Coverage Report

Coverage Report - org.kuali.rice.kew.doctype.DocumentTypeSecurity

Classes in this File

Line Coverage

Branch Coverage

Complexity

DocumentTypeSecurity

0/158

0/104

3.522

 /**
  * Copyright 2005-2011 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kew.doctype;
 
 import org.apache.commons.lang.StringUtils;
 import org.kuali.rice.core.api.impex.xml.XmlConstants;
 import org.kuali.rice.core.api.util.ConcreteKeyValue;
 import org.kuali.rice.core.api.util.KeyValue;
 import org.kuali.rice.kew.api.WorkflowRuntimeException;
 import org.kuali.rice.kew.api.exception.WorkflowException;
 import org.kuali.rice.kew.rule.xmlrouting.XPathHelper;
 import org.kuali.rice.kew.util.Utilities;
 import org.kuali.rice.kim.api.group.Group;
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 import org.xml.sax.InputSource;
 import org.xml.sax.SAXException;
 
 import javax.xml.parsers.DocumentBuilderFactory;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.xpath.XPath;
 import javax.xml.xpath.XPathConstants;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.Serializable;
 import java.io.StringReader;
 import java.util.ArrayList;
 import java.util.List;
 
 
 public class DocumentTypeSecurity implements Serializable {
 
   private static final long serialVersionUID = -1886779857180381404L;
 
   private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(DocumentTypeSecurity.class);
   
   private Boolean active;
 
   private Boolean initiatorOk;
   private Boolean routeLogAuthenticatedOk;
   private List<KeyValue> searchableAttributes = new ArrayList<KeyValue>();
   private List<Group> workgroups = new ArrayList<Group>();
   private List<SecurityPermissionInfo> permissions = new ArrayList<SecurityPermissionInfo>();
   private List<String> allowedRoles = new ArrayList<String>();
   private List<String> disallowedRoles = new ArrayList<String>();
   private List<String> securityAttributeExtensionNames = new ArrayList<String>();
   private List<String> securityAttributeClassNames = new ArrayList<String>();
 
   private static XPath xpath = XPathHelper.newXPath();
 
   public DocumentTypeSecurity() {}
 
   /** parse <security> XML to populate security object
    * @throws ParserConfigurationException
    * @throws IOException
    * @throws SAXException */
   public DocumentTypeSecurity(String standardApplicationId, String documentTypeSecurityXml)
   {
     try {
       if (org.apache.commons.lang.StringUtils.isEmpty(documentTypeSecurityXml)) {
         return;
       }
 
       InputSource inputSource = new InputSource(new BufferedReader(new StringReader(documentTypeSecurityXml)));
       Element securityElement = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(inputSource).getDocumentElement();
 
       String active = (String) xpath.evaluate("./@active", securityElement, XPathConstants.STRING);
       if (org.apache.commons.lang.StringUtils.isEmpty(active) || "true".equals(active.toLowerCase())) {
         // true is the default
         this.setActive(Boolean.valueOf(true));
       }
       else {
         this.setActive(Boolean.valueOf(false));
       }
 
       // there should only be one <initiator> tag
       NodeList initiatorNodes = (NodeList) xpath.evaluate("./initiator", securityElement, XPathConstants.NODESET);
       if (initiatorNodes != null && initiatorNodes.getLength()>0) {
         Node initiatorNode = initiatorNodes.item(0);
         String value = initiatorNode.getTextContent();
         if (org.apache.commons.lang.StringUtils.isEmpty(value) || value.toLowerCase().equals("true")) {
           this.setInitiatorOk(Boolean.valueOf(true));
         }
         else {
           this.initiatorOk = Boolean.valueOf(false);
         }
       }
 
