Coverage Report

Coverage Report - org.kuali.rice.krad.uif.authorization.AuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

AuthorizerBase

0/54

0/16

1.381

 /**
  * Copyright 2005-2011 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.krad.uif.authorization;
 
 import org.kuali.rice.kim.api.KimConstants;
 import org.kuali.rice.kim.api.identity.Person;
 import org.kuali.rice.kim.api.identity.PersonService;
 import org.kuali.rice.kim.api.permission.PermissionService;
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 import org.kuali.rice.krad.service.DataDictionaryService;
 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
 import org.kuali.rice.krad.service.KualiModuleService;
 import org.kuali.rice.krad.util.GlobalVariables;
 import org.kuali.rice.krad.util.KRADUtils;
 import org.kuali.rice.krad.web.form.UifFormBase;
 
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 
 /**
  * @author Kuali Rice Team (rice.collab@kuali.org)
  */
 public class AuthorizerBase implements Authorizer {
 
     private static PermissionService permissionService;
     private static PersonService personService;
     private static KualiModuleService kualiModuleService;
     private static DataDictionaryService dataDictionaryService;
 
     /**
      * @see org.kuali.rice.krad.uif.authorization.Authorizer#getActionFlags(org.kuali.rice.krad.web.form.UifFormBase,
      *      org.kuali.rice.kim.api.identity.Person, java.util.Set)
      */
     public Set<String> getActionFlags(UifFormBase model, Person user, Set<String> documentActions) {
         return documentActions;
     }
 
     /**
      * @see org.kuali.rice.krad.uif.authorization.Authorizer#getEditModes(org.kuali.rice.krad.web.form.UifFormBase,
      *      org.kuali.rice.kim.api.identity.Person, java.util.Set)
      */
     public Set<String> getEditModes(UifFormBase model, Person user, Set<String> editModes) {
         return editModes;
     }
 
     /**
      * @see org.kuali.rice.krad.uif.authorization.Authorizer#getSecurePotentiallyHiddenGroupIds()
      */
     public Set<String> getSecurePotentiallyHiddenGroupIds() {
         return new HashSet<String>();
     }
 
     /**
      * @see org.kuali.rice.krad.uif.authorization.Authorizer#getSecurePotentiallyReadOnlyGroupIds()
      */
     public Set<String> getSecurePotentiallyReadOnlyGroupIds() {
         return new HashSet<String>();
     }
 
     /**
      * Override this method to populate the role qualifier attributes from the
      * primary data object or document. This will only be called once per
      * request.
      * 
      * @param primaryDataObjectOrDocument
      *            - the primary data object (i.e. the main object instance
      *            behind the lookup result row or inquiry) or the document
      * @param attributes
      *            - role qualifiers will be added to this map
      */
     protected void addRoleQualification(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
         addStandardAttributes(primaryDataObjectOrDocument, attributes);
     }
 
     /**
      * Override this method to populate the permission details from the primary
      * data object or document. This will only be called once per request.
      * 
      * @param primaryDataObjectOrDocument
      *            - the primary data object (i.e. the main object instance
      *            behind the lookup result row or inquiry) or the document
      * @param attributes
      *            - permission details will be added to this map
      */
     protected void addPermissionDetails(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
         addStandardAttributes(primaryDataObjectOrDocument, attributes);
     }
 
     /**
      * @param primaryDataObjectOrDocument
      *            - the primary data object (i.e. the main object instance
      *            behind the lookup result row or inquiry) or the document
      * @param attributes
      *            - attributes (i.e. role qualifications or permission details)
      *            will be added to this map
      */
     private void addStandardAttributes(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
         attributes.putAll(KRADUtils.getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument.getClass()));
     }
 
     protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode,
             String permissionTemplateName) {
         return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
                 new HashMap<String, String>(getPermissionDetailValues(dataObject)));
     }
 
     protected final boolean permissionExistsByTemplate(String namespaceCode, String permissionTemplateName,
             Map<String, String> permissionDetails) {
         return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
                 new HashMap<String, String>(permissionDetails));
     }
 
     protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode,
             String permissionTemplateName, Map<String, String> permissionDetails) {
         Map<String, String> combinedPermissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
         combinedPermissionDetails.putAll(permissionDetails);
 
         return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
                 combinedPermissionDetails);
     }
 
