001 /**
002 * Copyright 2004-2013 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.hr.time.permissions;
017
018 import java.math.BigDecimal;
019 import java.sql.Date;
020 import java.util.List;
021
022 import org.apache.commons.lang.StringUtils;
023 import org.apache.log4j.Logger;
024 import org.kuali.hr.earncodesec.EarnCodeSecurity;
025 import org.kuali.hr.job.Job;
026 import org.kuali.hr.time.assignment.Assignment;
027 import org.kuali.hr.time.assignment.AssignmentDescriptionKey;
028 import org.kuali.hr.time.authorization.DepartmentalRule;
029 import org.kuali.hr.time.authorization.DepartmentalRuleAuthorizer;
030 import org.kuali.hr.time.collection.rule.TimeCollectionRule;
031 import org.kuali.hr.time.paytype.PayType;
032 import org.kuali.hr.time.principal.PrincipalHRAttributes;
033 import org.kuali.hr.time.roles.TkUserRoles;
034 import org.kuali.hr.time.roles.UserRoles;
035 import org.kuali.hr.time.service.base.TkServiceLocator;
036 import org.kuali.hr.time.timeblock.TimeBlock;
037 import org.kuali.hr.time.timesheet.TimesheetDocument;
038 import org.kuali.hr.time.util.TKContext;
039 import org.kuali.hr.time.util.TKUser;
040 import org.kuali.hr.time.util.TKUtils;
041 import org.kuali.hr.time.util.TkConstants;
042 import org.kuali.hr.time.workarea.WorkArea;
043 import org.kuali.hr.time.workflow.TimesheetDocumentHeader;
044 import org.kuali.rice.kew.api.KewApiConstants;
045 import org.kuali.rice.kew.doctype.SecuritySession;
046 import org.kuali.rice.kew.routeheader.DocumentRouteHeaderValue;
047 import org.kuali.rice.kew.service.KEWServiceLocator;
048 import org.kuali.rice.krad.util.GlobalVariables;
049
050 public class TkPermissionsServiceImpl implements TkPermissionsService {
051 private static final Logger LOG = Logger
052 .getLogger(DepartmentalRuleAuthorizer.class);
053
054 @Override
055 public boolean canAddTimeBlock() {
056 boolean addTimeBlock = false;
057
058 if (TKContext.getUser().isSystemAdmin()) {
059 addTimeBlock = true;
060 } else {
061 boolean docFinal = TKContext.getCurrentTimesheetDocument()
062 .getDocumentHeader().getDocumentStatus()
063 .equals(TkConstants.ROUTE_STATUS.FINAL);
064 if (!docFinal) {
065 if (StringUtils
066 .equals(TKContext.getCurrentTimesheetDocument().getPrincipalId(),
067 GlobalVariables.getUserSession().getPrincipalId())
068 || TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId()).isSystemAdmin()
069 || TKContext.getUser().isLocationAdmin()
070 // || TKContext.getUser().isDepartmentAdmin()
071 || TKContext.getUser().isReviewer()
072 || TKContext.getUser().isApprover()) {
073 addTimeBlock = true;
074 }
075 }
076 }
077 return addTimeBlock;
078 }
079
080 @Override
081 public boolean canEditTimeBlockAllFields(TimeBlock tb) {
082 String userId = GlobalVariables.getUserSession().getPrincipalId();
083
084 if (userId != null) {
085
086 if (TKContext.getUser().isSystemAdmin()) {
087 return true;
088 }
089
090 Job job = TkServiceLocator.getJobService().getJob(
091 TKContext.getTargetPrincipalId(), tb.getJobNumber(),
092 tb.getEndDate());
093 PayType payType = TkServiceLocator.getPayTypeService().getPayType(
094 job.getHrPayType(), tb.getEndDate());
095
096 if (TKContext.getUser().isTimesheetApprover()
097 && TKContext.getUser().getApproverWorkAreas().contains(tb.getWorkArea())
098 || TKContext.getUser().isTimesheetReviewer()
099 && TKContext.getUser().getReviewerWorkAreas().contains(tb.getWorkArea())) {
100
101 if (StringUtils.equals(payType.getRegEarnCode(),
102 tb.getEarnCode())) {
103 return true;
104 }
105
106 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
