View Javadoc
1   /*
2    * Copyright 2008 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.ole.sys.document.authorization;
17  
18  import java.util.Set;
19  
20  import org.apache.commons.logging.Log;
21  import org.apache.commons.logging.LogFactory;
22  import org.kuali.ole.sys.OLEConstants;
23  import org.kuali.ole.sys.OLEConstants.PermissionTemplate;
24  import org.kuali.rice.kim.api.identity.Person;
25  import org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizerBase;
26  import org.kuali.rice.krad.document.Document;
27  import org.kuali.rice.krad.util.KRADConstants;
28  
29  public class FinancialSystemTransactionalDocumentAuthorizerBase extends TransactionalDocumentAuthorizerBase {
30      private static final Log LOG = LogFactory.getLog(FinancialSystemTransactionalDocumentAuthorizerBase.class);
31  
32      /**
33       * Overridden to check if document error correction can be allowed here.
34       *
35       * @see org.kuali.rice.kns.document.authorization.DocumentAuthorizerBase#getDocumentActions(org.kuali.rice.kns.document.Document,
36       *      org.kuali.rice.kim.api.identity.Person, java.util.Set)
37       */
38      @Override
39      public Set<String> getDocumentActions(Document document, Person user, Set<String> documentActionsFromPresentationController) {
40          Set<String> documentActionsToReturn = super.getDocumentActions(document, user, documentActionsFromPresentationController);
41  
42          if (documentActionsToReturn.contains(OLEConstants.KFS_ACTION_CAN_ERROR_CORRECT)
43                  && !(documentActionsToReturn.contains(KRADConstants.KUALI_ACTION_CAN_COPY)
44                  && canErrorCorrect(document, user))) {
45              documentActionsToReturn.remove(OLEConstants.KFS_ACTION_CAN_ERROR_CORRECT);
46          }
47  
48          if (documentActionsToReturn.contains(OLEConstants.KFS_ACTION_CAN_EDIT_BANK)
49                  && !canEditBankCode(document, user)) {
50              documentActionsToReturn.remove(OLEConstants.KFS_ACTION_CAN_EDIT_BANK);
51          }
52  
53          // CSU 6702 BEGIN
54          // rSmart-jkneal-KFSCSU-199-begin mod for adding accounting period edit action
55          if (documentActionsToReturn.contains(KRADConstants.KUALI_ACTION_CAN_EDIT) && documentActionsToReturn.contains(OLEConstants.YEAR_END_ACCOUNTING_PERIOD_VIEW_DOCUMENT_ACTION)) {
56              // check KIM permission for view, approvers always have permission to view
57              if (!document.getDocumentHeader().getWorkflowDocument().isApprovalRequested() && !super.isAuthorized(document, OLEConstants.CoreModuleNamespaces.OLE, OLEConstants.YEAR_END_ACCOUNTING_PERIOD_VIEW_PERMISSION, user.getPrincipalId())) {
58                  documentActionsToReturn.remove(OLEConstants.YEAR_END_ACCOUNTING_PERIOD_VIEW_DOCUMENT_ACTION);
59              }
60              // check KIM permission for edit
61              else if (super.isAuthorized(document, OLEConstants.CoreModuleNamespaces.OLE, OLEConstants.YEAR_END_ACCOUNTING_PERIOD_EDIT_PERMISSION, user.getPrincipalId())) {
62                  documentActionsToReturn.add(OLEConstants.YEAR_END_ACCOUNTING_PERIOD_EDIT_DOCUMENT_ACTION);
63              }
64          }
65          // rSmart-jkneal-KFSCSU-199-end mod
66          // CSU 6702 END
67          return documentActionsToReturn;
68      }
69  
70      /**
71       * Determines if the KIM permission is available to error correct the given document
72       *
73       * @param document the document to correct
74       * @param user the user to check error correction for
75       * @return true if the user can error correct, false otherwise
76       */
77      public boolean canErrorCorrect(Document document, Person user) {
78          return isAuthorizedByTemplate(document, OLEConstants.CoreModuleNamespaces.OLE, PermissionTemplate.ERROR_CORRECT_DOCUMENT.name, user.getPrincipalId());
79      }
80  
81      /**
82       * Determines if the KIM permission is available to error correct the given document
83       *
84       * @param document the document to correct
85       * @param user the user to check error correction for
86       * @return true if the user can error correct, false otherwise
87       */
88      public boolean canEditBankCode(Document document, Person user) {
89          return isAuthorizedByTemplate(document, OLEConstants.CoreModuleNamespaces.OLE, PermissionTemplate.EDIT_BANK_CODE.name, user.getPrincipalId());
90      }
91  }