Coverage Report

Coverage Report - org.kuali.rice.krad.document.authorization.DocumentAuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

DocumentAuthorizerBase

0/93

0/82

3.933

 /*
  * Copyright 2007 The Kuali Foundation
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.krad.document.authorization;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.kuali.rice.kew.api.KewApiServiceLocator;
 import org.kuali.rice.kew.api.WorkflowDocument;
 import org.kuali.rice.kew.api.doctype.Process;
 import org.kuali.rice.kew.api.doctype.RoutePath;
 import org.kuali.rice.kew.util.KEWConstants;
 import org.kuali.rice.kim.bo.Person;
 import org.kuali.rice.kim.util.KimConstants;
 import org.kuali.rice.krad.bo.authorization.BusinessObjectAuthorizerBase;
 import org.kuali.rice.krad.document.Document;
 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
 import org.kuali.rice.krad.util.KRADConstants;
 
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 
 /**
  * DocumentAuthorizer containing common, reusable document-level authorization
  * code.
  */
 public class DocumentAuthorizerBase extends BusinessObjectAuthorizerBase
                 implements DocumentAuthorizer {
         protected static Log LOG = LogFactory.getLog(DocumentAuthorizerBase.class);
         public static final String PRE_ROUTING_ROUTE_NAME = "PreRoute";
         public static final String EDIT_MODE_DEFAULT_TRUE_VALUE = "TRUE";
         public static final String USER_SESSION_METHOD_TO_CALL_OBJECT_KEY = "METHOD_TO_CALL_KEYS_METHOD_OBJECT_KEY";
         public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_OBJECT_KEY = "METHOD_TO_CALL_KEYS_COMPLETE_OBJECT_KEY";
     public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_MARKER = "_EXITING";
 
         /**
          * Individual document families will need to reimplement this according to
          * their own needs; this version should be good enough to be usable during
          * initial development.
          */
         public Set<String> getDocumentActions(Document document, Person user,
                         Set<String> documentActions) {
                 if (LOG.isDebugEnabled()) {
                         LOG
                                         .debug("calling DocumentAuthorizerBase.getDocumentActionFlags for document '"
                                                         + document.getDocumentNumber()
                                                         + "'. user '"
                                                         + user.getPrincipalName() + "'");
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT)
                                 && !isAuthorizedByTemplate(document,
                                                 KRADConstants.KRAD_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.EDIT_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_COPY)
                                 && !isAuthorizedByTemplate(document,
                                                 KRADConstants.KRAD_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.COPY_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_COPY);
                 }
                 if (documentActions
                                 .contains(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE)
                                 && !isAuthorizedByTemplate(
                                                 document,
                                                 KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.BLANKET_APPROVE_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions
                                         .remove(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_CANCEL)
                                 && !isAuthorizedByTemplate(document,
                                                 KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.CANCEL_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_CANCEL);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_SAVE)
                                 && !isAuthorizedByTemplate(document,
                                                 KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.SAVE_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SAVE);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ROUTE)
                                 && !isAuthorizedByTemplate(document,
                                                 KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
                                                 KimConstants.PermissionTemplateNames.ROUTE_DOCUMENT,
                                                 user.getPrincipalId())) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ROUTE);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE)
                                 && !canTakeRequestedAction(document,
                                 KEWConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, user)) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_FYI) &&
                                 !canTakeRequestedAction(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_FYI);
                 }
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_APPROVE)
                                 || documentActions
                                                 .contains(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE)) {
                         if (!canTakeRequestedAction(document,
                                         KEWConstants.ACTION_REQUEST_APPROVE_REQ, user)) {
                                 documentActions.remove(KRADConstants.KUALI_ACTION_CAN_APPROVE);
                                 documentActions
                                                 .remove(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE);
                         }
                 }
                 
                 if ( !canSendAnyTypeAdHocRequests(document, user) ) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ADD_ADHOC_REQUESTS);
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_ADHOC_REQUESTS);
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
                 }
                 
                 if(documentActions
                                 .contains(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI)
                                 && !canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)){
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
                 }
                                 
                 if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ANNOTATE)
                                 && !documentActions
                                                 .contains(KRADConstants.KUALI_ACTION_CAN_EDIT)) {
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ANNOTATE);
                 }
                 if(documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT__DOCUMENT_OVERVIEW)
                                 &&!canEditDocumentOverview(document, user)){
                         documentActions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT__DOCUMENT_OVERVIEW);
                 }
                 return documentActions;
         }
 
