001 /**
002 * Copyright 2004-2013 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.hr.time.roles.service;
017
018 import org.apache.commons.lang.StringUtils;
019 import org.apache.log4j.Logger;
020 import org.kuali.hr.job.Job;
021 import org.kuali.hr.time.roles.TkRole;
022 import org.kuali.hr.time.roles.TkRoleGroup;
023 import org.kuali.hr.time.roles.dao.TkRoleGroupDao;
024 import org.kuali.hr.time.service.base.TkServiceLocator;
025 import org.kuali.hr.time.util.TKContext;
026 import org.kuali.hr.time.util.TKUser;
027 import org.kuali.hr.time.util.TKUtils;
028 import org.kuali.rice.kim.api.identity.principal.Principal;
029 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
030
031 import java.util.ArrayList;
032 import java.util.Iterator;
033 import java.util.List;
034 import java.util.Set;
035
036 public class TkRoleGroupServiceImpl implements TkRoleGroupService {
037
038 private static final Logger LOG = Logger.getLogger(TkRoleGroupServiceImpl.class);
039
040 private TkRoleGroupDao tkRoleGroupDao;
041
042 public void setTkRoleGroupDao(TkRoleGroupDao tkRoleGroupDao) {
043 this.tkRoleGroupDao = tkRoleGroupDao;
044 }
045
046 @Override
047 public void saveOrUpdate(List<TkRoleGroup> roleGroups) {
048 this.tkRoleGroupDao.saveOrUpdateRoleGroups(roleGroups);
049 }
050
051 @Override
052 public void saveOrUpdate(TkRoleGroup roleGroup) {
053 this.tkRoleGroupDao.saveOrUpdateRoleGroup(roleGroup);
054 }
055
056 @Override
057 public TkRoleGroup getRoleGroup(String principalId) {
058 return tkRoleGroupDao.getRoleGroup(principalId);
059 }
060
061 @Override
062 public void populateRoles(TkRoleGroup tkRoleGroup) {
063 if (tkRoleGroup != null) {
064 List<TkRole> tkRoles = TkServiceLocator.getTkRoleService().getRoles(tkRoleGroup.getPrincipalId(), TKUtils.getCurrentDate());
065 List<TkRole> tkInActiveRoles = TkServiceLocator.getTkRoleService().getInactiveRoles(tkRoleGroup.getPrincipalId(), TKUtils.getCurrentDate());
066 Iterator<TkRole> itr = tkRoles.iterator();
067 while (itr.hasNext()) {
068 TkRole tkRole = (TkRole) itr.next();
069 if (tkRoleGroup.getPositionRoles() != null && tkRoleGroup.getPositionRoles().contains(tkRole)) {
070 itr.remove();
071 }
072 }
073 itr = tkInActiveRoles.iterator();
074 while (itr.hasNext()) {
075 TkRole tkRole = (TkRole) itr.next();
076 if (tkRoleGroup.getPositionRoles() != null && tkRoleGroup.getPositionRoles().contains(tkRole)) {
077 itr.remove();
078 }
079 }
080 tkRoleGroup.setRoles(tkRoles);
081 tkRoleGroup.setInactiveRoles(tkInActiveRoles);
082 }
083 }
084
085 @Override
086 public List<TkRoleGroup> getRoleGroups(String principalId, String principalName, String workArea, String dept, String roleName) {
087
088 List<TkRoleGroup> tkRoleGroups = new ArrayList<TkRoleGroup>();
089 String principalIdToQuery = "";
090 /**
091 * There are three different wasys to search for the roles :
092 * 1) through principalId
093 * 2) through principalName
094 * 3) search for all the roles / role groups
095 */
096 if (StringUtils.isNotBlank(principalId)) {
097 Principal person = KimApiServiceLocator.getIdentityService().getPrincipal(principalId);
098 if (person != null && isAuthorizedToEditUserRole(person.getPrincipalId())) {
