package org.kuali.kfs.sec.service.impl;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.kuali.kfs.core.api.config.property.ConfigurationService;
import org.kuali.kfs.coreservice.framework.parameter.ParameterService;
import org.kuali.kfs.datadictionary.legacy.BusinessObjectDictionaryService;
import org.kuali.kfs.datadictionary.legacy.DataDictionaryService;
import org.kuali.kfs.kew.api.WorkflowDocument;
import org.kuali.kfs.kim.api.permission.PermissionService;
import org.kuali.kfs.kim.api.role.RoleService;
import org.kuali.kfs.kim.api.services.KimApiServiceLocator;
import org.kuali.kfs.kim.impl.common.template.Template;
import org.kuali.kfs.kim.impl.identity.Person;
import org.kuali.kfs.kim.impl.permission.Permission;
import org.kuali.kfs.kim.impl.permission.PermissionTemplate;
import org.kuali.kfs.krad.bo.BusinessObject;
import org.kuali.kfs.krad.bo.PersistableBusinessObject;
import org.kuali.kfs.krad.document.Document;
import org.kuali.kfs.krad.util.GlobalVariables;
import org.kuali.kfs.krad.util.ObjectUtils;
import org.kuali.kfs.module.cg.service.ContractsAndGrantsService;
import org.kuali.kfs.module.purap.document.AccountsPayableDocument;
import org.kuali.kfs.module.purap.document.PurchaseOrderDocument;
import org.kuali.kfs.module.purap.document.PurchasingAccountsPayableDocumentBase;
import org.kuali.kfs.module.purap.document.service.RequisitionService;
import org.kuali.kfs.sec.SecConstants;
import org.kuali.kfs.sec.businessobject.AccessSecurityRestrictionInfo;
import org.kuali.kfs.sec.datadictionary.AccessSecurityAttributeRestrictionEntry;
import org.kuali.kfs.sec.identity.SecKimAttributes;
import org.kuali.kfs.sec.service.AccessPermissionEvaluator;
import org.kuali.kfs.sec.service.AccessSecurityService;
import org.kuali.kfs.sys.businessobject.AccountingLine;
import org.kuali.kfs.sys.businessobject.GeneralLedgerPendingEntry;
import org.kuali.kfs.sys.businessobject.ReportBusinessObject;
import org.kuali.kfs.sys.businessobject.SourceAccountingLine;
import org.kuali.kfs.sys.businessobject.TargetAccountingLine;
import org.kuali.kfs.sys.businessobject.datadictionary.FinancialSystemBusinessObjectEntry;
import org.kuali.kfs.sys.document.AccountingDocument;

/* loaded from: input_file:WEB-INF/lib/kfs-core-2024-12-18.jar:org/kuali/kfs/sec/service/impl/AccessSecurityServiceImpl.class */
public class AccessSecurityServiceImpl implements AccessSecurityService {
    private static final Logger LOG = LogManager.getLogger();
    protected BusinessObjectDictionaryService businessObjectDictionaryService;
    protected ConfigurationService configurationService;
    protected ContractsAndGrantsService contractsAndGrantsService;
    protected DataDictionaryService dataDictionaryService;
    protected ParameterService parameterService;
    protected PermissionService permissionService;
    protected RoleService roleService;
    private RequisitionService requisitionService;

