API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2019
123
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Java 2.55 KB | None | 0 0
raw download clone embed print report
  1.  
  2.     @ApiOperation(value = "Partial update Account",
  3.             notes = "Updates the specified Account by setting the values of the parameters passed. " +
  4.                     "Any parameters not provided will be left unchanged. " +
  5.                     "If the Account is not associated with current User or some of the fields provided " +
  6.                     "can not be changed, an appropriate message is returned.",
  7.             authorizations = {
  8.                     @Authorization(value = BENCORP_MICROSERVICES, scopes = {
  9.                             @AuthorizationScope(scope = USERDATA_WRITE_SCOPE, description = USERDATA_WRITE_DESCRIPTION)
  10.                     })
  11.             }
  12.     )
  13.     @PatchMapping(path = "/accounts/{accountId}")
  14.     public JsonResponse partialUpdateAccount(@PathVariable Long accountId,
  15.                                              @RequestBody AccountDto update,
  16.                                              HttpServletRequest httpRequest) {
  17.         BencorpUser user = fetchUserWithAccount(httpRequest);
  18.  
  19.         Optional<AccountEntity> optional = accountRepository.findById(accountId);
  20.         if (!optional.isPresent()) {
  21.             return JsonResponse.failed(JsonResponseCode.ENTITY_NOT_FOUND,
  22.                     "Account with given ID is not found");
  23.         }
  24.  
  25.         AccountEntity account = optional.get();
  26.         if (!user.extractCompositeUserId().equals(account.getUser().getAuth0Id())) {
  27.             return JsonResponse.failed(JsonResponseCode.FORBIDDEN,
  28.                     "Account with given ID is associated to with the user");
  29.         }
  30.  
  31.         if (update.getStripeCustomerId() != null) {
  32.             if (!AccountRole.OWNER.equals(account.getRole())) {
  33.                 return JsonResponse.failed(JsonResponseCode.FORBIDDEN,
  34.                         "stripeCustomerId can only be attached to Account with OWNER role, " +
  35.                                 "but current has " + account.getRole());
  36.             }
  37.             account.setStripeCustomerId(update.getStripeCustomerId());
  38.         }
  39.  
  40.         if (update.getStripeChargeable() != null) {
  41.             account.setStripeChargeable(update.getStripeChargeable());
  42.         }
  43.  
  44.         if (update.getId() != null
  45.                 || update.getRole() != null
  46.                 || update.getUser() != null
  47.                 || update.getStatus() != null) {
  48.             return JsonResponse.failed(JsonResponseCode.FORBIDDEN,
  49.                     "Updating one of the fields provided is forbidden");
  50.         }
  51.         return JsonResponse.ok(accountRepository.save(account));
  52.     }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!