       // there should only be one <routeLogAuthenticated> tag
       NodeList routeLogAuthNodes = (NodeList) xpath.evaluate("./routeLogAuthenticated", securityElement, XPathConstants.NODESET);
       if (routeLogAuthNodes != null && routeLogAuthNodes.getLength()>0) {
         Node routeLogAuthNode = routeLogAuthNodes.item(0);
         String value = routeLogAuthNode.getTextContent();
         if (org.apache.commons.lang.StringUtils.isEmpty(value) || value.toLowerCase().equals("true")) {
           this.routeLogAuthenticatedOk = Boolean.valueOf(true);
         }
         else {
           this.routeLogAuthenticatedOk = Boolean.valueOf(false);
         }
       }
 
       NodeList searchableAttributeNodes = (NodeList) xpath.evaluate("./searchableAttribute", securityElement, XPathConstants.NODESET);
       if (searchableAttributeNodes != null && searchableAttributeNodes.getLength()>0) {
         for (int i = 0; i < searchableAttributeNodes.getLength(); i++) {
           Node searchableAttributeNode = searchableAttributeNodes.item(i);
           String name = (String) xpath.evaluate("./@name", searchableAttributeNode, XPathConstants.STRING);
           String idType = (String) xpath.evaluate("./@idType", searchableAttributeNode, XPathConstants.STRING);
           if (!org.apache.commons.lang.StringUtils.isEmpty(name) && !org.apache.commons.lang.StringUtils.isEmpty(idType)) {
             KeyValue searchableAttribute = new ConcreteKeyValue(name, idType);
             searchableAttributes.add(searchableAttribute);
           }
         }
       }
 
       NodeList workgroupNodes = (NodeList) xpath.evaluate("./workgroup", securityElement, XPathConstants.NODESET);
       if (workgroupNodes != null && workgroupNodes.getLength()>0) {
             LOG.warn("Document Type Security XML is using deprecated element 'workgroup', please use 'groupName' instead.");
         for (int i = 0; i < workgroupNodes.getLength(); i++) {
           Node workgroupNode = workgroupNodes.item(i);
           String value = workgroupNode.getTextContent().trim();
           if (!org.apache.commons.lang.StringUtils.isEmpty(value)) {
                 value = Utilities.substituteConfigParameters(value);
             String namespaceCode = Utilities.parseGroupNamespaceCode(value);
             String groupName = Utilities.parseGroupName(value);
                 Group groupObject = KimApiServiceLocator.getGroupService().getGroupByNameAndNamespaceCode(namespaceCode,
                     groupName);
                 if (groupObject == null) {
                         throw new WorkflowException("Could not find group: " + value);
                 }
             workgroups.add(groupObject);
           }
         }
       }
 
       NodeList groupNodes = (NodeList) xpath.evaluate("./groupName", securityElement, XPathConstants.NODESET);
       if (groupNodes != null && groupNodes.getLength()>0) {
         for (int i = 0; i < groupNodes.getLength(); i++) {
           Node groupNode = groupNodes.item(i);
           if (groupNode.getNodeType() == Node.ELEMENT_NODE) {
                 String groupName = groupNode.getTextContent().trim();
             if (!org.apache.commons.lang.StringUtils.isEmpty(groupName)) {
               groupName = Utilities.substituteConfigParameters(groupName).trim();
               String namespaceCode = Utilities.substituteConfigParameters(((Element) groupNode).getAttribute(XmlConstants.NAMESPACE)).trim();
               Group groupObject = KimApiServiceLocator.getGroupService().getGroupByNameAndNamespaceCode(namespaceCode,
                       groupName);
               
               
               if (groupObject != null) {
                       workgroups.add(groupObject); 
               } else {
                       LOG.warn("Could not find group with name '" + groupName + "' and namespace '" + namespaceCode + "' which was defined on Document Type security");
               }
 //                if (groupObject == null) {
 //                  throw new WorkflowException("Could not find group with name '" + groupName + "' and namespace '" + namespaceCode + "'");
 //                }
          