107 .getEarnCodeSecurityService().getEarnCodeSecurities(
108 job.getDept(), job.getHrSalGroup(),
109 job.getLocation(), tb.getEndDate());
110 for (EarnCodeSecurity dec : deptEarnCodes) {
111 if (dec.isApprover()
112 && StringUtils.equals(dec.getEarnCode(),
113 tb.getEarnCode())) {
114 return true;
115 }
116 }
117 }
118
119 if (userId.equals(TKContext.getTargetPrincipalId())
120 && !tb.getClockLogCreated()) {
121 if (StringUtils.equals(payType.getRegEarnCode(),
122 tb.getEarnCode())) {
123 return true;
124 }
125
126 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
127 .getEarnCodeSecurityService().getEarnCodeSecurities(
128 job.getDept(), job.getHrSalGroup(),
129 job.getLocation(), tb.getEndDate());
130 for (EarnCodeSecurity dec : deptEarnCodes) {
131 if (dec.isEmployee()
132 && StringUtils.equals(dec.getEarnCode(),
133 tb.getEarnCode())) {
134 return true;
135 }
136 }
137 }
138
139 }
140
141 return false;
142 }
143
144 @Override
145 public boolean canEditTimeBlock(TimeBlock tb) {
146 String userId = GlobalVariables.getUserSession().getPrincipalId();
147
148 if (userId != null) {
149
150 // if the sys admin user is working on his own time block, do not grant edit permission without further checking
151 if (TKContext.getUser().isSystemAdmin()&& !tb.getPrincipalId().equals(userId)) {
152 return true;
153 }
154 Job job = TkServiceLocator.getJobService().getJob(
155 TKContext.getTargetPrincipalId(), tb.getJobNumber(),
156 tb.getEndDate());
157 PayType payType = TkServiceLocator.getPayTypeService().getPayType(
158 job.getHrPayType(), tb.getEndDate());
159
160 if (TKContext.getUser().isTimesheetApprover()
161 && TKContext.getUser().getApproverWorkAreas().contains(tb.getWorkArea())
162 || TKContext.getUser().isTimesheetReviewer()
163 && TKContext.getUser().getReviewerWorkAreas().contains(tb.getWorkArea())) {
164
165 if (StringUtils.equals(payType.getRegEarnCode(),
166 tb.getEarnCode())) {
167 return true;
168 }
169
170 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
171 .getEarnCodeSecurityService().getEarnCodeSecurities(
172 job.getDept(), job.getHrSalGroup(),
173 job.getLocation(), tb.getEndDate());
174 for (EarnCodeSecurity dec : deptEarnCodes) {
175 if (dec.isApprover()
176 && StringUtils.equals(dec.getEarnCode(),
177 tb.getEarnCode())) {
178 return true;
179 }
180 }
181 }
182
183 // if the time block is generated by clock actions, do not allow it to be edited/deleted
184 if(tb.getClockLogCreated()) {
185 return false;
186 }
187
188 if (userId.equals(TKContext.getTargetPrincipalId())) {
189
190 if (StringUtils.equals(payType.getRegEarnCode(),
191 tb.getEarnCode())) {
192 TimeCollectionRule tcr = TkServiceLocator.getTimeCollectionRuleService().getTimeCollectionRule(job.getDept(),tb.getWorkArea(),job.getHrPayType(),tb.getBeginDate());
193
194 //If you are a clock user and you have only one assignment you should not be allowed to change the assignment
195 //TODO eventually move this logic to one concise place for editable portions of the timeblock
196 List<Assignment> assignments = TkServiceLocator.getAssignmentService().getAssignments(TKContext.getPrincipalId(),tb.getBeginDate());
197 if(assignments.size() == 1){
198 if(!tcr.isClockUserFl() ){
199 return true;
200 } else{
201 return false;
202 }
203 } else {
204 return true;
205 }
206
207
208
209 }
210
211 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
212 .getEarnCodeSecurityService().getEarnCodeSecurities(
213 job.getDept(), job.getHrSalGroup(),
214 job.getLocation(), tb.getEndDate());
215 for (EarnCodeSecurity dec : deptEarnCodes) {
216 if (dec.isEmployee()
