Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.kuali.rice.kim.impl.permission
Class PermissionServiceImpl

java.lang.Object
  extended by org.kuali.rice.kim.impl.permission.PermissionServiceBase
      extended by org.kuali.rice.kim.impl.permission.PermissionServiceImpl
All Implemented Interfaces:
PermissionService
public class PermissionServiceImpl
extends PermissionServiceBase
implements PermissionService

This is a description of what this class does - jonathan don't forget to fill this in.

Author:
Kuali Rice Team (rice.collab@kuali.org)

Field Summary
 
Fields inherited from class org.kuali.rice.kim.impl.permission.PermissionServiceBase
businessObjectService, criteriaLookupService, DEFAULT_PERMISSION_TYPE_SERVICE
 
Constructor Summary
PermissionServiceImpl()
           
 
Method Summary
 Permission createPermission(Permission permission)
          This will create a Permission exactly like the permission passed in.
 List<Template> getAllTemplates()
          Return all Permission Templates.
 List<Permission> getAuthorizedPermissions(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Returns permissions (with their details) that are granted to the principal given the passed qualification.
 List<Permission> getAuthorizedPermissionsByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Returns permissions (with their details) that are granted to the principal given the passed qualification.
protected  List<Permission> getMatchingPermissions(List<PermissionBo> permissions, Map<String,String> permissionDetails)
          Compare each of the passed in permissions with the given permissionDetails.
 Permission getPermission(String permissionId)
          Get the permission object with the given ID.
 List<Assignee> getPermissionAssignees(String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Get the list of principals/groups who have a given permission.
 List<Assignee> getPermissionAssigneesForTemplateName(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Get the list of principals/groups who have a given permission that match the given permission template and permission details.
protected  PermissionBo getPermissionBoByName(String namespaceCode, String permissionName)
           
 Permission getPermissionByName(String namespaceCode, String permissionName)
          Get the Permission object with the unique combination of namespace and permission name.
 PermissionDao getPermissionDao()
           
 String getPermissionDetailLabel(String permissionId, String kimTypeId, String attributeName)
          Returns the label of the permission detail for the given permissionId, kimType and attributeName.
protected  PermissionBo getPermissionImpl(String permissionId)
           
protected  List<PermissionBo> getPermissionImplsByName(String namespaceCode, String permissionName)
           
protected  List<PermissionBo> getPermissionImplsByNameIncludingInactive(String namespaceCode, String permissionName)
           
protected  List<PermissionBo> getPermissionImplsByTemplateName(String namespaceCode, String permissionTemplateName)
           
 List<Permission> getPermissionsByName(String namespaceCode, String permissionName)
          Return the permission object for the given unique combination of namespace, component and permission name.
 List<Permission> getPermissionsByNameIncludingInactive(String namespaceCode, String permissionName)
          Return the permission object for the given unique combination of namespace, component and permission name.
 List<Permission> getPermissionsByTemplateName(String namespaceCode, String permissionTemplateName)
          Return the permission object for the given unique combination of namespace, component and permission template name.
protected  List<Permission> getPermissionsForUser(String principalId, List<Permission> permissions, Map<String,String> qualification)
          Checks the list of permissions against the principal's roles and returns a subset of the list which match.
 Template getPermissionTemplate(String permissionTemplateId)
          Return the Permission Template given the Template ID.
 Template getPermissionTemplateByName(String namespaceCode, String permissionTemplateName)
          Return the Permission Template given the Template Name and Namespace Code.
protected  PermissionTypeService getPermissionTypeService(PermissionTemplateBo permissionTemplate)
           
protected  PermissionTypeService getPermissionTypeService(String namespaceCode, String permissionTemplateName, String permissionName, String permissionId)
           
protected  Map<String,PermissionTypeService> getPermissionTypeServicesByTemplateId(Collection<PermissionBo> permissions)
           
