View Javadoc

1   /**
2    * Copyright 2005-2011 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kim.rules.ui;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.kuali.rice.core.api.uif.RemotableAttributeError;
20  import org.kuali.rice.core.api.util.RiceKeyConstants;
21  import org.kuali.rice.kim.api.KimConstants;
22  import org.kuali.rice.kim.bo.ui.KimDocumentRoleMember;
23  import org.kuali.rice.kim.document.IdentityManagementRoleDocument;
24  import org.kuali.rice.kim.document.rule.AttributeValidationHelper;
25  import org.kuali.rice.kim.framework.services.KimFrameworkServiceLocator;
26  import org.kuali.rice.kim.framework.type.KimTypeService;
27  import org.kuali.rice.kim.rule.event.ui.AddMemberEvent;
28  import org.kuali.rice.kim.rule.ui.AddMemberRule;
29  import org.kuali.rice.krad.rules.DocumentRuleBase;
30  import org.kuali.rice.krad.util.GlobalVariables;
31  
32  import java.util.ArrayList;
33  import java.util.HashMap;
34  import java.util.List;
35  import java.util.Map;
36  
37  
38  /**
39   * This is a description of what this class does - shyu don't forget to fill this in. 
40   * 
41   * @author Kuali Rice Team (rice.collab@kuali.org)
42   *
43   */
44  public class KimDocumentMemberRule extends DocumentRuleBase implements AddMemberRule {
45  
46  	private static final String ERROR_PATH = "member.memberId";
47  
48  	protected AttributeValidationHelper attributeValidationHelper = new AttributeValidationHelper();
49  	
50  	public boolean processAddMember(AddMemberEvent addMemberEvent){
51  		KimDocumentRoleMember newMember = addMemberEvent.getMember();
52  		IdentityManagementRoleDocument document = (IdentityManagementRoleDocument)addMemberEvent.getDocument();
53  	    boolean rulePassed = true;
54  
55          if (newMember == null || StringUtils.isBlank(newMember.getMemberId())){
56              GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member"});
57              return false;
58          }
59      	if(!validAssignRole(newMember, document)) {
60      		return false;
61          }
62  		List<RemotableAttributeError> validationErrors = new ArrayList<RemotableAttributeError>();
63          KimTypeService kimTypeService = KimFrameworkServiceLocator.getKimTypeService(document.getKimType());
64          
65          Long newMemberFromTime = newMember.getActiveFromDate() == null ? 0L : newMember.getActiveFromDate().getTime();
66          Long newMemberToTime = newMember.getActiveToDate() == null ? Long.MAX_VALUE : newMember.getActiveToDate().getTime();
67          
68  		List<RemotableAttributeError> errorsAttributesAgainstExisting;
69  	    int i = 0;
70  	    Map<String, String> newMemberQualifiers;
71  	    Map<String, String> oldMemberQualifiers;
72  	    for (KimDocumentRoleMember member: document.getMembers()){
73  	    	Long memberFromTime = member.getActiveFromDate() == null ? 0L : member.getActiveFromDate().getTime();
74              Long memberToTime = member.getActiveToDate() == null ? Long.MAX_VALUE : member.getActiveToDate().getTime();
75  	    	newMemberQualifiers = attributeValidationHelper.convertQualifiersToMap(newMember.getQualifiers());
76  	    	oldMemberQualifiers = attributeValidationHelper.convertQualifiersToMap(member.getQualifiers());
77  	    	errorsAttributesAgainstExisting = kimTypeService.validateAttributesAgainstExisting(
78  	    			document.getKimType().getId(), newMemberQualifiers, oldMemberQualifiers);
79  			validationErrors.addAll(
80  					attributeValidationHelper.convertErrorsForMappedFields(ERROR_PATH, errorsAttributesAgainstExisting));
81  	    	if (!errorsAttributesAgainstExisting.isEmpty() && (member.getMemberId().equals(newMember.getMemberId()) &&
82  	    			member.getMemberTypeCode().equals(newMember.getMemberTypeCode()))
83  	    			&& ((newMemberFromTime >= memberFromTime && newMemberFromTime < memberToTime) 
84          					|| (newMemberToTime >= memberFromTime && newMemberToTime <= memberToTime))
85  	    	){
86  	            rulePassed = false;
87  	            GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_DUPLICATE_ENTRY, new String[] {"Member"});
88  	            break;
89  	    	}
90  	    	i++;
91  	    }
92  	    
93          if ( kimTypeService != null && !newMember.isRole()) {
94      		List<RemotableAttributeError> localErrors = kimTypeService.validateAttributes( document.getKimType().getId(), attributeValidationHelper.convertQualifiersToMap( newMember.getQualifiers() ) );
95  	        validationErrors.addAll( attributeValidationHelper.convertErrors("member",
96                      attributeValidationHelper.convertQualifiersToAttrIdxMap(newMember.getQualifiers()), localErrors) );
97          }
98      	if (!validationErrors.isEmpty()) {
99      		attributeValidationHelper.moveValidationErrorsToErrorMap(validationErrors);
100     		rulePassed = false;
101     	}
102 
103 		return rulePassed;
104 	} 
105 
106 	protected boolean validAssignRole(KimDocumentRoleMember roleMember, IdentityManagementRoleDocument document){
107         boolean rulePassed = true;
108 		if(StringUtils.isNotEmpty(document.getRoleNamespace())){
109 			Map<String,String> roleDetails = new HashMap<String,String>();
110 			roleDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, document.getRoleNamespace());
111 			roleDetails.put(KimConstants.AttributeConstants.ROLE_NAME, document.getRoleName());
112 			if (!getDocumentHelperService().getDocumentAuthorizer(document).isAuthorizedByTemplate(
113 					document, 
114 					KimConstants.NAMESPACE_CODE, 
115 					KimConstants.PermissionTemplateNames.ASSIGN_ROLE,
116 					GlobalVariables.getUserSession().getPerson().getPrincipalId(), 
117 					roleDetails, null)){
118 	            GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_ROLE, 
119 	            		new String[] {document.getRoleNamespace(), document.getRoleName()});
120 	            rulePassed = false;
121 			}
122 		}
123 		return rulePassed;
124 	}
125 
126 }