               
             }
           }
         }
       }
 
       NodeList permissionNodes = (NodeList) xpath.evaluate("./permission", securityElement, XPathConstants.NODESET);
       if (permissionNodes != null && permissionNodes.getLength()>0) {
         for (int i = 0; i < permissionNodes.getLength(); i++) {
           Node permissionNode = permissionNodes.item(i);
           if (permissionNode.getNodeType() == Node.ELEMENT_NODE) {
                   SecurityPermissionInfo securityPermission = new SecurityPermissionInfo();
                 securityPermission.setPermissionName(Utilities.substituteConfigParameters(((Element) permissionNode).getAttribute(XmlConstants.NAME)).trim());
                 securityPermission.setPermissionNamespaceCode(Utilities.substituteConfigParameters(((Element) permissionNode).getAttribute(XmlConstants.NAMESPACE)).trim());
                 if (!StringUtils.isEmpty(securityPermission.getPermissionName()) && !StringUtils.isEmpty(securityPermission.getPermissionNamespaceCode())) {
                         //get details and qualifications
                         if (permissionNode.hasChildNodes()) {
                                 NodeList permissionChildNodes = permissionNode.getChildNodes();
                                 for (int j = 0; j <permissionChildNodes.getLength(); j++) {
                                         Node permissionChildNode = permissionChildNodes.item(j);
                                         if (permissionChildNode.getNodeType() == Node.ELEMENT_NODE) {
                                                 String childAttributeName = Utilities.substituteConfigParameters(((Element) permissionChildNode).getAttribute(XmlConstants.NAME)).trim();
                                                 String childAttributeValue = permissionChildNode.getTextContent().trim();
                                                 if (!StringUtils.isEmpty(childAttributeValue)) {
                                                         childAttributeValue = Utilities.substituteConfigParameters(childAttributeValue).trim();
                                                 }
                                                 if (!StringUtils.isEmpty(childAttributeValue)) {
                                                         childAttributeValue = Utilities.substituteConfigParameters(childAttributeValue).trim();
                                                 }
                                                 if (permissionChildNode.getNodeName().trim().equals("permissionDetail")) {
                                                         securityPermission.getPermissionDetails().put(childAttributeName, childAttributeValue);
                                                 }
                                                 if (permissionChildNode.getNodeName().trim().equals("qualification")) {
                                                         securityPermission.getQualifications().put(childAttributeName, childAttributeValue);
                                                 }
                                         }
                                 }
                         }
                         
               //if ( KimApiServiceLocator.getPermissionService().isPermissionDefined(securityPermission.getPermissionNamespaceCode(), securityPermission.getPermissionName(), securityPermission.getPermissionDetails())) {
                       permissions.add(securityPermission); 
               //} else {
                     //  LOG.warn("Could not find permission with name '" + securityPermission.getPermissionName() + "' and namespace '" + securityPermission.getPermissionNamespaceCode() + "' which was defined on Document Type security");
               //}
             }
           }
         }
       }
       
       NodeList roleNodes = (NodeList) xpath.evaluate("./role", securityElement, XPathConstants.NODESET);
       if (roleNodes != null && roleNodes.getLength()>0) {
         for (int i = 0; i < roleNodes.getLength(); i++) {
           Element roleElement = (Element)roleNodes.item(i);
           String value = roleElement.getTextContent().trim();
           String allowedValue = roleElement.getAttribute("allowed");
           if (StringUtils.isBlank(allowedValue)) {
                   allowedValue = "true";
           }
           if (!org.apache.commons.lang.StringUtils.isEmpty(value)) {
                   if (Boolean.parseBoolean(allowedValue)) {
                           allowedRoles.add(value);
                   } else {
                           disallowedRoles.add(value);
                   }
           }
         }
       }
 