         public final boolean canInitiate(String documentTypeName, Person user) {
                 String nameSpaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE;
                 Map<String, String> permissionDetails = new HashMap<String, String>();
                 permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
                                 documentTypeName);
                 return getPermissionService().isAuthorizedByTemplateName(
                                 user.getPrincipalId(), nameSpaceCode,
                                 KimConstants.PermissionTemplateNames.INITIATE_DOCUMENT,
                                 permissionDetails, null);
         }
 
         public final boolean canReceiveAdHoc(Document document, Person user,
                         String actionRequestCode) {
                 Map<String,String> additionalPermissionDetails = new HashMap<String, String>();
                 additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD, actionRequestCode);
                 return isAuthorizedByTemplate(document,
                                 KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.AD_HOC_REVIEW_DOCUMENT,
                                 user.getPrincipalId(), additionalPermissionDetails, null );
         }
 
         public final boolean canOpen(Document document, Person user) {
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.OPEN_DOCUMENT, user
                                                 .getPrincipalId());
         }
 
         public final boolean canAddNoteAttachment(Document document,
                         String attachmentTypeCode, Person user) {
                 Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
                 if (attachmentTypeCode != null) {
                         additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
                                         attachmentTypeCode);
                 }
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.ADD_NOTE_ATTACHMENT, user
                                                 .getPrincipalId(), additionalPermissionDetails, null);
         }
 
         public final boolean canDeleteNoteAttachment(Document document,
                         String attachmentTypeCode, String createdBySelfOnly, Person user) {
                 Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
                 if (attachmentTypeCode != null) {
                         additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
                                         attachmentTypeCode);
                 }
                 additionalPermissionDetails.put(KimConstants.AttributeConstants.CREATED_BY_SELF,
                                 createdBySelfOnly);
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.DELETE_NOTE_ATTACHMENT,
                                 user.getPrincipalId(), additionalPermissionDetails, null);
         }
 
         public final boolean canViewNoteAttachment(Document document,
                         String attachmentTypeCode, Person user) {
                 Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
                 if (attachmentTypeCode != null) {
                         additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
                                         attachmentTypeCode);
                 }
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.VIEW_NOTE_ATTACHMENT, user
                                                 .getPrincipalId(), additionalPermissionDetails, null);
         }
         
         public final boolean canSendAdHocRequests(Document document,
                         String actionRequestCd, Person user) {
                 Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
                 if (actionRequestCd != null) {
                         additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD,
                                         actionRequestCd);
                 }
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.SEND_AD_HOC_REQUEST, user
                                                 .getPrincipalId(), additionalPermissionDetails, null);
         }
         
         public boolean canEditDocumentOverview(Document document, Person user){
                 return isAuthorizedByTemplate(document,
                                 KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.EDIT_DOCUMENT,
                                 user.getPrincipalId()) && this.isDocumentInitiator(document, user);
         }
         
         protected final boolean canSendAnyTypeAdHocRequests(Document document, Person user) {
                 if(canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)) {
                     RoutePath routePath = KewApiServiceLocator.getDocumentTypeService().getRoutePathForDocumentTypeName(document.getDocumentHeader().getWorkflowDocument().getDocumentTypeName());
                     Process process = routePath.getPrimaryProcess();
                     if (process != null) {
                         if (process.getInitialRouteNode() == null) {
                             return false;
                         }
                     } else {
                         return false;
                     }
                         return true;
                 } else if(canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, user)){
                         return true;
                 }
                 return canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_APPROVE_REQ, user);
         }
 
         protected boolean canTakeRequestedAction(Document document,
                         String actionRequestCode, Person user) {
                 Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
                 additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD,
                                 actionRequestCode);
                 return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
                                 KimConstants.PermissionTemplateNames.TAKE_REQUESTED_ACTION,
                                 user.getPrincipalId(), additionalPermissionDetails, null);
         }
 
         @Override
         protected void addPermissionDetails(Object dataObject,
                         Map<String, String> attributes) {
                 super.addPermissionDetails(dataObject, attributes);
                 if (dataObject instanceof Document) {
                         addStandardAttributes((Document) dataObject, attributes);
                 }
         }
 
