Coverage Report

Coverage Report - org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

BusinessObjectAuthorizerBase

0/54

0/16

1.421

 /*
  * Copyright 2007-2009 The Kuali Foundation
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kns.authorization;
 
 import java.util.HashMap;
 import java.util.Map;
 
 import org.kuali.rice.core.util.AttributeSet;
 import org.kuali.rice.kim.api.services.IdentityManagementService;
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 import org.kuali.rice.kim.service.PersonService;
 import org.kuali.rice.kim.util.KimConstants;
 import org.kuali.rice.kns.bo.BusinessObject;
 import org.kuali.rice.kns.service.DataDictionaryService;
 import org.kuali.rice.kns.service.KNSServiceLocatorWeb;
 import org.kuali.rice.kns.service.KualiModuleService;
 import org.kuali.rice.kns.service.PersistenceStructureService;
 import org.kuali.rice.kns.util.GlobalVariables;
 import org.kuali.rice.kns.util.KNSUtils;
 
 public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
 //        private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
 //                        .getLogger(BusinessObjectAuthorizerBase.class);
 
         private static IdentityManagementService identityManagementService;
         private static PersonService personService;
         private static KualiModuleService kualiModuleService;
         private static DataDictionaryService dataDictionaryService;
         private static PersistenceStructureService persistenceStructureService;
 
         /**
          * Override this method to populate the role qualifier attributes from the
          * primary business object or document. This will only be called once per
          * request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            role qualifiers will be added to this map
          */
         protected void addRoleQualification(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryDataObjectOrDocument, attributes);
         }
 
         /**
          * Override this method to populate the permission details from the primary
          * business object or document. This will only be called once per request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            permission details will be added to this map
          */
         protected void addPermissionDetails(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryDataObjectOrDocument, attributes);
         }
 
         /**
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            attributes (i.e. role qualifications or permission details)
          *            will be added to this map
          */
         private void addStandardAttributes(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 attributes
                                 .putAll(KNSUtils
                                                 .getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument
                                                                 .getClass()));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(
                                                 namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(
                                                                 getPermissionDetailValues(businessObject)));
         }
 
         protected final boolean permissionExistsByTemplate(String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(permissionDetails));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 AttributeSet combinedPermissionDetails = new AttributeSet(
                                 getPermissionDetailValues(businessObject));
                 combinedPermissionDetails.putAll(permissionDetails);
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName, combinedPermissionDetails);
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId) {
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName,
                                 new AttributeSet(getPermissionDetailValues(businessObject)),
                                 new AttributeSet(getRoleQualification(businessObject, principalId)));
         }
 
         public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId) {
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 new AttributeSet(getPermissionDetailValues(dataObject)),
                                 new AttributeSet(getRoleQualification(dataObject, principalId)));
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = null;
                 AttributeSet permissionDetails = null;
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 } else {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 } else {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                 }
                 
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName, permissionDetails,
                                 roleQualifiers);
         }
 
         public final boolean isAuthorizedByTemplate(Object dataObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = new AttributeSet(
                                 getRoleQualification(dataObject, principalId));
                 AttributeSet permissionDetails = new AttributeSet(
                                 getPermissionDetailValues(dataObject));
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 }
                 
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 permissionDetails, roleQualifiers);
         }
 
         /**
          * Returns a role qualification map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing role qualifications
          */
         protected final Map<String, String> getRoleQualification(
                         BusinessObject primaryBusinessObjectOrDocument) {
                 return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
                                         .getUserSession().getPerson().getPrincipalId());
         }
         
         protected final Map<String, String> getRoleQualification(
                         Object primaryDataObjectOrDocument, String principalId) {
                         Map<String, String> roleQualification = new HashMap<String, String>();
                         addRoleQualification(primaryDataObjectOrDocument,
                                         roleQualification);
                         roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
                 return roleQualification;
         }
 
 
         /**
          * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemPermissionDetails(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemRoleQualifications(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * Returns a permission details map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing permission details
          */
         protected final Map<String, String> getPermissionDetailValues(
                         Object dataObject) {
                 Map<String, String> permissionDetails = new HashMap<String, String>();
                 addPermissionDetails(dataObject, permissionDetails);
                 return permissionDetails;
         }
 
         protected static final IdentityManagementService getIdentityManagementService() {
                 if (identityManagementService == null) {
                         identityManagementService = KimApiServiceLocator
                                         .getIdentityManagementService();
                 }
                 return identityManagementService;
         }
 
         protected static final PersonService getPersonService() {
                 if (personService == null) {
                         personService = KimApiServiceLocator.getPersonService();
                 }
                 return personService;
         }
 
         protected static final KualiModuleService getKualiModuleService() {
                 if (kualiModuleService == null) {
                         kualiModuleService = KNSServiceLocatorWeb.getKualiModuleService();
                 }
                 return kualiModuleService;
         }
 
         protected static final DataDictionaryService getDataDictionaryService() {
                 if (dataDictionaryService == null) {
                         dataDictionaryService = KNSServiceLocatorWeb
                                         .getDataDictionaryService();
                 }
                 return dataDictionaryService;
         }
 }