       NodeList attributeNodes = (NodeList) xpath.evaluate("./securityAttribute", securityElement, XPathConstants.NODESET);
       if (attributeNodes != null && attributeNodes.getLength()>0) {
           for (int i = 0; i < attributeNodes.getLength(); i++) {
             Element attributeElement = (Element)attributeNodes.item(i);
             NamedNodeMap elemAttributes = attributeElement.getAttributes();
             // can be an attribute name or an actual classname
             String attributeOrClassName = null;
             String applicationId = standardApplicationId;
             if (elemAttributes.getNamedItem("name") != null) {
                 // found a name attribute so find the class name
                 String extensionName = elemAttributes.getNamedItem("name").getNodeValue().trim();
                 this.securityAttributeExtensionNames.add(extensionName);
             } else if (elemAttributes.getNamedItem("class") != null) {
                 // class name defined
                 String className = elemAttributes.getNamedItem("class").getNodeValue().trim();
                 this.securityAttributeClassNames.add(className);
             } else {
                 throw new WorkflowException("Cannot find attribute 'name' or attribute 'class' for securityAttribute Node");
             }
           }
         }
     } catch (Exception err) {
       throw new WorkflowRuntimeException(err);
     }
   }
 
   public List<String> getSecurityAttributeExtensionNames() {
     return this.securityAttributeExtensionNames;
   }
 
   public void setSecurityAttributeExtensionNames(List<String> securityAttributeExtensionNames) {
     this.securityAttributeExtensionNames = securityAttributeExtensionNames;
   }
 
     public List<String> getSecurityAttributeClassNames() {
         return securityAttributeClassNames;
     }
 
     public void setSecurityAttributeClassNames(List<String> securityAttributeClassNames) {
         this.securityAttributeClassNames = securityAttributeClassNames;
     }
 
     public Boolean getInitiatorOk() {
     return initiatorOk;
   }
   public void setInitiatorOk(Boolean initiatorOk) {
     this.initiatorOk = initiatorOk;
   }
 
   public Boolean getRouteLogAuthenticatedOk() {
     return routeLogAuthenticatedOk;
   }
   public void setRouteLogAuthenticatedOk(Boolean routeLogAuthenticatedOk) {
     this.routeLogAuthenticatedOk = routeLogAuthenticatedOk;
   }
 
   public List<String> getAllowedRoles() {
         return allowedRoles;
   }
 
   public void setAllowedRoles(List<String> allowedRoles) {
         this.allowedRoles = allowedRoles;
   }
 
   public List<String> getDisallowedRoles() {
         return disallowedRoles;
   }
 
   public void setDisallowedRoles(List<String> disallowedRoles) {
         this.disallowedRoles = disallowedRoles;
   }
 
   public List<KeyValue> getSearchableAttributes() {
         return searchableAttributes;
   }
 
   public void setSearchableAttributes(List<KeyValue> searchableAttributes) {
         this.searchableAttributes = searchableAttributes;
   }
 
   public List<Group> getWorkgroups() {
         return workgroups;
   }
 
   public void setWorkgroups(List<Group> workgroups) {
         this.workgroups = workgroups;
   }
   
   public List<SecurityPermissionInfo> getPermissions() {
     return this.permissions;
   }
 
   public void setPermissions(List<SecurityPermissionInfo> permissions) {
         this.permissions = permissions;
   }
 
   public Boolean getActive() {
     return active;
   }
 
   public void setActive(Boolean active) {
     this.active = active;
   }
 
   public boolean isActive() {
     if (active != null) {
       return active.booleanValue();
     }
     else {
       return false;
     }
   }
 }

