Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.kuali.rice.kim.impl.permission
Class PermissionServiceImpl

java.lang.Object
  extended by org.kuali.rice.kim.impl.permission.PermissionServiceImpl
All Implemented Interfaces:
PermissionService
public class PermissionServiceImpl
extends Object
implements PermissionService

Constructor Summary
PermissionServiceImpl()
           
 
Method Summary
 Permission createPermission(Permission permission)
          This will create a Permission exactly like the permission passed in.
 Permission findPermByNamespaceCodeAndName(String namespaceCode, String permissionName)
          Get the Permission object with the unique combination of namespace and permission name.
 PermissionQueryResults findPermissions(QueryByCriteria queryByCriteria)
          This method find Permissions based on a query criteria.
 TemplateQueryResults findPermissionTemplates(QueryByCriteria queryByCriteria)
          This method find Permission Templates based on a query criteria.
 List<Permission> findPermsByNamespaceCodeTemplateName(String namespaceCode, String permissionTemplateName)
          Return the permission object for the given unique combination of namespace, component and permission template name.
 Template findPermTemplateByNamespaceCodeAndName(String namespaceCode, String permissionTemplateName)
          Return the Permission Template given the Template Name and Namespace Code.
 List<Template> getAllTemplates()
          Return all Permission Templates.
 List<Permission> getAuthorizedPermissions(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Returns permissions (with their details) that are granted to the principal given the passed qualification.
 List<Permission> getAuthorizedPermissionsByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Returns permissions (with their details) that are granted to the principal given the passed qualification.
protected  List<Permission> getMatchingPermissions(List<org.kuali.rice.kim.impl.permission.PermissionBo> permissions, Map<String,String> permissionDetails)
          Compare each of the passed in permissions with the given permissionDetails.
 Permission getPermission(String permissionId)
          Get the permission object with the given ID.
 List<Assignee> getPermissionAssignees(String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Get the list of principals/groups who have a given permission.
 List<Assignee> getPermissionAssigneesByTemplateName(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Get the list of principals/groups who have a given permission that match the given permission template and permission details.
protected  org.kuali.rice.kim.impl.permission.PermissionBo getPermissionBoByName(String namespaceCode, String permissionName)
           
protected  org.kuali.rice.kim.impl.permission.PermissionBo getPermissionImpl(String permissionId)
           
protected  List<org.kuali.rice.kim.impl.permission.PermissionBo> getPermissionImplsByName(String namespaceCode, String permissionName)
           
protected  List<org.kuali.rice.kim.impl.permission.PermissionBo> getPermissionImplsByTemplateName(String namespaceCode, String permissionTemplateName)
           
protected  List<Permission> getPermissionsForUser(String principalId, List<Permission> permissions, Map<String,String> qualification)
          Checks the list of permissions against the principal's roles and returns a subset of the list which match.
 Template getPermissionTemplate(String permissionTemplateId)
          Return the Permission Template given the Template ID.
protected  PermissionTypeService getPermissionTypeService(org.kuali.rice.kim.impl.permission.PermissionTemplateBo permissionTemplate)
           
protected  Map<String,PermissionTypeService> getPermissionTypeServicesByTemplateId(Collection<org.kuali.rice.kim.impl.permission.PermissionBo> permissions)
           
 List<String> getRoleIdsForPermission(String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Get the role IDs for the given permission.
protected  List<String> getRoleIdsForPermissionTemplate(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
           
protected  Map<String,List<Permission>> groupPermissionsByTemplate(Collection<org.kuali.rice.kim.impl.permission.PermissionBo> permissions)
           
 boolean hasPermission(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account.
 boolean hasPermissionByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
          Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account.
 boolean isAuthorized(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Checks whether the given qualified permission is granted to the principal given the passed roleQualification.
 boolean isAuthorizedByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Checks whether the given qualified permission is granted to the principal given the passed roleQualification.
 boolean isPermissionDefined(String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Returns true if the given permission is defined on any Roles.
 boolean isPermissionDefinedByTemplateName(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
          Returns true if the given permission template is defined on any Roles.
 void setBusinessObjectService(BusinessObjectService businessObjectService)
          Sets the businessObjectService attribute value.
 void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)
          Sets the criteriaLookupService attribute value.
 void setDefaultPermissionTypeService(PermissionTypeService defaultPermissionTypeService)
          Sets the defaultPermissionTypeService attribute value.
 void setKimTypeInfoService(KimTypeInfoService kimTypeInfoService)
          Sets the kimTypeInfoService attribute value.
 void setRoleService(RoleService roleService)
          Sets the roleService attribute value.
 Permission updatePermission(Permission permission)
          This will update a Permission.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PermissionServiceImpl

