package net.gepafin.tendermanagement.util; import jakarta.servlet.http.HttpServletRequest; import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.config.jwt.TokenProvider; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.CompanyEntity; import net.gepafin.tendermanagement.entities.UserEntity; import net.gepafin.tendermanagement.enums.RoleStatusEnum; import net.gepafin.tendermanagement.service.CompanyService; import net.gepafin.tendermanagement.service.UserService; import net.gepafin.tendermanagement.web.rest.api.errors.ForbiddenAccessException; import net.gepafin.tendermanagement.web.rest.api.errors.Status; import net.gepafin.tendermanagement.web.rest.api.errors.UnauthorizedAccessException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; import java.util.Map; @Component public class Validator { @Autowired private TokenProvider tokenProvider; @Autowired private UserService userService; @Autowired private CompanyService companyService; public Map getUserInfoFromToken(HttpServletRequest request) { return tokenProvider.getUserInfoAndUserIdFromToken(request); } public UserEntity validateUser(HttpServletRequest request) { return userService.validateUser(getUserIdFromToken(request)); } public Boolean checkIsSuperAdmin() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { // Check if the user has the ROLE_SUPER_ADMIN authority for (GrantedAuthority authority : authentication.getAuthorities()) { if (RoleStatusEnum.ROLE_SUPER_ADMIN.getValue().equals(authority.getAuthority())) { return true; } } } return false; } public void validateRequest(HttpServletRequest request,RoleStatusEnum role) { if (RoleStatusEnum.ROLE_SUPER_ADMIN.equals(role) && Boolean.FALSE.equals(checkIsSuperAdmin())) { throw new UnauthorizedAccessException(Status.UNAUTHORIZED, Translator.toLocale(GepafinConstant.INVALID_REQUEST)); } } public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) { if (checkIsSuperAdmin()) { return companyService.validateCompany(companyId); } Map userInfo = tokenProvider.getUserInfoAndUserIdFromToken(request); companyService.validateUserWithCompny(getUserId(userInfo), companyId); return companyService.validateCompany(companyId); } private Long getUserId(Map userInfo) { return Long.parseLong(userInfo.get("userId").toString()); } public Boolean checkIsBeneficiary() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { // Check if the user has the ROLE_SUPER_ADMIN authority for (GrantedAuthority authority : authentication.getAuthorities()) { if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(authority.getAuthority())) { return true; } } } return false; } public UserEntity validateUserId(HttpServletRequest request, Long userId) { UserEntity user = validateUser(request); if(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue()) && Boolean.FALSE.equals(user.getId().equals(userId))) { throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); } return userService.validateUser(userId); } private Long getUserIdFromToken(HttpServletRequest request) { Map userInfo= tokenProvider.getUserInfoAndUserIdFromToken(request); return Long.parseLong(userInfo.get("userId").toString()); } }