1		/**
2		* Copyright 2005-2011 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kew.doctype;
17
18		import org.apache.commons.lang.StringUtils;
19		import org.kuali.rice.core.api.impex.xml.XmlConstants;
20		import org.kuali.rice.core.api.util.ConcreteKeyValue;
21		import org.kuali.rice.core.api.util.KeyValue;
22		import org.kuali.rice.kew.api.WorkflowRuntimeException;
23		import org.kuali.rice.kew.api.exception.WorkflowException;
24		import org.kuali.rice.kew.rule.xmlrouting.XPathHelper;
25		import org.kuali.rice.kew.util.Utilities;
26		import org.kuali.rice.kim.api.group.Group;
27		import org.kuali.rice.kim.api.services.KimApiServiceLocator;
28		import org.w3c.dom.Element;
29		import org.w3c.dom.NamedNodeMap;
30		import org.w3c.dom.Node;
31		import org.w3c.dom.NodeList;
32		import org.xml.sax.InputSource;
33		import org.xml.sax.SAXException;
34
35		import javax.xml.parsers.DocumentBuilderFactory;
36		import javax.xml.parsers.ParserConfigurationException;
37		import javax.xml.xpath.XPath;
38		import javax.xml.xpath.XPathConstants;
39		import java.io.BufferedReader;
40		import java.io.IOException;
41		import java.io.Serializable;
42		import java.io.StringReader;
43		import java.util.ArrayList;
44		import java.util.List;
45
46
47		public class DocumentTypeSecurity implements Serializable {
48
49		private static final long serialVersionUID = -1886779857180381404L;
50
51	0	private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(DocumentTypeSecurity.class);
52
53		private Boolean active;
54
55		private Boolean initiatorOk;
56		private Boolean routeLogAuthenticatedOk;
57	0	private List<KeyValue> searchableAttributes = new ArrayList<KeyValue>();
58	0	private List<Group> workgroups = new ArrayList<Group>();
59	0	private List<SecurityPermissionInfo> permissions = new ArrayList<SecurityPermissionInfo>();
60	0	private List<String> allowedRoles = new ArrayList<String>();
61	0	private List<String> disallowedRoles = new ArrayList<String>();
62	0	private List<String> securityAttributeExtensionNames = new ArrayList<String>();
63	0	private List<String> securityAttributeClassNames = new ArrayList<String>();
64
65	0	private static XPath xpath = XPathHelper.newXPath();
66
67	0	public DocumentTypeSecurity() {}
68
69		/** parse <security> XML to populate security object
70		* @throws ParserConfigurationException
71		* @throws IOException
72		* @throws SAXException */
73		public DocumentTypeSecurity(String standardApplicationId, String documentTypeSecurityXml)
74	0	{
75		try {
76	0	if (org.apache.commons.lang.StringUtils.isEmpty(documentTypeSecurityXml)) {
77	0	return;
78		}
79
80	0	InputSource inputSource = new InputSource(new BufferedReader(new StringReader(documentTypeSecurityXml)));
81	0	Element securityElement = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(inputSource).getDocumentElement();
82
83	0	String active = (String) xpath.evaluate("./@active", securityElement, XPathConstants.STRING);
84	0	if (org.apache.commons.lang.StringUtils.isEmpty(active) \|\| "true".equals(active.toLowerCase())) {
85		// true is the default
86	0	this.setActive(Boolean.valueOf(true));
87		}
88		else {
89	0	this.setActive(Boolean.valueOf(false));
90		}
91
92		// there should only be one <initiator> tag
93	0	NodeList initiatorNodes = (NodeList) xpath.evaluate("./initiator", securityElement, XPathConstants.NODESET);
94	0	if (initiatorNodes != null && initiatorNodes.getLength()>0) {
95	0	Node initiatorNode = initiatorNodes.item(0);
96	0	String value = initiatorNode.getTextContent();
97	0	if (org.apache.commons.lang.StringUtils.isEmpty(value) \|\| value.toLowerCase().equals("true")) {
98	0	this.setInitiatorOk(Boolean.valueOf(true));