public PermissionServiceImpl()
Method Detail

getPermissionTypeService

protected PermissionTypeService getPermissionTypeService(org.kuali.rice.kim.impl.permission.PermissionTemplateBo permissionTemplate)

hasPermission

public boolean hasPermission(String principalId,
                             String namespaceCode,
                             String permissionName,
                             Map<String,String> permissionDetails)
                      throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account. This method should not be used for true authorization checks since a principal may only have this permission within a given context. It could be used to identify that the user would have some permissions within a certain area. Later checks would identify exactly what permissions were granted. It can also be used when the client application KNOWS that this is a role which is never qualified.

Specified by:
hasPermission in interface PermissionService
Throws:
RiceIllegalArgumentException

isAuthorized

public boolean isAuthorized(String principalId,
                            String namespaceCode,
                            String permissionName,
                            Map<String,String> permissionDetails,
                            Map<String,String> qualification)
                     throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Checks whether the given qualified permission is granted to the principal given the passed roleQualification. If no roleQualification is passed (null or empty) then this method behaves the same as #hasPermission(String, String, String, Map). Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined. Each permission is checked against the permissionDetails. The PermissionTypeService is called for each permission with the given permissionName to see if the permissionDetails matches its details.

Specified by:
isAuthorized in interface PermissionService
Throws:
RiceIllegalArgumentException

hasPermissionByTemplateName

public boolean hasPermissionByTemplateName(String principalId,
                                           String namespaceCode,
                                           String permissionTemplateName,
                                           Map<String,String> permissionDetails)
                                    throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account. This method should not be used for true authorization checks since a principal may only have this permission within a given context. It could be used to identify that the user would have some permissions within a certain area. Later checks would identify exactly what permissions were granted. It can also be used when the client application KNOWS that this is a role which is never qualified.

Specified by:
hasPermissionByTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

isAuthorizedByTemplateName

public boolean isAuthorizedByTemplateName(String principalId,
                                          String namespaceCode,
                                          String permissionTemplateName,
                                          Map<String,String> permissionDetails,
                                          Map<String,String> qualification)
                                   throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Checks whether the given qualified permission is granted to the principal given the passed roleQualification. If no roleQualification is passed (null or empty) then this method behaves the same as #hasPermission(String, String, String, Map). Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined. Each permission is checked against the permissionDetails. The PermissionTypeService is called for each permission with the given permissionName to see if the permissionDetails matches its details.

Specified by:
isAuthorizedByTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

getAuthorizedPermissions

public List<Permission> getAuthorizedPermissions(String principalId,
                                                 String namespaceCode,
                                                 String permissionName,
                                                 Map<String,String> permissionDetails,
                                                 Map<String,String> qualification)
                                          throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Returns permissions (with their details) that are granted to the principal given the passed qualification. If no qualification is passed (null or empty) then this method does not check any qualifications on the roles. All permissions with the given name are checked against the permissionDetails. The PermissionTypeService is called for each permission to see if the permissionDetails matches its details. An asterisk (*) as a value in any permissionDetails key-value pair will match any value. This forms a way to provide a wildcard to obtain multiple permissions in one call. After the permissions are determined, the roles that hold those permissions are determined. Each role that matches between the principal and the permission objects is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked through the role's type service.

Specified by:
getAuthorizedPermissions in interface PermissionService
Throws:
RiceIllegalArgumentException

getAuthorizedPermissionsByTemplateName

public List<Permission> getAuthorizedPermissionsByTemplateName(String principalId,
                                                               String namespaceCode,
                                                               String permissionTemplateName,
                                                               Map<String,String> permissionDetails,
                                                               Map<String,String> qualification)
                                                        throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Returns permissions (with their details) that are granted to the principal given the passed qualification. If no qualification is passed (null or empty) then this method does not check any qualifications on the roles. All permissions with the given name are checked against the permissionDetails. The PermissionTypeService is called for each permission to see if the permissionDetails matches its details. An asterisk (*) as a value in any permissionDetails key-value pair will match any value. This forms a way to provide a wildcard to obtain multiple permissions in one call. After the permissions are determined, the roles that hold those permissions are determined. Each role that matches between the principal and the permission objects is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked through the role's type service.

