Sign upLogin

Hack23/cia

View on GitHub
Star
service.impl/src/main/java/com/hack23/cia/service/impl/action/user/DeleteAccountService.java

Summary

Maintainability
B
5 hrs
Test Coverage
/*
 * Copyright 2010-2021 James Pether Sörling
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 *    $Id$
 *  $HeadURL$
*/
package com.hack23.cia.service.impl.action.user;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.Locale;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;

import com.hack23.cia.model.internal.application.system.impl.ApplicationActionEvent;
import com.hack23.cia.model.internal.application.system.impl.ApplicationEventGroup;
import com.hack23.cia.model.internal.application.system.impl.ApplicationOperationType;
import com.hack23.cia.model.internal.application.system.impl.ApplicationSession;
import com.hack23.cia.model.internal.application.system.impl.ApplicationSessionType;
import com.hack23.cia.model.internal.application.system.impl.ApplicationSession_;
import com.hack23.cia.model.internal.application.user.impl.UserAccount;
import com.hack23.cia.service.api.action.application.CreateApplicationEventRequest;
import com.hack23.cia.service.api.action.common.ServiceResponse.ServiceResult;
import com.hack23.cia.service.api.action.user.DeleteAccountRequest;
import com.hack23.cia.service.api.action.user.DeleteAccountResponse;
import com.hack23.cia.service.data.api.ApplicationSessionDAO;
import com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl;

/**
 * The Class DeleteAccountService.
 */
@Service
@Transactional(propagation = Propagation.REQUIRED,timeout=600)
public final class DeleteAccountService extends
        AbstractBusinessServiceImpl<DeleteAccountRequest, DeleteAccountResponse> {

    /** The Constant LOGGER. */
    private static final Logger LOGGER = LoggerFactory
            .getLogger(DeleteAccountService.class);

    /** The application session dao. */
    @Autowired
    private ApplicationSessionDAO applicationSessionDAO;

    /** The password encoder. */
    private final PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

    /**
     * Instantiates a new delete account service.
     */
    public DeleteAccountService() {
        super(DeleteAccountRequest.class);
    }


    /**
     * Process service.
     *
     * @param serviceRequest the service request
     * @return the sets the google authenticator credential response
     */
    @Override
    @Secured({ "ROLE_USER", "ROLE_ADMIN"})
    public DeleteAccountResponse processService(
            final DeleteAccountRequest serviceRequest) {

        final DeleteAccountResponse inputValidation = inputValidation(serviceRequest);
        if (inputValidation != null) {
            return inputValidation;
        }

        LOGGER.info("{}:{}",serviceRequest.getClass().getSimpleName(),serviceRequest.getSessionId());
        final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);

        final UserAccount userAccount = getUserAccountFromSecurityContext();

        DeleteAccountResponse response = new DeleteAccountResponse(ServiceResult.SUCCESS);
        if (userAccount != null) {

            if (passwordEncoder.matches(
                    userAccount.getUserId() + ".uuid" + serviceRequest.getUserpassword(), userAccount.getUserpassword())) {

                final List<ApplicationSession> applicationSessionsByUser = applicationSessionDAO.findListByProperty(ApplicationSession_.userId, userAccount.getUserId());
                for (final ApplicationSession applicationSession : applicationSessionsByUser) {
                    if (!serviceRequest.getSessionId().equals(applicationSession.getSessionId())) {
                        applicationSessionDAO.delete(applicationSession);
                    } else {
                        applicationSession.setUserId(null);
                        applicationSession.setSessionType(ApplicationSessionType.ANONYMOUS);
                        applicationSession.setDestroyedDate(new Date());
                        applicationSession.setScreenSize("1280x1024");
                        applicationSession.setLocale(Locale.ENGLISH.toString());
                        applicationSession.setUserAgentInformation("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36\n");
                        final List<ApplicationActionEvent> events = applicationSession.getEvents();
                        for (final ApplicationActionEvent event : events) {
                            event.setUserId(null);
                        }
                        applicationSessionDAO.persist(applicationSession);
                    }
                }

                getUserDAO().delete(userAccount);

                final Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
                authorities.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
                final AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(
                        serviceRequest.getSessionId(), "ROLE_ANONYMOUS", authorities);
                SecurityContextHolder.getContext().setAuthentication(anonymousAuthenticationToken);

            } else {
                response = new DeleteAccountResponse(ServiceResult.FAILURE);
            }
        }

        eventRequest.setApplicationMessage(response.getResult().toString());
        createApplicationEventService.processService(eventRequest);

        return response;
    }


    /**
     * Creates the application event for service.
     *
     * @param serviceRequest the service request
     * @return the creates the application event request
     */
    @Override
    protected CreateApplicationEventRequest createApplicationEventForService(
            final DeleteAccountRequest serviceRequest) {
        final CreateApplicationEventRequest eventRequest = createBaseApplicationEventRequest();
        eventRequest.setEventGroup(ApplicationEventGroup.USER);
        eventRequest.setApplicationOperation(ApplicationOperationType.DELETE);
        eventRequest.setActionName(DeleteAccountRequest.class.getSimpleName());
        eventRequest.setSessionId(serviceRequest.getSessionId());
        return eventRequest;
    }


    /**
     * Creates the error response.
     *
     * @return the sets the google authenticator credential response
     */
    @Override
    protected DeleteAccountResponse createErrorResponse() {
        return new DeleteAccountResponse(ServiceResult.FAILURE);
    }



}