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public void applySecurityRestrictionsForGLInquiry(List<? extends BusinessObject> list, Person person) {
        applySecurityRestrictions(list, person, getInquiryWithFieldValueTemplate(), Collections.singletonMap("namespaceCode", "KFS-GL"));
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public void applySecurityRestrictionsForLaborInquiry(List<? extends BusinessObject> list, Person person) {
        applySecurityRestrictions(list, person, getInquiryWithFieldValueTemplate(), Collections.singletonMap("namespaceCode", "KFS-LD"));
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public void applySecurityRestrictionsForLookup(List<? extends BusinessObject> list, Person person) {
        applySecurityRestrictions(list, person, getLookupWithFieldValueTemplate(), null);
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public void applySecurityRestrictions(List<? extends BusinessObject> list, Person person, Template template, Map<String, String> map) {
        if (!isAccessSecurityEnabled() || list == null || list.isEmpty()) {
            return;
        }
        ArrayList arrayList = new ArrayList();
        for (BusinessObject businessObject : list) {
            if (!evaluateSecurityPermissionsByTemplate(businessObject, businessObject.getClass(), person, template, map, null)) {
                arrayList.add(businessObject);
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            list.remove((BusinessObject) it.next());
        }
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canEditDocumentAccountingLine(AccountingDocument accountingDocument, AccountingLine accountingLine, Person person, AccessSecurityRestrictionInfo accessSecurityRestrictionInfo) {
        if (checkForEditLineOverrides(accountingDocument, accountingLine, person)) {
            return true;
        }
        Class cls = TargetAccountingLine.class.isAssignableFrom(accountingLine.getClass()) ? TargetAccountingLine.class : SourceAccountingLine.class;
        if (accessSecurityRestrictionInfo != null) {
            accessSecurityRestrictionInfo.setDocumentNumber(accountingDocument.getDocumentNumber());
        }
        return evaluateSecurityPermissionsByTemplate(accountingLine, cls, person, getEditAccountingLineWithFieldValueTemplate(), getDocumentTypeDetail(accountingDocument), accessSecurityRestrictionInfo);
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canEditDocumentAccountingLine(AccountingDocument accountingDocument, AccountingLine accountingLine, Person person) {
        return canEditDocumentAccountingLine(accountingDocument, accountingLine, person, new AccessSecurityRestrictionInfo());
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canViewDocument(AccountingDocument accountingDocument, Person person, AccessSecurityRestrictionInfo accessSecurityRestrictionInfo) {
        if (checkForWorkflowRoutingRequests(accountingDocument, person) || checkForViewDocumentOverrides(accountingDocument, person) || checkForAccountingLineOverrides(accountingDocument, person)) {
            return true;
        }
        if (accessSecurityRestrictionInfo != null) {
            accessSecurityRestrictionInfo.setDocumentNumber(accountingDocument.getDocumentNumber());
        }
        return evaluateSecurityOnAccountingLinesByTemplate(accountingDocument, person, getViewDocumentWithFieldValueTemplate(), accessSecurityRestrictionInfo);
    }

    private boolean checkForAccountingLineOverrides(AccountingDocument accountingDocument, Person person) {
        ArrayList arrayList = new ArrayList(accountingDocument.getSourceAccountingLines());
        arrayList.addAll(accountingDocument.getTargetAccountingLines());
        return arrayList.stream().anyMatch(accountingLine -> {
            return checkForViewLineOverrides(accountingDocument, accountingLine, person);
        });
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canViewDocumentAccountingLine(AccountingDocument accountingDocument, AccountingLine accountingLine, Person person) {
        if (checkForViewLineOverrides(accountingDocument, accountingLine, person)) {
            return true;
        }
        return evaluateSecurityPermissionsByTemplate(accountingLine, TargetAccountingLine.class.isAssignableFrom(accountingLine.getClass()) ? TargetAccountingLine.class : SourceAccountingLine.class, person, getViewAccountingLineWithFieldValueTemplate(), getDocumentTypeDetail(accountingDocument), null);
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canViewDocumentNotesAttachments(AccountingDocument accountingDocument, Person person) {
        if (checkForViewDocumentOverrides(accountingDocument, person) || checkForAccountingLineOverrides(accountingDocument, person)) {
            return true;
        }
        return evaluateSecurityOnAccountingLinesByTemplate(accountingDocument, person, getViewNotesAttachmentsWithFieldValueTemplate(), null);
    }