1		/*
2		* Copyright 2007-2009 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kns.authorization;
17
18		import java.util.HashMap;
19		import java.util.Map;
20
21		import org.kuali.rice.core.util.AttributeSet;
22		import org.kuali.rice.kim.api.services.IdentityManagementService;
23		import org.kuali.rice.kim.api.services.KimApiServiceLocator;
24		import org.kuali.rice.kim.service.PersonService;
25		import org.kuali.rice.kim.util.KimConstants;
26		import org.kuali.rice.kns.bo.BusinessObject;
27		import org.kuali.rice.kns.service.DataDictionaryService;
28		import org.kuali.rice.kns.service.KNSServiceLocatorWeb;
29		import org.kuali.rice.kns.service.KualiModuleService;
30		import org.kuali.rice.kns.service.PersistenceStructureService;
31		import org.kuali.rice.kns.util.GlobalVariables;
32		import org.kuali.rice.kns.util.KNSUtils;
33
34	0	public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
35		// private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
36		// .getLogger(BusinessObjectAuthorizerBase.class);
37
38		private static IdentityManagementService identityManagementService;
39		private static PersonService personService;
40		private static KualiModuleService kualiModuleService;
41		private static DataDictionaryService dataDictionaryService;
42		private static PersistenceStructureService persistenceStructureService;
43
44		/**
45		* Override this method to populate the role qualifier attributes from the
46		* primary business object or document. This will only be called once per
47		* request.
48		*
49		* @param primaryBusinessObjectOrDocument
50		* the primary business object (i.e. the main BO instance behind
51		* the lookup result row or inquiry) or the document
52		* @param attributes
53		* role qualifiers will be added to this map
54		*/
55		protected void addRoleQualification(
56		Object primaryDataObjectOrDocument,
57		Map<String, String> attributes) {
58	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
59	0	}
60
61		/**
62		* Override this method to populate the permission details from the primary
63		* business object or document. This will only be called once per request.
64		*
65		* @param primaryBusinessObjectOrDocument
66		* the primary business object (i.e. the main BO instance behind
67		* the lookup result row or inquiry) or the document
68		* @param attributes
69		* permission details will be added to this map
70		*/
71		protected void addPermissionDetails(
72		Object primaryDataObjectOrDocument,
73		Map<String, String> attributes) {
74	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
75	0	}
76
77		/**
78		* @param primaryBusinessObjectOrDocument
79		* the primary business object (i.e. the main BO instance behind
80		* the lookup result row or inquiry) or the document
81		* @param attributes
82		* attributes (i.e. role qualifications or permission details)
83		* will be added to this map
84		*/
85		private void addStandardAttributes(
86		Object primaryDataObjectOrDocument,
87		Map<String, String> attributes) {
88	0	attributes
89		.putAll(KNSUtils
90		.getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument
91		.getClass()));
92	0	}
93
94		protected final boolean permissionExistsByTemplate(
95		BusinessObject businessObject, String namespaceCode,
96		String permissionTemplateName) {
97	0	return getIdentityManagementService()
98		.isPermissionDefinedForTemplateName(
99		namespaceCode,
100		permissionTemplateName,
101		new AttributeSet(
102		getPermissionDetailValues(businessObject)));
103		}
104
105		protected final boolean permissionExistsByTemplate(String namespaceCode,
106		String permissionTemplateName, Map<String, String> permissionDetails) {
107	0	return getIdentityManagementService()
108		.isPermissionDefinedForTemplateName(namespaceCode,
109		permissionTemplateName,
110		new AttributeSet(permissionDetails));
111		}
112
113		protected final boolean permissionExistsByTemplate(
114		BusinessObject businessObject, String namespaceCode,
115		String permissionTemplateName, Map<String, String> permissionDetails) {
116	0	AttributeSet combinedPermissionDetails = new AttributeSet(
117		getPermissionDetailValues(businessObject));
118	0	combinedPermissionDetails.putAll(permissionDetails);
119	0	return getIdentityManagementService()
120		.isPermissionDefinedForTemplateName(namespaceCode,
121		permissionTemplateName, combinedPermissionDetails);
122		}
123
124		public final boolean isAuthorized(BusinessObject businessObject,
125		String namespaceCode, String permissionName, String principalId) {
126	0	return getIdentityManagementService().isAuthorized(principalId,
127		namespaceCode, permissionName,
128		new AttributeSet(getPermissionDetailValues(businessObject)),
129		new AttributeSet(getRoleQualification(businessObject, principalId)));
130		}
131
132		public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
133		String namespaceCode, String permissionTemplateName,
134		String principalId) {
135	0	return getIdentityManagementService().isAuthorizedByTemplateName(
136		principalId, namespaceCode, permissionTemplateName,
137		new AttributeSet(getPermissionDetailValues(dataObject)),
138		new AttributeSet(getRoleQualification(dataObject, principalId)));
139		}
140
141		public final boolean isAuthorized(BusinessObject businessObject,
