You can associate an extension point with an access control action. You can configure
HCL Commerce to check whether the current user can perform the action before the extension
code is invoked, and pass the result to the extension code through the access control
context.
The following procedure provides an example for associating an extension point with the action
"CSRAction" to check whether the current user is a customer service
representative.
Before you begin
- Register the xC extension code for the stores that need to use the extension.
Procedure
-
In your development environment, use the Data Load utility to load the data for updating the
registration of an extension to include access control changes.
-
Save the following CSV file into the
WCDE_installdir/samples/DataLoad/xC directory.
The file adds access control for an extension that validates order quantity. In the file,
- Notice that the Properties column contains the name-value pair
AccessControlActions=CSRAction. By defining the
AccessControlActions property, you associate the validate_quantity
extension point with the CSRAction access control action.
- Ensure that you specify a unique integer for the UEConfigId column in the CSV file. The sample
uses 1.
-
Load the data to the database. For more information, see Assigning extension code to extension points.
-
In your externalized customization implementation code, use the following method to get the
resulting Boolean value of the access control check for
CSRAction.:
boolean csrAction = Boolean.parseBoolean(ueRequest.getContextData().getAccessControlContext().get("CSRAction"));
-
Using the resulting Boolean value, define your logic implementation by using the access control
value.
For example,
if(csrAction) {
// CSR-specific logic
}else{
// Non-CSR logic
}