View Javadoc
1   /**
2    * Copyright 2004-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.kpme.tklm.time.rules.clocklocation.service;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.joda.time.LocalDate;
20  import org.kuali.kpme.core.api.department.Department;
21  import org.kuali.kpme.core.api.namespace.KPMENamespace;
22  import org.kuali.kpme.core.api.permission.KPMEPermissionTemplate;
23  import org.kuali.kpme.core.role.KPMERoleMemberAttribute;
24  import org.kuali.kpme.core.service.HrServiceLocator;
25  import org.kuali.kpme.tklm.time.clocklog.ClockLogBo;
26  import org.kuali.kpme.tklm.time.rules.clocklocation.ClockLocationRule;
27  import org.kuali.kpme.tklm.time.rules.clocklocation.ClockLocationRuleIpAddress;
28  import org.kuali.kpme.tklm.time.rules.clocklocation.dao.ClockLocationDao;
29  import org.kuali.rice.kim.api.KimConstants;
30  import org.kuali.rice.kim.api.services.KimApiServiceLocator;
31  import org.kuali.rice.krad.util.GlobalVariables;
32  
33  import java.util.ArrayList;
34  import java.util.HashMap;
35  import java.util.List;
36  import java.util.Map;
37  
38  public class ClockLocationRuleServiceImpl implements ClockLocationRuleService {
39  	private ClockLocationDao clockLocationDao;
40  
41  	public ClockLocationDao getClockLocationDao() {
42  		return clockLocationDao;
43  	}
44  
45  	public void setClockLocationDao(ClockLocationDao clockLocationDao) {
46  		this.clockLocationDao = clockLocationDao;
47  	}
48  
49  
50  /*  public boolean ipViolatesClockLocationRules(String ipAddress, String groupKeyCode, String dept, Long workArea, String principalId, Long jobNum, LocalDate asOfDate) {
51  
52          List<ClockLocationRule> lstClockLocationRules = getClockLocationRule(groupKeyCode, dept,
53                  workArea, principalId, jobNum, asOfDate);
54  
55          if(lstClockLocationRules.isEmpty()){
56              return false;
57          }
58  
59          for(ClockLocationRule clockLocationRule : lstClockLocationRules){
60              List<ClockLocationRuleIpAddress> ruleIpAddresses = clockLocationRule.getIpAddresses();
61  
62              for(ClockLocationRuleIpAddress ruleIp : ruleIpAddresses) {
63                  if(!compareIpAddresses(ruleIp.getIpAddress(), ipAddress)){
64                      return true;
65                  }
66              }
67          }
68  
69          return false;
70      }
71  */
72  
73  
74  	public void processClockLocationRule(ClockLogBo clockLog, LocalDate asOfDate) {
75          //if (ipViolatesClockLocationRules(clockLog.getIpAddress(), clockLog.getGroupKeyCode(), clockLog.getDept(), clockLog.getWorkArea(), clockLog.getPrincipalId(), clockLog.getJobNumber(), asOfDate))
76          if (isInvalidIPClockLocation(clockLog.getGroupKeyCode(), clockLog.getDept(), clockLog.getWorkArea(), clockLog.getPrincipalId(), clockLog.getJobNumber(), clockLog.getIpAddress(), asOfDate))
77          {
78              clockLog.setUnapprovedIP(true);
79              GlobalVariables.getMessageMap().putWarning("property", "ipaddress.invalid.format", clockLog.getIpAddress());
80          }
81          clockLog.setUnapprovedIP(false);
82  	}
83  	
84  	public boolean isInvalidIPClockLocation(String groupKeyCode, String dept, Long workArea, String principalId, Long jobNumber, String ipAddress, LocalDate asOfDate) {
85  		Boolean isInValid = true;
86  		
87  		List<ClockLocationRule> lstClockLocationRules = getClockLocationRule(groupKeyCode, dept, workArea, principalId, jobNumber, asOfDate);
88  		if(lstClockLocationRules.isEmpty()){
89  			return false;
90  		}
91  		for(ClockLocationRule clockLocationRule : lstClockLocationRules){
92  			List<ClockLocationRuleIpAddress> ruleIpAddresses = clockLocationRule.getIpAddresses();
93              for(ClockLocationRuleIpAddress ruleIp : ruleIpAddresses) {
94  				if(compareIpAddresses(ruleIp.getIpAddress(), ipAddress)){
95  					isInValid = false;
96  					break;
97  				}
98  			}
99  		}
100 		return isInValid;
101 	}
102 
103 	public boolean compareIpAddresses(String ipAddressRule, String ipAddress) {
104 		String[] rulePieces = StringUtils.split(ipAddressRule, ".");
105         int ruleMax = rulePieces.length-1;
106 
107         //code for testing... localhost brings empty ipAddress
108         /*if (StringUtils.isEmpty(ipAddress)) {
109             ipAddress = "129.200.200.200";
110         }*/
111 		String[] ipAddPieces = StringUtils.split(ipAddress,".");
112 		boolean match = true;
113 		for(int i=0; i<ipAddPieces.length; i++){
114 			if( ((i > ruleMax) && StringUtils.equals("%", rulePieces[ruleMax])) ||
115                   ((i <= ruleMax) && ( StringUtils.equals(ipAddPieces[i], rulePieces[i]) || StringUtils.equals("%", rulePieces[i]) ))
116                 )
117             {
118 				// we don't need to do anything.
