Coverage Report

Coverage Report - org.kuali.rice.krad.authorization.BusinessObjectAuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

BusinessObjectAuthorizerBase

0/54

0/16

1.421

 /*
  * Copyright 2007-2009 The Kuali Foundation
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.krad.authorization;
 
 import java.util.HashMap;
 import java.util.Map;
 
 import org.kuali.rice.core.util.AttributeSet;
 import org.kuali.rice.kim.api.services.IdentityManagementService;
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 import org.kuali.rice.kim.service.PersonService;
 import org.kuali.rice.kim.util.KimConstants;
 import org.kuali.rice.krad.bo.BusinessObject;
 import org.kuali.rice.krad.service.DataDictionaryService;
 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
 import org.kuali.rice.krad.service.KualiModuleService;
 import org.kuali.rice.krad.service.PersistenceStructureService;
 import org.kuali.rice.krad.util.GlobalVariables;
 import org.kuali.rice.krad.util.KRADUtils;
 
 public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
 //        private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
 //                        .getLogger(BusinessObjectAuthorizerBase.class);
 
         private static IdentityManagementService identityManagementService;
         private static PersonService personService;
         private static KualiModuleService kualiModuleService;
         private static DataDictionaryService dataDictionaryService;
         private static PersistenceStructureService persistenceStructureService;
 
         /**
          * Override this method to populate the role qualifier attributes from the
          * primary business object or document. This will only be called once per
          * request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            role qualifiers will be added to this map
          */
         protected void addRoleQualification(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryDataObjectOrDocument, attributes);
         }
 
         /**
          * Override this method to populate the permission details from the primary
          * business object or document. This will only be called once per request.
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            permission details will be added to this map
          */
         protected void addPermissionDetails(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 addStandardAttributes(primaryDataObjectOrDocument, attributes);
         }
 
         /**
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @param attributes
          *            attributes (i.e. role qualifications or permission details)
          *            will be added to this map
          */
         private void addStandardAttributes(
                         Object primaryDataObjectOrDocument,
                         Map<String, String> attributes) {
                 attributes
                                 .putAll(KRADUtils
                                                 .getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument.getClass()));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(
                                                 namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(
                                                                 getPermissionDetailValues(businessObject)));
         }
 
         protected final boolean permissionExistsByTemplate(String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName,
                                                 new AttributeSet(permissionDetails));
         }
 
         protected final boolean permissionExistsByTemplate(
                         BusinessObject businessObject, String namespaceCode,
                         String permissionTemplateName, Map<String, String> permissionDetails) {
                 AttributeSet combinedPermissionDetails = new AttributeSet(
                                 getPermissionDetailValues(businessObject));
                 combinedPermissionDetails.putAll(permissionDetails);
                 return getIdentityManagementService()
                                 .isPermissionDefinedForTemplateName(namespaceCode,
                                                 permissionTemplateName, combinedPermissionDetails);
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId) {
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName,
                                 new AttributeSet(getPermissionDetailValues(businessObject)),
                                 new AttributeSet(getRoleQualification(businessObject, principalId)));
         }
 
         public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId) {
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 new AttributeSet(getPermissionDetailValues(dataObject)),
                                 new AttributeSet(getRoleQualification(dataObject, principalId)));
         }
 
         public final boolean isAuthorized(BusinessObject businessObject,
                         String namespaceCode, String permissionName, String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = null;
                 AttributeSet permissionDetails = null;
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 } else {
                         roleQualifiers = new AttributeSet(
                                         getRoleQualification(businessObject, principalId));
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 } else {
                         permissionDetails = new AttributeSet(
                                         getPermissionDetailValues(businessObject));
                 }
                 
                 return getIdentityManagementService().isAuthorized(principalId,
                                 namespaceCode, permissionName, permissionDetails,
                                 roleQualifiers);
         }
 
         public final boolean isAuthorizedByTemplate(Object dataObject,
                         String namespaceCode, String permissionTemplateName,
                         String principalId,
                         Map<String, String> collectionOrFieldLevelPermissionDetails,
                         Map<String, String> collectionOrFieldLevelRoleQualification) {
                 AttributeSet roleQualifiers = new AttributeSet(
                                 getRoleQualification(dataObject, principalId));
                 AttributeSet permissionDetails = new AttributeSet(
                                 getPermissionDetailValues(dataObject));
                 if (collectionOrFieldLevelRoleQualification != null) {
                         roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
                 }
                 if (collectionOrFieldLevelPermissionDetails != null) {
                         permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
                 }
                 
                 return getIdentityManagementService().isAuthorizedByTemplateName(
                                 principalId, namespaceCode, permissionTemplateName,
                                 permissionDetails, roleQualifiers);
         }
 
