Coverage Report

Coverage Report - org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

BusinessObjectAuthorizerBase

0/54

0/16

1.421

 /*
  * Copyright 2007-2009 The Kuali Foundation
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kns.authorization;
 
 import java.util.HashMap;
 import java.util.Map;
 
 import org.kuali.rice.kim.bo.Person;
 import org.kuali.rice.kim.bo.impl.KimAttributes;
 import org.kuali.rice.kim.bo.types.dto.AttributeSet;
 import org.kuali.rice.kim.service.IdentityManagementService;
 import org.kuali.rice.kim.service.KIMServiceLocator;
 import org.kuali.rice.kim.service.PersonService;
 import org.kuali.rice.kim.util.KimCommonUtils;
 import org.kuali.rice.kns.bo.BusinessObject;
 import org.kuali.rice.kns.service.DataDictionaryService;
 import org.kuali.rice.kns.service.KNSServiceLocator;
 import org.kuali.rice.kns.service.KualiModuleService;
 import org.kuali.rice.kns.service.PersistenceStructureService;
 import org.kuali.rice.kns.util.GlobalVariables;
 
 public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
 //        private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
 //                        .getLogger(BusinessObjectAuthorizerBase.class);
 
         private static IdentityManagementService identityManagementService;
         private static PersonService<Person> personService;
         private static KualiModuleService kualiModuleService;
         private static DataDictionaryService dataDictionaryService;
         private static PersistenceStructureService persistenceStructureService;
 
         /**
          * Override this method to populate the role qualifier attributes from the
          * primary business object or document. This will only be called once per
          * request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            role qualifiers will be added to this map
          */
         protected void addRoleQualification(
                         BusinessObject primaryBusinessObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
         }
 
         /**
          * Override this method to populate the permission details from the primary
          * business object or document. This will only be called once per request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            permission details will be added to this map
          */
         protected void addPermissionDetails(
                         BusinessObject primaryBusinessObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
         }
 
         /**
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            attributes (i.e. role qualifications or permission details)
          *            will be added to this map
          */
         private void addStandardAttributes(
                         BusinessObject primaryBusinessObjectOrDocument,
                         Map<String, String> attributes) {
                 attributes
                                 .putAll(KimCommonUtils
                                                 .getNamespaceAndComponentSimpleName(primaryBusinessObjectOrDocument
                                                                 .getClass()));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(
                                                 namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(
                                                                 getPermissionDetailValues(businessObject)));
         }
 
         protected final boolean permissionExistsByTemplate(String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(permissionDetails));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 AttributeSet combinedPermissionDetails = new AttributeSet(
                                 getPermissionDetailValues(businessObject));
                 combinedPermissionDetails.putAll(permissionDetails);
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName, combinedPermissionDetails);
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId) {
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName,
                                 new AttributeSet(getPermissionDetailValues(businessObject)),
                                 new AttributeSet(getRoleQualification(businessObject, principalId)));
         }
 
         public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId) {
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 new AttributeSet(getPermissionDetailValues(businessObject)),
                                 new AttributeSet(getRoleQualification(businessObject, principalId)));
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = null;
                 AttributeSet permissionDetails = null;
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 } else {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 } else {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                 }
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName, permissionDetails,
                                 roleQualifiers);
         }
 
         public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = new AttributeSet(
                                 getRoleQualification(businessObject, principalId));
                 AttributeSet permissionDetails = new AttributeSet(
                                 getPermissionDetailValues(businessObject));
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 }
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 permissionDetails, roleQualifiers);
         }
 
