Package org.kuali.rice.krad.bo

Class DataObjectAuthorizerBase

java.lang.Object
org.kuali.rice.krad.bo.DataObjectAuthorizerBase
All Implemented Interfaces:
Serializable, DataObjectAuthorizer
Direct Known Subclasses:
DocumentAuthorizerBase, ViewAuthorizerBase
public class DataObjectAuthorizerBase extends Object implements DataObjectAuthorizer, Serializable
Author:
Kuali Rice Team (rice.collab@kuali.org)
See Also:

  • Constructor Details

    • DataObjectAuthorizerBase

      public DataObjectAuthorizerBase()

  • Method Details

    • isAuthorized

      public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId)
      Description copied from interface: DataObjectAuthorizer
      Determines whether the user identified by the given principal ID has the given permission in the context of the data object
      Specified by:
      isAuthorized in interface DataObjectAuthorizer
      Parameters:
      dataObject -
      namespaceCode -
      permissionName -
      principalId -
      Returns:
      boolean true if the user is authorized, false if not
      See Also:

    • isAuthorizedByTemplate

      public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId)
      Description copied from interface: DataObjectAuthorizer
      Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object
      Specified by:
      isAuthorizedByTemplate in interface DataObjectAuthorizer
      Parameters:
      dataObject -
      namespaceCode -
      permissionTemplateName -
      principalId -
      Returns:
      boolean true if the user is authorized, false if not
      See Also:

    • isAuthorized

      public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification)
      Description copied from interface: DataObjectAuthorizer
      Determines whether the user identified by the given principal ID has the given permission in the context of the data object, the additional permission details and role qualifiers are used for the check
      Specified by:
      isAuthorized in interface DataObjectAuthorizer
      Parameters:
      dataObject -
      namespaceCode -
      permissionName -
      principalId -
      collectionOrFieldLevelPermissionDetails -
      collectionOrFieldLevelRoleQualification -
      Returns:
      boolean true if the user is authorized, false if not
      See Also:

    • isAuthorizedByTemplate

      public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification)
      Description copied from interface: DataObjectAuthorizer
      Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object, the additional permission details and role qualifiers are used for the check
      Specified by:
      isAuthorizedByTemplate in interface DataObjectAuthorizer
      Parameters:
      dataObject -
      namespaceCode -
      permissionTemplateName -
      principalId -
      collectionOrFieldLevelPermissionDetails -
      collectionOrFieldLevelRoleQualification -
      Returns:
      boolean true if the user is authorized, false if not
      See Also:

    • addRoleQualification

      protected void addRoleQualification(Object primaryDataObjectOrDocument, Map<String,String> attributes)
      Override this method to populate the role qualifier attributes from the primary data object or document. This will only be called once per request.
      Parameters:
      primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
      attributes - - role qualifiers will be added to this map

    • addPermissionDetails

      protected void addPermissionDetails(Object primaryDataObjectOrDocument, Map<String,String> attributes)
      Override this method to populate the permission details from the primary data object or document. This will only be called once per request.
      Parameters:
      primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
      attributes - - permission details will be added to this map

    • permissionExistsByTemplate

      protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName)

    • permissionExistsByTemplate

      protected final boolean permissionExistsByTemplate(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)

    • permissionExistsByTemplate

      protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)

    • getRoleQualification

      protected final Map<String,String> getRoleQualification(Object primaryDataObjectOrDocument, String principalId)
      Returns a role qualification map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      Parameters:
      primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
      principalId -
      Returns:
      a Map containing role qualifications

    • getPermissionDetailValues

      protected final Map<String,String> getPermissionDetailValues(Object primaryDataObjectOrDocument)
      Returns a permission details map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      Parameters:
      primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
      Returns:
      a Map containing permission details

    • getPermissionService

      protected static PermissionService getPermissionService()

    • getPersonService

      protected static PersonService getPersonService()