Skip to content
This repository was archived by the owner on Jun 21, 2022. It is now read-only.

Commit 44064bb

Browse files
s-freis-frei
committed
Fixed admin related order filtering
1 parent 41deb7e commit 44064bb

File tree

1 file changed

+18
-8
lines changed

1 file changed

+18
-8
lines changed

src/main/java/com/nexiles/example/gatewayrsocketwebsocket/controller/OrderController.java

Lines changed: 18 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -99,14 +99,24 @@ public Flux<Order> subscribeToOrders(@RSocketAuthUser RSocketUser rSocketUser,
9999

100100
final Set<String> authorities = grantedAuthorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toSet());
101101

102-
return Flux.from(orderSink.asFlux().filter(order ->
103-
// 'admin' gets requested no matter what
104-
(authorities.contains(SecurityConstants.ADMIN_ROLE) && order.getKind().equals(requestedOrderKind)) ||
105-
// 'frodo' gets only LOTR orders
106-
(requestedOrderKind.equals(OrderKind.LOTR) && authorities.contains(SecurityConstants.LOTR_ROLE) && order.getKind().equals(requestedOrderKind)) ||
107-
// 'john' gets only GOT order
108-
(requestedOrderKind.equals(OrderKind.GOT) && authorities.contains(SecurityConstants.GOT_ROLE) && order.getKind().equals(requestedOrderKind))
109-
));
102+
return Flux.from(orderSink.asFlux().filter(order -> filterRequestedOrdersForAuthorities(order, requestedOrderKind, authorities)));
103+
}
104+
105+
private boolean filterRequestedOrdersForAuthorities(Order order, OrderKind requestedOrderKind, Set<String> authorities) {
106+
107+
// 'admin' gets requested no matter what
108+
if (authorities.contains(SecurityConstants.ADMIN_ROLE)) {
109+
if (requestedOrderKind.equals(OrderKind.ALL))
110+
return true;
111+
return order.getKind().equals(requestedOrderKind);
112+
}
113+
// @formatter:off
114+
return
115+
// 'frodo' gets only LOTR orders
116+
(requestedOrderKind.equals(OrderKind.LOTR) && authorities.contains(SecurityConstants.LOTR_ROLE) && order.getKind().equals(requestedOrderKind)) ||
117+
// 'john' gets only GOT order
118+
(requestedOrderKind.equals(OrderKind.GOT) && authorities.contains(SecurityConstants.GOT_ROLE) && order.getKind().equals(requestedOrderKind));
119+
// @formatter:on
110120
}
111121

112122
@SuppressWarnings("unused")

0 commit comments

Comments
 (0)