Source code

001/**
002 * Copyright 2005-2016 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kns.document.authorization;
017
018
019import org.kuali.rice.kim.api.KimConstants;
020import org.kuali.rice.kim.api.identity.Person;
021import org.kuali.rice.krad.maintenance.MaintenanceDocument;
022import org.kuali.rice.krad.service.DocumentDictionaryService;
023import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
024import org.kuali.rice.krad.util.KRADConstants;
025import org.kuali.rice.krad.util.KRADUtils;
026
027import java.util.HashMap;
028import java.util.HashSet;
029import java.util.Map;
030import java.util.Set;
031
032public class MaintenanceDocumentAuthorizerBase extends DocumentAuthorizerBase implements MaintenanceDocumentAuthorizer {
033        // private static final org.apache.log4j.Logger LOG =
034        // org.apache.log4j.Logger.getLogger(MaintenanceDocumentAuthorizerBase.class);
035
036        transient protected static DocumentDictionaryService documentDictionaryService;
037
038        public boolean canCreate(Class boClass, Person user) {
039                Map<String, String> permissionDetails = new HashMap<String, String>();
040                permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
041                                getDocumentDictionaryService().getMaintenanceDocumentTypeName(
042                                                boClass));
043                permissionDetails.put(KRADConstants.MAINTENANCE_ACTN,
044                                KRADConstants.MAINTENANCE_NEW_ACTION);
045                return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
046                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
047                                permissionDetails)
048                                || getPermissionService()
049                                                .isAuthorizedByTemplate(user.getPrincipalId(), KRADConstants.KNS_NAMESPACE,
050                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, permissionDetails,
051                                new HashMap<String, String>());
052        }
053
054        public boolean canMaintain(Object dataObject, Person user) {
055                Map<String, String> permissionDetails = new HashMap<String, String>(2);
056                permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
057                                getDocumentDictionaryService().getMaintenanceDocumentTypeName(
058                                                dataObject.getClass()));
059                permissionDetails.put(KRADConstants.MAINTENANCE_ACTN,
060                                KRADConstants.MAINTENANCE_EDIT_ACTION);
061                return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
062                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
063                                permissionDetails)
064                                || isAuthorizedByTemplate(
065                                                dataObject,
066                                                KRADConstants.KNS_NAMESPACE,
067                                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
068                                                user.getPrincipalId(), permissionDetails, null);
069        }
070
071        public boolean canCreateOrMaintain(
072                        MaintenanceDocument maintenanceDocument, Person user) {
073                return !permissionExistsByTemplate(maintenanceDocument,
074                                KRADConstants.KNS_NAMESPACE,
075                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS)
076                                || isAuthorizedByTemplate(
077                                                maintenanceDocument,
078                                                KRADConstants.KNS_NAMESPACE,
079                                                KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
080                                                user.getPrincipalId());
081        }
082
083        public Set<String> getSecurePotentiallyHiddenSectionIds() {
084                return new HashSet<String>();
085        }
086
087        public Set<String> getSecurePotentiallyReadOnlySectionIds() {
088                return new HashSet<String>();
089        }
090
091        @SuppressWarnings("unchecked")
092        @Override
093        protected void addRoleQualification(Object dataObject, Map<String, String> attributes) {
094                super.addRoleQualification(dataObject, attributes);
095                if (dataObject instanceof MaintenanceDocument) {
096                        MaintenanceDocument maintDoc = (MaintenanceDocument)dataObject;
097                        if ( maintDoc.getNewMaintainableObject() != null ) {                    
098                                attributes.putAll(
099                        KRADUtils.getNamespaceAndComponentSimpleName(maintDoc.getNewMaintainableObject().getDataObjectClass()));
100                        }
101                }
102        }
103
104        @SuppressWarnings("unchecked")
105        @Override
106        protected void addPermissionDetails(Object dataObject, Map<String, String> attributes) {
107                super.addPermissionDetails(dataObject, attributes);
108                if (dataObject instanceof MaintenanceDocument) {
109                        MaintenanceDocument maintDoc = (MaintenanceDocument)dataObject;
110                        if ( maintDoc.getNewMaintainableObject() != null ) {                    
111                                attributes.putAll(
112                        KRADUtils.getNamespaceAndComponentSimpleName(maintDoc.getNewMaintainableObject().getDataObjectClass()));
113                                attributes.put(KRADConstants.MAINTENANCE_ACTN,maintDoc.getNewMaintainableObject().getMaintenanceAction());
114                        }
115                }
116        }
117
118    protected static DocumentDictionaryService getDocumentDictionaryService() {
119        if (documentDictionaryService == null) {
120            documentDictionaryService = KRADServiceLocatorWeb.getDocumentDictionaryService();
121        }
122        return documentDictionaryService;
123    }
124
125}