org.kuali.ole.sec.document.authorization

Class SecTransactionalDocumentAuthorizer

java.lang.Object

org.kuali.ole.sec.document.authorization.SecTransactionalDocumentAuthorizer

All Implemented Interfaces:

org.kuali.rice.kns.authorization.BusinessObjectAuthorizer, org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer, org.kuali.rice.krad.bo.DataObjectAuthorizer, org.kuali.rice.krad.document.DocumentAuthorizer

public class SecTransactionalDocumentAuthorizer
extends Object
implements org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer

TransactionDocumentAuthorizer that wraps access security checks around another TransactionDocumentAuthorizer configured for the document type

Field Summary

Fields

Modifier and Type	Field and Description
protected org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer	documentAuthorizer

Constructor Summary

Constructors

Constructor and Description
SecTransactionalDocumentAuthorizer()

Method Summary

Methods

Modifier and Type	Method and Description
boolean	canAcknowledge(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canAddNoteAttachment(org.kuali.rice.krad.document.Document document, String attachmentTypeCode, org.kuali.rice.kim.api.identity.Person user)
boolean	canAnnotate(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canApprove(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canBlanketApprove(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canCancel(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canClose(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canCopy(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canDeleteNoteAttachment(org.kuali.rice.krad.document.Document document, String attachmentTypeCode, String createdBySelfOnly, org.kuali.rice.kim.api.identity.Person user)
boolean	canDisapprove(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canEdit(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canEditDocumentOverview(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canFyi(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canInitiate(String documentTypeName, org.kuali.rice.kim.api.identity.Person user)
boolean	canOpen(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user) If user has open permission then does further checks to verify there are no access security restriction setup that prevents the user from opening the document
boolean	canPerformRouteReport(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canRecall(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canReceiveAdHoc(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user, String actionRequestCode)
boolean	canReload(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canRoute(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canSave(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canSendAdHocRequests(org.kuali.rice.krad.document.Document document, String actionRequestCd, org.kuali.rice.kim.api.identity.Person user)
boolean	canSendAnyTypeAdHocRequests(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canSendNoteFyi(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user)
boolean	canTakeRequestedAction(org.kuali.rice.krad.document.Document document, String actionRequestCode, org.kuali.rice.kim.api.identity.Person user)
boolean	canViewNoteAttachment(org.kuali.rice.krad.document.Document document, String attachmentTypeCode, org.kuali.rice.kim.api.identity.Person user) If user has permission to view notes/attachments then does further checks to verify there are no access security restriction setup that prevents the user from viewing the notes/attachments
boolean	canViewNoteAttachment(org.kuali.rice.krad.document.Document document, String attachmentTypeCode, String authorUniversalIdentifier, org.kuali.rice.kim.api.identity.Person user)
protected AccessSecurityService	getAccessSecurityService()
Map<String,String>	getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject collectionItemBusinessObject)
Map<String,String>	getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject collectionItemBusinessObject)
Set<String>	getDocumentActions(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user, Set<String> documentActions) If there are line restrictions and the initiator override flag is turned on, we need to disable the copy and error correct buttons since those would result in documents displaying the restricted lines
Set<String>	getEditModes(org.kuali.rice.krad.document.Document document, org.kuali.rice.kim.api.identity.Person user, Set<String> editModes)
boolean	isAuthorized(org.kuali.rice.krad.bo.BusinessObject businessObject, String namespaceCode, String permissionName, String principalId)
boolean	isAuthorized(org.kuali.rice.krad.bo.BusinessObject businessObject, String namespaceCode, String permissionName, String principalId, Map<String,String> additionalPermissionDetails, Map<String,String> additionalRoleQualifiers)
boolean	isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId)
boolean	isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId, Map<String,String> additionalPermissionDetails, Map<String,String> additionalRoleQualifiers)
boolean	isAuthorizedByTemplate(org.kuali.rice.krad.bo.BusinessObject businessObject, String namespaceCode, String permissionTemplateName, String principalId)
boolean	isAuthorizedByTemplate(org.kuali.rice.krad.bo.BusinessObject businessObject, String namespaceCode, String permissionTemplateName, String principalId, Map<String,String> additionalPermissionDetails, Map<String,String> additionalRoleQualifiers)
boolean	isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId)
boolean	isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId, Map<String,String> additionalPermissionDetails, Map<String,String> additionalRoleQualifiers)
void	setDocumentAuthorizer(org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer documentAuthorizer)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

documentAuthorizer

protected org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer documentAuthorizer