         /**
          * Returns a role qualification map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing role qualifications
          */
         protected final Map<String, String> getRoleQualification(
                         BusinessObject primaryBusinessObjectOrDocument) {
                 return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
                                         .getUserSession().getPerson().getPrincipalId());
         }
         
         protected final Map<String, String> getRoleQualification(
                         Object primaryDataObjectOrDocument, String principalId) {
                         Map<String, String> roleQualification = new HashMap<String, String>();
                         addRoleQualification(primaryDataObjectOrDocument,
                                         roleQualification);
                         roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
                 return roleQualification;
         }
 
 
         /**
          * @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemPermissionDetails(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject)
          */
         public Map<String, String> getCollectionItemRoleQualifications(
                         BusinessObject collectionItemBusinessObject) {
                 return new AttributeSet();
         }
 
         /**
          * Returns a permission details map based off data from the primary business
          * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
          * 
          * @param primaryBusinessObjectOrDocument
          *            the primary business object (i.e. the main BO instance behind
          *            the lookup result row or inquiry) or the document
          * @return a Map containing permission details
          */
         protected final Map<String, String> getPermissionDetailValues(
                         Object dataObject) {
                 Map<String, String> permissionDetails = new HashMap<String, String>();
                 addPermissionDetails(dataObject, permissionDetails);
                 return permissionDetails;
         }
 
         protected static final IdentityManagementService getIdentityManagementService() {
                 if (identityManagementService == null) {
                         identityManagementService = KimApiServiceLocator
                                         .getIdentityManagementService();
                 }
                 return identityManagementService;
         }
 
         protected static final PersonService getPersonService() {
                 if (personService == null) {
                         personService = KimApiServiceLocator.getPersonService();
                 }
                 return personService;
         }
 
         protected static final KualiModuleService getKualiModuleService() {
                 if (kualiModuleService == null) {
                         kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
                 }
                 return kualiModuleService;
         }
 
         protected static final DataDictionaryService getDataDictionaryService() {
                 if (dataDictionaryService == null) {
                         dataDictionaryService = KRADServiceLocatorWeb
                                         .getDataDictionaryService();
                 }
                 return dataDictionaryService;
         }
 }