217 && StringUtils.equals(dec.getEarnCode(),
218 tb.getEarnCode())) {
219 return true;
220 }
221 }
222 }
223
224 }
225
226 return false;
227 }
228
229 @Override
230 public boolean canDeleteTimeBlock(TimeBlock tb) {
231 String userId = GlobalVariables.getUserSession().getPrincipalId();
232
233 if (userId != null) {
234
235 // if the sys admin user is working on his own time block, do not grant delete permission without further checking
236 if (TKContext.getUser().isSystemAdmin()&& !tb.getPrincipalId().equals(userId)) {
237 return true;
238 }
239 Job job = TkServiceLocator.getJobService().getJob(
240 TKContext.getTargetPrincipalId(), tb.getJobNumber(),
241 tb.getEndDate());
242 PayType payType = TkServiceLocator.getPayTypeService().getPayType(
243 job.getHrPayType(), tb.getEndDate());
244
245 TimeCollectionRule tcr = TkServiceLocator.getTimeCollectionRuleService().getTimeCollectionRule(job.getDept(),tb.getWorkArea(),payType.getPayType(),tb.getEndDate());
246
247 if (TKContext.getUser().isTimesheetApprover()
248 && TKContext.getUser().getApproverWorkAreas().contains(tb.getWorkArea())
249 || TKContext.getUser().isTimesheetReviewer()
250 && TKContext.getUser().getReviewerWorkAreas().contains(tb.getWorkArea())) {
251
252 if (StringUtils.equals(payType.getRegEarnCode(),
253 tb.getEarnCode())) {
254 return true;
255 }
256
257 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
258 .getEarnCodeSecurityService().getEarnCodeSecurities(
259 job.getDept(), job.getHrSalGroup(),
260 job.getLocation(), tb.getEndDate());
261 for (EarnCodeSecurity dec : deptEarnCodes) {
262 if (dec.isApprover()
263 && StringUtils.equals(dec.getEarnCode(),
264 tb.getEarnCode())) {
265 return true;
266 }
267 }
268 }
269
270 // // If the timeblock was created by the employee himeself and is a sync timeblock,
271 // // the user can't delete the timeblock
272 // if (userId.equals(TKContext.getTargetPrincipalId())
273 // && tb.getClockLogCreated()) {
274 // return false;
275 // // But if the timeblock was created by the employee himeself and is an async timeblock,
276 // // the user should be able to delete that timeblock
277 // } else if (userId.equals(TKContext.getTargetPrincipalId()) && !tb.getClockLogCreated() ) {
278 // return true;
279 // } else {
280
281 // if the time block is generated by clock actions, do not allow it to be edited/deleted
282 if(tb.getClockLogCreated()) {
283 return false;
284 }
285
286 //if on a regular earncode
287 if (StringUtils.equals(payType.getRegEarnCode(),
288 tb.getEarnCode())) {
289 //and the user is a clock user and this is the users timesheet do not allow to be deleted
290 if(tcr.isClockUserFl() && StringUtils.equals(userId,TKContext.getTargetPrincipalId())) {
291 return false;
292 } else {
293 return true;
294 }
295
296 }
297
298 List<EarnCodeSecurity> deptEarnCodes = TkServiceLocator
299 .getEarnCodeSecurityService().getEarnCodeSecurities(
300 job.getDept(), job.getHrSalGroup(),
301 job.getLocation(), tb.getEndDate());
302 for (EarnCodeSecurity dec : deptEarnCodes) {
303 if (dec.isEmployee()
304 && StringUtils.equals(dec.getEarnCode(),
305 tb.getEarnCode())) {
306 return true;
307 }
308 }
309
310 }
311
312 return false;
313 }
314
315
316
317 @Override
318 public boolean canViewAdminTab() {
319 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
320
321 boolean viewAdminTab = ur.isSystemAdmin() || ur.isLocationAdmin()
322 || ur.isDepartmentAdmin() || ur.isGlobalViewOnly();
323
324 return viewAdminTab;
325 }
326
327 @Override
328 public boolean canViewApproverTab() {
329 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
330