         @Override
         protected void addRoleQualification(Object dataObject,
                         Map<String, String> attributes) {
                 super.addRoleQualification(dataObject, attributes);
                 if (dataObject instanceof Document) {
                         addStandardAttributes((Document) dataObject, attributes);
                 }
         }
 
         protected void addStandardAttributes(Document document,
                         Map<String, String> attributes) {
             WorkflowDocument wd = document.getDocumentHeader()
                                 .getWorkflowDocument();
                 attributes.put(KimConstants.AttributeConstants.DOCUMENT_NUMBER, document
                                 .getDocumentNumber());
                 attributes.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME, wd.getDocumentTypeName());
                 if (wd.isInitiated() || wd.isSaved()) {
                         attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME,
                                         PRE_ROUTING_ROUTE_NAME);
                 } else {
                         attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME, KRADServiceLocatorWeb.getWorkflowDocumentService().getCurrentRouteNodeNames(wd));
                 }
                 attributes.put(KimConstants.AttributeConstants.ROUTE_STATUS_CODE, wd.getStatus().getCode());
         }
         
         protected boolean isDocumentInitiator(Document document, Person user) {
         WorkflowDocument workflowDocument = document.getDocumentHeader().getWorkflowDocument();
         return workflowDocument.getInitiatorPrincipalId().equalsIgnoreCase(user.getPrincipalId());
     }
 }

