org.kuali.rice.krad.bo
Class DataObjectAuthorizerBase

java.lang.Object
  org.kuali.rice.krad.bo.DataObjectAuthorizerBase

All Implemented Interfaces:

Serializable, DataObjectAuthorizer

Direct Known Subclasses:

BusinessObjectAuthorizerBase, DocumentAuthorizerBase, ViewAuthorizerBase

public class DataObjectAuthorizerBase
extends Object
implements DataObjectAuthorizer, Serializable

Author:

Kuali Rice Team (rice.collab@kuali.org)

See Also:

Serialized Form

Constructor Summary

DataObjectAuthorizerBase()

Method Summary

protected void	addPermissionDetails(Object primaryDataObjectOrDocument, Map<String,String> attributes) Override this method to populate the permission details from the primary data object or document.
protected void	addRoleQualification(Object primaryDataObjectOrDocument, Map<String,String> attributes) Override this method to populate the role qualifier attributes from the primary data object or document.
protected Map<String,String>	getPermissionDetailValues(Object primaryDataObjectOrDocument) Returns a permission details map based off data from the primary business object or the document.
protected static PermissionService	getPermissionService()
protected static PersonService	getPersonService()
protected Map<String,String>	getRoleQualification(Object primaryDataObjectOrDocument, String principalId) Returns a role qualification map based off data from the primary business object or the document.
boolean	isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId) Determines whether the user identified by the given principal ID has the given permission in the context of the data object
boolean	isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification) Determines whether the user identified by the given principal ID has the given permission in the context of the data object, the additional permission details and role qualifiers are used for the check
boolean	isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId) Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object
boolean	isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification) Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object, the additional permission details and role qualifiers are used for the check
protected boolean	permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName)
protected boolean	permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
protected boolean	permissionExistsByTemplate(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DataObjectAuthorizerBase

public DataObjectAuthorizerBase()

Method Detail

isAuthorized

public final boolean isAuthorized(Object dataObject,
                                  String namespaceCode,
                                  String permissionName,
                                  String principalId)

Description copied from interface: DataObjectAuthorizer

Determines whether the user identified by the given principal ID has the given permission in the context of the data object

Specified by:

isAuthorized in interface DataObjectAuthorizer

Returns:

boolean true if the user is authorized, false if not

See Also:

DataObjectAuthorizer.isAuthorized(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorizedByTemplate

public final boolean isAuthorizedByTemplate(Object dataObject,
                                            String namespaceCode,
                                            String permissionTemplateName,
                                            String principalId)

Description copied from interface: DataObjectAuthorizer

Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object

Specified by:

isAuthorizedByTemplate in interface DataObjectAuthorizer

Returns:

boolean true if the user is authorized, false if not

See Also:

DataObjectAuthorizer.isAuthorizedByTemplate(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorized

public final boolean isAuthorized(Object dataObject,
                                  String namespaceCode,
                                  String permissionName,
                                  String principalId,
                                  Map<String,String> collectionOrFieldLevelPermissionDetails,
                                  Map<String,String> collectionOrFieldLevelRoleQualification)

Description copied from interface: DataObjectAuthorizer

Determines whether the user identified by the given principal ID has the given permission in the context of the data object, the additional permission details and role qualifiers are used for the check

Specified by:

isAuthorized in interface DataObjectAuthorizer

Returns:

boolean true if the user is authorized, false if not

See Also:

DataObjectAuthorizer.isAuthorized(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorizedByTemplate

public final boolean isAuthorizedByTemplate(Object dataObject,
                                            String namespaceCode,
                                            String permissionTemplateName,
                                            String principalId,
                                            Map<String,String> collectionOrFieldLevelPermissionDetails,
                                            Map<String,String> collectionOrFieldLevelRoleQualification)

Description copied from interface: DataObjectAuthorizer

Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object, the additional permission details and role qualifiers are used for the check

Specified by:

isAuthorizedByTemplate in interface DataObjectAuthorizer

Returns:

boolean true if the user is authorized, false if not

See Also:

DataObjectAuthorizer.isAuthorizedByTemplate(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

addRoleQualification

protected void addRoleQualification(Object primaryDataObjectOrDocument,
                                    Map<String,String> attributes)

Override this method to populate the role qualifier attributes from the primary data object or document. This will only be called once per request.

Parameters:

primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

attributes - - role qualifiers will be added to this map

addPermissionDetails

protected void addPermissionDetails(Object primaryDataObjectOrDocument,
                                    Map<String,String> attributes)

Override this method to populate the permission details from the primary data object or document. This will only be called once per request.

Parameters:

primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

attributes - - permission details will be added to this map

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(Object dataObject,
                                                   String namespaceCode,
                                                   String permissionTemplateName)

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(String namespaceCode,
                                                   String permissionTemplateName,
                                                   Map<String,String> permissionDetails)

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(Object dataObject,
                                                   String namespaceCode,
                                                   String permissionTemplateName,
                                                   Map<String,String> permissionDetails)

getRoleQualification

protected final Map<String,String> getRoleQualification(Object primaryDataObjectOrDocument,
                                                        String principalId)

Returns a role qualification map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD

Parameters:

primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

Returns:

a Map containing role qualifications

getPermissionDetailValues

protected final Map<String,String> getPermissionDetailValues(Object primaryDataObjectOrDocument)

Returns a permission details map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD

Parameters:

primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document

Returns:

a Map containing permission details

getPermissionService

protected static PermissionService getPermissionService()

getPersonService

protected static PersonService getPersonService()