Constructor Detail

SecTransactionalDocumentAuthorizer

public SecTransactionalDocumentAuthorizer()

Method Detail

getAccessSecurityService

protected AccessSecurityService getAccessSecurityService()

getEditModes

public Set<String> getEditModes(org.kuali.rice.krad.document.Document document,
                       org.kuali.rice.kim.api.identity.Person user,
                       Set<String> editModes)

Specified by:

getEditModes in interface org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer

canAddNoteAttachment

public boolean canAddNoteAttachment(org.kuali.rice.krad.document.Document document,
                           String attachmentTypeCode,
                           org.kuali.rice.kim.api.identity.Person user)

Specified by:

canAddNoteAttachment in interface org.kuali.rice.krad.document.DocumentAuthorizer

canDeleteNoteAttachment

public boolean canDeleteNoteAttachment(org.kuali.rice.krad.document.Document document,
                              String attachmentTypeCode,
                              String createdBySelfOnly,
                              org.kuali.rice.kim.api.identity.Person user)

Specified by:

canDeleteNoteAttachment in interface org.kuali.rice.krad.document.DocumentAuthorizer

canInitiate

public boolean canInitiate(String documentTypeName,
                  org.kuali.rice.kim.api.identity.Person user)

Specified by:

canInitiate in interface org.kuali.rice.krad.document.DocumentAuthorizer

canOpen

public boolean canOpen(org.kuali.rice.krad.document.Document document,
              org.kuali.rice.kim.api.identity.Person user)

If user has open permission then does further checks to verify there are no access security restriction setup that prevents the user from opening the document

Specified by:

canOpen in interface org.kuali.rice.krad.document.DocumentAuthorizer

See Also:

org.kuali.rice.krad.document.authorization.DocumentAuthorizer#canOpen(org.kuali.rice.krad.document.Document, org.kuali.rice.kim.api.identity.Person)

canReceiveAdHoc

public boolean canReceiveAdHoc(org.kuali.rice.krad.document.Document document,
                      org.kuali.rice.kim.api.identity.Person user,
                      String actionRequestCode)

Specified by:

canReceiveAdHoc in interface org.kuali.rice.krad.document.DocumentAuthorizer

canSendAdHocRequests

public boolean canSendAdHocRequests(org.kuali.rice.krad.document.Document document,
                           String actionRequestCd,
                           org.kuali.rice.kim.api.identity.Person user)

Specified by:

canSendAdHocRequests in interface org.kuali.rice.krad.document.DocumentAuthorizer

canViewNoteAttachment

public boolean canViewNoteAttachment(org.kuali.rice.krad.document.Document document,
                            String attachmentTypeCode,
                            org.kuali.rice.kim.api.identity.Person user)

If user has permission to view notes/attachments then does further checks to verify there are no access security restriction setup that prevents the user from viewing the notes/attachments

See Also:

org.kuali.rice.krad.document.authorization.DocumentAuthorizer#canViewNoteAttachment(org.kuali.rice.krad.document.Document, java.lang.String, org.kuali.rice.kim.api.identity.Person)

getDocumentActions

public Set<String> getDocumentActions(org.kuali.rice.krad.document.Document document,
                             org.kuali.rice.kim.api.identity.Person user,
                             Set<String> documentActions)

If there are line restrictions and the initiator override flag is turned on, we need to disable the copy and error correct buttons since those would result in documents displaying the restricted lines

See Also:

org.kuali.rice.krad.document.authorization.DocumentAuthorizer#getDocumentActions(org.kuali.rice.krad.document.Document, org.kuali.rice.kim.api.identity.Person, java.util.Set)

getCollectionItemPermissionDetails

public Map<String,String> getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject collectionItemBusinessObject)

