@RequestMapping(value = "/products/create", method = RequestMethod.POST)
public ModelAndView create(@Valid ProductForm productForm, BindingResult bindingResult,
HttpServletRequest request) {
SessionContext sessionContext = (SessionContext) request.getAttribute("sessionContext");
ModelAndView mav = new ModelAndView("products/new");
mav.addObject("errors", bindingResult.getAllErrors());
mav.addObject("productForm", productForm);
int newProductId = -1;
if (!bindingResult.hasErrors()) {
List<Product> products = productService.find...(...);
if (products != null...) {
bindingResult.addError(new ObjectError("Products", "..."));
}
// only try and create if no errors so far
if (!bindingResult.hasErrors()) {
newProductId = productService.create(..., productForm);
if (newProductId <= 0) {
bindingResult.addError(new ObjectError("Products", "..."));
}
}
}
if (bindingResult.hasErrors()) {
return mav;
}
return new ModelAndView("redirect:/products/show/" + newProductId);
}
So the side of the interface is described above (using Spring MVC).
Now, how should I develop the service level, so in this example, ProductServiceImpl has a create method that will create the product and save it to the database.
I need to check permissions based on user role, etc.
I could do this at the user interface level by first checking to see if the user has the rights to create the product:
if(permissionService.hasPermission(.....)) {
newProductId = productService.create(....)
}
But this connects this logic with the user interface level, I think it should be in the creation method itself:
public class ProductServiceImpl implements ProductService {
@Autowired
PermissionService permissionService;
..
@Override
public int create(...., final ProductForm productForm) {
boolean canCreateProduct = productService.hasPermissions(.....);
if(canCreateProduct) {
Product product = ..... (productForm);
productDao.save(product);
return product.getId();
}
}
}
, , , ProductServiceImpl.create, , ?
, , , , .
?