Specified by:
getAuthorizedPermissionsByTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

getPermissionsForUser

protected List<Permission> getPermissionsForUser(String principalId,
                                                 List<Permission> permissions,
                                                 Map<String,String> qualification)
Checks the list of permissions against the principal's roles and returns a subset of the list which match.

getPermissionTypeServicesByTemplateId

protected Map<String,PermissionTypeService> getPermissionTypeServicesByTemplateId(Collection<org.kuali.rice.kim.impl.permission.PermissionBo> permissions)

groupPermissionsByTemplate

protected Map<String,List<Permission>> groupPermissionsByTemplate(Collection<org.kuali.rice.kim.impl.permission.PermissionBo> permissions)

getMatchingPermissions

protected List<Permission> getMatchingPermissions(List<org.kuali.rice.kim.impl.permission.PermissionBo> permissions,
                                                  Map<String,String> permissionDetails)
Compare each of the passed in permissions with the given permissionDetails. Those that match are added to the result list.

getPermissionAssignees

public List<Assignee> getPermissionAssignees(String namespaceCode,
                                             String permissionName,
                                             Map<String,String> permissionDetails,
                                             Map<String,String> qualification)
                                      throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Get the list of principals/groups who have a given permission. This also returns delegates for the given principals/groups who also have this permission given the context in the qualification parameter. Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined.

Specified by:
getPermissionAssignees in interface PermissionService
Throws:
RiceIllegalArgumentException

getPermissionAssigneesByTemplateName

public List<Assignee> getPermissionAssigneesByTemplateName(String namespaceCode,
                                                           String permissionTemplateName,
                                                           Map<String,String> permissionDetails,
                                                           Map<String,String> qualification)
                                                    throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Get the list of principals/groups who have a given permission that match the given permission template and permission details. This also returns delegates for the given principals/groups who also have this permission given the context in the qualification parameter. Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined.

Specified by:
getPermissionAssigneesByTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

isPermissionDefined

public boolean isPermissionDefined(String namespaceCode,
                                   String permissionName,
                                   Map<String,String> permissionDetails)
                            throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Returns true if the given permission is defined on any Roles.

Specified by:
isPermissionDefined in interface PermissionService
Throws:
RiceIllegalArgumentException

isPermissionDefinedByTemplateName

public boolean isPermissionDefinedByTemplateName(String namespaceCode,
                                                 String permissionTemplateName,
                                                 Map<String,String> permissionDetails)
                                          throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Returns true if the given permission template is defined on any Roles.

Specified by:
isPermissionDefinedByTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

getRoleIdsForPermission

public List<String> getRoleIdsForPermission(String namespaceCode,
                                            String permissionName,
                                            Map<String,String> permissionDetails)
                                     throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Get the role IDs for the given permission.

Specified by:
getRoleIdsForPermission in interface PermissionService
Throws:
RiceIllegalArgumentException

getRoleIdsForPermissionTemplate

protected List<String> getRoleIdsForPermissionTemplate(String namespaceCode,
                                                       String permissionTemplateName,
                                                       Map<String,String> permissionDetails)

getPermission

public Permission getPermission(String permissionId)
                         throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Get the permission object with the given ID.

Specified by:
getPermission in interface PermissionService
Throws:
RiceIllegalArgumentException

findPermsByNamespaceCodeTemplateName

public List<Permission> findPermsByNamespaceCodeTemplateName(String namespaceCode,
                                                             String permissionTemplateName)
                                                      throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Return the permission object for the given unique combination of namespace, component and permission template name.