Specified by:

getCollectionItemPermissionDetails in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

getCollectionItemRoleQualifications

public Map<String,String> getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject collectionItemBusinessObject)

Specified by:

getCollectionItemRoleQualifications in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

isAuthorized

public boolean isAuthorized(org.kuali.rice.krad.bo.BusinessObject businessObject,
                   String namespaceCode,
                   String permissionName,
                   String principalId)

Specified by:

isAuthorized in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

isAuthorized

public boolean isAuthorized(org.kuali.rice.krad.bo.BusinessObject businessObject,
                   String namespaceCode,
                   String permissionName,
                   String principalId,
                   Map<String,String> additionalPermissionDetails,
                   Map<String,String> additionalRoleQualifiers)

Specified by:

isAuthorized in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

isAuthorizedByTemplate

public boolean isAuthorizedByTemplate(org.kuali.rice.krad.bo.BusinessObject businessObject,
                             String namespaceCode,
                             String permissionTemplateName,
                             String principalId)

Specified by:

isAuthorizedByTemplate in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

isAuthorizedByTemplate

public boolean isAuthorizedByTemplate(org.kuali.rice.krad.bo.BusinessObject businessObject,
                             String namespaceCode,
                             String permissionTemplateName,
                             String principalId,
                             Map<String,String> additionalPermissionDetails,
                             Map<String,String> additionalRoleQualifiers)

isAuthorizedByTemplate

public boolean isAuthorizedByTemplate(Object dataObject,
                             String namespaceCode,
                             String permissionTemplateName,
                             String principalId,
                             Map<String,String> additionalPermissionDetails,
                             Map<String,String> additionalRoleQualifiers)

Specified by:

isAuthorizedByTemplate in interface org.kuali.rice.kns.authorization.BusinessObjectAuthorizer

Specified by:

isAuthorizedByTemplate in interface org.kuali.rice.krad.bo.DataObjectAuthorizer

setDocumentAuthorizer

public void setDocumentAuthorizer(org.kuali.rice.kns.document.authorization.TransactionalDocumentAuthorizer documentAuthorizer)

isAuthorized

public boolean isAuthorized(Object dataObject,
                   String namespaceCode,
                   String permissionName,
                   String principalId)

Specified by:

isAuthorized in interface org.kuali.rice.krad.bo.DataObjectAuthorizer

isAuthorizedByTemplate

public boolean isAuthorizedByTemplate(Object dataObject,
                             String namespaceCode,
                             String permissionTemplateName,
                             String principalId)

Specified by:

isAuthorizedByTemplate in interface org.kuali.rice.krad.bo.DataObjectAuthorizer

canEdit

public boolean canEdit(org.kuali.rice.krad.document.Document document,
              org.kuali.rice.kim.api.identity.Person user)

Specified by:

canEdit in interface org.kuali.rice.krad.document.DocumentAuthorizer

canAnnotate

public boolean canAnnotate(org.kuali.rice.krad.document.Document document,
                  org.kuali.rice.kim.api.identity.Person user)

Specified by:

canAnnotate in interface org.kuali.rice.krad.document.DocumentAuthorizer

canReload

public boolean canReload(org.kuali.rice.krad.document.Document document,
                org.kuali.rice.kim.api.identity.Person user)

Specified by:

canReload in interface org.kuali.rice.krad.document.DocumentAuthorizer

canClose

public boolean canClose(org.kuali.rice.krad.document.Document document,
               org.kuali.rice.kim.api.identity.Person user)

Specified by:

canClose in interface org.kuali.rice.krad.document.DocumentAuthorizer

canSave

public boolean canSave(org.kuali.rice.krad.document.Document document,
              org.kuali.rice.kim.api.identity.Person user)

Specified by:

canSave in interface org.kuali.rice.krad.document.DocumentAuthorizer

canRoute

public boolean canRoute(org.kuali.rice.krad.document.Document document,
               org.kuali.rice.kim.api.identity.Person user)

Specified by:

canRoute in interface org.kuali.rice.krad.document.DocumentAuthorizer

canCancel

public boolean canCancel(org.kuali.rice.krad.document.Document document,
                org.kuali.rice.kim.api.identity.Person user)