99		}
100		else {
101	0	this.initiatorOk = Boolean.valueOf(false);
102		}
103		}
104
105		// there should only be one <routeLogAuthenticated> tag
106	0	NodeList routeLogAuthNodes = (NodeList) xpath.evaluate("./routeLogAuthenticated", securityElement, XPathConstants.NODESET);
107	0	if (routeLogAuthNodes != null && routeLogAuthNodes.getLength()>0) {
108	0	Node routeLogAuthNode = routeLogAuthNodes.item(0);
109	0	String value = routeLogAuthNode.getTextContent();
110	0	if (org.apache.commons.lang.StringUtils.isEmpty(value) \|\| value.toLowerCase().equals("true")) {
111	0	this.routeLogAuthenticatedOk = Boolean.valueOf(true);
112		}
113		else {
114	0	this.routeLogAuthenticatedOk = Boolean.valueOf(false);
115		}
116		}
117
118	0	NodeList searchableAttributeNodes = (NodeList) xpath.evaluate("./searchableAttribute", securityElement, XPathConstants.NODESET);
119	0	if (searchableAttributeNodes != null && searchableAttributeNodes.getLength()>0) {
120	0	for (int i = 0; i < searchableAttributeNodes.getLength(); i++) {
121	0	Node searchableAttributeNode = searchableAttributeNodes.item(i);
122	0	String name = (String) xpath.evaluate("./@name", searchableAttributeNode, XPathConstants.STRING);
123	0	String idType = (String) xpath.evaluate("./@idType", searchableAttributeNode, XPathConstants.STRING);
124	0	if (!org.apache.commons.lang.StringUtils.isEmpty(name) && !org.apache.commons.lang.StringUtils.isEmpty(idType)) {
125	0	KeyValue searchableAttribute = new ConcreteKeyValue(name, idType);
126	0	searchableAttributes.add(searchableAttribute);
127		}
128		}
129		}
130
131	0	NodeList workgroupNodes = (NodeList) xpath.evaluate("./workgroup", securityElement, XPathConstants.NODESET);
132	0	if (workgroupNodes != null && workgroupNodes.getLength()>0) {
133	0	LOG.warn("Document Type Security XML is using deprecated element 'workgroup', please use 'groupName' instead.");
134	0	for (int i = 0; i < workgroupNodes.getLength(); i++) {
135	0	Node workgroupNode = workgroupNodes.item(i);
136	0	String value = workgroupNode.getTextContent().trim();
137	0	if (!org.apache.commons.lang.StringUtils.isEmpty(value)) {
138	0	value = Utilities.substituteConfigParameters(value);
139	0	String namespaceCode = Utilities.parseGroupNamespaceCode(value);
140	0	String groupName = Utilities.parseGroupName(value);
141	0	Group groupObject = KimApiServiceLocator.getGroupService().getGroupByNameAndNamespaceCode(namespaceCode,
142		groupName);
143	0	if (groupObject == null) {
144	0	throw new WorkflowException("Could not find group: " + value);
145		}
146	0	workgroups.add(groupObject);
147		}
148		}
149		}
150
151	0	NodeList groupNodes = (NodeList) xpath.evaluate("./groupName", securityElement, XPathConstants.NODESET);
152	0	if (groupNodes != null && groupNodes.getLength()>0) {
153	0	for (int i = 0; i < groupNodes.getLength(); i++) {
154	0	Node groupNode = groupNodes.item(i);
155	0	if (groupNode.getNodeType() == Node.ELEMENT_NODE) {
156	0	String groupName = groupNode.getTextContent().trim();
157	0	if (!org.apache.commons.lang.StringUtils.isEmpty(groupName)) {
158	0	groupName = Utilities.substituteConfigParameters(groupName).trim();
159	0	String namespaceCode = Utilities.substituteConfigParameters(((Element) groupNode).getAttribute(XmlConstants.NAMESPACE)).trim();
160	0	Group groupObject = KimApiServiceLocator.getGroupService().getGroupByNameAndNamespaceCode(namespaceCode,
161		groupName);
162
163
164	0	if (groupObject != null) {
165	0	workgroups.add(groupObject);
166		} else {
167	0	LOG.warn("Could not find group with name '" + groupName + "' and namespace '" + namespaceCode + "' which was defined on Document Type security");
168		}