099 principalIdToQuery = person.getPrincipalId();
100 } else {
101 principalIdToQuery = principalId;
102 }
103 } else if (StringUtils.isNotBlank(principalName)) {
104 Principal person = KimApiServiceLocator.getIdentityService().getPrincipalByPrincipalName(principalName);
105 if (person != null && isAuthorizedToEditUserRole(person.getPrincipalId())) {
106 principalIdToQuery = person.getPrincipalId();
107 } else {
108 principalIdToQuery = null;
109 }
110 } else {
111
112 }
113
114 Long workAreaToQuery = StringUtils.isEmpty(workArea) ? null : Long.parseLong(workArea);
115 if(principalIdToQuery != null) {
116 List<TkRole> tkRoles = TkServiceLocator.getTkRoleService().getRoles(principalIdToQuery, TKUtils.getCurrentDate(), roleName, workAreaToQuery, dept);
117
118 for (TkRole tkRole : tkRoles) {
119 if (StringUtils.isEmpty(tkRole.getPositionNumber())) {
120 TkRoleGroup tkRoleGroup = new TkRoleGroup();
121 if (isAuthorizedToEditUserRole(tkRole.getPrincipalId())) {
122 tkRoleGroup.setPerson(tkRole.getPerson());
123 tkRoleGroup.setPrincipalId(tkRole.getPrincipalId());
124 tkRoleGroups.add(tkRoleGroup);
125 }
126 if (StringUtils.isNotEmpty(principalIdToQuery)) {
127 break;
128 }
129 } else {
130 List<Job> listRolePositionActiveJobs = TkServiceLocator.getJobService().getActiveJobsForPosition(tkRole.getPositionNumber(), TKUtils.getCurrentDate());
131 for (Job rolePositionJob : listRolePositionActiveJobs) {
132 String rolePositionJobPrincipalId = rolePositionJob.getPrincipalId();
133 TkRoleGroup tkRoleGroup = new TkRoleGroup();
134 if (isAuthorizedToEditUserRole(rolePositionJobPrincipalId)) {
135 if (((StringUtils.isNotEmpty(dept) && StringUtils.equals(tkRole.getDepartment(), dept)) || StringUtils.isEmpty(dept)) &&
136 ((StringUtils.isNotEmpty(roleName) && StringUtils.equals(tkRole.getRoleName(), roleName)) || StringUtils.isEmpty(roleName)) &&
137 ((StringUtils.isNotEmpty(workArea) && StringUtils.equals(tkRole.getWorkArea().toString(), workArea)) || StringUtils.isEmpty(workArea)) ) {
138 tkRoleGroup.setPerson(KimApiServiceLocator.getPersonService().getPerson(rolePositionJobPrincipalId));
139 tkRoleGroup.setPrincipalId(rolePositionJobPrincipalId);
140 tkRoleGroups.add(tkRoleGroup);
141 }
142 }
143 }
144 }
145 }
146 }
147 return tkRoleGroups;
148 }
149
150 private boolean isAuthorizedToEditUserRole(String principalId) {
151 boolean isAuthorized = false;
152 //System admin can do anything
153 if (TKUser.isSystemAdmin()) {
154 return true;
155 }
156
157 List<Job> lstJobs = TkServiceLocator.getJobService().getJobs(principalId, TKUtils.getCurrentDate());
158 Set<String> locationAdminAreas = TKUser.getLocationAdminAreas();
159 //Confirm if any job matches this users location admin roles
160 for (String location : locationAdminAreas) {
161 for (Job job : lstJobs) {
162 if (StringUtils.equals(location, job.getLocation())) {
163 return true;
164 }
165 }
166 }
167
168 Set<String> departmentAdminAreas = TKUser.getDepartmentAdminAreas();
169 //Confirm if any job matches this users department admin roles
170 for (String dept : departmentAdminAreas) {
171 for (Job job : lstJobs) {
172 if (StringUtils.equals(dept, job.getDept())) {
173 return true;
174 }
175 }
176 }
177 return isAuthorized;
178 }
179
180 }