331 boolean viewApproverTab = ur.isSystemAdmin()
332 || ur.isTimesheetApprover() || ur.isTimesheetReviewer();
333
334 return viewApproverTab;
335 }
336
337 @Override
338 public boolean canViewClockTab() {
339 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
340
341 return ur.isActiveEmployee() && ur.isSynchronous();
342 }
343
344 @Override
345 public boolean canViewBatchJobsTab() {
346 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
347
348 return ur.isSystemAdmin();
349 }
350
351 @Override
352 public boolean canViewPersonInfoTab() {
353 return true;
354 }
355
356 @Override
357 public boolean canViewTimeDetailTab() {
358 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
359
360 return ur.isActiveEmployee();
361 }
362
363 @Override
364 public boolean canViewLeaveAccrualTab() {
365 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
366
367 return ur.isActiveEmployee();
368 }
369
370 @Override
371 public boolean canViewTimesheet(String documentId) {
372 boolean viewTimeSheet = false;
373
374 if (documentId != null) {
375 return canViewTimesheet(TkServiceLocator.getTimesheetService()
376 .getTimesheetDocument(documentId));
377 }
378
379 return viewTimeSheet;
380 }
381
382 @Override
383 public boolean canViewTimesheet(TimesheetDocument document) {
384 boolean viewTimeSheet = false;
385 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
386
387 if (document == null)
388 return viewTimeSheet;
389
390 // Sysadmin
391 viewTimeSheet = ur.isSystemAdmin();
392 // Owner
393 viewTimeSheet |= StringUtils.equals(ur.getPrincipalId(),
394 document.getPrincipalId());
395 // Global VO
396 viewTimeSheet |= ur.isGlobalViewOnly();
397
398 if (!viewTimeSheet) {
399 // Departmental View Only? || Reviewer || Org Admin || Approver
400 // (document object iteration)
401 List<Assignment> assignments = document.getAssignments();
402 for (Assignment assignment : assignments) {
403 String dept = assignment.getDept();
404 Long wa = assignment.getWorkArea();
405
406 viewTimeSheet |= ur.getOrgAdminDepartments().contains(dept);
407 viewTimeSheet |= ur.getApproverWorkAreas().contains(wa);
408 viewTimeSheet |= ur.getReviewerWorkAreas().contains(wa);
409 viewTimeSheet |= ur.getDepartmentViewOnlyDepartments()
410 .contains(dept);
411 }
412 }
413
414 return viewTimeSheet;
415 }
416
417 @Override
418 public boolean canEditTimesheet(TimesheetDocument document) {
419 boolean editTimeSheet = false;
420 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
421
422 // Quick escape.
423 if (document == null)
424 return editTimeSheet;
425
426 // Sysadmin
427 editTimeSheet = ur.isSystemAdmin();
428 // Owner (and not enroute/final)
429 editTimeSheet |= (StringUtils.equals(ur.getPrincipalId(),
430 document.getPrincipalId()) && (StringUtils.equals(
431 TkConstants.ROUTE_STATUS.INITIATED, document
432 .getDocumentHeader().getDocumentStatus())
433 || StringUtils.equals(TkConstants.ROUTE_STATUS.SAVED, document
434 .getDocumentHeader().getDocumentStatus()) || (StringUtils
435 .equals(TkConstants.ROUTE_STATUS.ENROUTE, document
436 .getDocumentHeader().getDocumentStatus()))));
437
438 if (!editTimeSheet) {
439 // Departmental View Only? || Reviewer || Org Admin || Approver
440 // (document object iteration)
441 List<Assignment> assignments = document.getAssignments();
442 for (Assignment assignment : assignments) {
443 String dept = assignment.getDept();
444 Long wa = assignment.getWorkArea();
445
446 editTimeSheet |= ur.getOrgAdminDepartments().contains(dept);
447 editTimeSheet |= ur.getApproverWorkAreas().contains(wa);
448 editTimeSheet |= ur.getReviewerWorkAreas().contains(wa);