169		// if (groupObject == null) {
170		// throw new WorkflowException("Could not find group with name '" + groupName + "' and namespace '" + namespaceCode + "'");
171		// }
172
173
174		}
175		}
176		}
177		}
178
179	0	NodeList permissionNodes = (NodeList) xpath.evaluate("./permission", securityElement, XPathConstants.NODESET);
180	0	if (permissionNodes != null && permissionNodes.getLength()>0) {
181	0	for (int i = 0; i < permissionNodes.getLength(); i++) {
182	0	Node permissionNode = permissionNodes.item(i);
183	0	if (permissionNode.getNodeType() == Node.ELEMENT_NODE) {
184	0	SecurityPermissionInfo securityPermission = new SecurityPermissionInfo();
185	0	securityPermission.setPermissionName(Utilities.substituteConfigParameters(((Element) permissionNode).getAttribute(XmlConstants.NAME)).trim());
186	0	securityPermission.setPermissionNamespaceCode(Utilities.substituteConfigParameters(((Element) permissionNode).getAttribute(XmlConstants.NAMESPACE)).trim());
187	0	if (!StringUtils.isEmpty(securityPermission.getPermissionName()) && !StringUtils.isEmpty(securityPermission.getPermissionNamespaceCode())) {
188		//get details and qualifications
189	0	if (permissionNode.hasChildNodes()) {
190	0	NodeList permissionChildNodes = permissionNode.getChildNodes();
191	0	for (int j = 0; j <permissionChildNodes.getLength(); j++) {
192	0	Node permissionChildNode = permissionChildNodes.item(j);
193	0	if (permissionChildNode.getNodeType() == Node.ELEMENT_NODE) {
194	0	String childAttributeName = Utilities.substituteConfigParameters(((Element) permissionChildNode).getAttribute(XmlConstants.NAME)).trim();
195	0	String childAttributeValue = permissionChildNode.getTextContent().trim();
196	0	if (!StringUtils.isEmpty(childAttributeValue)) {
197	0	childAttributeValue = Utilities.substituteConfigParameters(childAttributeValue).trim();
198		}
199	0	if (!StringUtils.isEmpty(childAttributeValue)) {
200	0	childAttributeValue = Utilities.substituteConfigParameters(childAttributeValue).trim();
201		}
202	0	if (permissionChildNode.getNodeName().trim().equals("permissionDetail")) {
203	0	securityPermission.getPermissionDetails().put(childAttributeName, childAttributeValue);
204		}
205	0	if (permissionChildNode.getNodeName().trim().equals("qualification")) {
206	0	securityPermission.getQualifications().put(childAttributeName, childAttributeValue);
207		}
208		}
209		}
210		}
211
212		//if ( KimApiServiceLocator.getPermissionService().isPermissionDefined(securityPermission.getPermissionNamespaceCode(), securityPermission.getPermissionName(), securityPermission.getPermissionDetails())) {
213	0	permissions.add(securityPermission);
214		//} else {
215		// LOG.warn("Could not find permission with name '" + securityPermission.getPermissionName() + "' and namespace '" + securityPermission.getPermissionNamespaceCode() + "' which was defined on Document Type security");
216		//}
217		}
218		}
219		}
220		}
221
222	0	NodeList roleNodes = (NodeList) xpath.evaluate("./role", securityElement, XPathConstants.NODESET);
223	0	if (roleNodes != null && roleNodes.getLength()>0) {
224	0	for (int i = 0; i < roleNodes.getLength(); i++) {
225	0	Element roleElement = (Element)roleNodes.item(i);
226	0	String value = roleElement.getTextContent().trim();
227	0	String allowedValue = roleElement.getAttribute("allowed");
228	0	if (StringUtils.isBlank(allowedValue)) {
229	0	allowedValue = "true";
230		}
231	0	if (!org.apache.commons.lang.StringUtils.isEmpty(value)) {
232	0	if (Boolean.parseBoolean(allowedValue)) {
233	0	allowedRoles.add(value);
234		} else {
235	0	disallowedRoles.add(value);
236		}
237		}
238		}
239		}
240
