | ||
import org.springframework.context.ApplicationEvent; | ||
|
||
@Getter | ||
public class AccountIdentityVerifiedEvent extends ApplicationEvent { | ||
private final String email; | ||
|
||
public AccountIdentityVerifiedEvent(Object source, String email) { | ||
super(source); | ||
this.email = email; | ||
} | ||
|
||
} |
Oops, something went wrong.