Adding access control to extensions
You can associate an extension point with an access control action. You can configure HCL Commerce to check whether the current user can perform the action before the extension code is invoked, and pass the result to the extension code through the access control context.
The following procedure provides an example for associating an extension point with the action
"CSRAction
" to check whether the current user is a customer service
representative.
Before you begin
- Register the xC extension code for the stores that need to use the extension.
Procedure
-
In your development environment, use the Data Load utility to load the data for updating the
registration of an extension to include access control changes.
-
In your externalized customization implementation code, use the following method to get the
resulting Boolean value of the access control check for
CSRAction
.:boolean csrAction = Boolean.parseBoolean(ueRequest.getContextData().getAccessControlContext().get("CSRAction"));
-
Using the resulting Boolean value, define your logic implementation by using the access control
value.
For example,
if(csrAction) { // CSR-specific logic }else{ // Non-CSR logic }