View Javadoc
1   /*
2    * Copyright 2009 The Kuali Foundation.
3    * 
4    * Licensed under the Educational Community License, Version 1.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    * http://www.opensource.org/licenses/ecl1.php
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.ole.sec.document.authorization;
17  
18  import java.util.List;
19  import java.util.Set;
20  
21  import org.kuali.ole.sec.service.AccessSecurityService;
22  import org.kuali.ole.sys.businessobject.AccountingLine;
23  import org.kuali.ole.sys.context.SpringContext;
24  import org.kuali.ole.sys.document.AccountingDocument;
25  import org.kuali.ole.sys.document.authorization.AccountingLineAuthorizer;
26  import org.kuali.ole.sys.document.web.AccountingLineRenderingContext;
27  import org.kuali.ole.sys.document.web.AccountingLineViewAction;
28  import org.kuali.rice.kim.api.identity.Person;
29  
30  
31  /**
32   * AccountingLineAuthorizer that wraps access security checks around another AccountingLineAuthorizer configured for the document type
33   */
34  public class SecAccountingLineAuthorizer implements AccountingLineAuthorizer {
35      protected AccountingLineAuthorizer lineAuthorizer;
36  
37      public List<AccountingLineViewAction> getActions(AccountingDocument accountingDocument, AccountingLineRenderingContext accountingLineRenderingContext, String accountingLinePropertyName, Integer lineIndex, Person currentUser, String groupTitle) {
38          return lineAuthorizer.getActions(accountingDocument, accountingLineRenderingContext, accountingLinePropertyName, lineIndex, currentUser, groupTitle);
39      }
40  
41      public Set<String> getUnviewableBlocks(AccountingDocument accountingDocument, AccountingLine accountingLine, boolean newLine, Person currentUser) {
42          return lineAuthorizer.getUnviewableBlocks(accountingDocument, accountingLine, newLine, currentUser);
43      }
44  
45      /**
46       * Makes call to check edit access security on accounting line
47       * 
48       * @see org.kuali.ole.sys.document.authorization.AccountingLineAuthorizer#hasEditPermissionOnAccountingLine
49       */
50      public boolean hasEditPermissionOnAccountingLine(AccountingDocument accountingDocument, AccountingLine accountingLine, String accountingLineCollectionProperty, Person currentUser, boolean pageIsEditable) {
51          boolean hasEditPermission = lineAuthorizer.hasEditPermissionOnAccountingLine(accountingDocument, accountingLine, accountingLineCollectionProperty, currentUser, pageIsEditable);
52          
53          if (hasEditPermission) {
54              hasEditPermission = SpringContext.getBean(AccessSecurityService.class).canEditDocumentAccountingLine(accountingDocument, accountingLine, currentUser);
55          }
56              
57          return hasEditPermission;
58      }
59  
60      /**
61       * If access was granted to line and line authorizer allows field modify then allow field modify
62       * 
63       * @see org.kuali.ole.sys.document.authorization.AccountingLineAuthorizer#hasEditPermissionOnField
64       */
65      public boolean hasEditPermissionOnField(AccountingDocument accountingDocument, AccountingLine accountingLine, String accountingLineCollectionProperty, String fieldName, boolean editableLine, boolean editablePage, Person currentUser) {
66          boolean hasEditPermission = lineAuthorizer.hasEditPermissionOnField(accountingDocument, accountingLine, accountingLineCollectionProperty, fieldName, editableLine, editablePage, currentUser);
67          
68          return hasEditPermission && editableLine;
69      }
70  
71      public boolean isGroupEditable(AccountingDocument accountingDocument, List<? extends AccountingLineRenderingContext> accountingLineRenderingContexts, Person currentUser) {
72          return lineAuthorizer.isGroupEditable(accountingDocument, accountingLineRenderingContexts, currentUser);
73      }
74  
75      public boolean renderNewLine(AccountingDocument accountingDocument, String accountingGroupProperty) {
76          return lineAuthorizer.renderNewLine(accountingDocument, accountingGroupProperty);
77      }
78  
79      /**
80       * Sets the lineAuthorizer attribute value.
81       * 
82       * @param lineAuthorizer The lineAuthorizer to set.
83       */
84      public void setLineAuthorizer(AccountingLineAuthorizer lineAuthorizer) {
85          this.lineAuthorizer = lineAuthorizer;
86      }
87  
88  
89  }