1 /** 2 * Copyright 2004-2015 The Kuali Foundation 3 * 4 * Licensed under the Educational Community License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.opensource.org/licenses/ecl2.php 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package org.kuali.kpme.tklm.time.service.permission; 17 18 import java.util.Map; 19 20 import org.joda.time.DateTime; 21 import org.kuali.kpme.core.block.CalendarBlockPermissions; 22 import org.kuali.kpme.tklm.time.timeblock.TimeBlock; 23 import org.springframework.cache.annotation.CachePut; 24 import org.springframework.cache.annotation.Cacheable; 25 26 public interface TKPermissionService { 27 28 /** 29 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName}. 30 * 31 * @param principalId The person to check the permission for 32 * @param permissionName The name of the permission 33 * @param asOfDate The effective date of the permission 34 * 35 * @return true if {@code principalId} is authorized to perform {@code permissionName}, false otherwise. 36 */ 37 boolean isAuthorized(String principalId, String permissionName, DateTime asOfDate); 38 39 /** 40 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given role qualifications. 41 * 42 * @param principalId The person to check the permission for 43 * @param permissionName The name of the permission 44 * @param qualification The map of role qualifiers for the person 45 * @param asOfDate The effective date of the permission 46 * 47 * @return true if {@code principalId} is authorized to perform {@code permissionName}, false otherwise. 48 */ 49 boolean isAuthorized(String principalId, String permissionName, Map<String, String> qualification, DateTime asOfDate); 50 51 /** 52 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given work area. 53 * 54 * @param principalId The person to check the permission for 55 * @param permissionName The name of the permission 56 * @param workArea The work area qualifier 57 * @param asOfDate The effective date of the permission 58 * 59 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given work area, false otherwise. 60 */ 61 boolean isAuthorizedInWorkArea(String principalId, String permissionName, Long workArea, DateTime asOfDate); 62 63 /** 64 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given department. 65 * 66 * @param principalId The person to check the permission for 67 * @param permissionName The name of the permission 68 * @param department The department qualifier 69 * @param asOfDate The effective date of the permission 70 * 71 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given department, false otherwise. 72 */ 73 boolean isAuthorizedInDepartment(String principalId, String permissionName, String department, DateTime asOfDate); 74 75 /** 76 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given location. 77 * 78 * @param principalId The person to check the permission for 79 * @param permissionName The name of the permission 80 * @param location The location qualifier 81 * @param asOfDate The effective date of the permission 82 * 83 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given location, false otherwise. 84 */ 85 boolean isAuthorizedInLocation(String principalId, String permissionName, String location, DateTime asOfDate); 86 87 /** 88 * Checks whether the given {@code principalId} is authorized to perform any permission templated by {@code permissionTemplateName} for the given permission details. 89 * 90 * @param principalId The person to check the permission for 91 * @param namespaceCode The namespace for the permission template 92 * @param permissionTemplateName The name of the permission template 93 * @param permissionDetails The map of permission details for the permission 94 * @param asOfDate The effective date of the permission 95 * 96 * @return true if {@code principalId} is authorized to perform any permission templated by {@code permissionTemplateName}, false otherwise. 97 */ 98 boolean isAuthorizedByTemplate(String principalId, String namespaceCode, String permissionTemplateName, Map<String, String> permissionDetails, DateTime asOfDate); 99 100 /** 101 * Checks whether the given {@code principalId} is authorized to perform any permission templated by {@code permissionTemplateName} for the given permission details and role qualifications. 102 * 103 * @param principalId The person to check the permission for 104 * @param namespaceCode The namespace for the permission template 105 * @param permissionTemplateName The name of the permission template 106 * @param permissionDetails The map of permission details for the permission 107 * @param qualification The map of role qualifiers for the person 108 * @param asOfDate The effective date of the permission 109 * 110 * @return true if {@code principalId} is authorized to perform any permission templated by {@code permissionTemplateName}, false otherwise. 111 */ 112 boolean isAuthorizedByTemplate(String principalId, String namespaceCode, String permissionTemplateName, Map<String, String> permissionDetails, Map<String, String> qualification, DateTime asOfDate); 113 114 /** 115 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given work area. 116 * 117 * @param principalId The person to check the permission for 118 * @param permissionName The name of the permission 119 * @param workArea The work area qualifier 120 * @param asOfDate The effective date of the permission 121 * 122 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given work area, false otherwise. 123 */ 124 boolean isAuthorizedByTemplateInWorkArea(String principalId, String namespaceCode, String permissionTemplateName, Long workArea, DateTime asOfDate); 125 126 /** 127 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given department. 128 * 129 * @param principalId The person to check the permission for 130 * @param permissionName The name of the permission 131 * @param department The department qualifier 132 * @param asOfDate The effective date of the permission 133 * 134 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given department, false otherwise. 135 */ 136 boolean isAuthorizedByTemplateInDepartment(String principalId, String namespaceCode, String permissionTemplateName, String department, DateTime asOfDate); 137 138 /** 139 * Checks whether the given {@code principalId} is authorized to perform {@code permissionName} for the given location. 140 * 141 * @param principalId The person to check the permission for 142 * @param permissionName The name of the permission 143 * @param location The location qualifier 144 * @param asOfDate The effective date of the permission 145 * 146 * @return true if {@code principalId} is authorized to perform {@code permissionName} for the given location, false otherwise. 147 */ 148 boolean isAuthorizedByTemplateInLocation(String principalId, String namespaceCode, String permissionTemplateName, String location, DateTime asOfDate); 149 150 boolean canEditTimeBlock(String principalId, TimeBlock timeBlock); 151 152 boolean canEditTimeBlockAllFields(String principalId, TimeBlock timeBlock); 153 154 boolean canDeleteTimeBlock(String principalId, TimeBlock timeBlock); 155 156 boolean canEditOvertimeEarnCode(String principalId, TimeBlock timeBlock); 157 158 /** 159 * Checks whether the given {@code principalId} has systemAdmin/TimeSystemAdmin/TimeLocationAdmin roles on given {@code aTimeBlock} 160 * @param principalId 161 * @param aTimeBlock 162 * @return 163 */ 164 public boolean userHasTimeSysLocationAdminRoles(String principalId,TimeBlock aTimeBlock); 165 /** 166 * Checks whether the given {@code principalId} has edit permission roles on given {@code aTimeBlock} 167 * @param principalId 168 * @param aTimeBlock 169 * @return 170 */ 171 public boolean userHasRolesToEditTimeBlock(String principalId, TimeBlock aTimeBlock); 172 173 /** 174 * Checks whether the given {@code principalId} has PayrollProcessor/PayrollProcessorDelegate roles on given {@code dept} and {@code asOfDate} 175 * @param principalId 176 * @param dept 177 * @param asOfDate 178 * @return 179 */ 180 public boolean isPayrollProcessorForDepartment(String principalId, String dept, DateTime asOfDate); 181 182 /** 183 * Checks whether the given {@code principalId} has Approver/ApproverDelegate roles on given {@code workArea} and {@code asOfDate} 184 * @param principalId 185 * @param workArea 186 * @param asOfDate 187 * @return 188 */ 189 public boolean isApproverForWorkArea(String principalId, Long workArea, DateTime asOfDate); 190 }