public Order getOrderForCustomerById(CustomerUserDetails customerUserDetails, Long orderId) throws OrderNotFoundException { return Optional.ofNullable(getOrdersByCustomer(customerUserDetails)) .orElseThrow(() -> new OrderNotFoundException("Cannot find order with ID: " + orderId + " for customer with ID: " + customerUserDetails.getId())) .stream() .filter(x -> x.getId().equals(orderId)) .findAny() .orElseThrow(() -> new OrderNotFoundException("Cannot find order with ID: " + orderId + " for customer with ID: " + customerUserDetails.getId())); }
@Transactional @RequestMapping(value = "/merge", method = RequestMethod.POST) @ApiOperation( value = "Merge carts", notes = "Merges anonymous cart with a logged in customer's cart", response = Void.class ) @ApiResponses(value = { @ApiResponse(code = 200, message = "Carts have been successfully merged", response = Void.class) }) public void mergeWithAnonymous( @ApiIgnore @AuthenticationPrincipal final CustomerUserDetails userDetails, @RequestBody final String anonymousToken) throws RemoveFromCartException, PricingException { final Customer loggedUser = customerService.readCustomerById(userDetails.getId()); final CustomerUserDetails anonymousUserDetails = (CustomerUserDetails) tokenServices.loadAuthentication (anonymousToken).getPrincipal(); final Customer anonymousUser = customerService.readCustomerById(anonymousUserDetails.getId()); final Order anonymousCart = orderService.findCartForCustomer(anonymousUser); mergeCartService.mergeCart(loggedUser, anonymousCart); }
) { ofNullable(customerUserDetails.getId()) .map(customerService::readCustomerById) .filter(c -> !c.isRegistered()) .orElseThrow(() -> new ResourceNotFoundException("Email address already taken, please try with other")); final Customer customer = customerService.readCustomerById(customerUserDetails.getId()); customer.setUsername(username); customer.setEmailAddress(email);
@PostAuthorize("permitAll") @Transactional public List<Order> getOrdersByCustomer(final UserDetails userDetails) throws CustomerNotFoundException { return Match.of(userDetails) .whenType(AdminUserDetails.class).then(this::getAllOrders) .whenType(CustomerUserDetails.class).then(() -> { final Long id = ((CustomerUserDetails) userDetails).getId(); return Optional.ofNullable(customerService.readCustomerById(id)) .map(c -> orderService.findOrdersForCustomer(c)) .orElseThrow(() -> new CustomerNotFoundException(format("Cannot find customer with ID: %d", id))); }).otherwise(Collections::emptyList) .get(); }
.map(customer -> customerConverter.createDto(customer, embed, link)) .collect(Collectors.toList())) .whenType(CustomerUserDetails.class).then(() -> Optional.ofNullable(customerServiceProxy.getCustomerById(((CustomerUserDetails) userDetails).getId()))
.orElseThrow(() -> new ResourceNotFoundException()); if(!order.getCustomer().getId().equals(customerUserDetails.getId())) { throw new AccessDeniedException("The ordere does not belong to the customer");
protected void forceNewAuthenticationIfPrincipalIsNotValidForScope(User principal, Set<String> scopeSet) { for(String scope : scopeSet) { if (Scope.CUSTOMER.matches(scope)) { if ( !(principal instanceof CustomerUserDetails) ) { throw new InsufficientAuthenticationException("Not logged in as a customer"); } Customer customer = customerService.readCustomerById(((CustomerUserDetails) principal).getId()); if (Scope.CUSTOMER_REGISTERED.matches(scope)) { if (!customer.isRegistered()) { throw new InsufficientAuthenticationException("Not logged in as a registered customer"); } } } else if (Scope.STAFF.matches(scope) && ( !(principal instanceof AdminUserDetails) )) { throw new InsufficientAuthenticationException("Not logged in as an admin user"); } } }