Specified by:

canCancel in interface org.kuali.rice.krad.document.DocumentAuthorizer

isAuthorized

public boolean isAuthorized(Object dataObject,
                   String namespaceCode,
                   String permissionName,
                   String principalId,
                   Map<String,String> additionalPermissionDetails,
                   Map<String,String> additionalRoleQualifiers)

Specified by:

isAuthorized in interface org.kuali.rice.krad.bo.DataObjectAuthorizer

canCopy

public boolean canCopy(org.kuali.rice.krad.document.Document document,
              org.kuali.rice.kim.api.identity.Person user)

Specified by:

canCopy in interface org.kuali.rice.krad.document.DocumentAuthorizer

canPerformRouteReport

public boolean canPerformRouteReport(org.kuali.rice.krad.document.Document document,
                            org.kuali.rice.kim.api.identity.Person user)

Specified by:

canPerformRouteReport in interface org.kuali.rice.krad.document.DocumentAuthorizer

canBlanketApprove

public boolean canBlanketApprove(org.kuali.rice.krad.document.Document document,
                        org.kuali.rice.kim.api.identity.Person user)

Specified by:

canBlanketApprove in interface org.kuali.rice.krad.document.DocumentAuthorizer

canApprove

public boolean canApprove(org.kuali.rice.krad.document.Document document,
                 org.kuali.rice.kim.api.identity.Person user)

Specified by:

canApprove in interface org.kuali.rice.krad.document.DocumentAuthorizer

canDisapprove

public boolean canDisapprove(org.kuali.rice.krad.document.Document document,
                    org.kuali.rice.kim.api.identity.Person user)

Specified by:

canDisapprove in interface org.kuali.rice.krad.document.DocumentAuthorizer

canSendNoteFyi

public boolean canSendNoteFyi(org.kuali.rice.krad.document.Document document,
                     org.kuali.rice.kim.api.identity.Person user)

Specified by:

canSendNoteFyi in interface org.kuali.rice.krad.document.DocumentAuthorizer

canEditDocumentOverview

public boolean canEditDocumentOverview(org.kuali.rice.krad.document.Document document,
                              org.kuali.rice.kim.api.identity.Person user)

Specified by:

canEditDocumentOverview in interface org.kuali.rice.krad.document.DocumentAuthorizer

canFyi

public boolean canFyi(org.kuali.rice.krad.document.Document document,
             org.kuali.rice.kim.api.identity.Person user)

Specified by:

canFyi in interface org.kuali.rice.krad.document.DocumentAuthorizer

canAcknowledge

public boolean canAcknowledge(org.kuali.rice.krad.document.Document document,
                     org.kuali.rice.kim.api.identity.Person user)

Specified by:

canAcknowledge in interface org.kuali.rice.krad.document.DocumentAuthorizer

canViewNoteAttachment

public boolean canViewNoteAttachment(org.kuali.rice.krad.document.Document document,
                            String attachmentTypeCode,
                            String authorUniversalIdentifier,
                            org.kuali.rice.kim.api.identity.Person user)

Specified by:

canViewNoteAttachment in interface org.kuali.rice.krad.document.DocumentAuthorizer

canSendAnyTypeAdHocRequests

public boolean canSendAnyTypeAdHocRequests(org.kuali.rice.krad.document.Document document,
                                  org.kuali.rice.kim.api.identity.Person user)

Specified by:

canSendAnyTypeAdHocRequests in interface org.kuali.rice.krad.document.DocumentAuthorizer

canTakeRequestedAction

public boolean canTakeRequestedAction(org.kuali.rice.krad.document.Document document,
                             String actionRequestCode,
                             org.kuali.rice.kim.api.identity.Person user)

Specified by:

canTakeRequestedAction in interface org.kuali.rice.krad.document.DocumentAuthorizer

canRecall

public boolean canRecall(org.kuali.rice.krad.document.Document document,
                org.kuali.rice.kim.api.identity.Person user)

Specified by:

canRecall in interface org.kuali.rice.krad.document.DocumentAuthorizer