    protected boolean evaluateSecurityOnAccountingLinesByTemplate(AccountingDocument accountingDocument, Person person, Template template, AccessSecurityRestrictionInfo accessSecurityRestrictionInfo) {
        if (!isAccessSecurityEnabled()) {
            return true;
        }
        Map<String, String> documentTypeDetail = getDocumentTypeDetail(accountingDocument);
        return accountingDocument.getSourceAccountingLines().stream().allMatch(accountingLine -> {
            return evaluateSecurityPermissionsByTemplate(accountingLine, SourceAccountingLine.class, person, template, documentTypeDetail, accessSecurityRestrictionInfo);
        }) && accountingDocument.getTargetAccountingLines().stream().allMatch(accountingLine2 -> {
            return evaluateSecurityPermissionsByTemplate(accountingLine2, TargetAccountingLine.class, person, template, documentTypeDetail, accessSecurityRestrictionInfo);
        });
    }

    protected boolean checkForWorkflowRoutingRequests(AccountingDocument accountingDocument, Person person) {
        WorkflowDocument workflowDocument = accountingDocument.getDocumentHeader().getWorkflowDocument();
        return workflowDocument.isApprovalRequested() || workflowDocument.isAcknowledgeRequested() || workflowDocument.isFYIRequested();
    }

    protected boolean checkForViewDocumentOverrides(AccountingDocument accountingDocument, Person person) {
        if (!this.parameterService.getParameterValueAsBoolean("KFS-SEC", SecConstants.ACCESS_SECURITY_COMPONENT, SecConstants.SecurityParameterNames.INITIATOR_IND).booleanValue()) {
            return false;
        }
        String principalId = person.getPrincipalId();
        return initiatorMatches(accountingDocument, principalId) || relatedRequisitionInitiatorMatches(accountingDocument, principalId);
    }

    protected boolean checkForViewLineOverrides(AccountingDocument accountingDocument, AccountingLine accountingLine, Person person) {
        if (this.parameterService.getParameterValueAsBoolean("KFS-SEC", SecConstants.ACCESS_SECURITY_COMPONENT, SecConstants.SecurityParameterNames.INITIATOR_IND).booleanValue() && initiatorMatches(accountingDocument, person.getPrincipalId())) {
            return true;
        }
        return ObjectUtils.isNotNull(accountingLine.getAccount()) && isAccountRoleOverrideApplicable(accountingLine, person);
    }

    protected boolean checkForEditLineOverrides(AccountingDocument accountingDocument, AccountingLine accountingLine, Person person) {
        return ObjectUtils.isNotNull(accountingLine.getAccount()) && isAccountRoleOverrideApplicable(accountingLine, person);
    }

    private Boolean allowAccessBasedOnParameter(String str) {
        return this.parameterService.getParameterValueAsBoolean("KFS-SEC", "All", str);
    }

    private boolean initiatorMatches(AccountingDocument accountingDocument, String str) {
        return StringUtils.equals(accountingDocument.getDocumentHeader().getWorkflowDocument().getInitiatorPrincipalId(), str);
    }

    private boolean relatedRequisitionInitiatorMatches(AccountingDocument accountingDocument, String str) {
        return StringUtils.equals(determineRelatedRequisitionInitiatorPrincipalId(accountingDocument), str);
    }

    String determineRelatedRequisitionInitiatorPrincipalId(Document document) {
        if (!(document instanceof PurchasingAccountsPayableDocumentBase)) {
            return null;
        }
        Integer num = null;
        if (document instanceof AccountsPayableDocument) {
            PurchaseOrderDocument purchaseOrderDocument = ((AccountsPayableDocument) document).getPurchaseOrderDocument();
            if (ObjectUtils.isNotNull(purchaseOrderDocument)) {
                num = purchaseOrderDocument.getRequisitionIdentifier();
            }
        } else if (document instanceof PurchaseOrderDocument) {
            num = ((PurchaseOrderDocument) document).getRequisitionIdentifier();
        }
        if (ObjectUtils.isNotNull(num)) {
            return this.requisitionService.getRequisitionById(num).getDocumentHeader().getWorkflowDocument().getInitiatorPrincipalId();
        }
        return null;
    }

    private boolean isAccountRoleOverrideApplicable(AccountingLine accountingLine, Person person) {
        return isFiscalOfficerOverrideApplicable(accountingLine, person) || isAccountManagerOverrideApplicable(accountingLine, person) || isAccountSupervisorOverrideApplicable(accountingLine, person) || isPrincipalInvestigatorOverrideApplicable(accountingLine, person);
    }

