001 /**
002 * Copyright 2004-2013 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.hr.time.timesheet.web;
017
018 import java.sql.Date;
019
020 import javax.servlet.http.HttpServletRequest;
021 import javax.servlet.http.HttpServletResponse;
022
023 import org.apache.commons.lang.StringUtils;
024 import org.apache.log4j.Logger;
025 import org.apache.struts.action.ActionForm;
026 import org.apache.struts.action.ActionForward;
027 import org.apache.struts.action.ActionMapping;
028 import org.apache.struts.action.ActionRedirect;
029 import org.kuali.hr.time.base.web.TkAction;
030 import org.kuali.hr.time.calendar.CalendarEntries;
031 import org.kuali.hr.time.detail.web.ActionFormUtils;
032 import org.kuali.hr.time.roles.TkUserRoles;
033 import org.kuali.hr.time.roles.UserRoles;
034 import org.kuali.hr.time.service.base.TkServiceLocator;
035 import org.kuali.hr.time.timesheet.TimesheetDocument;
036 import org.kuali.hr.time.util.TKContext;
037 import org.kuali.hr.time.util.TKUser;
038 import org.kuali.hr.time.util.TKUtils;
039 import org.kuali.hr.time.util.TkConstants;
040 import org.kuali.hr.time.workflow.TimesheetDocumentHeader;
041 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
042 import org.kuali.rice.krad.exception.AuthorizationException;
043 import org.kuali.rice.krad.util.GlobalVariables;
044
045 public class TimesheetAction extends TkAction {
046
047 private static final Logger LOG = Logger.getLogger(TimesheetAction.class);
048
049 @Override
050 protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
051 UserRoles roles = TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId());
052 TimesheetDocument doc = TKContext.getCurrentTimesheetDocument();
053
054 if (!roles.isDocumentReadable(doc)) {
055 throw new AuthorizationException(GlobalVariables.getUserSession().getPrincipalId(), "TimesheetAction: docid: " + doc.getDocumentId(), "");
056 }
057 }
058
059 @Override
060 public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
061 TimesheetActionForm taForm = (TimesheetActionForm) form;
062 String documentId = taForm.getDocumentId();
063
064 if (StringUtils.equals(request.getParameter("command"), "displayDocSearchView")
065 || StringUtils.equals(request.getParameter("command"), "displayActionListView") ) {
066 documentId = (String) request.getParameter("docId");
067 }
068
069 LOG.debug("DOCID: " + documentId);
070
071 // Here - viewPrincipal will be the principal of the user we intend to
072 // view, be it target user, backdoor or otherwise.
073 String viewPrincipal = TKUser.getCurrentTargetPerson().getPrincipalId();
074
075 // By handling the prev/next in the execute method, we are saving one
076 // fetch/construction of a TimesheetDocument. If it were broken out into
077 // methods, we would first fetch the current document, and then fetch
078 // the next one instead of doing it in the single action.
079 TimesheetDocument td;
080 if (StringUtils.isNotBlank(documentId)) {
081 td = TkServiceLocator.getTimesheetService().getTimesheetDocument(documentId);
082 } else {
083 // Default to whatever is active for "today".
084 Date currentDate = TKUtils.getTimelessDate(null);
085 CalendarEntries payCalendarEntries = TkServiceLocator.getCalendarService().getCurrentCalendarDates(viewPrincipal, currentDate);
086 if (payCalendarEntries == null) {
087 throw new RuntimeException("No pay calendar entry for " + viewPrincipal);
088 }
089 td = TkServiceLocator.getTimesheetService().openTimesheetDocument(viewPrincipal, payCalendarEntries);
090 }
091
092 // Set the TKContext for the current timesheet document id.
093 if (td != null) {
094 setupDocumentOnFormContext(taForm, td);
095 } else {
096 LOG.error("Null timesheet document in TimesheetAction.");
097 }
098
099 // Do this at the end, so we load the document first,
100 // then check security permissions via the superclass execution chain.
101 return super.execute(mapping, form, request, response);
102 }
103
104 public ActionForward docHandler(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
105 ActionForward forward = mapping.findForward("basic");
106 String command = request.getParameter("command");
107
108 if (StringUtils.equals(command, "displayDocSearchView") || StringUtils.equals(command, "displayActionListView")) {
109 String docId = (String) request.getParameter("docId");
110 TimesheetDocument timesheetDocument = TkServiceLocator.getTimesheetService().getTimesheetDocument(docId);
111 String timesheetPrincipalName = KimApiServiceLocator.getPersonService().getPerson(timesheetDocument.getPrincipalId()).getPrincipalName();
112
113 String principalId = TKUser.getCurrentTargetPerson().getPrincipalId();
114 String principalName = KimApiServiceLocator.getPersonService().getPerson(principalId).getPrincipalName();
115
116 StringBuilder builder = new StringBuilder();
117 if (!StringUtils.equals(principalName, timesheetPrincipalName)) {
118 if (StringUtils.equals(command, "displayDocSearchView")) {
119 builder.append("changeTargetPerson.do?methodToCall=changeTargetPerson");
120 builder.append("&documentId=");
121 builder.append(docId);
122 builder.append("&principalName=");
123 builder.append(timesheetPrincipalName);
124 builder.append("&targetUrl=TimeDetail.do");
125 builder.append("?docmentId=" + docId);
126 builder.append("&returnUrl=TimeApproval.do");
127 } else {
128 builder.append("TimeApproval.do");
129 }
130 } else {
131 builder.append("TimeDetail.do");
132 builder.append("?docmentId=" + docId);
133 }
134
135 forward = new ActionRedirect(builder.toString());
136 }
137
138 return forward;
139 }
140
141 protected void setupDocumentOnFormContext(TimesheetActionForm taForm, TimesheetDocument td){
142 String viewPrincipal = TKUser.getCurrentTargetPerson().getPrincipalId();
143 TKContext.setCurrentTimesheetDocumentId(td.getDocumentId());
144 TKContext.setCurrentTimesheetDocument(td);
145 taForm.setTimesheetDocument(td);
146 taForm.setDocumentId(td.getDocumentId());
147 TimesheetDocumentHeader prevTdh = TkServiceLocator.getTimesheetDocumentHeaderService().getPrevOrNextDocumentHeader(TkConstants.PREV_TIMESHEET, viewPrincipal);
148 TimesheetDocumentHeader nextTdh = TkServiceLocator.getTimesheetDocumentHeaderService().getPrevOrNextDocumentHeader(TkConstants.NEXT_TIMESHEET, viewPrincipal);
149
150 taForm.setPrevDocumentId(prevTdh != null ? prevTdh.getDocumentId() : null);
151 taForm.setNextDocumentId(nextTdh != null ? nextTdh.getDocumentId() : null);
152
153 taForm.setPayCalendarDates(td.getPayCalendarEntry());
154 taForm.setOnCurrentPeriod(ActionFormUtils.getOnCurrentPeriodFlag(taForm.getPayCalendarDates()));
155 }
156
157 }