org.kuali.rice.krad.document

Class DocumentViewAuthorizerBase

java.lang.Object

org.kuali.rice.krad.bo.DataObjectAuthorizerBase

org.kuali.rice.krad.uif.view.ViewAuthorizerBase

org.kuali.rice.krad.document.DocumentViewAuthorizerBase

All Implemented Interfaces:

Serializable, DataObjectAuthorizer, DocumentAuthorizer, ViewAuthorizer

Direct Known Subclasses:

MaintenanceViewAuthorizerBase

public class DocumentViewAuthorizerBase
extends ViewAuthorizerBase
implements DocumentAuthorizer

Implementation of ViewAuthorizer for DocumentView instances

Performs KIM permission checks for the various document actions such as save, approve, cancel

By default delegates to the DocumentAuthorizer configured for the document in the data dictionary

Author:

Kuali Rice Team (rice.collab@kuali.org)

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
protected static org.apache.commons.logging.Log	LOG
static String	PRE_ROUTING_ROUTE_NAME

Constructor Summary

Constructors

Constructor and Description
DocumentViewAuthorizerBase()

Method Summary

Modifier and Type	Method and Description
protected void	addPermissionDetails(Object dataObject, Map<String,String> attributes) Override this method to populate the permission details from the primary data object or document.
protected void	addRoleQualification(Object dataObject, Map<String,String> attributes) Override this method to populate the role qualifier attributes from the primary data object or document.
protected void	addStandardAttributes(Document document, Map<String,String> attributes)
boolean	canAcknowledge(Document document, Person user)
boolean	canAddNoteAttachment(Document document, String attachmentTypeCode, Person user)
boolean	canAnnotate(Document document, Person user)
boolean	canApprove(Document document, Person user)
boolean	canBlanketApprove(Document document, Person user)
boolean	canCancel(Document document, Person user)
boolean	canClose(Document document, Person user)
boolean	canCopy(Document document, Person user)
boolean	canDeleteNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
boolean	canDisapprove(Document document, Person user)
boolean	canEdit(Document document, Person user)
boolean	canEditDocumentOverview(Document document, Person user)
boolean	canEditView(View view, ViewModel model, Person user) Checks for an edit view permission for the view id, and if found verifies the user has that permission
boolean	canFyi(Document document, Person user)
boolean	canInitiate(String documentTypeName, Person user)
boolean	canOpen(Document document, Person user)
boolean	canOpenView(View view, ViewModel model, Person user) Checks for an open view permission for the view id, and if found verifies the user has that permission
boolean	canPerformRouteReport(Document document, Person user)
boolean	canRecall(Document document, Person user)
boolean	canReceiveAdHoc(Document document, Person user, String actionRequestCode)
boolean	canReload(Document document, Person user)
boolean	canRoute(Document document, Person user)
boolean	canSave(Document document, Person user)
boolean	canSendAdHocRequests(Document document, String actionRequestCd, Person user)
boolean	canSendAnyTypeAdHocRequests(Document document, Person user)
boolean	canSendNoteFyi(Document document, Person user)
boolean	canTakeRequestedAction(Document document, String actionRequestCode, Person user)
boolean	canViewNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
Set<String>	getActionFlags(View view, ViewModel model, Person user, Set<String> actions) Returns the set of action flags that are authorized for the given user
DocumentAuthorizer	getDocumentAuthorizer()
protected boolean	isDocumentInitiator(Document document, Person user)
void	setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer)
void	setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass)

Methods inherited from class org.kuali.rice.krad.uif.view.ViewAuthorizerBase

canEditField, canEditGroup, canEditLine, canEditLineField, canEditWidget, canPartialUnmaskField, canPerformAction, canPerformLineAction, canUnmaskField, canViewField, canViewGroup, canViewLine, canViewLineField, canViewWidget, getConfigurationService, getDataObjectContext, getEditModes, getFieldPermissionDetails, getGroupPermissionDetails, getWidgetPermissionDetails, isAuthorizedByTemplate, setConfigurationService

