1 package org.kuali.ole.deliver.controller;
2
3 import org.apache.commons.lang.StringUtils;
4 import org.kuali.ole.OLEConstants;
5 import org.kuali.ole.deliver.form.CircForm;
6 import org.kuali.ole.deliver.form.OleLoanForm;
7 import org.kuali.ole.sys.context.SpringContext;
8 import org.kuali.rice.kim.api.identity.Person;
9 import org.kuali.rice.kim.api.identity.PersonService;
10 import org.kuali.rice.kim.api.permission.PermissionService;
11 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
12 import org.kuali.rice.krad.util.GlobalVariables;
13
14 import java.util.Iterator;
15 import java.util.List;
16
17
18
19
20 public class PermissionsValidatorUtil {
21
22 private PermissionService permissionService;
23 private PersonService personService;
24
25
26 public void handlePermissions(OleLoanForm oleLoanForm) {
27 List<String> newErrorsAndPermission = oleLoanForm.getNewErrorsAndPermission();
28 if (null != newErrorsAndPermission) {
29 Boolean finalOverridePermission = true;
30 for (Iterator<String> iterator = newErrorsAndPermission.iterator(); iterator.hasNext(); ) {
31 String permissionName = iterator.next();
32 String principalId = null;
33 String newPrincipalName = oleLoanForm.getOverridingPrincipalName();
34 if (StringUtils.isNotBlank(newPrincipalName)) {
35 Person supervisorForOverride = getPersonService().getPersonByPrincipalName(newPrincipalName);
36 if (null != supervisorForOverride) {
37 principalId = supervisorForOverride.getPrincipalId();
38 }
39 }
40
41 if (null == principalId) {
42 principalId = GlobalVariables.getUserSession().getPrincipalId();
43 }
44
45 boolean hasPermission = getPermissionService().hasPermission(principalId, OLEConstants.DLVR_NMSPC, permissionName);
46 finalOverridePermission = finalOverridePermission && hasPermission;
47 if (!finalOverridePermission) {
48 oleLoanForm.setOverrideFlag(true);
49 oleLoanForm.setOverrideLoginMessage("The current operator doesn't have the permissions to loan. Please ask a supervisor!");
50 break;
51 }
52 if (finalOverridePermission) {
53 oleLoanForm.setOverrideFlag(false);
54 oleLoanForm.setErrorMessage(null);
55 oleLoanForm.setNewErrorsAndPermission(null);
56 oleLoanForm.setOverridingPrincipalName("");
57 oleLoanForm.setNewPrincipalId(null);
58 }
59 }
60 }
61 }
62
63
64 public boolean hasValidOverridePermissions(CircForm circForm) {
65 Boolean finalOverridePermission = false;
66 List<String> newErrorsAndPermission = circForm.getErrorMessage().getPermissions();
67 if (null != newErrorsAndPermission) {
68 for (Iterator<String> iterator = newErrorsAndPermission.iterator(); iterator.hasNext(); ) {
69 String permissionName = iterator.next();
70 String principalId = null;
71 String loggedInPrincipalId = GlobalVariables.getUserSession().getPrincipalId();
72 if (getPermissionService().hasPermission(loggedInPrincipalId, OLEConstants.DLVR_NMSPC, permissionName)) {
73 return true;
74 } else {
75 if (StringUtils.isNotBlank(circForm.getOverridingPrincipalName())) {
76 String newPrincipalName = circForm.getOverridingPrincipalName();
77 Person supervisorForOverride = getPersonService().getPersonByPrincipalName(newPrincipalName);
78 if (null != supervisorForOverride) {
79 principalId = supervisorForOverride.getPrincipalId();
80 }
81 if (principalId != null) {
82 boolean hasPermission = getPermissionService().hasPermission(principalId, OLEConstants.DLVR_NMSPC, permissionName);
83 finalOverridePermission = hasPermission;
84 }
85 } else {
86 break;
87 }
88 }
89 }
90 }
91 return finalOverridePermission;
92 }
93
94 private PersonService getPersonService() {
95 if (null == personService) {
96 personService = SpringContext.getBean(PersonService.class);
97 }
98 return personService;
99 }
100
101 private PermissionService getPermissionService() {
102 if (null == permissionService) {
103 permissionService = KimApiServiceLocator.getPermissionService();
104 }
105 return permissionService;
106 }
107 }