bflows-bandi-be/src/main/java/net/gepafin/tendermanagement/util/Validator.java

package net.gepafin.tendermanagement.util;

import jakarta.servlet.http.HttpServletRequest;
import net.gepafin.tendermanagement.config.Translator;
import net.gepafin.tendermanagement.config.jwt.TokenProvider;
import net.gepafin.tendermanagement.constants.GepafinConstant;
import net.gepafin.tendermanagement.entities.CompanyEntity;
import net.gepafin.tendermanagement.entities.UserEntity;
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
import net.gepafin.tendermanagement.service.CompanyService;
import net.gepafin.tendermanagement.service.UserService;
import net.gepafin.tendermanagement.web.rest.api.errors.ForbiddenAccessException;
import net.gepafin.tendermanagement.web.rest.api.errors.Status;
import net.gepafin.tendermanagement.web.rest.api.errors.UnauthorizedAccessException;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Map;

@Component
public class Validator {

    @Autowired
    private TokenProvider tokenProvider;
    
    @Autowired
    private UserService userService;
    
    @Autowired
    private CompanyService companyService;

    public Map<String, Object> getUserInfoFromToken(HttpServletRequest request) {
        return tokenProvider.getUserInfoAndUserIdFromToken(request);
    }

	public UserEntity validateUser(HttpServletRequest request) {
		return userService.validateUser(getUserIdFromToken(request));
	}

	public Boolean checkIsSuperAdmin() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

		if (authentication != null && authentication.isAuthenticated()) {
			// Check if the user has the ROLE_SUPER_ADMIN authority
			for (GrantedAuthority authority : authentication.getAuthorities()) {
				if (RoleStatusEnum.ROLE_SUPER_ADMIN.getValue().equals(authority.getAuthority())) {
					return true;
				}
			}
		}
		return false;
	}

	public void validateRequest(HttpServletRequest request,RoleStatusEnum role) {
		if (RoleStatusEnum.ROLE_SUPER_ADMIN.equals(role) && Boolean.FALSE.equals(checkIsSuperAdmin())) {
			throw new UnauthorizedAccessException(Status.UNAUTHORIZED, Translator.toLocale(GepafinConstant.INVALID_REQUEST));
		}
	}

	public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) {
		if (checkIsSuperAdmin()) {
			return companyService.validateCompany(companyId);
		}
		Map<String, Object> userInfo = tokenProvider.getUserInfoAndUserIdFromToken(request);
		companyService.validateUserWithCompny(getUserId(userInfo), companyId);
		return companyService.validateCompany(companyId);
	}

	private Long getUserId(Map<String, Object> userInfo) {
		return Long.parseLong(userInfo.get("userId").toString());
	}

	public Boolean checkIsBeneficiary() {
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		if (authentication != null && authentication.isAuthenticated()) {
			// Check if the user has the ROLE_SUPER_ADMIN authority
			for (GrantedAuthority authority : authentication.getAuthorities()) {
				if (RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(authority.getAuthority())) {
					return true;
				}
			}
		}
		return false;
	}

	public UserEntity validateUserId(HttpServletRequest request, Long userId) {
		UserEntity user = validateUser(request);
		if(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue()) && Boolean.FALSE.equals(user.getId().equals(userId))) {
			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
		}
		return userService.validateUser(userId);
	}
	
	private Long getUserIdFromToken(HttpServletRequest request) {
		Map<String, Object> userInfo= tokenProvider.getUserInfoAndUserIdFromToken(request);
		return Long.parseLong(userInfo.get("userId").toString());
	}
	
}