Methods inherited from class org.kuali.rice.krad.bo.DataObjectAuthorizerBase

getPermissionDetailValues, getPermissionService, getPersonService, getRoleQualification, isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate, permissionExistsByTemplate, permissionExistsByTemplate, permissionExistsByTemplate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.kuali.rice.krad.bo.DataObjectAuthorizer

isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate

Field Detail

LOG

protected static org.apache.commons.logging.Log LOG

PRE_ROUTING_ROUTE_NAME

public static final String PRE_ROUTING_ROUTE_NAME

See Also:

Constant Field Values

Constructor Detail

DocumentViewAuthorizerBase

public DocumentViewAuthorizerBase()

Method Detail

getActionFlags

public Set<String> getActionFlags(View view,
                                  ViewModel model,
                                  Person user,
                                  Set<String> actions)

Description copied from interface: ViewAuthorizer

Returns the set of action flags that are authorized for the given user

Action flags are created for views to indicate some action or feature should be enabled. These flags can be used within expressions for configuring the view content. For example:

For each action flag, KIM is consulted to determine if a permission exist for the template associated with the action flag. If so, a check is then made to determine if the user has that permission. If the permission fails for the user, the action flag is removed from the returned set.

The Set of available action flags should first be exported by the ViewPresentationController.getActionFlags(View, org.kuali.rice.krad.web.form.UifFormBase) method. The set returned from this method will be passed as the method argument here by the framework.

Specified by:

getActionFlags in interface ViewAuthorizer

Overrides:

getActionFlags in class ViewAuthorizerBase

Parameters:

view - - view instance the action flags apply to

model - - object containing the view data

user - - user we are authorizing the actions for

actions - - set of action flags to authorize

Returns:

Set set of action flags that have been authorized, this will be equal to or a subset of the actions passed in

See Also:

org.kuali.rice.krad.uif.view.ViewAuthorizer#getActionFlags(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel, org.kuali.rice.kim.api.identity.Person, java.util.Set)

canInitiate

public final boolean canInitiate(String documentTypeName,
                                 Person user)

Specified by:

canInitiate in interface DocumentAuthorizer

canOpen

public final boolean canOpen(Document document,
                             Person user)

Specified by:

canOpen in interface DocumentAuthorizer

canOpenView

public boolean canOpenView(View view,
                           ViewModel model,
                           Person user)

Description copied from class: ViewAuthorizerBase

Checks for an open view permission for the view id, and if found verifies the user has that permission

Specified by:

canOpenView in interface ViewAuthorizer

Overrides:

canOpenView in class ViewAuthorizerBase

Parameters:

view - - view instance to check authorization for

model - - object containing the view data

user - - user to authorize

Returns:

boolean true if the user is authorized to open the view, false otherwise

See Also:

ViewAuthorizer.canOpenView(View, ViewModel, org.kuali.rice.kim.api.identity.Person)

canEdit

public boolean canEdit(Document document,
                       Person user)

Specified by:

canEdit in interface DocumentAuthorizer

canEditView

public boolean canEditView(View view,
                           ViewModel model,
                           Person user)

Description copied from class: ViewAuthorizerBase

Checks for an edit view permission for the view id, and if found verifies the user has that permission

Specified by:

canEditView in interface ViewAuthorizer

Overrides:

canEditView in class ViewAuthorizerBase

Parameters:

view - - view instance to check authorization for

model - - object containing the view data

user - - user to authorize

Returns:

boolean true if the user is authorized to edit the view, false otherwise

See Also:

ViewAuthorizer.canEditView(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel, org.kuali.rice.kim.api.identity.Person)

canAnnotate

public boolean canAnnotate(Document document,
                           Person user)

Specified by:

canAnnotate in interface DocumentAuthorizer

canReload

public boolean canReload(Document document,
                         Person user)

Specified by:

canReload in interface DocumentAuthorizer

canClose

public boolean canClose(Document document,
                        Person user)

Specified by:

canClose in interface DocumentAuthorizer

canSave

public boolean canSave(Document document,
                       Person user)

Specified by:

canSave in interface DocumentAuthorizer

canRoute

public boolean canRoute(Document document,
                        Person user)

Specified by:

canRoute in interface DocumentAuthorizer

canCancel

public boolean canCancel(Document document,
                         Person user)

Specified by:

canCancel in interface DocumentAuthorizer

canRecall

public boolean canRecall(Document document,
                         Person user)

