Source code

001/**
002 * Copyright 2005-2017 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kim.rules.ui;
017
018import org.apache.commons.lang.StringUtils;
019import org.kuali.rice.core.api.util.RiceKeyConstants;
020import org.kuali.rice.kim.api.KimConstants;
021import org.kuali.rice.kim.api.group.GroupService;
022import org.kuali.rice.kim.api.services.KimApiServiceLocator;
023import org.kuali.rice.kim.bo.ui.GroupDocumentMember;
024import org.kuali.rice.kim.document.IdentityManagementGroupDocument;
025import org.kuali.rice.kim.rule.event.ui.AddGroupMemberEvent;
026import org.kuali.rice.kim.rule.ui.AddGroupMemberRule;
027import org.kuali.rice.kns.rules.DocumentRuleBase;
028import org.kuali.rice.krad.util.GlobalVariables;
029
030import java.util.HashMap;
031import java.util.Map;
032
033//import org.kuali.rice.kim.api.group.GroupServiceBase;
034
035/**
036 * This is a description of what this class does - shyu don't forget to fill this in. 
037 * 
038 * @author Kuali Rice Team (rice.collab@kuali.org)
039 *
040 */
041public class GroupDocumentMemberRule extends DocumentRuleBase implements AddGroupMemberRule {
042
043        private static final String ERROR_PATH = "document.member.memberId";
044
045        public boolean processAddGroupMember(AddGroupMemberEvent addGroupMemberEvent){
046                GroupDocumentMember newMember = addGroupMemberEvent.getMember();
047                IdentityManagementGroupDocument document = (IdentityManagementGroupDocument)addGroupMemberEvent.getDocument();
048            boolean rulePassed = true;
049
050        if (newMember == null || StringUtils.isBlank(newMember.getMemberId())){
051            GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member"});
052            return false;
053        }
054        if(!validAssignGroup(newMember, document))
055                return false;
056
057            int i = 0;
058            for (GroupDocumentMember member: document.getMembers()){
059                if (member.getMemberId().equals(newMember.getMemberId()) && member.getMemberTypeCode().equals(newMember.getMemberTypeCode())){
060                    rulePassed = false;
061                    GlobalVariables.getMessageMap().putError("document.members["+i+"].memberId", RiceKeyConstants.ERROR_DUPLICATE_ENTRY, new String[] {"Member"});
062                }
063                i++;
064            }
065            
066            // check for circular reference
067                GroupService groupService = KimApiServiceLocator.getGroupService();
068                if (groupService.isGroupMemberOfGroup(document.getGroupId(),newMember.getMemberId())){
069            GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_GROUP_MEMBER_CIRCULAR, new String[] {newMember.getMemberId()});
070                        return false;
071                }
072            
073                return rulePassed;
074        } 
075
076        protected boolean validAssignGroup(GroupDocumentMember groupMember, IdentityManagementGroupDocument document){
077        boolean rulePassed = true;
078                if(StringUtils.isNotEmpty(document.getGroupNamespace())){
079                        Map<String,String> roleDetails = new HashMap<String,String>();
080                        roleDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, document.getGroupNamespace());
081                        roleDetails.put(KimConstants.AttributeConstants.GROUP_NAME, document.getGroupName());
082                        if (!getDocumentDictionaryService().getDocumentAuthorizer(document).isAuthorizedByTemplate(
083                                        document, 
084                                        KimConstants.NAMESPACE_CODE, 
085                                        KimConstants.PermissionTemplateNames.POPULATE_GROUP,
086                                        GlobalVariables.getUserSession().getPerson().getPrincipalId(), 
087                                        roleDetails, null)){
088                    GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_GROUP, 
089                                new String[] {document.getGroupNamespace(), document.getGroupName()});
090                    rulePassed = false;
091                        }
092                }
093                return rulePassed;
094        }
095
096}