View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kns.bo.authorization;
17  
18  import org.kuali.rice.kns.authorization.BusinessObjectAuthorizer;
19  import org.kuali.rice.krad.bo.BusinessObject;
20  import org.kuali.rice.krad.bo.DataObjectAuthorizerBase;
21  import org.kuali.rice.krad.service.DataDictionaryService;
22  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
23  import org.kuali.rice.krad.service.KualiModuleService;
24  import org.kuali.rice.krad.service.PersistenceStructureService;
25  import org.kuali.rice.krad.util.GlobalVariables;
26  
27  import java.util.HashMap;
28  import java.util.Map;
29  
30  public class BusinessObjectAuthorizerBase extends DataObjectAuthorizerBase implements BusinessObjectAuthorizer {
31      private static final long serialVersionUID = -6315759348728853851L;
32  
33  	private static KualiModuleService kualiModuleService;
34  	private static DataDictionaryService dataDictionaryService;
35  	private static PersistenceStructureService persistenceStructureService;
36  
37      protected final boolean permissionExistsByTemplate(
38  			BusinessObject businessObject, String namespaceCode,
39  			String permissionTemplateName) {
40  		return getPermissionService()
41  				.isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName, new HashMap<String, String>(
42                          getPermissionDetailValues(businessObject)));
43  	}
44  
45  	protected final boolean permissionExistsByTemplate(
46  			BusinessObject businessObject, String namespaceCode,
47  			String permissionTemplateName, Map<String, String> permissionDetails) {
48  		Map<String, String> combinedPermissionDetails = new HashMap<String, String>(
49  				getPermissionDetailValues(businessObject));
50  		combinedPermissionDetails.putAll(permissionDetails);
51  		return getPermissionService()
52  				.isPermissionDefinedByTemplateName(namespaceCode, permissionTemplateName, combinedPermissionDetails);
53  	}
54  
55  	public final boolean isAuthorized(BusinessObject businessObject,
56  			String namespaceCode, String permissionName, String principalId) {
57  		return getPermissionService().isAuthorized(principalId,
58  				namespaceCode, permissionName,
59  				new HashMap<String, String>(getPermissionDetailValues(businessObject)),
60  				new HashMap<String, String>(getRoleQualification(businessObject, principalId)));
61  	}
62  
63  	public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
64  			String namespaceCode, String permissionTemplateName,
65  			String principalId) {
66  		return getPermissionService().isAuthorizedByTemplateName(
67  				principalId, namespaceCode, permissionTemplateName,
68  				new HashMap<String, String>(getPermissionDetailValues(dataObject)),
69  				new HashMap<String, String>(getRoleQualification(dataObject, principalId)));
70  	}
71  
72  	public final boolean isAuthorized(BusinessObject businessObject,
73  			String namespaceCode, String permissionName, String principalId,
74  			Map<String, String> collectionOrFieldLevelPermissionDetails,
75  			Map<String, String> collectionOrFieldLevelRoleQualification) {
76  		Map<String, String> roleQualifiers = null;
77  		Map<String, String> permissionDetails = null;
78  		if (collectionOrFieldLevelRoleQualification != null) {
79  			roleQualifiers = new HashMap<String, String>(
80  					getRoleQualification(businessObject, principalId));
81  			roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
82  		} else {
83  			roleQualifiers = new HashMap<String, String>(
84  					getRoleQualification(businessObject, principalId));
85  		}
86  		if (collectionOrFieldLevelPermissionDetails != null) {
87  			permissionDetails = new HashMap<String, String>(
88  					getPermissionDetailValues(businessObject));
89  			permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
90  		} else {
91  			permissionDetails = new HashMap<String, String>(
92  					getPermissionDetailValues(businessObject));
93  		}
94  		
95  		return getPermissionService().isAuthorized(principalId,
96  				namespaceCode, permissionName, permissionDetails,
97  				roleQualifiers);
98  	}
99  
100 
101 	/**
102 	 * Returns a role qualification map based off data from the primary business
103 	 * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
104 	 * 
105 	 * @param primaryBusinessObjectOrDocument
106 	 *            the primary business object (i.e. the main BO instance behind
107 	 *            the lookup result row or inquiry) or the document
108 	 * @return a Map containing role qualifications
109 	 */
110 	protected final Map<String, String> getRoleQualification(
111 			BusinessObject primaryBusinessObjectOrDocument) {
112 		return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
113 					.getUserSession().getPerson().getPrincipalId());
114 	}
115 
116 	/**
117 	 * @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject)
118 	 */
119 	public Map<String, String> getCollectionItemPermissionDetails(
120 			BusinessObject collectionItemBusinessObject) {
121 		return new HashMap<String, String>();
122 	}
123 
124 	/**
125 	 * @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject)
126 	 */
127 	public Map<String, String> getCollectionItemRoleQualifications(
128 			BusinessObject collectionItemBusinessObject) {
129 		return new HashMap<String, String>();
130 	}
131 
132 	protected static KualiModuleService getKualiModuleService() {
133 		if (kualiModuleService == null) {
134 			kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
135 		}
136 		return kualiModuleService;
137 	}
138 
139 	protected static DataDictionaryService getDataDictionaryService() {
140 		if (dataDictionaryService == null) {
141 			dataDictionaryService = KRADServiceLocatorWeb
142 					.getDataDictionaryService();
143 		}
144 		return dataDictionaryService;
145 	}
146 }