         /**
          * Returns a role qualification map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing role qualifications
          */
         protected final Map<String, String> getRoleQualification(
                         BusinessObject primaryBusinessObjectOrDocument) {
                 return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
                                         .getUserSession().getPerson().getPrincipalId());
         }
         
         protected final Map<String, String> getRoleQualification(
                         BusinessObject primaryBusinessObjectOrDocument, String principalId) {
                         Map<String, String> roleQualification = new HashMap<String, String>();
                         addRoleQualification(primaryBusinessObjectOrDocument,
                                         roleQualification);
                         roleQualification.put(KimAttributes.PRINCIPAL_ID, principalId);
                 return roleQualification;
         }
 
 
         /**
          * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemPermissionDetails(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemRoleQualifications(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * Returns a permission details map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing permission details
          */
         protected final Map<String, String> getPermissionDetailValues(
                         BusinessObject businessObject) {
                 Map<String, String> permissionDetails = new HashMap<String, String>();
                 addPermissionDetails(businessObject, permissionDetails);
                 return permissionDetails;
         }
 
         protected static final IdentityManagementService getIdentityManagementService() {
                 if (identityManagementService == null) {
                         identityManagementService = KIMServiceLocator
                                         .getIdentityManagementService();
                 }
                 return identityManagementService;
         }
 
         protected static final PersonService<Person> getPersonService() {
                 if (personService == null) {
                         personService = KIMServiceLocator.getPersonService();
                 }
                 return personService;
         }
 
         protected static final KualiModuleService getKualiModuleService() {
                 if (kualiModuleService == null) {
                         kualiModuleService = KNSServiceLocator.getKualiModuleService();
                 }
                 return kualiModuleService;
         }
 
         protected static final DataDictionaryService getDataDictionaryService() {
                 if (dataDictionaryService == null) {
                         dataDictionaryService = KNSServiceLocator
                                         .getDataDictionaryService();
                 }
                 return dataDictionaryService;
         }
 }