1		/*
2		* Copyright 2007-2009 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.krad.authorization;
17
18		import java.util.HashMap;
19		import java.util.Map;
20
21		import org.kuali.rice.core.util.AttributeSet;
22		import org.kuali.rice.kim.api.services.IdentityManagementService;
23		import org.kuali.rice.kim.api.services.KimApiServiceLocator;
24		import org.kuali.rice.kim.service.PersonService;
25		import org.kuali.rice.kim.util.KimConstants;
26		import org.kuali.rice.krad.bo.BusinessObject;
27		import org.kuali.rice.krad.service.DataDictionaryService;
28		import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
29		import org.kuali.rice.krad.service.KualiModuleService;
30		import org.kuali.rice.krad.service.PersistenceStructureService;
31		import org.kuali.rice.krad.util.GlobalVariables;
32		import org.kuali.rice.krad.util.KRADUtils;
33
34	0	public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
35		// private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
36		// .getLogger(BusinessObjectAuthorizerBase.class);
37
38		private static IdentityManagementService identityManagementService;
39		private static PersonService personService;
40		private static KualiModuleService kualiModuleService;
41		private static DataDictionaryService dataDictionaryService;
42		private static PersistenceStructureService persistenceStructureService;
43
44		/**
45		* Override this method to populate the role qualifier attributes from the
46		* primary business object or document. This will only be called once per
47		* request.
48		*
49		* @param primaryBusinessObjectOrDocument
50		* the primary business object (i.e. the main BO instance behind
51		* the lookup result row or inquiry) or the document
52		* @param attributes
53		* role qualifiers will be added to this map
54		*/
55		protected void addRoleQualification(
56		Object primaryDataObjectOrDocument,
57		Map<String, String> attributes) {
58	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
59	0	}
60
61		/**
62		* Override this method to populate the permission details from the primary
63		* business object or document. This will only be called once per request.
64		*
65		* @param primaryBusinessObjectOrDocument
66		* the primary business object (i.e. the main BO instance behind
67		* the lookup result row or inquiry) or the document
68		* @param attributes
69		* permission details will be added to this map
70		*/
71		protected void addPermissionDetails(
72		Object primaryDataObjectOrDocument,
73		Map<String, String> attributes) {
74	0	addStandardAttributes(primaryDataObjectOrDocument, attributes);
75	0	}
76
77		/**
78		* @param primaryBusinessObjectOrDocument
79		* the primary business object (i.e. the main BO instance behind
80		* the lookup result row or inquiry) or the document
81		* @param attributes
82		* attributes (i.e. role qualifications or permission details)
83		* will be added to this map
84		*/
85		private void addStandardAttributes(
86		Object primaryDataObjectOrDocument,
87		Map<String, String> attributes) {
88	0	attributes
89		.putAll(KRADUtils
90		.getNamespaceAndComponentSimpleName(primaryDataObjectOrDocument.getClass()));
91	0	}
92
93		protected final boolean permissionExistsByTemplate(
94		BusinessObject businessObject, String namespaceCode,
95		String permissionTemplateName) {
96	0	return getIdentityManagementService()
97		.isPermissionDefinedForTemplateName(
98		namespaceCode,
99		permissionTemplateName,
100		new AttributeSet(
101		getPermissionDetailValues(businessObject)));
102		}
103
104		protected final boolean permissionExistsByTemplate(String namespaceCode,
105		String permissionTemplateName, Map<String, String> permissionDetails) {
106	0	return getIdentityManagementService()
107		.isPermissionDefinedForTemplateName(namespaceCode,
108		permissionTemplateName,
109		new AttributeSet(permissionDetails));
110		}
111
112		protected final boolean permissionExistsByTemplate(
113		BusinessObject businessObject, String namespaceCode,
114		String permissionTemplateName, Map<String, String> permissionDetails) {
115	0	AttributeSet combinedPermissionDetails = new AttributeSet(
116		getPermissionDetailValues(businessObject));
117	0	combinedPermissionDetails.putAll(permissionDetails);
118	0	return getIdentityManagementService()
119		.isPermissionDefinedForTemplateName(namespaceCode,
120		permissionTemplateName, combinedPermissionDetails);
121		}
122
123		public final boolean isAuthorized(BusinessObject businessObject,
124		String namespaceCode, String permissionName, String principalId) {
125	0	return getIdentityManagementService().isAuthorized(principalId,
126		namespaceCode, permissionName,
127		new AttributeSet(getPermissionDetailValues(businessObject)),
128		new AttributeSet(getRoleQualification(businessObject, principalId)));
129		}
130
131		public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
132		String namespaceCode, String permissionTemplateName,
133		String principalId) {
134	0	return getIdentityManagementService().isAuthorizedByTemplateName(
135		principalId, namespaceCode, permissionTemplateName,
136		new AttributeSet(getPermissionDetailValues(dataObject)),
137		new AttributeSet(getRoleQualification(dataObject, principalId)));
138		}
139
140		public final boolean isAuthorized(BusinessObject businessObject,
