View Javadoc
1   /*
2    * Copyright 2007 The Kuali Foundation
3    * 
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    * http://www.opensource.org/licenses/ecl2.php
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.ole.pdp.document.validation.impl;
17  
18  import java.util.HashMap;
19  import java.util.Map;
20  
21  import org.kuali.ole.pdp.PdpPropertyConstants;
22  import org.kuali.ole.pdp.businessobject.PayeeACHAccount;
23  import org.kuali.ole.sys.OLEKeyConstants;
24  import org.kuali.ole.sys.context.SpringContext;
25  import org.kuali.rice.kim.api.identity.Person;
26  import org.kuali.rice.kns.document.MaintenanceDocument;
27  import org.kuali.rice.kns.maintenance.rules.MaintenanceDocumentRuleBase;
28  import org.kuali.rice.krad.service.BusinessObjectService;
29  import org.kuali.rice.krad.util.GlobalVariables;
30  
31  /**
32   * Performs business rules for the Payee ACH Account maintenance document
33   */
34  public class PayeeAchAccountRule extends MaintenanceDocumentRuleBase {
35      protected static org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(PayeeACHAccount.class);
36  
37      protected PayeeACHAccount oldPayeeAchAccount;
38      protected PayeeACHAccount newPayeeAchAccount;
39  
40      /**
41       * @see org.kuali.rice.kns.maintenance.rules.MaintenanceDocumentRuleBase#setupConvenienceObjects()
42       */
43      public void setupConvenienceObjects() {
44          LOG.info("setupConvenienceObjects called");
45  
46          // setup oldPayeeAchAccount convenience objects, make sure all possible sub-objects are populated
47          oldPayeeAchAccount = (PayeeACHAccount) super.getOldBo();
48  
49          // setup newPayeeAchAccount convenience objects, make sure all possible sub-objects are populated
50          newPayeeAchAccount = (PayeeACHAccount) super.getNewBo();
51      }
52  
53      /**
54       * @see org.kuali.rice.kns.maintenance.rules.MaintenanceDocumentRuleBase#processCustomSaveDocumentBusinessRules(org.kuali.rice.kns.document.MaintenanceDocument)
55       */
56      protected boolean processCustomSaveDocumentBusinessRules(MaintenanceDocument document) {
57          LOG.info("processCustomSaveDocumentBusinessRules called");
58  
59          // call the route rules to report all of the messages, but ignore the result
60          processCustomRouteDocumentBusinessRules(document);
61  
62          // Save always succeeds, even if there are business rule failures
63          return true;
64      }
65  
66      /**
67       * @see org.kuali.rice.kns.maintenance.rules.MaintenanceDocumentRuleBase#processCustomRouteDocumentBusinessRules(org.kuali.rice.kns.document.MaintenanceDocument)
68       */
69      protected boolean processCustomRouteDocumentBusinessRules(MaintenanceDocument document) {
70          LOG.info("processCustomRouteDocumentBusinessRules called");
71          setupConvenienceObjects();
72  
73          // no need to do further checking if user is not even allowed to submit new BO
74          if (!checkTransactionTypeAllowed()) return false;
75          
76          return checkForDuplicateRecord();
77      }
78  
79      /**
80       * Checks to verify record is not a duplicate for payee id. Do not check for a duplicate record if the following conditions are
81       * true 1. editing an existing record (old primary key = new primary key) 2. new PSD code = old PSD code 3. new payee type code
82       * = old payee type code 4. depending of the value of payee type code, new correspoding PayeeId = old corresponding PayeeId
83       * 
84       * @return true if record is not duplicate, false otherwise
85       */
86      protected boolean checkForDuplicateRecord() {
87          String newPayeeIdNumber = newPayeeAchAccount.getPayeeIdNumber();
88          String newPayeeIdTypeCd = newPayeeAchAccount.getPayeeIdentifierTypeCode();
89          String newAchTransactionType = newPayeeAchAccount.getAchTransactionType();
90  
91          boolean valid = true;
92  
93          if (newPayeeAchAccount.getAchAccountGeneratedIdentifier() != null && oldPayeeAchAccount.getAchAccountGeneratedIdentifier() != null && newPayeeAchAccount.getAchAccountGeneratedIdentifier().equals(oldPayeeAchAccount.getAchAccountGeneratedIdentifier())) {
94              if (newPayeeIdTypeCd.equals(oldPayeeAchAccount.getPayeeIdentifierTypeCode()) && newAchTransactionType.equals(oldPayeeAchAccount.getAchTransactionType())) {
95                  if (newPayeeAchAccount.getPayeeIdNumber().equals(oldPayeeAchAccount.getPayeeIdNumber())) {
96                      return valid;
97                  }
98              }
99          }
100 
101         // check for a duplicate record if creating a new record or editing an old one and above mentioned conditions are not true
102         Map<String, Object> criteria = new HashMap<String, Object>();
103 
104         criteria.put(PdpPropertyConstants.ACH_TRANSACTION_TYPE, newAchTransactionType);
105         criteria.put(PdpPropertyConstants.PAYEE_IDENTIFIER_TYPE_CODE, newPayeeIdTypeCd);
106         criteria.put(PdpPropertyConstants.PAYEE_ID_NUMBER, newPayeeIdNumber);
107 
108         int matches = SpringContext.getBean(BusinessObjectService.class).countMatching(PayeeACHAccount.class, criteria);
109         if (matches > 0) {
110             putFieldError(PdpPropertyConstants.PAYEE_ID_NUMBER, OLEKeyConstants.ERROR_DOCUMENT_PAYEEACHACCOUNTMAINT_DUPLICATE_RECORD);
111             valid = false;
112         }
113 
114         return valid;
115     }
116 
117     /**
118      * Checks if the user is allowed to submit the new created/edited PayeeAchAccount based on its current transactionType.  
119      * This checking is needed to prevent the following scenarios which bypass the document level authorization checking:
120      * #1 A Bursar user creates a blank PayeeAchAccount, sets the transactionType to TR and submits;
121      * #2 A Bursar user copies a PayeeAchAccount with transactionType BZ, changes the transactionType to TR and submits;
122      * #3 A Bursar user edits a PayeeAchAccount with transactionType BZ, changes the transactionType to TR and submits.
123      */
124     protected boolean checkTransactionTypeAllowed() {
125         String docTypeName = maintDocDictionaryService.getDocumentTypeName(PayeeACHAccount.class);
126         Person user = GlobalVariables.getUserSession().getPerson();
127         boolean allowed = businessObjectAuthorizationService.canMaintain(newPayeeAchAccount, user, docTypeName);
128         String transType = newPayeeAchAccount.getAchTransactionType();
129 
130         if (!allowed) {
131             putFieldError(PdpPropertyConstants.ACH_TRANSACTION_TYPE, OLEKeyConstants.ERROR_DOCUMENT_PAYEEACHACCOUNTMAINT_TRANSACTION_TYPE_NOT_ALLOWED, transType);
132         }
133         return allowed;
134     }
135     
136 }