241	0	NodeList attributeNodes = (NodeList) xpath.evaluate("./securityAttribute", securityElement, XPathConstants.NODESET);
242	0	if (attributeNodes != null && attributeNodes.getLength()>0) {
243	0	for (int i = 0; i < attributeNodes.getLength(); i++) {
244	0	Element attributeElement = (Element)attributeNodes.item(i);
245	0	NamedNodeMap elemAttributes = attributeElement.getAttributes();
246		// can be an attribute name or an actual classname
247	0	String attributeOrClassName = null;
248	0	String applicationId = standardApplicationId;
249	0	if (elemAttributes.getNamedItem("name") != null) {
250		// found a name attribute so find the class name
251	0	String extensionName = elemAttributes.getNamedItem("name").getNodeValue().trim();
252	0	this.securityAttributeExtensionNames.add(extensionName);
253	0	} else if (elemAttributes.getNamedItem("class") != null) {
254		// class name defined
255	0	String className = elemAttributes.getNamedItem("class").getNodeValue().trim();
256	0	this.securityAttributeClassNames.add(className);
257	0	} else {
258	0	throw new WorkflowException("Cannot find attribute 'name' or attribute 'class' for securityAttribute Node");
259		}
260		}
261		}
262	0	} catch (Exception err) {
263	0	throw new WorkflowRuntimeException(err);
264	0	}
265	0	}
266
267		public List<String> getSecurityAttributeExtensionNames() {
268	0	return this.securityAttributeExtensionNames;
269		}
270
271		public void setSecurityAttributeExtensionNames(List<String> securityAttributeExtensionNames) {
272	0	this.securityAttributeExtensionNames = securityAttributeExtensionNames;
273	0	}
274
275		public List<String> getSecurityAttributeClassNames() {
276	0	return securityAttributeClassNames;
277		}
278
279		public void setSecurityAttributeClassNames(List<String> securityAttributeClassNames) {
280	0	this.securityAttributeClassNames = securityAttributeClassNames;
281	0	}
282
283		public Boolean getInitiatorOk() {
284	0	return initiatorOk;
285		}
286		public void setInitiatorOk(Boolean initiatorOk) {
287	0	this.initiatorOk = initiatorOk;
288	0	}
289
290		public Boolean getRouteLogAuthenticatedOk() {
291	0	return routeLogAuthenticatedOk;
292		}
293		public void setRouteLogAuthenticatedOk(Boolean routeLogAuthenticatedOk) {
294	0	this.routeLogAuthenticatedOk = routeLogAuthenticatedOk;
295	0	}
296
297		public List<String> getAllowedRoles() {
298	0	return allowedRoles;
299		}
300
301		public void setAllowedRoles(List<String> allowedRoles) {
302	0	this.allowedRoles = allowedRoles;
303	0	}
304
305		public List<String> getDisallowedRoles() {
306	0	return disallowedRoles;
307		}
308
309		public void setDisallowedRoles(List<String> disallowedRoles) {
310	0	this.disallowedRoles = disallowedRoles;
311	0	}
312
313		public List<KeyValue> getSearchableAttributes() {
314	0	return searchableAttributes;
315		}
316
317		public void setSearchableAttributes(List<KeyValue> searchableAttributes) {
318	0	this.searchableAttributes = searchableAttributes;
319	0	}
320
321		public List<Group> getWorkgroups() {
322	0	return workgroups;
323		}
324
325		public void setWorkgroups(List<Group> workgroups) {
326	0	this.workgroups = workgroups;
327	0	}
328
329		public List<SecurityPermissionInfo> getPermissions() {
330	0	return this.permissions;
331		}
332
333		public void setPermissions(List<SecurityPermissionInfo> permissions) {
334	0	this.permissions = permissions;
335	0	}
336
337		public Boolean getActive() {
338	0	return active;
339		}
340
341		public void setActive(Boolean active) {
342	0	this.active = active;
343	0	}
344
345		public boolean isActive() {
346	0	if (active != null) {
347	0	return active.booleanValue();
348		}
349		else {
350	0	return false;
351		}
352		}
353		}