    private boolean isFiscalOfficerOverrideApplicable(AccountingLine accountingLine, Person person) {
        return allowAccessBasedOnParameter(SecConstants.SecurityParameterNames.ALWAYS_ALLOW_FISCAL_OFFICER_LINE_ACCESS_IND).booleanValue() && StringUtils.equals(accountingLine.getAccount().getAccountFiscalOfficerSystemIdentifier(), person.getPrincipalId());
    }

    private boolean isAccountManagerOverrideApplicable(AccountingLine accountingLine, Person person) {
        return allowAccessBasedOnParameter(SecConstants.SecurityParameterNames.ALWAYS_ALLOW_ACCOUNT_MGR_LINE_ACCESS_IND).booleanValue() && StringUtils.equals(accountingLine.getAccount().getAccountManagerSystemIdentifier(), person.getPrincipalId());
    }

    private boolean isAccountSupervisorOverrideApplicable(AccountingLine accountingLine, Person person) {
        return allowAccessBasedOnParameter(SecConstants.SecurityParameterNames.ALWAYS_ALLOW_SUPERVISOR_LINE_ACCESS_IND).booleanValue() && StringUtils.equals(accountingLine.getAccount().getAccountsSupervisorySystemsIdentifier(), person.getPrincipalId());
    }

    private boolean isPrincipalInvestigatorOverrideApplicable(AccountingLine accountingLine, Person person) {
        Person projectDirectorForAccount;
        return allowAccessBasedOnParameter(SecConstants.SecurityParameterNames.ALWAYS_ALLOW_PRINCIPAL_INVESTIGATOR_LINE_ACCESS_IND).booleanValue() && (projectDirectorForAccount = this.contractsAndGrantsService.getProjectDirectorForAccount(accountingLine.getAccount())) != null && StringUtils.equals(projectDirectorForAccount.getPrincipalId(), person.getPrincipalId());
    }

    protected boolean evaluateSecurityPermissionsByTemplate(BusinessObject businessObject, Class cls, Person person, Template template, Map<String, String> map, AccessSecurityRestrictionInfo accessSecurityRestrictionInfo) {
        Object propertyValue;
        boolean z = true;
        if (!isAccessSecurityEnabled()) {
            return true;
        }
        FinancialSystemBusinessObjectEntry financialSystemBusinessObjectEntry = (FinancialSystemBusinessObjectEntry) this.businessObjectDictionaryService.getBusinessObjectEntry(cls.getName());
        if (ReportBusinessObject.class.isAssignableFrom(businessObject.getClass())) {
            ((ReportBusinessObject) businessObject).refreshNonUpdateableForReport();
        } else if (PersistableBusinessObject.class.isAssignableFrom(businessObject.getClass())) {
            ((PersistableBusinessObject) businessObject).refreshNonUpdateableReferences();
        } else {
            businessObject.refresh();
        }
        Iterator<AccessSecurityAttributeRestrictionEntry> it = financialSystemBusinessObjectEntry.getAccessRestrictedAttributes().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AccessSecurityAttributeRestrictionEntry next = it.next();
            HashMap hashMap = new HashMap();
            hashMap.put("propertyName", next.getSecurityAttributeName());
            if (map != null) {
                hashMap.putAll(map);
            }
            List<Permission> authorizedPermissionsByTemplate = this.permissionService.getAuthorizedPermissionsByTemplate(person.getPrincipalId(), template.getNamespaceCode(), template.getName(), hashMap, new HashMap(0));
            if (authorizedPermissionsByTemplate != null && !authorizedPermissionsByTemplate.isEmpty() && (propertyValue = ObjectUtils.getPropertyValue(businessObject, next.getAttribute().getName())) != null && StringUtils.isNotEmpty(propertyValue.toString())) {
                HashMap hashMap2 = new HashMap();
                for (String str : next.getOtherKeyFields().keySet()) {
                    hashMap2.put(str, ObjectUtils.getPropertyValue(businessObject, next.getOtherKeyFields().get(str).getName()));
                }
                z = evaluateSecurityPermissions(next.getAccessPermissionEvaluatorClass(), authorizedPermissionsByTemplate, propertyValue.toString(), person, hashMap2);
                if (!z) {
                    if (accessSecurityRestrictionInfo != null) {
                        accessSecurityRestrictionInfo.setSecurityAttributeName(next.getSecurityAttributeName());
                        accessSecurityRestrictionInfo.setPropertyName(next.getAttribute().getName());
                        accessSecurityRestrictionInfo.setPropertyLabel(next.getAttribute().getLabel());
                        accessSecurityRestrictionInfo.setRestrictedValue((String) propertyValue);
                    }
                }
            }
        }
        return z;
    }