Specified by:
findPermsByNamespaceCodeTemplateName in interface PermissionService
Throws:
RiceIllegalArgumentException

getPermissionImpl

protected org.kuali.rice.kim.impl.permission.PermissionBo getPermissionImpl(String permissionId)
                                                                     throws RiceIllegalArgumentException
Throws:
RiceIllegalArgumentException

getPermissionImplsByTemplateName

protected List<org.kuali.rice.kim.impl.permission.PermissionBo> getPermissionImplsByTemplateName(String namespaceCode,
                                                                                                 String permissionTemplateName)

getPermissionImplsByName

protected List<org.kuali.rice.kim.impl.permission.PermissionBo> getPermissionImplsByName(String namespaceCode,
                                                                                         String permissionName)

getPermissionTemplate

public Template getPermissionTemplate(String permissionTemplateId)
                               throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Return the Permission Template given the Template ID.

Specified by:
getPermissionTemplate in interface PermissionService
Returns:
PermissionTemplate
Throws:
RiceIllegalArgumentException

findPermTemplateByNamespaceCodeAndName

public Template findPermTemplateByNamespaceCodeAndName(String namespaceCode,
                                                       String permissionTemplateName)
                                                throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Return the Permission Template given the Template Name and Namespace Code.

Specified by:
findPermTemplateByNamespaceCodeAndName in interface PermissionService
Returns:
PermissionTemplate
Throws:
RiceIllegalArgumentException

getAllTemplates

public List<Template> getAllTemplates()
Description copied from interface: PermissionService
Return all Permission Templates.

Specified by:
getAllTemplates in interface PermissionService
Returns:
PermissionTemplate

createPermission

public Permission createPermission(Permission permission)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: PermissionService
This will create a Permission exactly like the permission passed in.

Specified by:
createPermission in interface PermissionService
Parameters:
permission - the permission to create
Returns:
the id of the newly created object. will never be null.
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

updatePermission

public Permission updatePermission(Permission permission)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: PermissionService
This will update a Permission.

Specified by:
updatePermission in interface PermissionService
Parameters:
permission - the permission to update
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

findPermByNamespaceCodeAndName

public Permission findPermByNamespaceCodeAndName(String namespaceCode,
                                                 String permissionName)
                                          throws RiceIllegalArgumentException
Description copied from interface: PermissionService
Get the Permission object with the unique combination of namespace and permission name. If any parameter is blank, this method returns null.

Specified by:
findPermByNamespaceCodeAndName in interface PermissionService
Throws:
RiceIllegalArgumentException

getPermissionBoByName

protected org.kuali.rice.kim.impl.permission.PermissionBo getPermissionBoByName(String namespaceCode,
                                                                                String permissionName)

findPermissions

public PermissionQueryResults findPermissions(QueryByCriteria queryByCriteria)
                                       throws RiceIllegalArgumentException
Description copied from interface: PermissionService
This method find Permissions based on a query criteria. The criteria cannot be null.

Specified by:
findPermissions in interface PermissionService
Parameters:
queryByCriteria - the criteria. Cannot be null.
Returns:
query results. will never return null.
Throws:
RiceIllegalArgumentException

findPermissionTemplates

public TemplateQueryResults findPermissionTemplates(QueryByCriteria queryByCriteria)
                                             throws RiceIllegalArgumentException
Description copied from interface: PermissionService
This method find Permission Templates based on a query criteria. The criteria cannot be null.

Specified by:
findPermissionTemplates in interface PermissionService
Parameters:
queryByCriteria - the criteria. Cannot be null.
Returns:
query results. will never return null.
Throws:
RiceIllegalArgumentException

setKimTypeInfoService

public void setKimTypeInfoService(KimTypeInfoService kimTypeInfoService)
Sets the kimTypeInfoService attribute value.

Parameters:
kimTypeInfoService - The kimTypeInfoService to set.

setDefaultPermissionTypeService

public void setDefaultPermissionTypeService(PermissionTypeService defaultPermissionTypeService)
Sets the defaultPermissionTypeService attribute value.

Parameters:
defaultPermissionTypeService - The defaultPermissionTypeService to set.

setRoleService

public void setRoleService(RoleService roleService)
Sets the roleService attribute value.

Parameters:
roleService - The roleService to set.

setBusinessObjectService

public void setBusinessObjectService(BusinessObjectService businessObjectService)
Sets the businessObjectService attribute value.

Parameters:
businessObjectService - The businessObjectService to set.

setCriteriaLookupService

public void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)
Sets the criteriaLookupService attribute value.

Parameters:
criteriaLookupService - The criteriaLookupService to set.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2012 The Kuali Foundation. All Rights Reserved.