     public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId) {
         return getPermissionService().isAuthorized(principalId, namespaceCode, permissionName,
                 new HashMap<String, String>(getPermissionDetailValues(dataObject)),
                 new HashMap<String, String>(getRoleQualification(dataObject, principalId)));
     }
 
     public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
             String principalId) {
         return getPermissionService().isAuthorizedByTemplateName(principalId, namespaceCode,
                 permissionTemplateName, new HashMap<String, String>(getPermissionDetailValues(dataObject)),
                 new HashMap<String, String>((getRoleQualification(dataObject, principalId))));
     }
 
     public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName,
             String principalId, Map<String, String> collectionOrFieldLevelPermissionDetails,
             Map<String, String> collectionOrFieldLevelRoleQualification) {
         Map<String, String> roleQualifiers;
         Map<String, String> permissionDetails;
         if (collectionOrFieldLevelRoleQualification != null) {
             roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
             roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
         }
         else {
             roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
         }
         if (collectionOrFieldLevelPermissionDetails != null) {
             permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
             permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
         }
         else {
             permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
         }
 
         return getPermissionService().isAuthorized(principalId, namespaceCode, permissionName,
                 permissionDetails, roleQualifiers);
     }
 
     public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
             String principalId, Map<String, String> collectionOrFieldLevelPermissionDetails,
             Map<String, String> collectionOrFieldLevelRoleQualification) {
         Map<String, String> roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
         Map<String, String> permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
 
         if (collectionOrFieldLevelRoleQualification != null) {
             roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
         }
         if (collectionOrFieldLevelPermissionDetails != null) {
             permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
         }
 
         return getPermissionService().isAuthorizedByTemplateName(principalId, namespaceCode,
                 permissionTemplateName, permissionDetails, roleQualifiers);
     }
 
     /**
      * Returns a role qualification map based off data from the primary business
      * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      * 
      * @param primaryDataObjectOrDocument
      *            the primary data object (i.e. the main object instance behind
      *            the lookup result row or inquiry) or the document
      * @return a Map containing role qualifications
      */
     protected final Map<String, String> getRoleQualification(Object primaryDataObjectOrDocument) {
         return getRoleQualification(primaryDataObjectOrDocument, GlobalVariables.getUserSession().getPerson()
                 .getPrincipalId());
     }
 
     protected final Map<String, String> getRoleQualification(Object primaryDataObjectOrDocument, String principalId) {
         Map<String, String> roleQualification = new HashMap<String, String>();
         addRoleQualification(primaryDataObjectOrDocument, roleQualification);
         roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
 
         return roleQualification;
     }
 
     /**
      * Returns a permission details map based off data from the primary business
      * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      * 
      * @param primaryDataObjectOrDocument
      *            the primary data object (i.e. the main object instance behind
      *            the lookup result row or inquiry) or the document
      * @return a Map containing permission details
      */
     protected final Map<String, String> getPermissionDetailValues(Object primaryDataObjectOrDocument) {
         Map<String, String> permissionDetails = new HashMap<String, String>();
         addPermissionDetails(primaryDataObjectOrDocument, permissionDetails);
 
         return permissionDetails;
     }
 
     protected static final PermissionService getPermissionService() {
         if (permissionService == null) {
             permissionService = KimApiServiceLocator.getPermissionService();
         }
         return permissionService;
     }
 
     protected static final PersonService getPersonService() {
         if (personService == null) {
             personService = KimApiServiceLocator.getPersonService();
         }
         return personService;
     }
 
     protected static final KualiModuleService getKualiModuleService() {
         if (kualiModuleService == null) {
             kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
         }
         return kualiModuleService;
     }
 
     protected static final DataDictionaryService getDataDictionaryService() {
         if (dataDictionaryService == null) {
             dataDictionaryService = KRADServiceLocatorWeb.getDataDictionaryService();
         }
         return dataDictionaryService;
     }
 