1		/*
2		* Copyright 2007-2009 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kns.authorization;
17
18		import java.util.HashMap;
19		import java.util.Map;
20
21		import org.kuali.rice.kim.bo.Person;
22		import org.kuali.rice.kim.bo.impl.KimAttributes;
23		import org.kuali.rice.kim.bo.types.dto.AttributeSet;
24		import org.kuali.rice.kim.service.IdentityManagementService;
25		import org.kuali.rice.kim.service.KIMServiceLocator;
26		import org.kuali.rice.kim.service.PersonService;
27		import org.kuali.rice.kim.util.KimCommonUtils;
28		import org.kuali.rice.kns.bo.BusinessObject;
29		import org.kuali.rice.kns.service.DataDictionaryService;
30		import org.kuali.rice.kns.service.KNSServiceLocator;
31		import org.kuali.rice.kns.service.KualiModuleService;
32		import org.kuali.rice.kns.service.PersistenceStructureService;
33		import org.kuali.rice.kns.util.GlobalVariables;
34
35	0	public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
36		// private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
37		// .getLogger(BusinessObjectAuthorizerBase.class);
38
39		private static IdentityManagementService identityManagementService;
40		private static PersonService<Person> personService;
41		private static KualiModuleService kualiModuleService;
42		private static DataDictionaryService dataDictionaryService;
43		private static PersistenceStructureService persistenceStructureService;
44
45		/**
46		* Override this method to populate the role qualifier attributes from the
47		* primary business object or document. This will only be called once per
48		* request.
49		*
50		* @param primaryBusinessObjectOrDocument
51		* the primary business object (i.e. the main BO instance behind
52		* the lookup result row or inquiry) or the document
53		* @param attributes
54		* role qualifiers will be added to this map
55		*/
56		protected void addRoleQualification(
57		BusinessObject primaryBusinessObjectOrDocument,
58		Map<String, String> attributes) {
59	0	addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
60	0	}
61
62		/**
63		* Override this method to populate the permission details from the primary
64		* business object or document. This will only be called once per request.
65		*
66		* @param primaryBusinessObjectOrDocument
67		* the primary business object (i.e. the main BO instance behind
68		* the lookup result row or inquiry) or the document
69		* @param attributes
70		* permission details will be added to this map
71		*/
72		protected void addPermissionDetails(
73		BusinessObject primaryBusinessObjectOrDocument,
74		Map<String, String> attributes) {
75	0	addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
76	0	}
77
78		/**
79		* @param primaryBusinessObjectOrDocument
80		* the primary business object (i.e. the main BO instance behind
81		* the lookup result row or inquiry) or the document
82		* @param attributes
83		* attributes (i.e. role qualifications or permission details)
84		* will be added to this map
85		*/
86		private void addStandardAttributes(
87		BusinessObject primaryBusinessObjectOrDocument,
88		Map<String, String> attributes) {
89	0	attributes
90		.putAll(KimCommonUtils
91		.getNamespaceAndComponentSimpleName(primaryBusinessObjectOrDocument
92		.getClass()));
93	0	}
94
95		protected final boolean permissionExistsByTemplate(
96		BusinessObject businessObject, String namespaceCode,
97		String permissionTemplateName) {
98	0	return getIdentityManagementService()
99		.isPermissionDefinedForTemplateName(
100		namespaceCode,
101		permissionTemplateName,
102		new AttributeSet(
103		getPermissionDetailValues(businessObject)));
104		}
105
106		protected final boolean permissionExistsByTemplate(String namespaceCode,
107		String permissionTemplateName, Map<String, String> permissionDetails) {
108	0	return getIdentityManagementService()
109		.isPermissionDefinedForTemplateName(namespaceCode,
110		permissionTemplateName,
111		new AttributeSet(permissionDetails));
112		}
113
114		protected final boolean permissionExistsByTemplate(
115		BusinessObject businessObject, String namespaceCode,
116		String permissionTemplateName, Map<String, String> permissionDetails) {
117	0	AttributeSet combinedPermissionDetails = new AttributeSet(
118		getPermissionDetailValues(businessObject));
119	0	combinedPermissionDetails.putAll(permissionDetails);
120	0	return getIdentityManagementService()
121		.isPermissionDefinedForTemplateName(namespaceCode,
122		permissionTemplateName, combinedPermissionDetails);
123		}
124
125		public final boolean isAuthorized(BusinessObject businessObject,
126		String namespaceCode, String permissionName, String principalId) {
127	0	return getIdentityManagementService().isAuthorized(principalId,
128		namespaceCode, permissionName,
129		new AttributeSet(getPermissionDetailValues(businessObject)),
130		new AttributeSet(getRoleQualification(businessObject, principalId)));
131		}
132
133		public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
134		String namespaceCode, String permissionTemplateName,
135		String principalId) {
136	0	return getIdentityManagementService().isAuthorizedByTemplateName(
137		principalId, namespaceCode, permissionTemplateName,
138		new AttributeSet(getPermissionDetailValues(businessObject)),
139		new AttributeSet(getRoleQualification(businessObject, principalId)));
140		}