1		/*
2		* Copyright 2007 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.krad.document.authorization;
17
18		import org.apache.commons.logging.Log;
19		import org.apache.commons.logging.LogFactory;
20		import org.kuali.rice.kew.api.KewApiServiceLocator;
21		import org.kuali.rice.kew.api.WorkflowDocument;
22		import org.kuali.rice.kew.api.doctype.Process;
23		import org.kuali.rice.kew.api.doctype.RoutePath;
24		import org.kuali.rice.kew.util.KEWConstants;
25		import org.kuali.rice.kim.bo.Person;
26		import org.kuali.rice.kim.util.KimConstants;
27		import org.kuali.rice.krad.bo.authorization.BusinessObjectAuthorizerBase;
28		import org.kuali.rice.krad.document.Document;
29		import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
30		import org.kuali.rice.krad.util.KRADConstants;
31
32		import java.util.HashMap;
33		import java.util.Map;
34		import java.util.Set;
35
36		/**
37		* DocumentAuthorizer containing common, reusable document-level authorization
38		* code.
39		*/
40	0	public class DocumentAuthorizerBase extends BusinessObjectAuthorizerBase
41		implements DocumentAuthorizer {
42	0	protected static Log LOG = LogFactory.getLog(DocumentAuthorizerBase.class);
43		public static final String PRE_ROUTING_ROUTE_NAME = "PreRoute";
44		public static final String EDIT_MODE_DEFAULT_TRUE_VALUE = "TRUE";
45		public static final String USER_SESSION_METHOD_TO_CALL_OBJECT_KEY = "METHOD_TO_CALL_KEYS_METHOD_OBJECT_KEY";
46		public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_OBJECT_KEY = "METHOD_TO_CALL_KEYS_COMPLETE_OBJECT_KEY";
47		public static final String USER_SESSION_METHOD_TO_CALL_COMPLETE_MARKER = "_EXITING";
48
49		/**
50		* Individual document families will need to reimplement this according to
51		* their own needs; this version should be good enough to be usable during
52		* initial development.
53		*/
54		public Set<String> getDocumentActions(Document document, Person user,
55		Set<String> documentActions) {
56	0	if (LOG.isDebugEnabled()) {
57	0	LOG
58		.debug("calling DocumentAuthorizerBase.getDocumentActionFlags for document '"
59		+ document.getDocumentNumber()
60		+ "'. user '"
61		+ user.getPrincipalName() + "'");
62		}
63	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT)
64		&& !isAuthorizedByTemplate(document,
65		KRADConstants.KRAD_NAMESPACE,
66		KimConstants.PermissionTemplateNames.EDIT_DOCUMENT,
67		user.getPrincipalId())) {
68	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT);
69		}
70	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_COPY)
71		&& !isAuthorizedByTemplate(document,
72		KRADConstants.KRAD_NAMESPACE,
73		KimConstants.PermissionTemplateNames.COPY_DOCUMENT,
74		user.getPrincipalId())) {
75	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_COPY);
76		}
77	0	if (documentActions
78		.contains(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE)
79		&& !isAuthorizedByTemplate(
80		document,
81		KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
82		KimConstants.PermissionTemplateNames.BLANKET_APPROVE_DOCUMENT,
83		user.getPrincipalId())) {
84	0	documentActions
85		.remove(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE);
86		}
87	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_CANCEL)
88		&& !isAuthorizedByTemplate(document,
89		KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
90		KimConstants.PermissionTemplateNames.CANCEL_DOCUMENT,
91		user.getPrincipalId())) {
92	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_CANCEL);
93		}
94	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_SAVE)
95		&& !isAuthorizedByTemplate(document,
96		KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
97		KimConstants.PermissionTemplateNames.SAVE_DOCUMENT,
98		user.getPrincipalId())) {
99	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SAVE);
100		}
101	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ROUTE)
102		&& !isAuthorizedByTemplate(document,
103		KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
104		KimConstants.PermissionTemplateNames.ROUTE_DOCUMENT,
105		user.getPrincipalId())) {
106	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ROUTE);
107		}
108	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE)
109		&& !canTakeRequestedAction(document,
110		KEWConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, user)) {
111	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE);
112		}
113	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_FYI) &&
114		!canTakeRequestedAction(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)) {
115	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_FYI);
116		}
117	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_APPROVE)
118		\|\| documentActions
119		.contains(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE)) {
120	0	if (!canTakeRequestedAction(document,
121		KEWConstants.ACTION_REQUEST_APPROVE_REQ, user)) {
122	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_APPROVE);
123	0	documentActions
124		.remove(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE);
125		}
126		}
127
128	0	if ( !canSendAnyTypeAdHocRequests(document, user) ) {
129	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ADD_ADHOC_REQUESTS);
130	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_ADHOC_REQUESTS);
131	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
132		}
133
134	0	if(documentActions
135		.contains(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI)
136		&& !canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)){
137	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
138		}
139
140	0	if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_ANNOTATE)
141		&& !documentActions
142		.contains(KRADConstants.KUALI_ACTION_CAN_EDIT)) {
143	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_ANNOTATE);
144		}
145	0	if(documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT__DOCUMENT_OVERVIEW)
146		&&!canEditDocumentOverview(document, user)){
147	0	documentActions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT__DOCUMENT_OVERVIEW);
148		}
149	0	return documentActions;
150		}
151
152		public final boolean canInitiate(String documentTypeName, Person user) {
153	0	String nameSpaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE;
154	0	Map<String, String> permissionDetails = new HashMap<String, String>();
155	0	permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
156		documentTypeName);
