View Javadoc
1   /*
2    * Copyright 2009 The Kuali Foundation
3    * 
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    * http://www.opensource.org/licenses/ecl2.php
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.ole.sys.batch.service.impl;
17  
18  import java.io.File;
19  import java.util.HashMap;
20  import java.util.List;
21  import java.util.Map;
22  
23  import org.kuali.ole.sys.FinancialSystemModuleConfiguration;
24  import org.kuali.ole.sys.OLEConstants;
25  import org.kuali.ole.sys.batch.BatchFile;
26  import org.kuali.ole.sys.batch.BatchFileUtils;
27  import org.kuali.ole.sys.batch.service.BatchFileAdminAuthorizationService;
28  import org.kuali.ole.sys.context.SpringContext;
29  import org.kuali.ole.sys.identity.OleKimAttributes;
30  import org.kuali.rice.kim.api.KimConstants;
31  import org.kuali.rice.kim.api.identity.Person;
32  import org.kuali.rice.kim.api.services.IdentityManagementService;
33  import org.kuali.rice.krad.bo.ModuleConfiguration;
34  import org.kuali.rice.krad.service.KualiModuleService;
35  import org.kuali.rice.krad.service.ModuleService;
36  import org.kuali.rice.krad.util.KRADConstants;
37  
38  public class BatchFileAdminAuthorizationServiceImpl implements BatchFileAdminAuthorizationService {
39  
40      private IdentityManagementService identityManagementService;
41      private KualiModuleService kualiModuleService;
42      
43      @Override
44      public boolean canDownload(BatchFile batchFile, Person user) {
45          return getIdentityManagementService().isAuthorizedByTemplateName(user.getPrincipalId(),
46                  OLEConstants.PermissionTemplate.VIEW_BATCH_FILES.namespace, OLEConstants.PermissionTemplate.VIEW_BATCH_FILES.name,
47                  generateDownloadCheckPermissionDetails(batchFile, user), generateDownloadCheckRoleQualifiers(batchFile, user));
48      }
49  
50      @Override
51      public boolean canDelete(BatchFile batchFile, Person user) {
52          return getIdentityManagementService().isAuthorizedByTemplateName(user.getPrincipalId(),
53                  OLEConstants.PermissionTemplate.VIEW_BATCH_FILES.namespace, OLEConstants.PermissionTemplate.VIEW_BATCH_FILES.name,
54                  generateDownloadCheckPermissionDetails(batchFile, user), generateDownloadCheckRoleQualifiers(batchFile, user));
55      }
56      
57      protected String determineNamespaceCode(BatchFile batchFile) {
58          for (ModuleService moduleService : getKualiModuleService().getInstalledModuleServices()) {
59              ModuleConfiguration moduleConfiguration = moduleService.getModuleConfiguration();
60              if (moduleConfiguration instanceof FinancialSystemModuleConfiguration) {
61                  List<String> batchFileDirectories = ((FinancialSystemModuleConfiguration) moduleConfiguration).getBatchFileDirectories();
62                  for (String batchFileDirectoryName : batchFileDirectories) {
63                      File directory = new File(batchFileDirectoryName).getAbsoluteFile();
64                      String fileName = batchFile.getFileName();
65                      if(fileName.contains(OLEConstants.REENCUM_RECURR) || fileName.contains(OLEConstants.PO_BULK_AMEND_OUT_FILE_NM) || fileName.contains(OLEConstants.POBA_FILE) || fileName.contains(OLEConstants.POBA_LOG_FILE))   {
66                          return moduleConfiguration.getNamespaceCode();
67                      } else if (BatchFileUtils.isSuperDirectoryOf(directory, batchFile.retrieveFile())) {
68                          return moduleConfiguration.getNamespaceCode();
69                      }
70                  }
71              }
72          }
73          return null;
74      }
75  
76      protected Map<String,String> generateDownloadCheckPermissionDetails(BatchFile batchFile, Person user) {
77          return generatePermissionDetails(batchFile, user);
78      }
79      
80      protected Map<String,String> generateDownloadCheckRoleQualifiers(BatchFile batchFile, Person user) {
81          return generateRoleQualifiers(batchFile, user);
82      }
83  
84      protected Map<String,String> generateDeleteCheckPermissionDetails(BatchFile batchFile, Person user) {
85          return generatePermissionDetails(batchFile, user);
86      }
87      
88      protected Map<String,String> generateDeleteCheckRoleQualifiers(BatchFile batchFile, Person user) {
89          return generateRoleQualifiers(batchFile, user);
90      }
91  
92      protected Map<String,String> generatePermissionDetails(BatchFile batchFile, Person user) {
93          Map<String,String> permissionDetails = new HashMap<String,String>();
94          permissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, determineNamespaceCode(batchFile));
95          permissionDetails.put(OleKimAttributes.FILE_PATH, replaceSlashes(batchFile.getPath() + File.separator + batchFile.getFileName()));
96          return permissionDetails;
97      }
98      
99      /**
100      * The permissions for the filePath will be added using '/' directory separators.
101      * This method will replace any '\\' directory separators with '/'
102      *
103      * @param filePath
104      * @return
105      */
106     private String replaceSlashes(String filePath) {
107 
108         if (File.separatorChar == '\\') {
109             filePath = filePath.replace(File.separatorChar, '/');
110         }
111 
112         return filePath;
113     }
114 
115     protected Map<String,String> generateRoleQualifiers(BatchFile batchFile, Person user) {
116         return new HashMap<String,String>();
117     }
118     
119     protected IdentityManagementService getIdentityManagementService() {
120         if (identityManagementService == null) {
121             identityManagementService = SpringContext.getBean(IdentityManagementService.class);
122         }
123         return identityManagementService;
124     }
125 
126     public KualiModuleService getKualiModuleService() {
127         if (kualiModuleService == null) {
128             kualiModuleService = SpringContext.getBean(KualiModuleService.class);
129         }
130         return kualiModuleService;
131     }
132 }