449 }
450 }
451
452 return editTimeSheet;
453 }
454
455 @Override
456 public boolean canEditTimesheet(String documentId) {
457 return canEditTimesheet(TkServiceLocator.getTimesheetService()
458 .getTimesheetDocument(documentId));
459 }
460
461 @Override
462 public boolean canApproveTimesheet(TimesheetDocument doc) {
463
464 TimesheetDocumentHeader docHeader = TkServiceLocator
465 .getTimesheetDocumentHeaderService().getDocumentHeader(
466 doc.getDocumentId());
467 boolean isEnroute = StringUtils.equals(docHeader.getDocumentStatus(),
468 "ENROUTE");
469
470 if (isEnroute) {
471 DocumentRouteHeaderValue routeHeader = KEWServiceLocator
472 .getRouteHeaderService().getRouteHeader(doc.getDocumentId());
473 boolean authorized = KEWServiceLocator.getDocumentSecurityService()
474 .routeLogAuthorized(TKContext.getPrincipalId(),
475 routeHeader,
476 new SecuritySession(TKContext.getPrincipalId()));
477 if (authorized) {
478 List<String> principalsToApprove = KEWServiceLocator
479 .getActionRequestService()
480 .getPrincipalIdsWithPendingActionRequestByActionRequestedAndDocId(
481 KewApiConstants.ACTION_REQUEST_APPROVE_REQ,
482 routeHeader.getDocumentId());
483 if (!principalsToApprove.isEmpty()
484 && principalsToApprove.contains(TKContext
485 .getPrincipalId())) {
486 return true;
487 }
488 }
489 }
490 return false;
491 }
492
493 @Override
494 public boolean canSubmitTimesheet(TimesheetDocument doc) {
495 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
496
497 if (StringUtils
498 .equals(TKContext.getPrincipalId(), doc.getPrincipalId())) {
499 return true;
500 }
501
502 if (ur.isApproverForTimesheet(doc)) {
503 return true;
504 }
505
506 // System admins can route the document as well as the employee
507 if (ur.isSystemAdmin()) {
508 return true;
509 }
510 return false;
511 }
512
513 @Override
514 public boolean canSubmitTimesheet(String docId) {
515 TimesheetDocument doc = TkServiceLocator.getTimesheetService()
516 .getTimesheetDocument(docId);
517 return canSubmitTimesheet(doc);
518 }
519
520 @Override
521 public boolean canViewLinkOnMaintPages() {
522 return TKContext.getUser().isSystemAdmin()
523 || TKContext.getUser().isGlobalViewOnly();
524 }
525
526 @Override
527 public boolean canViewDeptMaintPages() {
528 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
529
530 return ur.isSystemAdmin() || ur.isGlobalViewOnly()
531 || ur.getOrgAdminCharts().size() > 0
532 || ur.getOrgAdminDepartments().size() > 0
533 || ur.getDepartmentViewOnlyDepartments().size() > 0
534 || ur.isAnyApproverActive();
535 }
536
537 @Override
538 public boolean canViewDeptMaintPages(DepartmentalRule dr) {
539 boolean ret = false;
540 if (TKContext.getUser().isSystemAdmin() || TKContext.getUser().isGlobalViewOnly())
541 return true;
542
543 if (dr != null) {
544 // dept | workArea | meaning
545 // ---------|------------|
546 // 1: % , -1 , any dept/work area valid roles
547 // *2: % , <defined> , must have work area <-- *
548 // 3: <defined>, -1 , must have dept, any work area
549 // 4: <defined>, <defined> , must have work area or department
550 // defined
551 //
552 // * Not permitted.
553
554 if (StringUtils
555 .equals(dr.getDept(), TkConstants.WILDCARD_CHARACTER)
556 && dr.getWorkArea().equals(TkConstants.WILDCARD_LONG)) {
557 // case 1
558 ret = TKContext.getUser().isApprover()
559 || TKContext.getUser().getLocationAdminAreas().size() > 0
560 || TKContext.getUser().getDepartmentAdminAreas().size() > 0;
561 } else if (StringUtils.equals(dr.getDept(),
562 TkConstants.WILDCARD_CHARACTER)) {
563 // case 2 *
564 // Should not encounter this case.
