001 /**
002 * Copyright 2004-2014 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.kpme.tklm.common;
017
018 import java.util.List;
019
020 import javax.servlet.http.HttpServletRequest;
021 import javax.servlet.http.HttpServletResponse;
022
023 import org.apache.commons.lang.StringUtils;
024 import org.apache.log4j.Logger;
025 import org.apache.struts.action.ActionForm;
026 import org.apache.struts.action.ActionForward;
027 import org.apache.struts.action.ActionMapping;
028 import org.apache.struts.action.ActionRedirect;
029 import org.joda.time.DateTime;
030 import org.joda.time.LocalDate;
031 import org.kuali.kpme.core.KPMENamespace;
032 import org.kuali.kpme.core.assignment.Assignment;
033 import org.kuali.kpme.core.department.Department;
034 import org.kuali.kpme.core.job.Job;
035 import org.kuali.kpme.core.role.KPMERole;
036 import org.kuali.kpme.core.service.HrServiceLocator;
037 import org.kuali.kpme.core.util.HrConstants;
038 import org.kuali.kpme.core.util.HrContext;
039 import org.kuali.kpme.core.web.KPMEAction;
040 import org.kuali.rice.kim.api.identity.principal.Principal;
041 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
042 import org.kuali.rice.krad.util.GlobalVariables;
043
044 public class ChangeTargetPersonAction extends KPMEAction {
045
046 private static final Logger LOG = Logger.getLogger(ChangeTargetPersonAction.class);
047
048 public ActionForward changeTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
049 ActionForward forward = mapping.findForward("basic");
050
051 ChangeTargetPersonForm changeTargetPersonForm = (ChangeTargetPersonForm) form;
052
053 if (StringUtils.isNotBlank(changeTargetPersonForm.getPrincipalName())) {
054 Principal targetPerson = KimApiServiceLocator.getIdentityService().getPrincipalByPrincipalName(changeTargetPersonForm.getPrincipalName());
055
056 if (targetPerson != null) {
057 if (HrServiceLocator.getKPMEGroupService().isMemberOfSystemAdministratorGroup(GlobalVariables.getUserSession().getPrincipalId(), LocalDate.now().toDateTimeAtStartOfDay())
058 || HrServiceLocator.getKPMEGroupService().isMemberOfSystemViewOnlyGroup(GlobalVariables.getUserSession().getPrincipalId(), LocalDate.now().toDateTimeAtStartOfDay())
059 || isReviewerForPerson(targetPerson.getPrincipalId())
060 || isApproverForPerson(targetPerson.getPrincipalId())
061 || isViewOnlyForPerson(targetPerson.getPrincipalId())
062 || isPayrollProcessorForPerson(targetPerson.getPrincipalId())
063 || isAdministratorForPerson(targetPerson.getPrincipalId())) {
064
065 HrContext.setTargetPrincipalId(targetPerson.getPrincipalId());
066
067 if (StringUtils.isNotEmpty(changeTargetPersonForm.getReturnUrl())) {
068 GlobalVariables.getUserSession().addObject(HrConstants.TK_TARGET_USER_RETURN, changeTargetPersonForm.getReturnUrl());
069 }
070
071 String returnAction = "PersonInfo.do";
072 if (StringUtils.isNotEmpty(changeTargetPersonForm.getTargetUrl())) {
073 returnAction = changeTargetPersonForm.getTargetUrl();
074 }
075 forward = new ActionRedirect(returnAction);
076
077 LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " changed target person to " + targetPerson.getPrincipalName());
078 } else {
079 LOG.warn("Non-Admin user attempting to change target person.");
080 return mapping.findForward("unauthorized");
081 }
082 }
083 }
084
085 return forward;
086 }
087
088 private boolean isReviewerForPerson(String principalId) {
089 List<Assignment> assignments = HrServiceLocator.getAssignmentService().getAssignments(principalId, LocalDate.now());
090
091 for (Assignment assignment : assignments) {
092 if (HrServiceLocator.getKPMERoleService().principalHasRoleInWorkArea(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.REVIEWER.getRoleName(), assignment.getWorkArea(), LocalDate.now().toDateTimeAtStartOfDay())) {
093 return true;
094 }
095 }
096 return false;
097 }
098
099 private boolean isApproverForPerson(String principalId) {
100 List<Assignment> assignments = HrServiceLocator.getAssignmentService().getAssignments(principalId, LocalDate.now());
101
102 for (Assignment assignment : assignments) {
103 if (HrServiceLocator.getKPMERoleService().principalHasRoleInWorkArea(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.APPROVER_DELEGATE.getRoleName(), assignment.getWorkArea(), LocalDate.now().toDateTimeAtStartOfDay())