    protected Map<String, String> getDocumentTypeDetail(AccountingDocument accountingDocument) {
        HashMap hashMap = new HashMap();
        hashMap.put("documentTypeName", accountingDocument.getFinancialDocumentTypeCode());
        return hashMap;
    }

    protected boolean evaluateSecurityPermissions(Class<? extends AccessPermissionEvaluator> cls, List<Permission> list, String str, Person person, Map<String, Object> map) {
        boolean z = true;
        ArrayList<Map<String, String>> arrayList = new ArrayList();
        for (Permission permission : list) {
            List<Map<String, String>> nestedRoleQualifiersForPrincipalByRoleIds = getRoleService().getNestedRoleQualifiersForPrincipalByRoleIds(person.getPrincipalId(), this.permissionService.getRoleIdsForPermission(permission.getNamespaceCode(), permission.getName()), new HashMap());
            if (nestedRoleQualifiersForPrincipalByRoleIds != null) {
                arrayList.addAll(nestedRoleQualifiersForPrincipalByRoleIds);
            }
        }
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        boolean z5 = false;
        for (Map<String, String> map2 : arrayList) {
            boolean valueIsAllowed = constructAccessPermissionEvaluator(cls, map2, map, person).valueIsAllowed(str);
            String str2 = map2.get(SecKimAttributes.CONSTRAINT_CODE);
            if (!valueIsAllowed && StringUtils.contains(str2, "D")) {
                z4 = true;
            }
            if (StringUtils.contains(str2, "A")) {
                z2 = true;
                if (valueIsAllowed) {
                    z3 = true;
                    if (Boolean.parseBoolean(map2.get(SecKimAttributes.OVERRIDE_DENY))) {
                        z5 = true;
                    }
                }
            }
        }
        if ((z4 && !z5) || (z2 && !z3)) {
            z = false;
        }
        return z;
    }

    protected AccessPermissionEvaluator constructAccessPermissionEvaluator(Class<? extends AccessPermissionEvaluator> cls, Map<String, String> map, Map<String, Object> map2, Person person) {
        try {
            AccessPermissionEvaluator newInstance = cls.newInstance();
            newInstance.setConstraintCode(map.get(SecKimAttributes.CONSTRAINT_CODE));
            newInstance.setOperatorCode(map.get(SecKimAttributes.OPERATOR));
            newInstance.setPropertyValue(map.get("propertyValue"));
            newInstance.setOtherKeyFieldValueMap(map2);
            newInstance.setPerson(person);
            return newInstance;
        } catch (Exception e) {
            String str = "Unable to create new instance of AccessPermissionEvaluator class: " + cls.getName();
            LOG.error(str, (Throwable) e);
            throw new RuntimeException(str, e);
        }
    }