565 LOG.error("Invalid case encountered while scanning business objects: Wildcard Department & Defined workArea.");
566 } else if (dr.getWorkArea().equals(TkConstants.WILDCARD_LONG)) {
567 // case 3
568 ret = TKContext.getUser().getDepartmentAdminAreas().contains(dr.getDept());
569 } else {
570 ret = TKContext.getUser().getApproverWorkAreas().contains(dr.getWorkArea())
571 || TKContext.getUser().getDepartmentAdminAreas().contains(dr.getDept());
572 }
573 }
574
575 return ret;
576 }
577
578 @Override
579 public boolean canEditDeptMaintPages() {
580 UserRoles ur = TKContext.getUser().getCurrentTargetRoles();
581 return ur.isSystemAdmin() || ur.getOrgAdminCharts().size() > 0
582 || ur.getOrgAdminDepartments().size() > 0;
583 }
584
585 @Override
586 public boolean canEditDeptMaintPages(DepartmentalRule dr) {
587 boolean ret = false;
588 if (TKContext.getUser().isSystemAdmin())
589 return true;
590
591 if (dr != null && TKContext.getUser().getDepartmentAdminAreas().size() > 0) {
592 String dept = dr.getDept();
593 if (StringUtils.equals(dept, TkConstants.WILDCARD_CHARACTER)) {
594 // Must be system administrator
595 ret = false;
596 } else {
597 // Must have parent Department
598 ret = TKContext.getUser().getDepartmentAdminAreas().contains(dr.getDept());
599 }
600 }
601
602 return ret;
603 }
604
605 @Override
606 public boolean canWildcardWorkAreaInDeptRule(DepartmentalRule dr) {
607 // Sysadmins and (Departmental OrgAdmins for their Department)
608 if (TKContext.getUser().isSystemAdmin())
609 return true;
610
611 String dept = dr.getDept();
612 if (StringUtils.equals(dept, TkConstants.WILDCARD_CHARACTER)) {
613 // Only system administrators can wildcard the work area if the
614 // department also has a wildcard.
615 return TKContext.getUser().isSystemAdmin();
616 } else {
617 return TKContext.getUser().getDepartmentAdminAreas().contains(dept);
618 }
619 }
620
621 @Override
622 public boolean canWildcardDeptInDeptRule(DepartmentalRule dr) {
623 return TKContext.getUser().isSystemAdmin();
624 }
625
626 @Override
627 public boolean canEditOvertimeEarnCode(TimeBlock tb) {
628 WorkArea workArea = TkServiceLocator.getWorkAreaService().getWorkArea(tb.getWorkArea(), new java.sql.Date(tb.getEndTimestamp().getTime()));
629 if (StringUtils.equals(workArea.getOvertimeEditRole(), TkConstants.ROLE_TK_EMPLOYEE)) {
630 return true;
631 } else if (StringUtils.equals(workArea.getOvertimeEditRole(), TkConstants.ROLE_TK_APPROVER) ||
632 StringUtils.equals(workArea.getOvertimeEditRole(), TkConstants.ROLE_TK_APPROVER_DELEGATE)) {
633 return TKContext.getUser().getApproverWorkAreas().contains(workArea.getWorkArea());
634 } else {
635 return TKContext.getUser().getDepartmentAdminAreas().contains(workArea.getDepartment());
636 }
637 }
638
639 /*
640 * @see org.kuali.hr.time.permissions.TkPermissionsService#canEditRegEarnCode(org.kuali.hr.time.timeblock.TimeBlock)
641 * this method is used in calendar.tag
642 * it's only used when a user is working on its own timesheet, regular earn code cannot be editable on clock entered time block
643 */
644 @Override
645 public boolean canEditRegEarnCode(TimeBlock tb) {
646 AssignmentDescriptionKey adk = new AssignmentDescriptionKey(tb.getJobNumber().toString(), tb.getWorkArea().toString(), tb.getTask().toString());
647 Assignment anAssignment = TkServiceLocator.getAssignmentService().getAssignment(adk, tb.getBeginDate());
648 if(anAssignment != null) {
649 // use timesheet's end date to get Time Collection Rule
