ClientUserBridge.java

package org.multibit.mbm.api.response.hal.user;

import com.google.common.base.Optional;
import com.theoryinpractise.halbuilder.ResourceFactory;
import com.theoryinpractise.halbuilder.spi.Resource;
import org.multibit.mbm.api.response.hal.BaseBridge;
import org.multibit.mbm.auth.Authority;
import org.multibit.mbm.core.model.User;

import javax.ws.rs.core.UriInfo;

/**
 * <p>Bridge to provide the following to {@link org.multibit.mbm.core.model.User}:</p>
 * <ul>
 * <li>Creates a minimal representation of a User for the client to use</li>
 * </ul>
 *
 * @since 0.0.1
 */
public class ClientUserBridge extends BaseBridge<User> {

  /**
   * @param uriInfo   The {@link javax.ws.rs.core.UriInfo} containing the originating request information
   * @param principal An optional {@link org.multibit.mbm.core.model.User} to provide a security principal
   */
  public ClientUserBridge(UriInfo uriInfo, Optional<User> principal) {
    super(uriInfo, principal);
  }

  public Resource toResource(User user) {

    ResourceFactory resourceFactory = getResourceFactory();
    Resource userResource;

    if (user != null) {
      // Working with an authenticated User

      // Determine how the resource path should be presented
      String path;
      if (principal.isPresent() && principal.get().hasAuthority(Authority.ROLE_ADMIN)) {
        path = "/admin/user/" + user.getId();
      } else if (user.getCustomer() != null) {
        path = "/customer/user";
      } else if (user.getSupplier() != null) {
        path = "/supplier/user";
      } else {
        throw new IllegalStateException("User does not have correct rights to be here ["+user.getId()+"]");
      }

      // The user will refer to their own profile implicitly
      userResource = resourceFactory.newResource(path)
        // The username and password digest are not required for any further authentication
        // If they are required it will be as part of a user profile update
        // The API and secret key are required for future user requests via HMAC
        .withProperty("api_key", user.getApiKey())
        .withProperty("secret_key", user.getSecretKey())
      // End of build
      ;
    } else {
      // The unauthenticated user will still refer to their own profile implicitly
      userResource = resourceFactory.newResource("/customer/user")
        // Provide empty credentials indicating a failure
        .withProperty("api_key", "")
        .withProperty("secret_key", "")
      // End of build
      ;
    }

    return userResource;

  }

}