    protected boolean isAccessSecurityEnabled() {
        return this.parameterService.getParameterValueAsBoolean("KFS-SEC", "All", SecConstants.SecurityParameterNames.ENABLE_ACCESS_SECURITY).booleanValue();
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getEditAccountingLineWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.EDIT_ACCOUNTING_LINE_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("Edit Accounting Line with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getEditDocumentWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.EDIT_DOCUMENT_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("Edit Document with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getInquiryWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.INQUIRY_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("Balance Inquiry with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getLookupWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.LOOKUP_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("Lookup with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getViewAccountingLineWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.VIEW_ACCOUNTING_LINE_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("View Accounting Line with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getViewDocumentWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.VIEW_DOCUMENT_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("View Document with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public PermissionTemplate getViewNotesAttachmentsWithFieldValueTemplate() {
        PermissionTemplate findPermTemplateByNamespaceCodeAndName = this.permissionService.findPermTemplateByNamespaceCodeAndName("KFS-SEC", SecConstants.SecurityTemplateNames.VIEW_NOTES_ATTACHMENTS_FIELD_VALUE);
        if (findPermTemplateByNamespaceCodeAndName != null) {
            return findPermTemplateByNamespaceCodeAndName;
        }
        throw new RuntimeException("View Notes/Attachments with Field Value parameter does not exist");
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean canViewGLPE(Document document, GeneralLedgerPendingEntry generalLedgerPendingEntry, Person person) {
        boolean z = true;
        if (this.configurationService.getPropertyValueAsBoolean(SecConstants.ACCESS_SECURITY_MODULE_ENABLED_PROPERTY_NAME) && (document instanceof AccountingDocument)) {
            SourceAccountingLine sourceAccountingLine = new SourceAccountingLine();
            sourceAccountingLine.setPostingYear(generalLedgerPendingEntry.getUniversityFiscalYear());
            sourceAccountingLine.setChartOfAccountsCode(generalLedgerPendingEntry.getChartOfAccountsCode());
            sourceAccountingLine.setAccountNumber(generalLedgerPendingEntry.getAccountNumber());
            sourceAccountingLine.setSubAccountNumber(generalLedgerPendingEntry.getSubAccountNumber());
            sourceAccountingLine.setFinancialObjectCode(generalLedgerPendingEntry.getFinancialObjectCode());
            sourceAccountingLine.setFinancialSubObjectCode(generalLedgerPendingEntry.getFinancialSubObjectCode());
            sourceAccountingLine.setProjectCode(generalLedgerPendingEntry.getProjectCode());
            sourceAccountingLine.refreshNonUpdateableReferences();
            z = canViewDocumentAccountingLine((AccountingDocument) document, sourceAccountingLine, GlobalVariables.getUserSession().getPerson());
        }
        return z;
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public void compareListSizeAndAddMessageIfChanged(int i, List<?> list, String str) {
        int size = list.size();
        if (i != size) {
            GlobalVariables.getMessageMap().putInfo("GlobalMessages", str, Integer.toString(i - size));
        }
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public Collection<String> getAccessSecurityControlledDocumentTypeNames() {
        return this.parameterService.getParameterValuesAsString("KFS-SEC", "All", SecConstants.SecurityParameterNames.ACCESS_SECURITY_DOCUMENT_TYPES);
    }

    @Override // org.kuali.kfs.sec.service.AccessSecurityService
    public boolean isAccessSecurityControlledDocumentType(String str) {
        return getAccessSecurityControlledDocumentTypeNames().contains(str);
    }

    public void setBusinessObjectDictionaryService(BusinessObjectDictionaryService businessObjectDictionaryService) {
        this.businessObjectDictionaryService = businessObjectDictionaryService;
    }

    public void setConfigurationService(ConfigurationService configurationService) {
        this.configurationService = configurationService;
    }

    public void setContractsAndGrantsService(ContractsAndGrantsService contractsAndGrantsService) {
        this.contractsAndGrantsService = contractsAndGrantsService;
    }

    public void setDataDictionaryService(DataDictionaryService dataDictionaryService) {
        this.dataDictionaryService = dataDictionaryService;
    }

    public void setParameterService(ParameterService parameterService) {
        this.parameterService = parameterService;
    }

    public void setPermissionService(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    public RoleService getRoleService() {
        if (this.roleService == null) {
            this.roleService = KimApiServiceLocator.getRoleService();
        }
        return this.roleService;
    }

    public void setRequisitionService(RequisitionService requisitionService) {
        this.requisitionService = requisitionService;
    }
}