157	0	return getPermissionService().isAuthorizedByTemplateName(
158		user.getPrincipalId(), nameSpaceCode,
159		KimConstants.PermissionTemplateNames.INITIATE_DOCUMENT,
160		permissionDetails, null);
161		}
162
163		public final boolean canReceiveAdHoc(Document document, Person user,
164		String actionRequestCode) {
165	0	Map<String,String> additionalPermissionDetails = new HashMap<String, String>();
166	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD, actionRequestCode);
167	0	return isAuthorizedByTemplate(document,
168		KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE,
169		KimConstants.PermissionTemplateNames.AD_HOC_REVIEW_DOCUMENT,
170		user.getPrincipalId(), additionalPermissionDetails, null );
171		}
172
173		public final boolean canOpen(Document document, Person user) {
174	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
175		KimConstants.PermissionTemplateNames.OPEN_DOCUMENT, user
176		.getPrincipalId());
177		}
178
179		public final boolean canAddNoteAttachment(Document document,
180		String attachmentTypeCode, Person user) {
181	0	Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
182	0	if (attachmentTypeCode != null) {
183	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
184		attachmentTypeCode);
185		}
186	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
187		KimConstants.PermissionTemplateNames.ADD_NOTE_ATTACHMENT, user
188		.getPrincipalId(), additionalPermissionDetails, null);
189		}
190
191		public final boolean canDeleteNoteAttachment(Document document,
192		String attachmentTypeCode, String createdBySelfOnly, Person user) {
193	0	Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
194	0	if (attachmentTypeCode != null) {
195	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
196		attachmentTypeCode);
197		}
198	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.CREATED_BY_SELF,
199		createdBySelfOnly);
200	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
201		KimConstants.PermissionTemplateNames.DELETE_NOTE_ATTACHMENT,
202		user.getPrincipalId(), additionalPermissionDetails, null);
203		}
204
205		public final boolean canViewNoteAttachment(Document document,
206		String attachmentTypeCode, Person user) {
207	0	Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
208	0	if (attachmentTypeCode != null) {
209	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ATTACHMENT_TYPE_CODE,
210		attachmentTypeCode);
211		}
212	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
213		KimConstants.PermissionTemplateNames.VIEW_NOTE_ATTACHMENT, user
214		.getPrincipalId(), additionalPermissionDetails, null);
215		}
216
217		public final boolean canSendAdHocRequests(Document document,
218		String actionRequestCd, Person user) {
219	0	Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
220	0	if (actionRequestCd != null) {
221	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD,
222		actionRequestCd);
223		}
224	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
225		KimConstants.PermissionTemplateNames.SEND_AD_HOC_REQUEST, user
226		.getPrincipalId(), additionalPermissionDetails, null);
227		}
228
229		public boolean canEditDocumentOverview(Document document, Person user){
230	0	return isAuthorizedByTemplate(document,
231		KRADConstants.KRAD_NAMESPACE,
232		KimConstants.PermissionTemplateNames.EDIT_DOCUMENT,
233		user.getPrincipalId()) && this.isDocumentInitiator(document, user);
234		}
235
236		protected final boolean canSendAnyTypeAdHocRequests(Document document, Person user) {
237	0	if(canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_FYI_REQ, user)) {
238	0	RoutePath routePath = KewApiServiceLocator.getDocumentTypeService().getRoutePathForDocumentTypeName(document.getDocumentHeader().getWorkflowDocument().getDocumentTypeName());
239	0	Process process = routePath.getPrimaryProcess();
240	0	if (process != null) {
241	0	if (process.getInitialRouteNode() == null) {
242	0	return false;
243		}
244		} else {
245	0	return false;
246		}
247	0	return true;
248	0	} else if(canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, user)){
249	0	return true;
250		}
251	0	return canSendAdHocRequests(document, KEWConstants.ACTION_REQUEST_APPROVE_REQ, user);
252		}
253
254		protected boolean canTakeRequestedAction(Document document,
255		String actionRequestCode, Person user) {
256	0	Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
257	0	additionalPermissionDetails.put(KimConstants.AttributeConstants.ACTION_REQUEST_CD,
258		actionRequestCode);
259	0	return isAuthorizedByTemplate(document, KRADConstants.KRAD_NAMESPACE,
260		KimConstants.PermissionTemplateNames.TAKE_REQUESTED_ACTION,
261		user.getPrincipalId(), additionalPermissionDetails, null);
262		}
263
264		@Override
265		protected void addPermissionDetails(Object dataObject,
266		Map<String, String> attributes) {
267	0	super.addPermissionDetails(dataObject, attributes);
268	0	if (dataObject instanceof Document) {
269	0	addStandardAttributes((Document) dataObject, attributes);
270		}
271	0	}
272
273		@Override
274		protected void addRoleQualification(Object dataObject,
275		Map<String, String> attributes) {
276	0	super.addRoleQualification(dataObject, attributes);
277	0	if (dataObject instanceof Document) {
278	0	addStandardAttributes((Document) dataObject, attributes);
279		}
280	0	}
281
282		protected void addStandardAttributes(Document document,
283		Map<String, String> attributes) {
284	0	WorkflowDocument wd = document.getDocumentHeader()
285		.getWorkflowDocument();
286	0	attributes.put(KimConstants.AttributeConstants.DOCUMENT_NUMBER, document
287		.getDocumentNumber());
288	0	attributes.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME, wd.getDocumentTypeName());
289	0	if (wd.isInitiated() \|\| wd.isSaved()) {
290	0	attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME,
291		PRE_ROUTING_ROUTE_NAME);
292		} else {
293	0	attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME, KRADServiceLocatorWeb.getWorkflowDocumentService().getCurrentRouteNodeNames(wd));
294		}
295	0	attributes.put(KimConstants.AttributeConstants.ROUTE_STATUS_CODE, wd.getStatus().getCode());
296	0	}
297
298		protected boolean isDocumentInitiator(Document document, Person user) {
299	0	WorkflowDocument workflowDocument = document.getDocumentHeader().getWorkflowDocument();
300	0	return workflowDocument.getInitiatorPrincipalId().equalsIgnoreCase(user.getPrincipalId());
301		}
302		}