650 TimesheetDocumentHeader tdh = TkServiceLocator.getTimesheetDocumentHeaderService().getDocumentHeader(tb.getDocumentId());
651 Date aDate = tb.getBeginDate();
652 if(tdh != null && tdh.getPayEndDate() != null) {
653 aDate = new java.sql.Date(tdh.getPayEndDate().getTime());
654 }
655 TimeCollectionRule tcr = TkServiceLocator.getTimeCollectionRuleService()
656 .getTimeCollectionRule(anAssignment.getDept(), anAssignment.getWorkArea()
657 , anAssignment.getJob().getHrPayType(), aDate);
658 if(tcr != null && tcr.isClockUserFl()) {
659 // use assignment to get the payType object, then check if the regEarnCode of the paytyep matches the earn code of the timeblock
660 // if they do match, then return false
661 PayType pt = TkServiceLocator.getPayTypeService().getPayType(anAssignment.getJob().getHrPayType(), anAssignment.getJob().getEffectiveDate());
662 if(pt != null && pt.getRegEarnCode().equals(tb.getEarnCode())) {
663 return false;
664 }
665 }
666 }
667 return true;
668 }
669
670 @Override
671 public boolean canDeleteDeptLunchDeduction() {
672 return TKContext.getUser().isAnyApproverActive();
673 }
674
675 @Override
676 public boolean canAddSystemLevelRole() {
677 // TODO Auto-generated method stub
678 return false;
679 }
680
681 @Override
682 public boolean canAddLocationLevelRoles() {
683 // TODO Auto-generated method stub
684 return false;
685 }
686
687 @Override
688 public boolean canAddDepartmentLevelRoles() {
689 // TODO Auto-generated method stub
690 return false;
691 }
692
693 @Override
694 public boolean canAddWorkareaLevelRoles() {
695 // TODO Auto-generated method stub
696 return false;
697 }
698
699 public boolean hasManagerialRolesOnWorkArea(TimeBlock tb) {
700 return TKContext.getUser().getApproverWorkAreas().contains(tb.getWorkArea())
701 || TKContext.getUser().getReviewerWorkAreas().contains(tb.getWorkArea());
702 }
703
704 @Override
705 public boolean canViewTimeTabs() {
706 boolean canViewTimeTabs = false;
707 Date asOfDate = TKUtils.getTimelessDate(null);
708 String flsaStatus = TkConstants.FLSA_STATUS_NON_EXEMPT;
709 // find active assignments as of currentDate
710 String principalId = TKUser.getCurrentTargetPerson().getPrincipalId();
711 if(isActiveAssignmentFoundOnJobFlsaStatus(principalId, flsaStatus)) {
712 //find timecalendar defined
713 canViewTimeTabs = isCalendarDefined(principalId, asOfDate);
714 }
715 return canViewTimeTabs;
716 }
717
718 private boolean isActiveAssignmentFoundOnJobFlsaStatus(String principalId, String flsaStatus) {
719 boolean isActiveAssFound = false;
720 Date asOfDate = TKUtils.getTimelessDate(null);
721 List<Assignment> activeAssignments = TkServiceLocator.getAssignmentService().getAssignments(principalId, asOfDate);
722 if(activeAssignments != null && !activeAssignments.isEmpty()) {
723 for(Assignment assignment : activeAssignments) {
724 if(assignment != null && assignment.getJob() != null && assignment.getJob().getFlsaStatus() != null && assignment.getJob().getFlsaStatus().equalsIgnoreCase(flsaStatus)) {
725 isActiveAssFound = true;
726 break;
727 }
728 }
729 }
730 return isActiveAssFound;
731 }
732
733 private boolean isCalendarDefined(String principalId, Date asOfDate){
734 boolean calDefined = false;
735 PrincipalHRAttributes principalHRAttributes = TkServiceLocator.getPrincipalHRAttributeService().getPrincipalCalendar(principalId, asOfDate);
736 if(principalHRAttributes != null) {
737 calDefined = principalHRAttributes.getPayCalendar() != null ? true : false;
738 }
739 return calDefined;
740 }
741
742 }