141		String namespaceCode, String permissionName, String principalId,
142		Map<String, String> collectionOrFieldLevelPermissionDetails,
143		Map<String, String> collectionOrFieldLevelRoleQualification) {
144	0	AttributeSet roleQualifiers = null;
145	0	AttributeSet permissionDetails = null;
146	0	if (collectionOrFieldLevelRoleQualification != null) {
147	0	roleQualifiers = new AttributeSet(
148		getRoleQualification(businessObject, principalId));
149	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
150		} else {
151	0	roleQualifiers = new AttributeSet(
152		getRoleQualification(businessObject, principalId));
153		}
154	0	if (collectionOrFieldLevelPermissionDetails != null) {
155	0	permissionDetails = new AttributeSet(
156		getPermissionDetailValues(businessObject));
157	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
158		} else {
159	0	permissionDetails = new AttributeSet(
160		getPermissionDetailValues(businessObject));
161		}
162
163	0	return getIdentityManagementService().isAuthorized(principalId,
164		namespaceCode, permissionName, permissionDetails,
165		roleQualifiers);
166		}
167
168		public final boolean isAuthorizedByTemplate(Object dataObject,
169		String namespaceCode, String permissionTemplateName,
170		String principalId,
171		Map<String, String> collectionOrFieldLevelPermissionDetails,
172		Map<String, String> collectionOrFieldLevelRoleQualification) {
173	0	AttributeSet roleQualifiers = new AttributeSet(
174		getRoleQualification(dataObject, principalId));
175	0	AttributeSet permissionDetails = new AttributeSet(
176		getPermissionDetailValues(dataObject));
177	0	if (collectionOrFieldLevelRoleQualification != null) {
178	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
179		}
180	0	if (collectionOrFieldLevelPermissionDetails != null) {
181	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
182		}
183
184	0	return getIdentityManagementService().isAuthorizedByTemplateName(
185		principalId, namespaceCode, permissionTemplateName,
186		permissionDetails, roleQualifiers);
187		}
188
189		/**
190		* Returns a role qualification map based off data from the primary business
191		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
192		*
193		* @param primaryBusinessObjectOrDocument
194		* the primary business object (i.e. the main BO instance behind
195		* the lookup result row or inquiry) or the document
196		* @return a Map containing role qualifications
197		*/
198		protected final Map<String, String> getRoleQualification(
199		BusinessObject primaryBusinessObjectOrDocument) {
200	0	return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
201		.getUserSession().getPerson().getPrincipalId());
202		}
203
204		protected final Map<String, String> getRoleQualification(
205		Object primaryDataObjectOrDocument, String principalId) {
206	0	Map<String, String> roleQualification = new HashMap<String, String>();
207	0	addRoleQualification(primaryDataObjectOrDocument,
208		roleQualification);
209	0	roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
210	0	return roleQualification;
211		}
212
213
214		/**
215		* @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject)
216		*/
217		public Map<String, String> getCollectionItemPermissionDetails(
218		BusinessObject collectionItemBusinessObject) {
219	0	return new AttributeSet();
220		}
221
222		/**
223		* @see org.kuali.rice.krad.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject)
224		*/
225		public Map<String, String> getCollectionItemRoleQualifications(
226		BusinessObject collectionItemBusinessObject) {
227	0	return new AttributeSet();
228		}
229
230		/**
231		* Returns a permission details map based off data from the primary business
232		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
233		*
234		* @param primaryBusinessObjectOrDocument
235		* the primary business object (i.e. the main BO instance behind
236		* the lookup result row or inquiry) or the document
237		* @return a Map containing permission details
238		*/
239		protected final Map<String, String> getPermissionDetailValues(
240		Object dataObject) {
241	0	Map<String, String> permissionDetails = new HashMap<String, String>();
242	0	addPermissionDetails(dataObject, permissionDetails);
243	0	return permissionDetails;
244		}
245
246		protected static final IdentityManagementService getIdentityManagementService() {
247	0	if (identityManagementService == null) {
248	0	identityManagementService = KimApiServiceLocator
249		.getIdentityManagementService();
250		}
251	0	return identityManagementService;
252		}
253
254		protected static final PersonService getPersonService() {
255	0	if (personService == null) {
256	0	personService = KimApiServiceLocator.getPersonService();
257		}
258	0	return personService;
259		}
260
261		protected static final KualiModuleService getKualiModuleService() {
262	0	if (kualiModuleService == null) {
263	0	kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
264		}
265	0	return kualiModuleService;
266		}
267
268		protected static final DataDictionaryService getDataDictionaryService() {
269	0	if (dataDictionaryService == null) {
270	0	dataDictionaryService = KRADServiceLocatorWeb
271		.getDataDictionaryService();
272		}
273	0	return dataDictionaryService;
274		}
275		}