 }

1		/**
2		* Copyright 2005-2011 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.krad.uif.authorization;
17
18		import org.kuali.rice.kim.api.KimConstants;
19		import org.kuali.rice.kim.api.identity.Person;
20		import org.kuali.rice.kim.api.identity.PersonService;
21		import org.kuali.rice.kim.api.permission.PermissionService;
22		import org.kuali.rice.kim.api.services.KimApiServiceLocator;
23		import org.kuali.rice.krad.service.DataDictionaryService;
24		import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
25		import org.kuali.rice.krad.service.KualiModuleService;
26		import org.kuali.rice.krad.util.GlobalVariables;
27		import org.kuali.rice.krad.util.KRADUtils;
28		import org.kuali.rice.krad.web.form.UifFormBase;
29
30		import java.util.HashMap;
31		import java.util.HashSet;
32		import java.util.Map;
33		import java.util.Set;
34
35		/**
36		* @author Kuali Rice Team (rice.collab@kuali.org)
37		*/
38	0	public class AuthorizerBase implements Authorizer {
39
40		private static PermissionService permissionService;
41		private static PersonService personService;
42		private static KualiModuleService kualiModuleService;
43		private static DataDictionaryService dataDictionaryService;
44
45		/**
46		* @see org.kuali.rice.krad.uif.authorization.Authorizer#getActionFlags(org.kuali.rice.krad.web.form.UifFormBase,
47		* org.kuali.rice.kim.api.identity.Person, java.util.Set)
48		*/
49		public Set<String> getActionFlags(UifFormBase model, Person user, Set<String> documentActions) {
50	0	return documentActions;
51		}
52
53		/**
54		* @see org.kuali.rice.krad.uif.authorization.Authorizer#getEditModes(org.kuali.rice.krad.web.form.UifFormBase,
55		* org.kuali.rice.kim.api.identity.Person, java.util.Set)
56		*/
57		public Set<String> getEditModes(UifFormBase model, Person user, Set<String> editModes) {
58	0	return editModes;
59		}
60
61		/**
62		* @see org.kuali.rice.krad.uif.authorization.Authorizer#getSecurePotentiallyHiddenGroupIds()
63		*/
64		public Set<String> getSecurePotentiallyHiddenGroupIds() {
65	0	return new HashSet<String>();
66		}
67
68		/**
69		* @see org.kuali.rice.krad.uif.authorization.Authorizer#getSecurePotentiallyReadOnlyGroupIds()
70		*/
71		public Set<String> getSecurePotentiallyReadOnlyGroupIds() {
72	0	return new HashSet<String>();
73		}
74
75		/**
76		* Override this method to populate the role qualifier attributes from the
77		* primary data object or document. This will only be called once per
78		* request.
79		*
80		* @param primaryDataObjectOrDocument
81		* - the primary data object (i.e. the main object instance
82		* behind the lookup result row or inquiry) or the document
83		* @param attributes
84		* - role qualifiers will be added to this map
85		*/
86		protected void addRoleQualification(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
87	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
88	0	}
89
90		/**
91		* Override this method to populate the permission details from the primary
92		* data object or document. This will only be called once per request.
93		*
94		* @param primaryDataObjectOrDocument
95		* - the primary data object (i.e. the main object instance
96		* behind the lookup result row or inquiry) or the document
97		* @param attributes
98		* - permission details will be added to this map
99		*/
100		protected void addPermissionDetails(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
101	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
102	0	}
103
104		/**
105		* @param primaryDataObjectOrDocument
106		* - the primary data object (i.e. the main object instance
107		* behind the lookup result row or inquiry) or the document
108		* @param attributes
109		* - attributes (i.e. role qualifications or permission details)
110		* will be added to this map
111		*/
112		private void addStandardAttributes(Object primaryDataObjectOrDocument, Map<String, String> attributes) {
113	0	attributes.putAll(KRADUtils.getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument.getClass()));
114	0	}
115
116		protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode,
117		String permissionTemplateName) {
118	0	return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
119		new HashMap<String, String>(getPermissionDetailValues(dataObject)));
120		}
121
122		protected final boolean permissionExistsByTemplate(String namespaceCode, String permissionTemplateName,
123		Map<String, String> permissionDetails) {
124	0	return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
125		new HashMap<String, String>(permissionDetails));
126		}
127
128		protected final boolean permissionExistsByTemplate(Object dataObject, String namespaceCode,
129		String permissionTemplateName, Map<String, String> permissionDetails) {
130	0	Map<String, String> combinedPermissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
131	0	combinedPermissionDetails.putAll(permissionDetails);
132
133	0	return getPermissionService().isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName,
134		combinedPermissionDetails);
135		}
136
137		public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId) {