141
142		public final boolean isAuthorized(BusinessObject businessObject,
143		String namespaceCode, String permissionName, String principalId,
144		Map<String, String> collectionOrFieldLevelPermissionDetails,
145		Map<String, String> collectionOrFieldLevelRoleQualification) {
146	0	AttributeSet roleQualifiers = null;
147	0	AttributeSet permissionDetails = null;
148	0	if (collectionOrFieldLevelRoleQualification != null) {
149	0	roleQualifiers = new AttributeSet(
150		getRoleQualification(businessObject, principalId));
151	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
152		} else {
153	0	roleQualifiers = new AttributeSet(
154		getRoleQualification(businessObject, principalId));
155		}
156	0	if (collectionOrFieldLevelPermissionDetails != null) {
157	0	permissionDetails = new AttributeSet(
158		getPermissionDetailValues(businessObject));
159	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
160		} else {
161	0	permissionDetails = new AttributeSet(
162		getPermissionDetailValues(businessObject));
163		}
164	0	return getIdentityManagementService().isAuthorized(principalId,
165		namespaceCode, permissionName, permissionDetails,
166		roleQualifiers);
167		}
168
169		public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
170		String namespaceCode, String permissionTemplateName,
171		String principalId,
172		Map<String, String> collectionOrFieldLevelPermissionDetails,
173		Map<String, String> collectionOrFieldLevelRoleQualification) {
174	0	AttributeSet roleQualifiers = new AttributeSet(
175		getRoleQualification(businessObject, principalId));
176	0	AttributeSet permissionDetails = new AttributeSet(
177		getPermissionDetailValues(businessObject));
178	0	if (collectionOrFieldLevelRoleQualification != null) {
179	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
180		}
181	0	if (collectionOrFieldLevelPermissionDetails != null) {
182	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
183		}
184	0	return getIdentityManagementService().isAuthorizedByTemplateName(
185		principalId, namespaceCode, permissionTemplateName,
186		permissionDetails, roleQualifiers);
187		}
188
189		/**
190		* Returns a role qualification map based off data from the primary business
191		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
192		*
193		* @param primaryBusinessObjectOrDocument
194		* the primary business object (i.e. the main BO instance behind
195		* the lookup result row or inquiry) or the document
196		* @return a Map containing role qualifications
197		*/
198		protected final Map<String, String> getRoleQualification(
199		BusinessObject primaryBusinessObjectOrDocument) {
200	0	return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
201		.getUserSession().getPerson().getPrincipalId());
202		}
203
204		protected final Map<String, String> getRoleQualification(
205		BusinessObject primaryBusinessObjectOrDocument, String principalId) {
206	0	Map<String, String> roleQualification = new HashMap<String, String>();
207	0	addRoleQualification(primaryBusinessObjectOrDocument,
208		roleQualification);
209	0	roleQualification.put(KimAttributes.PRINCIPAL_ID, principalId);
210	0	return roleQualification;
211		}
212
213
214		/**
215		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
216		*/
217		public Map<String, String> getCollectionItemPermissionDetails(
218		BusinessObject collectionItemBusinessObject) {
219	0	return new AttributeSet();
220		}
221
222		/**
223		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
224		*/
225		public Map<String, String> getCollectionItemRoleQualifications(
226		BusinessObject collectionItemBusinessObject) {
227	0	return new AttributeSet();
228		}
229
230		/**
231		* Returns a permission details map based off data from the primary business
232		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
233		*
234		* @param primaryBusinessObjectOrDocument
235		* the primary business object (i.e. the main BO instance behind
236		* the lookup result row or inquiry) or the document
237		* @return a Map containing permission details
238		*/
239		protected final Map<String, String> getPermissionDetailValues(
240		BusinessObject businessObject) {
241	0	Map<String, String> permissionDetails = new HashMap<String, String>();
242	0	addPermissionDetails(businessObject, permissionDetails);
243	0	return permissionDetails;
244		}
245
246		protected static final IdentityManagementService getIdentityManagementService() {
247	0	if (identityManagementService == null) {
248	0	identityManagementService = KIMServiceLocator
249		.getIdentityManagementService();
250		}
251	0	return identityManagementService;
252		}
253
254		protected static final PersonService<Person> getPersonService() {
255	0	if (personService == null) {
256	0	personService = KIMServiceLocator.getPersonService();
257		}
258	0	return personService;
259		}
260
261		protected static final KualiModuleService getKualiModuleService() {
262	0	if (kualiModuleService == null) {
263	0	kualiModuleService = KNSServiceLocator.getKualiModuleService();
264		}
265	0	return kualiModuleService;
266		}
267
268		protected static final DataDictionaryService getDataDictionaryService() {
269	0	if (dataDictionaryService == null) {
270	0	dataDictionaryService = KNSServiceLocator
271		.getDataDictionaryService();
272		}
273	0	return dataDictionaryService;
274		}
275		}