joelthomastrenser/Training-VehicleService-May26
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

Stop disabled users from performing operations after account deactivation

Browse Source 
Changes:
- Added authorization state tracking to authenticated sessions.
- Revoked authorization immediately when an account-disabled event is received.
- Added authorization validation before protected service operations.
- Cleared authorization state on logout.

Fixes #2078
This commit is contained in:
Joel Thomas
2026-06-17 16:47:15 +05:30
parent b011f600cf
commit 82164e42c3
6 changed files with 56 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Trenser.VehicleServiceSystem/Trenser.VehicleServiceSystem/services/PaymentManagementService.cpp
+6 -1
View File
@@ -15,6 +15,7 @@ Date: 20-May-2026
#include "Invoice.h"
#include "JobCard.h"
#include "PaymentManagementService.h"
#include "AuthenticationManagementService.h"
#include "DataStoreLockGuard.h"
#include "Service.h"
#include "ServiceBooking.h"
@@ -233,6 +234,7 @@ Returns:
*/
util::Map<std::string, Invoice*> PaymentManagementService::getInvoices(const std::string& customerID)
{
AuthenticationManagementService::ensureAuthorization();
DataStoreLockGuard lock(m_dataStore);
auto& currentTrackedInvoices = m_dataStore.getInvoices();
util::Map<std::string, Invoice*> currentUserInvoices;
@@ -261,6 +263,7 @@ Throws:
*/
void PaymentManagementService::completePayment(const std::string& invoiceID, util::PaymentMode paymentMode)
{
AuthenticationManagementService::ensureAuthorization();
DataStoreLockGuard lock(m_dataStore);
auto& currentTrackedInvoices = m_dataStore.getInvoices();
int invoiceIndex = currentTrackedInvoices.find(invoiceID);
@@ -289,7 +292,7 @@ void PaymentManagementService::completePayment(const std::string& invoiceID, uti
}
/*
Function: getAllInvoice
Function: getAllInvoices
Description: Provides access to all invoices stored in the data store.
Parameters:
- none
@@ -298,6 +301,7 @@ Returns:
*/
util::Map<std::string, Invoice*> PaymentManagementService::getAllInvoices()
{
AuthenticationManagementService::ensureAuthorization();
DataStoreLockGuard lock(m_dataStore);
util::Map<std::string, Invoice*> invoices;
invoices = util::getObjects(m_dataStore.getInvoices());
@@ -317,6 +321,7 @@ Throws:
*/
void PaymentManagementService::confirmPayment(const std::string& invoiceID)
{
AuthenticationManagementService::ensureAuthorization();
DataStoreLockGuard lock(m_dataStore);
auto& currentTrackedInvoices = m_dataStore.getInvoices();
int invoiceIndex = currentTrackedInvoices.find(invoiceID);