001/** 002 * Copyright 2005-2017 The Kuali Foundation 003 * 004 * Licensed under the Educational Community License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.opensource.org/licenses/ecl2.php 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.kuali.rice.kew.role.service.impl; 017 018import org.apache.commons.lang.StringUtils; 019import org.kuali.rice.core.api.exception.RiceIllegalArgumentException; 020import org.kuali.rice.core.api.membership.MemberType; 021import org.kuali.rice.kew.api.KewApiServiceLocator; 022import org.kuali.rice.kew.api.action.ActionRequest; 023import org.kuali.rice.kew.api.action.ActionRequestStatus; 024import org.kuali.rice.kew.api.KewApiConstants; 025import org.kuali.rice.kim.api.KimConstants; 026import org.kuali.rice.kim.api.role.Role; 027import org.kuali.rice.kim.api.role.RoleMembership; 028import org.kuali.rice.kim.framework.common.delegate.DelegationTypeService; 029import org.kuali.rice.kim.framework.role.RoleTypeService; 030import org.kuali.rice.kns.kim.role.DerivedRoleTypeServiceBase; 031 032import java.util.ArrayList; 033import java.util.Collections; 034import java.util.List; 035import java.util.Map; 036 037/** 038 * 039 * @author Kuali Rice Team (rice.collab@kuali.org) 040 * 041 */ 042public class ActionRequestDerivedRoleTypeServiceImpl extends DerivedRoleTypeServiceBase implements RoleTypeService, DelegationTypeService { 043 private static final String NON_AD_HOC_APPROVE_REQUEST_RECIPIENT_ROLE_NAME = "Non-Ad Hoc Approve Request Recipient"; 044 private static final String APPROVE_REQUEST_RECIPIENT_ROLE_NAME = "Approve Request Recipient"; 045 private static final String ACKNOWLEDGE_REQUEST_RECIPIENT_ROLE_NAME = "Acknowledge Request Recipient"; 046 private static final String FYI_REQUEST_RECIPIENT_ROLE_NAME = "FYI Request Recipient"; 047 private static final String COMPLETE_REQUEST_RECIPIENT_ROLE_NAME = "Complete Request Recipient"; 048 049 @Override 050 protected List<String> getRequiredAttributes() { 051 final List<String> attrs = new ArrayList<String>(super.getRequiredAttributes()); 052 attrs.add(KimConstants.AttributeConstants.DOCUMENT_NUMBER); 053 return Collections.unmodifiableList(attrs); 054 } 055 056 @Override 057 protected boolean isCheckRequiredAttributes() { 058 return true; 059 } 060 061 @Override 062 public List<RoleMembership> getRoleMembersFromDerivedRole(String namespaceCode, String roleName, Map<String, String> qualification) { 063 if (StringUtils.isBlank(namespaceCode)) { 064 throw new RiceIllegalArgumentException("namespaceCode was null or blank"); 065 } 066 067 if (StringUtils.isBlank(roleName)) { 068 throw new RiceIllegalArgumentException("roleName was null"); 069 } 070 List<RoleMembership> members = new ArrayList<RoleMembership>(); 071 if ( qualification != null && !qualification.isEmpty() ) { 072 String principalId = qualification.get(KimConstants.AttributeConstants.PRINCIPAL_ID); 073 if (qualification.containsKey(KimConstants.AttributeConstants.PRINCIPAL_ID) 074 && hasDerivedRole(principalId, null, namespaceCode, 075 roleName, qualification)) { 076 members.add(RoleMembership.Builder.create(null/*roleId*/, null, principalId, MemberType.PRINCIPAL, null).build()); 077 } 078 } 079 return members; 080 } 081 082 @Override 083 public boolean hasDerivedRole(String principalId, 084 List<String> groupIds, String namespaceCode, String roleName, 085 Map<String, String> qualification) { 086 /*if (StringUtils.isBlank(principalId)) { 087 throw new RiceIllegalArgumentException("principalId was null or blank"); 088 } 089 090 if (groupIds == null) { 091 throw new RiceIllegalArgumentException("groupIds was null or blank"); 092 } 093 094 if (StringUtils.isBlank(namespaceCode)) { 095 throw new RiceIllegalArgumentException("namespaceCode was null or blank"); 096 }*/ 097 098 if (StringUtils.isBlank(roleName)) { 099 throw new RiceIllegalArgumentException("roleName was null or blank"); 100 } 101 102 if (qualification == null) { 103 throw new RiceIllegalArgumentException("qualification was null"); 104 } 105 106 validateRequiredAttributesAgainstReceived(qualification); 107 try { 108 if ( (qualification != null && !qualification.isEmpty())) { 109 List<ActionRequest> actionRequests = KewApiServiceLocator.getWorkflowDocumentService().getActionRequestsForPrincipalAtNode( 110 qualification.get(KimConstants.AttributeConstants.DOCUMENT_NUMBER), null, principalId); 111 if (APPROVE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName) || NON_AD_HOC_APPROVE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName)) { 112 for ( ActionRequest ar : actionRequests ) { 113 if ( ar.getActionRequested().getCode().equals( KewApiConstants.ACTION_REQUEST_APPROVE_REQ ) 114 && ar.getStatus().getCode().equals( ActionRequestStatus.ACTIVATED.getCode() ) ) { 115 return APPROVE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName) || (NON_AD_HOC_APPROVE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName) && !ar.isAdHocRequest()); 116 } 117 } 118 return false; 119 } 120 if (ACKNOWLEDGE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName)) { 121 for ( ActionRequest ar : actionRequests ) { 122 if ( ar.getActionRequested().getCode().equals( KewApiConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ ) 123 && ar.getStatus().getCode().equals( ActionRequestStatus.ACTIVATED.getCode() ) ) { 124 return true; 125 } 126 } 127 return false; 128 } 129 if (FYI_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName)) { 130 for ( ActionRequest ar : actionRequests ) { 131 if ( ar.getActionRequested().getCode().equals( KewApiConstants.ACTION_REQUEST_FYI_REQ ) 132 && ar.getStatus().getCode().equals( ActionRequestStatus.ACTIVATED.getCode() ) ) { 133 return true; 134 } 135 } 136 return false; 137 } 138 if (COMPLETE_REQUEST_RECIPIENT_ROLE_NAME.equals(roleName)) { 139 for ( ActionRequest ar : actionRequests ) { 140 if ( ar.getActionRequested().getCode().equals( KewApiConstants.ACTION_REQUEST_COMPLETE_REQ ) 141 && ar.getStatus().getCode().equals( ActionRequestStatus.ACTIVATED.getCode() ) ) { 142 return true; 143 } 144 } 145 return false; 146 } 147 } 148 return false; 149 } catch (RiceIllegalArgumentException e) { 150 throw new RuntimeException("Unable to load route header", e); 151 } 152 } 153 154 /** 155 * Determines if the role specified by the given namespace and role name has a dynamic role membership. 156 * Returns true, as action requests change quite often so membership in this role is highly volatile 157 * 158 * @see RoleTypeService#dynamicRoleMembership(String, String) 159 */ 160 @Override 161 public boolean dynamicRoleMembership(String namespaceCode, String roleName) { 162 if (StringUtils.isBlank(namespaceCode)) { 163 throw new RiceIllegalArgumentException("namespaceCode was null or blank"); 164 } 165 166 if (StringUtils.isBlank(roleName)) { 167 throw new RiceIllegalArgumentException("roleName was null or blank"); 168 } 169 170 return true; 171 } 172 173}