Source code

001/**
002 * Copyright 2005-2017 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.krms.impl.authorization;
017
018import org.apache.commons.lang.StringUtils;
019import org.kuali.rice.kim.api.identity.Person;
020import org.kuali.rice.krad.document.DocumentAuthorizerBase;
021import org.kuali.rice.krad.maintenance.MaintenanceDocument;
022import org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer;
023import org.kuali.rice.krms.api.KrmsConstants;
024import org.kuali.rice.krms.impl.repository.KrmsRepositoryServiceLocator;
025import org.kuali.rice.krms.impl.ui.AgendaEditor;
026
027import java.util.HashSet;
028import java.util.Set;
029
030public class AgendaEditorAuthorizer extends DocumentAuthorizerBase implements MaintenanceDocumentAuthorizer {
031
032    @Override
033    public boolean canCreate(Class boClass, Person user) {
034        // The context is unknown on create so we need to let the user in
035        // TODO: maybe restrict it so only user that have rights to some contexts are allowed to create agendas.
036        return true;
037    }
038
039    @Override
040    public boolean canMaintain(Object dataObject, Person user) {
041        AgendaEditor agendaEditor = (AgendaEditor) dataObject;
042        return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
043    }
044
045    @Override
046    public boolean canCreateOrMaintain(MaintenanceDocument maintenanceDocument, Person user) {
047        AgendaEditor agendaEditor = (AgendaEditor) maintenanceDocument.getOldMaintainableObject().getDataObject();
048        if (StringUtils.isEmpty(agendaEditor.getAgenda().getContextId())) {
049            // If this is a new document use the new contextId instead since an old one does not exist.
050            agendaEditor  = (AgendaEditor) maintenanceDocument.getNewMaintainableObject().getDataObject();
051            return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
052        } else {
053            return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
054        }
055    }
056
057    private AgendaAuthorizationService getAgendaAuthorizationService() {
058        return KrmsRepositoryServiceLocator.getAgendaAuthorizationService();
059    }
060}