104 || HrServiceLocator.getKPMERoleService().principalHasRoleInWorkArea(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.APPROVER.getRoleName(), assignment.getWorkArea(), LocalDate.now().toDateTimeAtStartOfDay())) {
105 return true;
106 }
107 }
108
109 return false;
110 }
111
112 private boolean isPayrollProcessorForPerson(String principalId) {
113 List<Assignment> assignments = HrServiceLocator.getAssignmentService().getAssignments(principalId, LocalDate.now());
114
115 for (Assignment assignment : assignments) {
116 if (HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.PAYROLL_PROCESSOR.getRoleName(), assignment.getDept(), LocalDate.now().toDateTimeAtStartOfDay())
117 || HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.PAYROLL_PROCESSOR_DELEGATE.getRoleName(), assignment.getDept(), LocalDate.now().toDateTimeAtStartOfDay())) {
118 return true;
119 }
120 }
121
122 return false;
123 }
124
125 private boolean isViewOnlyForPerson(String principalId) {
126 List<Job> jobs = HrServiceLocator.getJobService().getJobs(principalId, LocalDate.now());
127
128 for (Job job : jobs) {
129 String department = job != null ? job.getDept() : null;
130
131 Department departmentObj = HrServiceLocator.getDepartmentService().getDepartmentWithoutRoles(department, LocalDate.now());
132 String location = departmentObj != null ? departmentObj.getLocation() : null;
133
134 if (HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_TK.getNamespaceCode(), KPMERole.TIME_DEPARTMENT_VIEW_ONLY.getRoleName(), department, LocalDate.now().toDateTimeAtStartOfDay())
135 || HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_LM.getNamespaceCode(), KPMERole.LEAVE_DEPARTMENT_VIEW_ONLY.getRoleName(), department, LocalDate.now().toDateTimeAtStartOfDay())
136 || HrServiceLocator.getKPMERoleService().principalHasRoleInLocation(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_TK.getNamespaceCode(), KPMERole.TIME_LOCATION_VIEW_ONLY.getRoleName(), location, LocalDate.now().toDateTimeAtStartOfDay())
137 || HrServiceLocator.getKPMERoleService().principalHasRoleInLocation(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_LM.getNamespaceCode(), KPMERole.LEAVE_LOCATION_VIEW_ONLY.getRoleName(), location, LocalDate.now().toDateTimeAtStartOfDay())) {
138 return true;
139 }
140 }
141
142 return false;
143 }
144
145 private boolean isAdministratorForPerson(String principalId) {
146 List<Job> jobs = HrServiceLocator.getJobService().getJobs(principalId, LocalDate.now());
147
148 for (Job job : jobs) {
149 String department = job != null ? job.getDept() : null;
150
151 Department departmentObj = HrServiceLocator.getDepartmentService().getDepartmentWithoutRoles(department, LocalDate.now());
152 String location = departmentObj != null ? departmentObj.getLocation() : null;
153
154 if (HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_TK.getNamespaceCode(), KPMERole.TIME_DEPARTMENT_ADMINISTRATOR.getRoleName(), department, LocalDate.now().toDateTimeAtStartOfDay())
155 || HrServiceLocator.getKPMERoleService().principalHasRoleInDepartment(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_LM.getNamespaceCode(), KPMERole.LEAVE_DEPARTMENT_ADMINISTRATOR.getRoleName(), department, LocalDate.now().toDateTimeAtStartOfDay())
156 || HrServiceLocator.getKPMERoleService().principalHasRoleInLocation(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_TK.getNamespaceCode(), KPMERole.TIME_LOCATION_ADMINISTRATOR.getRoleName(), location, LocalDate.now().toDateTimeAtStartOfDay())
157 || HrServiceLocator.getKPMERoleService().principalHasRoleInLocation(GlobalVariables.getUserSession().getPrincipalId(), KPMENamespace.KPME_LM.getNamespaceCode(), KPMERole.LEAVE_LOCATION_ADMINISTRATOR.getRoleName(), location, LocalDate.now().toDateTimeAtStartOfDay())) {
158 return true;
159 }
160 }
161
162 return false;
163 }
164
165 public ActionForward clearTargetPerson(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
166 HrContext.clearTargetUser();
167
168 String returnAction = "PersonInfo.do";
169 if (StringUtils.isNotBlank((String) GlobalVariables.getUserSession().retrieveObject(HrConstants.TK_TARGET_USER_RETURN))) {
170 returnAction = (String) GlobalVariables.getUserSession().retrieveObject(HrConstants.TK_TARGET_USER_RETURN);
171 }
172
173 LOG.debug(GlobalVariables.getUserSession().getActualPerson().getPrincipalName() + " cleared target person");
174
175 return new ActionRedirect(returnAction);
176 }
177
178 }