138	0	return getPermissionService().isAuthorized(principalId, namespaceCode, permissionName,
139		new HashMap<String, String>(getPermissionDetailValues(dataObject)),
140		new HashMap<String, String>(getRoleQualification(dataObject, principalId)));
141		}
142
143		public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
144		String principalId) {
145	0	return getPermissionService().isAuthorizedByTemplateName(principalId, namespaceCode,
146		permissionTemplateName, new HashMap<String, String>(getPermissionDetailValues(dataObject)),
147		new HashMap<String, String>((getRoleQualification(dataObject, principalId))));
148		}
149
150		public final boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName,
151		String principalId, Map<String, String> collectionOrFieldLevelPermissionDetails,
152		Map<String, String> collectionOrFieldLevelRoleQualification) {
153		Map<String, String> roleQualifiers;
154		Map<String, String> permissionDetails;
155	0	if (collectionOrFieldLevelRoleQualification != null) {
156	0	roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
157	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
158		}
159		else {
160	0	roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
161		}
162	0	if (collectionOrFieldLevelPermissionDetails != null) {
163	0	permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
164	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
165		}
166		else {
167	0	permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
168		}
169
170	0	return getPermissionService().isAuthorized(principalId, namespaceCode, permissionName,
171		permissionDetails, roleQualifiers);
172		}
173
174		public final boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName,
175		String principalId, Map<String, String> collectionOrFieldLevelPermissionDetails,
176		Map<String, String> collectionOrFieldLevelRoleQualification) {
177	0	Map<String, String> roleQualifiers = new HashMap<String, String>(getRoleQualification(dataObject, principalId));
178	0	Map<String, String> permissionDetails = new HashMap<String, String>(getPermissionDetailValues(dataObject));
179
180	0	if (collectionOrFieldLevelRoleQualification != null) {
181	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
182		}
183	0	if (collectionOrFieldLevelPermissionDetails != null) {
184	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
185		}
186
187	0	return getPermissionService().isAuthorizedByTemplateName(principalId, namespaceCode,
188		permissionTemplateName, permissionDetails, roleQualifiers);
189		}
190
191		/**
192		* Returns a role qualification map based off data from the primary business
193		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
194		*
195		* @param primaryDataObjectOrDocument
196		* the primary data object (i.e. the main object instance behind
197		* the lookup result row or inquiry) or the document
198		* @return a Map containing role qualifications
199		*/
200		protected final Map<String, String> getRoleQualification(Object primaryDataObjectOrDocument) {
201	0	return getRoleQualification(primaryDataObjectOrDocument, GlobalVariables.getUserSession().getPerson()
202		.getPrincipalId());
203		}
204
205		protected final Map<String, String> getRoleQualification(Object primaryDataObjectOrDocument, String principalId) {
206	0	Map<String, String> roleQualification = new HashMap<String, String>();
207	0	addRoleQualification(primaryDataObjectOrDocument, roleQualification);
208	0	roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
209
210	0	return roleQualification;
211		}
212
213		/**
214		* Returns a permission details map based off data from the primary business
215		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
216		*
217		* @param primaryDataObjectOrDocument
218		* the primary data object (i.e. the main object instance behind
219		* the lookup result row or inquiry) or the document
220		* @return a Map containing permission details
221		*/
222		protected final Map<String, String> getPermissionDetailValues(Object primaryDataObjectOrDocument) {
223	0	Map<String, String> permissionDetails = new HashMap<String, String>();
224	0	addPermissionDetails(primaryDataObjectOrDocument, permissionDetails);
225
226	0	return permissionDetails;
227		}
228
229		protected static final PermissionService getPermissionService() {
230	0	if (permissionService == null) {
231	0	permissionService = KimApiServiceLocator.getPermissionService();
232		}
233	0	return permissionService;
234		}
235
236		protected static final PersonService getPersonService() {
237	0	if (personService == null) {
238	0	personService = KimApiServiceLocator.getPersonService();
239		}
240	0	return personService;
241		}
242
243		protected static final KualiModuleService getKualiModuleService() {
244	0	if (kualiModuleService == null) {
245	0	kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
246		}
247	0	return kualiModuleService;
248		}
249
250		protected static final DataDictionaryService getDataDictionaryService() {
251	0	if (dataDictionaryService == null) {
252	0	dataDictionaryService = KRADServiceLocatorWeb.getDataDictionaryService();
253		}
254	0	return dataDictionaryService;
255		}
256
257		}