142		String namespaceCode, String permissionName, String principalId,
143		Map<String, String> collectionOrFieldLevelPermissionDetails,
144		Map<String, String> collectionOrFieldLevelRoleQualification) {
145	0	AttributeSet roleQualifiers = null;
146	0	AttributeSet permissionDetails = null;
147	0	if (collectionOrFieldLevelRoleQualification != null) {
148	0	roleQualifiers = new AttributeSet(
149		getRoleQualification(businessObject, principalId));
150	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
151		} else {
152	0	roleQualifiers = new AttributeSet(
153		getRoleQualification(businessObject, principalId));
154		}
155	0	if (collectionOrFieldLevelPermissionDetails != null) {
156	0	permissionDetails = new AttributeSet(
157		getPermissionDetailValues(businessObject));
158	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
159		} else {
160	0	permissionDetails = new AttributeSet(
161		getPermissionDetailValues(businessObject));
162		}
163
164	0	return getIdentityManagementService().isAuthorized(principalId,
165		namespaceCode, permissionName, permissionDetails,
166		roleQualifiers);
167		}
168
169		public final boolean isAuthorizedByTemplate(Object dataObject,
170		String namespaceCode, String permissionTemplateName,
171		String principalId,
172		Map<String, String> collectionOrFieldLevelPermissionDetails,
173		Map<String, String> collectionOrFieldLevelRoleQualification) {
174	0	AttributeSet roleQualifiers = new AttributeSet(
175		getRoleQualification(dataObject, principalId));
176	0	AttributeSet permissionDetails = new AttributeSet(
177		getPermissionDetailValues(dataObject));
178	0	if (collectionOrFieldLevelRoleQualification != null) {
179	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
180		}
181	0	if (collectionOrFieldLevelPermissionDetails != null) {
182	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
183		}
184
185	0	return getIdentityManagementService().isAuthorizedByTemplateName(
186		principalId, namespaceCode, permissionTemplateName,
187		permissionDetails, roleQualifiers);
188		}
189
190		/**
191		* Returns a role qualification map based off data from the primary business
192		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
193		*
194		* @param primaryBusinessObjectOrDocument
195		* the primary business object (i.e. the main BO instance behind
196		* the lookup result row or inquiry) or the document
197		* @return a Map containing role qualifications
198		*/
199		protected final Map<String, String> getRoleQualification(
200		BusinessObject primaryBusinessObjectOrDocument) {
201	0	return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
202		.getUserSession().getPerson().getPrincipalId());
203		}
204
205		protected final Map<String, String> getRoleQualification(
206		Object primaryDataObjectOrDocument, String principalId) {
207	0	Map<String, String> roleQualification = new HashMap<String, String>();
208	0	addRoleQualification(primaryDataObjectOrDocument,
209		roleQualification);
210	0	roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
211	0	return roleQualification;
212		}
213
214
215		/**
216		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
217		*/
218		public Map<String, String> getCollectionItemPermissionDetails(
219		BusinessObject collectionItemBusinessObject) {
220	0	return new AttributeSet();
221		}
222
223		/**
224		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
225		*/
226		public Map<String, String> getCollectionItemRoleQualifications(
227		BusinessObject collectionItemBusinessObject) {
228	0	return new AttributeSet();
229		}
230
231		/**
232		* Returns a permission details map based off data from the primary business
233		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
234		*
235		* @param primaryBusinessObjectOrDocument
236		* the primary business object (i.e. the main BO instance behind
237		* the lookup result row or inquiry) or the document
238		* @return a Map containing permission details
239		*/
240		protected final Map<String, String> getPermissionDetailValues(
241		Object dataObject) {
242	0	Map<String, String> permissionDetails = new HashMap<String, String>();
243	0	addPermissionDetails(dataObject, permissionDetails);
244	0	return permissionDetails;
245		}
246
247		protected static final IdentityManagementService getIdentityManagementService() {
248	0	if (identityManagementService == null) {
249	0	identityManagementService = KimApiServiceLocator
250		.getIdentityManagementService();
251		}
252	0	return identityManagementService;
253		}
254
255		protected static final PersonService getPersonService() {
256	0	if (personService == null) {
257	0	personService = KimApiServiceLocator.getPersonService();
258		}
259	0	return personService;
260		}
261
262		protected static final KualiModuleService getKualiModuleService() {
263	0	if (kualiModuleService == null) {
264	0	kualiModuleService = KNSServiceLocatorWeb.getKualiModuleService();
265		}
266	0	return kualiModuleService;
267		}
268
269		protected static final DataDictionaryService getDataDictionaryService() {
270	0	if (dataDictionaryService == null) {
271	0	dataDictionaryService = KNSServiceLocatorWeb
272		.getDataDictionaryService();
273		}
274	0	return dataDictionaryService;
275		}
276		}