• Home
• io.foodtechlab
• auth-domain
• 4.0.1.4
• source code
• CheckAccessByAccessTokenUseCase.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

ru.foodtechlab.lib.auth.service.domain.roleAccess.usecase.CheckAccessByAccessTokenUseCase Maven / Gradle / Ivy

package ru.foodtechlab.lib.auth.service.domain.roleAccess.usecase;

import com.rcore.domain.commons.usecase.UseCase;
import com.rcore.domain.commons.usecase.model.SingleOutput;
import com.rcore.domain.commons.validators.ValidationDomain;
import com.rcore.domain.security.exceptions.CredentialPermissionInsufficientException;
import com.rcore.domain.security.model.CredentialDetails;
import com.rcore.domain.security.port.CredentialIdentityService;
import lombok.*;
import ru.foodtechlab.lib.auth.service.domain.Domain;
import ru.foodtechlab.lib.auth.service.domain.role.entity.RoleEntity;
import ru.foodtechlab.lib.auth.service.domain.role.port.RoleRepository;
import ru.foodtechlab.lib.auth.service.domain.roleAccess.entity.RoleAccessEntity;

import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;

@RequiredArgsConstructor
public class CheckAccessByAccessTokenUseCase extends UseCase> {

    private final CredentialIdentityService credentialIdentityService;
    private final RoleRepository roleRepository;

    @Override
    public SingleOutput execute(InputValues inputValues) {
        var credentialDetails = credentialIdentityService.getCredentialByToken(inputValues.getAccessToken());
        var accesses = credentialDetails.getRoles()
                .stream()
                .map(CredentialDetails.Role::getId)
                .map(roleRepository::findById)
                .filter(Optional::isPresent)
                .map(Optional::get)
                .filter(r -> r.getAccesses() != null)
                .map(RoleEntity::getAccesses)
                .flatMap(List::stream)
                .collect(Collectors.toList());

        for (RoleAccessEntity access : accesses) {
            if (access.resourceAvailable(inputValues.getServiceName(), inputValues.getMethod(), inputValues.getRequestPath()))
                return SingleOutput.of(credentialDetails);
        }

        throw new CredentialPermissionInsufficientException();
    }

    @ValidationDomain(domainName = Domain.AUTH)
    @AllArgsConstructor
    @NoArgsConstructor
    @Builder
    @Data
    public static class InputValues implements UseCase.InputValues {
        @NotNull
        private RoleAccessEntity.Method method;
        @NotBlank
        private String requestPath;
        @NotBlank
        private String serviceName;
        private String accessToken;
    }

}