AppUserGuiSettingServiceImpl.java

/*
 * Copyright 2025 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.gringlobal.service.impl;

import org.genesys.blocks.security.SecurityContextUtil;
import org.gringlobal.api.Pagination;
import org.gringlobal.api.exception.InvalidApiUsageException;
import org.gringlobal.model.AppUserGuiSetting;
import org.gringlobal.model.Cooperator;
import org.gringlobal.model.QAppUserGuiSetting;
import org.gringlobal.model.SysUser;
import org.gringlobal.persistence.AppUserGuiSettingRepository;
import org.gringlobal.service.AppUserGuiSettingService;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;

import javax.validation.constraints.NotNull;

import java.util.List;
import java.util.Objects;

@Transactional(readOnly = true)
@PreAuthorize("isAuthenticated()")
@Validated
@Service
public class AppUserGuiSettingServiceImpl extends CRUDService2Impl<AppUserGuiSetting, AppUserGuiSettingRepository> implements AppUserGuiSettingService {

	@Override
	@Transactional
	public AppUserGuiSetting create(AppUserGuiSetting source) {
		return createFast(source);
	}

	@Override
	@Transactional
	public AppUserGuiSetting createFast(AppUserGuiSetting source) {
		AppUserGuiSetting setting = new AppUserGuiSetting();
		setting.apply(source);
		setting.setCooperator(loadCurrentUserCooperator());
		return repository.save(setting);
	}

	@Override
	@Transactional
	public AppUserGuiSetting update(AppUserGuiSetting updated, AppUserGuiSetting target) {
		return updateFast(updated, target);
	}

	@Override
	@Transactional
	public AppUserGuiSetting updateFast(AppUserGuiSetting updated, AppUserGuiSetting target) {
		if (!SecurityContextUtil.hasRole("ADMINISTRATOR")) {
			if (!Objects.equals(target.getCooperator().getId(), loadCurrentUserCooperator().getId())) {
				throw new AccessDeniedException("Current user does not have permission to update the setting(id=" + target.getId() + ").");
			}
		}
		target.apply(updated);
		return repository.save(target);
	}

	@Override
	public AppUserGuiSetting getSetting(@NotNull String appName, String formName, @NotNull String resourceName, @NotNull String resourceKey) {
		var cooperator = loadCurrentUserCooperator();
		var qSetting = QAppUserGuiSetting.appUserGuiSetting;
		var expression = qSetting.appName.eq(appName)
			.and(qSetting.resourceName.eq(resourceName))
			.and(qSetting.resourceKey.eq(resourceKey))
			.and(qSetting.cooperator().eq(cooperator))
			.and(formName == null ? qSetting.formName.isNull() : qSetting.formName.eq(formName)) // formName is optional
		;
		return repository.findOne(expression).orElse(null);
	}

	@Override
	public List<AppUserGuiSetting> listForApp(@NotNull String appName) {
		var cooperator = loadCurrentUserCooperator();
		return (List<AppUserGuiSetting>) repository.findAll(QAppUserGuiSetting.appUserGuiSetting.cooperator().eq(cooperator).and(QAppUserGuiSetting.appUserGuiSetting.appName.eq(appName)));
	}

	@Override
	public Page<AppUserGuiSetting> list(Pageable page) {
		var cooperator = loadCurrentUserCooperator();
		page = Pagination.addSortByParams(page, idSortParams);
		return repository.findAll(QAppUserGuiSetting.appUserGuiSetting.cooperator().eq(cooperator), page);
	}

	@Override
	public AppUserGuiSetting get(long id) {
		var setting = super.get(id);
		if (!SecurityContextUtil.hasRole("ADMINISTRATOR")) {
			if (!Objects.equals(setting.getCooperator().getId(), loadCurrentUserCooperator().getId())) {
				throw new AccessDeniedException("Current user does not have permission to remove the setting(id=" + setting.getId() + ").");
			}
		}
		return setting;
	}

	@Override
	@Transactional
	public AppUserGuiSetting remove(AppUserGuiSetting entity) {
		entity = repository.getReferenceById(entity.getId());
		if (!SecurityContextUtil.hasRole("ADMINISTRATOR")) {
			if (!Objects.equals(entity.getCooperator().getId(), loadCurrentUserCooperator().getId())) {
				throw new AccessDeniedException("Current user does not have permission to remove the setting(id=" + entity.getId() + ").");
			}
		}
		return super.remove(entity);
	}

	private Cooperator loadCurrentUserCooperator() {
		var me  = SecurityContextUtil.getCurrentUser();
		// System.err.println("User " + me + " " + me.getClass());
		if (me instanceof SysUser) {
			var cooperator = ((SysUser)me).getCooperator();
			if (cooperator == null) {
				throw new InvalidApiUsageException("SysUser has no associated cooperator record.");
			}
			// System.err.println("Coop is " + cooperator);
			return cooperator;
		}
		throw new InvalidApiUsageException("Not a SysUser");
	}
}