Source code

001/**
002 * Copyright 2005-2018 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kns.kim.role;
017
018
019import org.apache.commons.lang.StringUtils;
020import org.kuali.rice.core.api.exception.RiceIllegalArgumentException;
021import org.kuali.rice.core.api.membership.MemberType;
022import org.kuali.rice.kim.api.KimConstants;
023import org.kuali.rice.kim.api.identity.IdentityService;
024import org.kuali.rice.kim.api.identity.entity.EntityDefault;
025import org.kuali.rice.kim.api.identity.principal.Principal;
026import org.kuali.rice.kim.api.role.Role;
027import org.kuali.rice.kim.api.role.RoleMembership;
028import org.kuali.rice.kim.api.services.KimApiServiceLocator;
029import org.kuali.rice.kns.kim.role.DerivedRoleTypeServiceBase;
030
031import java.util.ArrayList;
032import java.util.Collections;
033import java.util.List;
034import java.util.Map;
035
036/**
037 * This is a description of what this class does - kellerj don't forget to fill this in. 
038 * 
039 * @author Kuali Rice Team (rice.collab@kuali.org)
040 *
041 * @deprecated A krad integrated type service base class will be provided in the future.
042 */
043@Deprecated
044public class PrincipalDerivedRoleTypeServiceImpl extends DerivedRoleTypeServiceBase {
045        
046        private IdentityService identityService;
047
048    @Override
049    protected List<String> getRequiredAttributes() {
050        final List<String> attrs = new ArrayList<String>(super.getRequiredAttributes());
051        attrs.add(KimConstants.AttributeConstants.PRINCIPAL_ID);
052        return Collections.unmodifiableList(attrs);
053    }
054
055    @Override
056    protected boolean isCheckRequiredAttributes() {
057        return false;
058    }
059
060        @Override
061        public boolean performMatch(Map<String, String> inputAttributes, Map<String, String> storedAttributes) {
062                if (inputAttributes == null) {
063            throw new RiceIllegalArgumentException("inputAttributes was null");
064        }
065
066                if (storedAttributes == null) {
067            throw new RiceIllegalArgumentException("storedAttributes was null");
068        }
069
070        return true;
071        }
072
073        /**
074         * Since this is potentially the entire set of users, just check the qualification for the user we are interested in and return it.
075         */
076        @Override
077    public List<RoleMembership> getRoleMembersFromDerivedRole(String namespaceCode, String roleName, Map<String, String> qualification) {
078                if (StringUtils.isBlank(namespaceCode)) {
079            throw new RiceIllegalArgumentException("namespaceCode was null or blank");
080        }
081
082        if (roleName == null) {
083            throw new RiceIllegalArgumentException("roleName was null");
084        }
085
086                if ( qualification == null || qualification.isEmpty() ) {
087                        return Collections.emptyList();
088                }
089        ArrayList<RoleMembership> tempIdList = new ArrayList<RoleMembership>();
090                qualification = translateInputAttributes(qualification);
091                // check that the principal ID is not null
092                String principalId = qualification.get( KimConstants.AttributeConstants.PRINCIPAL_ID );
093                if ( hasDerivedRole(principalId, null, namespaceCode, roleName, qualification)) {
094                tempIdList.add( RoleMembership.Builder.create(null/*roleId*/, null, principalId, MemberType.PRINCIPAL, null).build());
095                }
096                return tempIdList;
097        }
098        
099        @Override
100        public boolean hasDerivedRole(String principalId, List<String> groupIds, String namespaceCode, String roleName, Map<String, String> qualification) {
101        if (StringUtils.isBlank(principalId)) {
102            throw new RiceIllegalArgumentException("principalId was null or blank");
103        }
104
105        if (groupIds == null) {
106            throw new RiceIllegalArgumentException("groupIds was null or blank");
107        }
108
109        if (StringUtils.isBlank(namespaceCode)) {
110            throw new RiceIllegalArgumentException("namespaceCode was null or blank");
111        }
112
113        if (StringUtils.isBlank(roleName)) {
114            throw new RiceIllegalArgumentException("roleName was null or blank");
115        }
116
117        if (qualification == null) {
118            throw new RiceIllegalArgumentException("qualification was null");
119        }
120
121        // check that the principal exists and is active
122        Principal principal = getIdentityService().getPrincipal( principalId );
123        if ( principal == null || !principal.isActive() ) {
124            return false;
125        }
126        // check that the identity is active
127        EntityDefault entity = getIdentityService().getEntityDefault( principal.getEntityId() );
128        return entity != null && entity.isActive();
129        }
130        
131        protected IdentityService getIdentityService() {
132                if ( identityService == null ) {
133                        identityService = KimApiServiceLocator.getIdentityService();
134                }
135                return identityService;
136        }
137}