View Javadoc

1   /**
2    * Copyright 2004-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.hr.time.web;
17  
18  import javax.servlet.http.HttpServletRequest;
19  import javax.servlet.http.HttpServletResponse;
20  
21  import org.apache.commons.lang.StringUtils;
22  import org.apache.log4j.Logger;
23  import org.apache.struts.action.ActionForm;
24  import org.apache.struts.action.ActionForward;
25  import org.apache.struts.action.ActionMapping;
26  import org.apache.struts.action.ActionRedirect;
27  import org.kuali.hr.time.base.web.TkAction;
28  import org.kuali.hr.time.base.web.TkForm;
29  import org.kuali.hr.time.roles.TkUserRoles;
30  import org.kuali.hr.time.util.TKContext;
31  import org.kuali.hr.time.util.TKUser;
32  import org.kuali.rice.krad.exception.AuthorizationException;
33  import org.kuali.rice.krad.util.GlobalVariables;
34  
35  public class TimeAction extends TkAction {
36  
37  	private static final Logger LOG = Logger.getLogger(TimeAction.class);
38  
39      @Override
40      protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
41          TkForm tkForm = (TkForm) form;
42  
43          if (StringUtils.equals(methodToCall, "targetEmployee") || StringUtils.equals(methodToCall, "changeEmployee") || StringUtils.equals(methodToCall, "clearBackdoor") || StringUtils.equals(methodToCall, "clearChangeUser")) {
44              // Handle security validation in targetEmployee action, we may need
45              // to check the document for validity, since the user may not
46              // necessarily be a system administrator.
47          } else {
48              if (!TKContext.getUser().isSystemAdmin()
49          			&& !TKContext.getUser().isLocationAdmin()
50          			&& !TKContext.getUser().isDepartmentAdmin()
51          			&& !TKContext.getUser().isGlobalViewOnly()
52          			&& !TKContext.getUser().isDeptViewOnly()
53          			&& (tkForm.getDocumentId() != null && !TKContext.getUser().isApproverForTimesheet(tkForm.getDocumentId()))
54          			&& (tkForm.getDocumentId() != null && !TKContext.getUser().isDocumentReadable(tkForm.getDocumentId())))  {
55                  throw new AuthorizationException("", "TimeAction", "");
56              }
57          }
58      }
59  
60      
61      @Override
62  	public ActionForward execute(ActionMapping mapping, ActionForm form,
63  			HttpServletRequest request, HttpServletResponse response)
64  			throws Exception {
65      	TKUser user = TKContext.getUser();
66  		if (user != null) {
67  			if (TKContext.getUser().isSystemAdmin()) {
68  				return new ActionRedirect("/portal.do");
69  			} else if (TKContext.getUser().isDepartmentAdmin()
70  					&& !user.isSynchronous()) {
71  				return new ActionRedirect("/portal.do");
72  			} else if (TKContext.getUser().isApprover()
73  					&& !user.isSynchronous()) {
74  				return new ActionRedirect("/TimeApproval.do");
75  			} else if (TKContext.getUser().isReviewer()
76  					&& !user.isSynchronous()) {
77  				return new ActionRedirect("/TimeApproval.do");
78  			} else if (user.isActiveEmployee()
79  					&& !user.isSynchronous()) {
80  				return new ActionRedirect("/TimeDetail.do");
81  			} else if (user.isSynchronous()) {
82  				return new ActionRedirect("/Clock.do");
83  			} else {
84  				return new ActionRedirect("/PersonInfo.do");
85  			}
86  		}
87  	return super.execute(mapping, form, request, response);
88  }
89      
90  }