bflows-bandi-be/src/main/java/net/gepafin/tendermanagement/util/Validator.java

package net.gepafin.tendermanagement.util;

import jakarta.servlet.http.HttpServletRequest;
import net.gepafin.tendermanagement.config.Translator;
import net.gepafin.tendermanagement.config.jwt.TokenProvider;
import net.gepafin.tendermanagement.constants.GepafinConstant;
import net.gepafin.tendermanagement.entities.CallEntity;
import net.gepafin.tendermanagement.entities.CompanyEntity;
import net.gepafin.tendermanagement.entities.UserEntity;
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
import net.gepafin.tendermanagement.service.CallService;
import net.gepafin.tendermanagement.service.CompanyService;
import net.gepafin.tendermanagement.service.UserService;
import net.gepafin.tendermanagement.web.rest.api.errors.ForbiddenAccessException;
import net.gepafin.tendermanagement.web.rest.api.errors.Status;
import net.gepafin.tendermanagement.web.rest.api.errors.UnauthorizedAccessException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Arrays;
import java.util.Map;

@Component
public class Validator {

    @Autowired
    private TokenProvider tokenProvider;
    
    @Autowired
    private UserService userService;
    
    @Autowired
    private CompanyService companyService;
    
    @Autowired
    private CallService callService;
    
    @Autowired
	private Environment environment;

    public Map<String, Object> getUserInfoFromToken(HttpServletRequest request) {
        return tokenProvider.getUserInfoAndUserIdFromToken(request);
    }

	public UserEntity validateUser(HttpServletRequest request) {
		return userService.validateUser(getUserIdFromToken(request));
	}

	public Boolean checkIsSuperAdmin() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

		if (authentication != null && authentication.isAuthenticated()) {
			// Check if the user has the ROLE_SUPER_ADMIN authority
			for (GrantedAuthority authority : authentication.getAuthorities()) {
				if (RoleStatusEnum.ROLE_SUPER_ADMIN.getValue().equals(authority.getAuthority())) {
					return true;
				}
			}
		}
		return false;
	}
	
	public Boolean checkIsPreInstructor() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

		if (authentication != null && authentication.isAuthenticated()) {
			// Check if the user has the ROLE_SUPER_ADMIN authority
			for (GrantedAuthority authority : authentication.getAuthorities()) {
				if (RoleStatusEnum.ROLE_PRE_INSTRUCTOR.getValue().equals(authority.getAuthority())) {
					return true;
				}
			}
		}
		return false;
	}

	public void validateRequest(HttpServletRequest request,RoleStatusEnum role) {
		if (RoleStatusEnum.ROLE_SUPER_ADMIN.equals(role) && Boolean.FALSE.equals(checkIsSuperAdmin())) {
			throw new UnauthorizedAccessException(Status.UNAUTHORIZED, Translator.toLocale(GepafinConstant.INVALID_REQUEST));
		}
	}

	public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) {
		CompanyEntity companyEntity = companyService.validateCompany(companyId);
		validateHubId(request, companyEntity.getHub().getId());
		if (checkIsSuperAdmin()) {
			return companyEntity;
		}
		Map<String, Object> userInfo = tokenProvider.getUserInfoAndUserIdFromToken(request);
		companyService.validateUserWithCompny(getUserId(userInfo), companyId);
		return companyService.validateCompany(companyId);
	}
	
	public void validateHubId(HttpServletRequest request, Long hubId) {
		UserEntity user = validateUser(request);
		Long hubIdFromHttpRequest = user.getHub().getId();
		if (Boolean.FALSE.equals(hubIdFromHttpRequest.equals(hubId))) {
			throw new ForbiddenAccessException(Status.FORBIDDEN,
					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
		}
	} 

	private Long getUserId(Map<String, Object> userInfo) {
		return Long.parseLong(userInfo.get("userId").toString());
	}

	public Boolean checkIsBeneficiary() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		if (authentication != null && authentication.isAuthenticated()) {
			// Check if the user has the ROLE_SUPER_ADMIN authority
			for (GrantedAuthority authority : authentication.getAuthorities()) {
				if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(authority.getAuthority())) {
					return true;
				}
			}
		}
		return false;
	}

	public UserEntity validateUserId(HttpServletRequest request, Long userId) {
		UserEntity user = validateUser(request);
		UserEntity requestedUser = userService.validateUser(userId);
		
		validateHubId(request, requestedUser.getHub().getId());
		if (Boolean.FALSE.equals(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_SUPER_ADMIN.getValue()))
				&& Boolean.FALSE.equals(user.getId().equals(userId))) {
			throw new ForbiddenAccessException(Status.FORBIDDEN,
					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
		}
		return requestedUser;
	}
	
	public Long getUserIdFromToken(HttpServletRequest request) {
		Map<String, Object> userInfo= tokenProvider.getUserInfoAndUserIdFromToken(request);
		return Long.parseLong(userInfo.get("userId").toString());
	}
	public CallEntity validateUserWithCall(UserEntity user, Long callId) {
		CallEntity callEntity = callService.validateCall(callId);
		if(Boolean.FALSE.equals(user.getHub().getId().equals(callEntity.getHub().getId()))) {
			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
		}
		return callEntity;
	}
	
	public Boolean isProductionProfileActivated() {
		String[] activeProfiles = environment.getActiveProfiles();
		return Arrays.stream(activeProfiles).anyMatch("production"::equals);
	}
	
	public Boolean isTestProfileActivated() {
		String[] activeProfiles = environment.getActiveProfiles();
		return Arrays.stream(activeProfiles).anyMatch("test"::equals);
	}

	public UserEntity validatePreInstructor(HttpServletRequest request, Long preInstructorUserId) {
		UserEntity preInstructorUser = userService.validateUser(preInstructorUserId);
		if (checkIsSuperAdmin()) {
			if (preInstructorUserId != null) {
				validateHubId(request, preInstructorUser.getHub().getId());
			}
			return preInstructorUser;
		} else if (checkIsPreInstructor()) {
			return validateUserId(request, preInstructorUserId);
		} else {
			throw new ForbiddenAccessException(Status.FORBIDDEN,
					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
		}
	}
	
}