Package org.broadleafcommerce.profile.web.core.security

Class CustomerStateRequestProcessor

java.lang.Object
org.broadleafcommerce.common.web.AbstractBroadleafWebRequestProcessor
org.broadleafcommerce.profile.web.core.security.CustomerStateRequestProcessor
All Implemented Interfaces:
org.broadleafcommerce.common.web.BroadleafWebRequestProcessor, org.springframework.beans.factory.Aware, org.springframework.context.ApplicationEventPublisherAware
@Component("blCustomerStateRequestProcessor") public class CustomerStateRequestProcessor extends org.broadleafcommerce.common.web.AbstractBroadleafWebRequestProcessor implements org.springframework.context.ApplicationEventPublisherAware
Author:
Phillip Verheyden

  • Field Details

    • BLC_RULE_MAP_PARAM

      public static final String BLC_RULE_MAP_PARAM
      See Also:

    • ANONYMOUS_CUSTOMER_SESSION_ATTRIBUTE_NAME

      public static final String ANONYMOUS_CUSTOMER_SESSION_ATTRIBUTE_NAME
      See Also:

    • ANONYMOUS_CUSTOMER_ID_SESSION_ATTRIBUTE_NAME

      public static final String ANONYMOUS_CUSTOMER_ID_SESSION_ATTRIBUTE_NAME
      See Also:

    • OVERRIDE_CUSTOMER_SESSION_ATTR_NAME

      public static final String OVERRIDE_CUSTOMER_SESSION_ATTR_NAME
      See Also:

    • ANONYMOUS_CUSTOMER_MERGED_SESSION_ATTRIBUTE_NAME

      public static final String ANONYMOUS_CUSTOMER_MERGED_SESSION_ATTRIBUTE_NAME
      See Also:

    • logger

      protected final org.apache.commons.logging.Log logger
      Logger for this class and subclasses

    • customerService

      protected CustomerService customerService

    • customerMergeExtensionManager

      protected CustomerMergeExtensionManager customerMergeExtensionManager

    • anonymousCustomerExtensionManager

      protected AnonymousCustomerExtensionManager anonymousCustomerExtensionManager

    • eventPublisher

      protected org.springframework.context.ApplicationEventPublisher eventPublisher

  • Constructor Details

    • CustomerStateRequestProcessor

      public CustomerStateRequestProcessor()

  • Method Details

    • getAnonymousCustomerSessionAttributeName

      public static String getAnonymousCustomerSessionAttributeName()
      Returns the session attribute to store the anonymous customer. Some implementations may wish to have a different anonymous customer instance (and as a result a different cart).

      The entire Customer should be stored in session ONLY if that Customer has not already been persisted to the database. Once it has been persisted (like once the user has added something to the cart) then getAnonymousCustomerIdSessionAttributeName() should be used instead.

      Returns:
      the session attribute for an anonymous Customer that has not been persisted to the database yet

    • getAnonymousCustomerIdSessionAttributeName

      public static String getAnonymousCustomerIdSessionAttributeName()

      Returns the session attribute to store the anonymous customer ID. This session attribute should be used to track anonymous customers that have not registered but have state in the database. When users first visit the Broadleaf site, a new Customer is instantiated but is only saved in session and not persisted to the database. However, once that user adds something to the cart, that Customer is now saved in the database and it no longer makes sense to pull back a full Customer object from session, as any session-based Customer will be out of date in regards to Hibernate (specifically with lists).

      So, once Broadleaf detects that the session-based Customer has been persisted, it should remove the session-based Customer and then utilize just the customer ID from session.

    • getCustomerRequestAttributeName

      public static String getCustomerRequestAttributeName()
      The request-scoped attribute that should store the Customer. 
       Customer customer = (Customer) request.getAttribute(CustomerStateRequestProcessor.getCustomerRequestAttributeName());
 //this is equivalent to the above invocation
 Customer customer = CustomerState.getCustomer();
      Returns:

    • getAnonymousCustomerMergedSessionAttributeName

      public static String getAnonymousCustomerMergedSessionAttributeName()
      This is the name of a session attribute that holds whether or not the anonymous customer has been merged into the logged in customer. This is useful for tracking as often there is an anonymous customer that has customer attributes or other data that is saved on the customer in the database or in transient properties. It is often beneficial, after logging in, to copy certain properties to the logged in customer.
      Returns:

    • process

      public void process(org.springframework.web.context.request.WebRequest request)
      Specified by:
      process in interface org.broadleafcommerce.common.web.BroadleafWebRequestProcessor

    • publishEvent

      protected void publishEvent(org.springframework.context.ApplicationEvent event, org.springframework.web.context.request.WebRequest request, String eventClass, String username)

    • mergeCustomerIfRequired

      protected Customer mergeCustomerIfRequired(org.springframework.web.context.request.WebRequest request, Customer customer)
      Allows the merging of anonymous customer data and / or session data, to the logged in customer, if required. This is written to only require it to happen once.
      Parameters:
      request -
      customer -
      Returns:

    • copyAnonymousCustomerInfoToCustomer

      protected Customer copyAnonymousCustomerInfoToCustomer(org.springframework.web.context.request.WebRequest request, Customer anonymous, Customer customer)
      This allows the customer object to be augmented by information that may have been stored on the anonymous customer or session. After login, a new instance of customer is created that is different from the anonymous customer. In many cases, there are reasons that the anonymous customer may have had data associated with them that is required on the new customer. For example, customer attributes, promotions, promo codes, etc. may have been associated with the anonymous customer, and we want them to be copied to this customer. The default implementation does not copy data. It simply provides a hook for implementors to extend / implement this method. You should consider security when copying data from one customer to another.
      Parameters:
      request -
      anonymous -
      customer -
      Returns:

    • resolveAuthenticatedCustomer

      public Customer resolveAuthenticatedCustomer(org.springframework.security.core.Authentication authentication)
      Subclasses can extend to resolve other types of Authentication tokens
      Parameters:
      authentication -
      Returns:

    • resolveAnonymousCustomer

      public Customer resolveAnonymousCustomer(org.springframework.web.context.request.WebRequest request)

      Implementors can subclass to change how anonymous customers are created. Note that this method is intended to actually create the anonymous customer if one does not exist. If you are looking to just get the current anonymous customer (if it exists) then instead use the getAnonymousCustomer(WebRequest) method.

      The intended behavior of this method is as follows:

      • Look for a Customer on the session
        • If a customer is found in session, keep using the session-based customer
        • If a customer is not found in session
          • Look for a customer ID in session
          • If a customer ID is found in session:
            • Look up the customer in the database
        • If no there is no customer ID in session (and thus no Customer)
          1. Create a new customer with null customer id
          2. Put the newly-created Customer in session
      Parameters:
      request -
      Returns:

    • getAnonymousCustomer

      public Customer getAnonymousCustomer(org.springframework.web.context.request.WebRequest request)
      Returns the anonymous customer that was saved in session. This first checks for a full customer in session (meaning that the customer has not already been persisted) and returns that. If there is no full customer in session (and there is instead just an anonymous customer ID) then this will look up the customer from the database using that and return it.
      Parameters:
      request - the current request
      Returns:
      the anonymous customer in session or null if there is no anonymous customer represented in session

    • setApplicationEventPublisher

      public void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)
      Specified by:
      setApplicationEventPublisher in interface org.springframework.context.ApplicationEventPublisherAware