View Javadoc
1   /*
2    * Copyright 2010 The Kuali Foundation.
3    * 
4    * Licensed under the Educational Community License, Version 1.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    * http://www.opensource.org/licenses/ecl1.php
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.ole.sec.document.validation.impl;
17  
18  import java.util.HashMap;
19  import java.util.Map;
20  
21  import org.apache.commons.lang.StringUtils;
22  import org.kuali.ole.sec.SecConstants;
23  import org.kuali.ole.sec.SecKeyConstants;
24  import org.kuali.ole.sec.SecPropertyConstants;
25  import org.kuali.ole.sec.businessobject.SecurityAttributeMetadata;
26  import org.kuali.ole.sys.context.SpringContext;
27  import org.kuali.rice.krad.service.BusinessObjectService;
28  import org.kuali.rice.krad.util.GlobalVariables;
29  
30  
31  /**
32   * Contains some common validation logic
33   */
34  public class SecurityValidationUtil {
35  
36      /**
37       * Validates the given value exist for the attribute. SECURITY_ATTRIBUTE_METADATA_MAP maps the attribute to the business object class and primitive key field need to do the
38       * existence search.
39       * 
40       * @param attributeName name of attribute for value
41       * @param attributeValue the value to validate
42       * @param errorKeyPrefix prefix for error key if the value does not exist
43       * @return boolean true if the value exist, false if it does not
44       */
45      public static boolean validateAttributeValue(String attributeName, String attributeValue, String errorKeyPrefix) {
46          boolean isValid = true;
47  
48          if (!SecConstants.SECURITY_ATTRIBUTE_METADATA_MAP.containsKey(attributeName)) {
49              return isValid;
50          }
51          SecurityAttributeMetadata attributeMetadata = (SecurityAttributeMetadata) SecConstants.SECURITY_ATTRIBUTE_METADATA_MAP.get(attributeName);
52  
53          String[] attributeValues;
54          if (StringUtils.contains(attributeValue, SecConstants.SecurityValueSpecialCharacters.MULTI_VALUE_SEPERATION_CHARACTER)) {
55              attributeValues = StringUtils.split(attributeValue, SecConstants.SecurityValueSpecialCharacters.MULTI_VALUE_SEPERATION_CHARACTER);
56          }
57          else {
58              attributeValues = new String[1];
59              attributeValues[0] = attributeValue;
60          }
61  
62          for (int i = 0; i < attributeValues.length; i++) {
63              if (!StringUtils.contains(attributeValues[i], SecConstants.SecurityValueSpecialCharacters.WILDCARD_CHARACTER)) {
64                  Map<String, String> searchValues = new HashMap<String, String>();
65                  searchValues.put(attributeMetadata.getAttributeField(), attributeValues[i]);
66  
67                  int matches = SpringContext.getBean(BusinessObjectService.class).countMatching(attributeMetadata.getAttributeClass(), searchValues);
68                  if (matches <= 0) {
69                      GlobalVariables.getMessageMap().putError(errorKeyPrefix + SecPropertyConstants.ATTRIBUTE_VALUE, SecKeyConstants.ERROR_ATTRIBUTE_VALUE_EXISTENCE, attributeValues[i], attributeName);
70                      isValid = false;
71                  }
72              }
73          }
74  
75          return isValid;
76      }
77  
78  }