001 /**
002 * Copyright 2005-2011 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.rice.krad.web.controller;
017
018 import java.util.HashMap;
019 import java.util.Map;
020
021 import javax.servlet.http.HttpServletRequest;
022 import javax.servlet.http.HttpServletResponse;
023
024 import org.apache.commons.lang.StringUtils;
025 import org.apache.log4j.Logger;
026 import org.kuali.rice.core.framework.parameter.ParameterService;
027 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
028 import org.kuali.rice.kim.api.KimConstants;
029 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
030 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
031 import org.kuali.rice.krad.service.KualiModuleService;
032 import org.kuali.rice.krad.service.ModuleService;
033 import org.kuali.rice.krad.util.GlobalVariables;
034 import org.kuali.rice.krad.util.KRADConstants;
035 import org.springframework.web.servlet.HandlerInterceptor;
036 import org.springframework.web.servlet.ModelAndView;
037
038 /**
039 * TODO jawbenne don't forget to fill this in.
040 *
041 * @author Kuali Rice Team (rice.collab@kuali.org)
042 */
043 public class ModuleLockingHandlerInterceptor implements HandlerInterceptor {
044
045 private static final Logger LOG = Logger.getLogger(ModuleLockingHandlerInterceptor.class);
046
047
048 private KualiModuleService kualiModuleService;
049 private String moduleLockedMapping;
050
051 /**
052 * @return the moduleLockedMapping
053 */
054 public String getModuleLockedMapping() {
055 return this.moduleLockedMapping;
056 }
057
058 /**
059 * @param moduleLockedMapping the moduleLockedMapping to set
060 */
061 public void setModuleLockedMapping(String moduleLockedMapping) {
062 this.moduleLockedMapping = moduleLockedMapping;
063 }
064
065 /**
066 * @param kualiModuleService the kualiModuleService to set
067 */
068 public void setKualiModuleService(KualiModuleService kualiModuleService) {
069 this.kualiModuleService = kualiModuleService;
070 }
071
072 /**
073 * This overridden method ...
074 *
075 * @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception)
076 */
077 @Override
078 public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception exception) throws Exception {
079 // do nothing
080 }
081
082 /**
083 * This overridden method ...
084 *
085 * @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView)
086 */
087 @Override
088 public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndview)
089 throws Exception {
090 // do nothing
091 }
092
093 /**
094 * This overridden method ...
095 *
096 * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object)
097 */
098 @Override
099 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
100 if(isModuleLocked(request)) {
101 response.sendRedirect(this.getModuleLockedMapping() + "?" + ModuleLockedController.MODULE_PARAMETER + "=" + getModuleService(request).getModuleConfiguration().getNamespaceCode());
102 }
103 return true;
104 }
105
106 private ModuleService getModuleService(HttpServletRequest request) {
107 String boClass = request.getParameter(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE);
108 if(StringUtils.isBlank(boClass)) {
109 boClass= request.getParameter(KRADConstants.DATA_OBJECT_CLASS_ATTRIBUTE);
110 }
111 ModuleService moduleService = null;
112 if(StringUtils.isNotBlank(boClass)) {
113 try {
114 moduleService = getKualiModuleService().getResponsibleModuleService(Class.forName(boClass));
115 } catch (ClassNotFoundException classNotFoundException) {
116 LOG.warn("BO class not found: " + boClass, classNotFoundException);
117 }
118 } else {
119 moduleService = getKualiModuleService().getResponsibleModuleService(this.getClass());
120 }
121 return moduleService;
122 }
123
124 protected boolean isModuleLocked(HttpServletRequest request) {
125 ModuleService moduleService = getModuleService(request);
126 if(moduleService != null && moduleService.isLocked()) {
127 String principalId = GlobalVariables.getUserSession().getPrincipalId();
128 String namespaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE;
129 String permissionName = KimConstants.PermissionNames.ACCESS_LOCKED_MODULE;
130 Map<String, String> permissionDetails = new HashMap<String, String>();
131 Map<String, String> qualification = new HashMap<String, String>();
132 if(!KimApiServiceLocator.getPermissionService().isAuthorized(principalId, namespaceCode, permissionName, permissionDetails, qualification)) {
133 return true;
134 }
135 }
136 return false;
137 }
138
139 protected KualiModuleService getKualiModuleService() {
140 if ( kualiModuleService == null ) {
141 kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
142 }
143 return kualiModuleService;
144 }
145 }