119 			} else {
120 			    return false;
121 			}
122 		}
123 		return match;
124 	}
125 
126 	@Override
127 	public List<ClockLocationRule> getClockLocationRule(String groupKeyCode, String dept, Long workArea,String principalId, Long jobNumber, LocalDate asOfDate) {
128 
129         // 1 : dept, wa, principal, job
130 		List<ClockLocationRule> clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, workArea,principalId,jobNumber,asOfDate);
131 		if(!clockLocationRule.isEmpty()){
132 			return clockLocationRule;
133 		}
134 
135         // 2 : dept, wa, principal, -1
136 		clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, workArea, principalId, -1L, asOfDate);
137 		if(!clockLocationRule.isEmpty()){
138 			return clockLocationRule;
139 		}
140 
141         // 3 : dept, wa, %        , job
142         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, workArea, "%", jobNumber, asOfDate);
143         if(!clockLocationRule.isEmpty()){
144             return clockLocationRule;
145         }
146 
147         // 4 : dept, -1, principal, job
148         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, -1L, principalId, jobNumber, asOfDate);
149         if(!clockLocationRule.isEmpty()){
150             return clockLocationRule;
151         }
152 
153         // 5 : dept, wa, %        , -1
154 		clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, workArea, "%", -1L, asOfDate);
155 		if(!clockLocationRule.isEmpty()){
156 			return clockLocationRule;
157 		}
158 
159         // 6 : dept, -1, principal, -1
160         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, -1L, principalId, -1L, asOfDate);
161         if(!clockLocationRule.isEmpty()){
162             return clockLocationRule;
163         }
164 
165         // 7 : dept, -1, %        , job
166         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, -1L, "%", jobNumber, asOfDate);
167         if(!clockLocationRule.isEmpty()){
168             return clockLocationRule;
169         }
170 
171         // 8 : dept, -1, %        , job
172 		clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, dept, -1L, "%", -1L, asOfDate);
173 		if(!clockLocationRule.isEmpty()){
174 			return clockLocationRule;
175 		}
176 
177         // 9 : %, -1, principalId        , job
178         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, "%", -1L, principalId, jobNumber, asOfDate);
179         if(!clockLocationRule.isEmpty()){
180             return clockLocationRule;
181         }
182 
183         // 10 : %, -1, principalId        , %
184         clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, "%", -1L, principalId, -1L, asOfDate);
185         if(!clockLocationRule.isEmpty()){
186             return clockLocationRule;
187         }
188 
189 		//11 : %, -1, % , -1
190 		clockLocationRule = clockLocationDao.getClockLocationRule(groupKeyCode, "%", -1L, "%", -1L, asOfDate);
191 		return clockLocationRule;
192 
193 	}
194 
195 	@Override
196 	public List<ClockLocationRule> getNewerVersionClockLocationRule(String groupKeyCode,
197 			String dept, Long workArea, String principalId, Long jobNumber,
198 			LocalDate asOfDate) {
199 		 
200 		return clockLocationDao.getNewerVersionClockLocationRule(groupKeyCode, dept, workArea, principalId, jobNumber, asOfDate);
201 	}
202 
203 	@Override
204 	public ClockLocationRule getClockLocationRule(String tkClockLocationRuleId) {
205 		return clockLocationDao.getClockLocationRule(tkClockLocationRuleId);
206 	}
207 	
208 	public void populateIPAddressesForCLR(ClockLocationRule clr){
209 		clockLocationDao.populateIPAddressesForCLR(clr);
210 	}
211     
212     public List<ClockLocationRule> getClockLocationRules(String userPrincipalId, List <ClockLocationRule> clockLocationRuleObjs) {
213     	List<ClockLocationRule> results = new ArrayList<ClockLocationRule>();
214     	
215     	if ( clockLocationRuleObjs != null ){
216 	    	for (ClockLocationRule clockLocationRuleObj : clockLocationRuleObjs) {
217 	        	String department = clockLocationRuleObj.getDept(); 
218 	        	Department departmentObj = HrServiceLocator.getDepartmentService().getDepartment(department, clockLocationRuleObj.getGroupKeyCode(), clockLocationRuleObj.getEffectiveLocalDate());
219 	        	String location = departmentObj != null ? departmentObj.getGroupKey().getLocationId() : null;
220 	        	String groupKeyCode = departmentObj != null ? departmentObj.getGroupKeyCode() : null;
221 
222 	        	Map<String, String> roleQualification = new HashMap<String, String>();
223 	        	roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, userPrincipalId);
224 	        	roleQualification.put(KPMERoleMemberAttribute.DEPARTMENT.getRoleMemberAttributeName(), department);
225                 roleQualification.put(KPMERoleMemberAttribute.GROUP_KEY_CODE.getRoleMemberAttributeName(), groupKeyCode);
226 	        	roleQualification.put(KPMERoleMemberAttribute.LOCATION.getRoleMemberAttributeName(), location);
227 	        	
228 	        	if (!KimApiServiceLocator.getPermissionService().isPermissionDefinedByTemplate(KPMENamespace.KPME_WKFLW.getNamespaceCode(),
229 	    				KPMEPermissionTemplate.VIEW_KPME_RECORD.getPermissionTemplateName(), new HashMap<String, String>())
230 	    		  || KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(userPrincipalId, KPMENamespace.KPME_WKFLW.getNamespaceCode(),
231 	    				  KPMEPermissionTemplate.VIEW_KPME_RECORD.getPermissionTemplateName(), new HashMap<String, String>(), roleQualification)) {
232 	        		results.add(clockLocationRuleObj);
233 	        	}
234 	    	}
235     	}
236     	
237     	return results;
238     }
239 }