Specified by:

canRecall in interface DocumentAuthorizer

canCopy

public boolean canCopy(Document document,
                       Person user)

Specified by:

canCopy in interface DocumentAuthorizer

canPerformRouteReport

public boolean canPerformRouteReport(Document document,
                                     Person user)

Specified by:

canPerformRouteReport in interface DocumentAuthorizer

canBlanketApprove

public boolean canBlanketApprove(Document document,
                                 Person user)

Specified by:

canBlanketApprove in interface DocumentAuthorizer

canApprove

public boolean canApprove(Document document,
                          Person user)

Specified by:

canApprove in interface DocumentAuthorizer

canDisapprove

public boolean canDisapprove(Document document,
                             Person user)

Specified by:

canDisapprove in interface DocumentAuthorizer

canSendNoteFyi

public boolean canSendNoteFyi(Document document,
                              Person user)

Specified by:

canSendNoteFyi in interface DocumentAuthorizer

canFyi

public boolean canFyi(Document document,
                      Person user)

Specified by:

canFyi in interface DocumentAuthorizer

canAcknowledge

public boolean canAcknowledge(Document document,
                              Person user)

Specified by:

canAcknowledge in interface DocumentAuthorizer

canReceiveAdHoc

public final boolean canReceiveAdHoc(Document document,
                                     Person user,
                                     String actionRequestCode)

Specified by:

canReceiveAdHoc in interface DocumentAuthorizer

canAddNoteAttachment

public final boolean canAddNoteAttachment(Document document,
                                          String attachmentTypeCode,
                                          Person user)

Specified by:

canAddNoteAttachment in interface DocumentAuthorizer

canDeleteNoteAttachment

public final boolean canDeleteNoteAttachment(Document document,
                                             String attachmentTypeCode,
                                             String authorUniversalIdentifier,
                                             Person user)

Specified by:

canDeleteNoteAttachment in interface DocumentAuthorizer

canViewNoteAttachment

public final boolean canViewNoteAttachment(Document document,
                                           String attachmentTypeCode,
                                           String authorUniversalIdentifier,
                                           Person user)

Specified by:

canViewNoteAttachment in interface DocumentAuthorizer

canSendAdHocRequests

public final boolean canSendAdHocRequests(Document document,
                                          String actionRequestCd,
                                          Person user)

Specified by:

canSendAdHocRequests in interface DocumentAuthorizer

canEditDocumentOverview

public boolean canEditDocumentOverview(Document document,
                                       Person user)

Specified by:

canEditDocumentOverview in interface DocumentAuthorizer

canSendAnyTypeAdHocRequests

public boolean canSendAnyTypeAdHocRequests(Document document,
                                           Person user)

Specified by:

canSendAnyTypeAdHocRequests in interface DocumentAuthorizer

canTakeRequestedAction

public boolean canTakeRequestedAction(Document document,
                                      String actionRequestCode,
                                      Person user)

Specified by:

canTakeRequestedAction in interface DocumentAuthorizer

addPermissionDetails

protected void addPermissionDetails(Object dataObject,
                                    Map<String,String> attributes)

Description copied from class: DataObjectAuthorizerBase

Override this method to populate the permission details from the primary data object or document. This will only be called once per request.

Overrides:

addPermissionDetails in class DataObjectAuthorizerBase

Parameters:

dataObject - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

attributes - - permission details will be added to this map

addRoleQualification

protected void addRoleQualification(Object dataObject,
                                    Map<String,String> attributes)

Description copied from class: DataObjectAuthorizerBase

Override this method to populate the role qualifier attributes from the primary data object or document. This will only be called once per request.

Overrides:

addRoleQualification in class DataObjectAuthorizerBase

Parameters:

dataObject - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

attributes - - role qualifiers will be added to this map

addStandardAttributes

protected void addStandardAttributes(Document document,
                                     Map<String,String> attributes)

isDocumentInitiator

protected boolean isDocumentInitiator(Document document,
                                      Person user)

getDocumentAuthorizer

public DocumentAuthorizer getDocumentAuthorizer()

setDocumentAuthorizer

public void setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer)

setDocumentAuthorizerClass

public void setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass)