Source code

001/**
002 * Copyright 2005-2016 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.krad.service.impl;
017
018import org.kuali.rice.kim.api.identity.Person;
019import org.kuali.rice.krad.datadictionary.AttributeSecurity;
020import org.kuali.rice.krad.document.DocumentAuthorizer;
021import org.kuali.rice.krad.document.DocumentPresentationController;
022import org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer;
023import org.kuali.rice.krad.maintenance.MaintenanceDocumentPresentationController;
024import org.kuali.rice.krad.service.DataDictionaryService;
025import org.kuali.rice.krad.service.DataObjectAuthorizationService;
026import org.kuali.rice.krad.service.DocumentDictionaryService;
027import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
028
029/**
030 * Implementation of <code>DataObjectAuthorizationService</code> that uses the
031 * configured <code>AttributeSecurity</code> for a field to determine authorization
032 * checks that need to be performed
033 *
034 * @author Kuali Rice Team (rice.collab@kuali.org)
035 */
036public class DataObjectAuthorizationServiceImpl implements DataObjectAuthorizationService {
037
038    private DataDictionaryService dataDictionaryService;
039    private DocumentDictionaryService documentDictionaryService;
040
041    /**
042     * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#attributeValueNeedsToBeEncryptedOnFormsAndLinks
043     */
044    @Override
045    public boolean attributeValueNeedsToBeEncryptedOnFormsAndLinks(Class<?> dataObjectClass, String attributeName) {
046        AttributeSecurity attributeSecurity =
047                getDataDictionaryService().getAttributeSecurity(dataObjectClass.getName(), attributeName);
048
049        return attributeSecurity != null && attributeSecurity.hasRestrictionThatRemovesValueFromUI();
050    }
051
052    /**
053     * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#canCreate
054     */
055    @Override
056    public boolean canCreate(Class<?> dataObjectClass, Person user, String docTypeName) {
057        DocumentPresentationController documentPresentationController =
058                getDocumentDictionaryService().getDocumentPresentationController(docTypeName);
059        boolean canCreate =
060                ((MaintenanceDocumentPresentationController) documentPresentationController).canCreate(dataObjectClass);
061        if (canCreate) {
062            DocumentAuthorizer documentAuthorizer = getDocumentDictionaryService().getDocumentAuthorizer(docTypeName);
063            canCreate = ((MaintenanceDocumentAuthorizer) documentAuthorizer).canCreate(dataObjectClass, user);
064        }
065        return canCreate;
066    }
067
068    /**
069     * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#canMaintain
070     */
071    @Override
072    public boolean canMaintain(Object dataObject, Person user, String docTypeName) {
073        return ((MaintenanceDocumentAuthorizer) getDocumentDictionaryService().getDocumentAuthorizer(docTypeName))
074                .canMaintain(dataObject, user);
075    }
076
077    protected DataDictionaryService getDataDictionaryService() {
078        if (dataDictionaryService == null) {
079            this.dataDictionaryService = KRADServiceLocatorWeb.getDataDictionaryService();
080        }
081        return dataDictionaryService;
082    }
083
084    public void setDataDictionaryService(DataDictionaryService dataDictionaryService) {
085        this.dataDictionaryService = dataDictionaryService;
086    }
087
088    protected DocumentDictionaryService getDocumentDictionaryService() {
089        if (documentDictionaryService == null) {
090            documentDictionaryService = KRADServiceLocatorWeb.getDocumentDictionaryService();
091        }
092        return documentDictionaryService;
093    }
094
095    public void setDocumentDictionaryService(DocumentDictionaryService documentDictionaryService) {
096        this.documentDictionaryService = documentDictionaryService;
097    }
098}