 List<String> getRoleIdsForPermission(String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Get the role IDs for the given permission.
 List<String> getRoleIdsForPermissionId(String permissionId)
          Get the role IDs for the given permission.
 List<String> getRoleIdsForPermissions(List<Permission> permissions)
          Get the role IDs for the given list of permissions.
protected  List<String> getRoleIdsForPermissionTemplate(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
           
protected  Map<String,List<Permission>> groupPermissionsByTemplate(Collection<PermissionBo> permissions)
           
 boolean hasPermission(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account.
 boolean hasPermissionByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
          Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account.
 boolean isAuthorized(String principalId, String namespaceCode, String permissionName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Checks whether the given qualified permission is granted to the principal given the passed roleQualification.
 boolean isAuthorizedByTemplateName(String principalId, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails, Map<String,String> qualification)
          Checks whether the given qualified permission is granted to the principal given the passed roleQualification.
 boolean isPermissionAssigned(String namespaceCode, String permissionName, Map<String,String> permissionDetails)
           
 boolean isPermissionDefined(String namespaceCode, String permissionName, Map<String,String> permissionDetails)
          Returns true if the given permission is defined on any Roles.
 boolean isPermissionDefinedForTemplateName(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
          Returns true if the given permission template is defined on any Roles.
 List<Permission> lookupPermissions(Map<String,String> searchCriteria, boolean unbounded)
          Search for permissions using arbitrary search criteria.
 void setBusinessObjectDictionaryService(BusinessObjectDictionaryService businessObjectDictionaryService)
          Sets the businessObjectDictionaryService attribute value.
 void setDataDictionaryService(DataDictionaryService dataDictionaryService)
          Sets the dataDictionaryService attribute value.
 void setDefaultPermissionTypeService(PermissionTypeService defaultPermissionTypeService)
          Sets the defaultPermissionTypeService attribute value.
 void setKimTypeInfoService(KimTypeInfoService kimTypeInfoService)
          Sets the kimTypeInfoService attribute value.
 void setPermissionDao(PermissionDao permissionDao)
           
 void setRoleService(RoleService roleService)
          Sets the roleService attribute value.
 Permission updatePermission(Permission permission)
          This will update a Permission.
 
Methods inherited from class org.kuali.rice.kim.impl.permission.PermissionServiceBase
setBusinessObjectService, setCriteriaLookupService
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

PermissionServiceImpl

public PermissionServiceImpl()
Method Detail

getPermissionTypeService

protected PermissionTypeService getPermissionTypeService(String namespaceCode,
                                                         String permissionTemplateName,
                                                         String permissionName,
                                                         String permissionId)

getPermissionTypeService

protected PermissionTypeService getPermissionTypeService(PermissionTemplateBo permissionTemplate)

hasPermission

public boolean hasPermission(String principalId,
                             String namespaceCode,
                             String permissionName,
                             Map<String,String> permissionDetails)
Description copied from interface: PermissionService
Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account. This method should not be used for true authorization checks since a principal may only have this permission within a given context. It could be used to identify that the user would have some permissions within a certain area. Later checks would identify exactly what permissions were granted. It can also be used when the client application KNOWS that this is a role which is never qualified.

Specified by:
hasPermission in interface PermissionService
See Also:
org.kuali.rice.kim.service.PermissionService#hasPermission(java.lang.String, String, java.lang.String, Map)

isAuthorized

public boolean isAuthorized(String principalId,
                            String namespaceCode,
                            String permissionName,
                            Map<String,String> permissionDetails,
                            Map<String,String> qualification)
Description copied from interface: PermissionService
Checks whether the given qualified permission is granted to the principal given the passed roleQualification. If no roleQualification is passed (null or empty) then this method behaves the same as #hasPermission(String, String, String, Map). Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined. Each permission is checked against the permissionDetails. The PermissionTypeService is called for each permission with the given permissionName to see if the permissionDetails matches its details.

Specified by:
isAuthorized in interface PermissionService

hasPermissionByTemplateName

public boolean hasPermissionByTemplateName(String principalId,
                                           String namespaceCode,
                                           String permissionTemplateName,
                                           Map<String,String> permissionDetails)
Description copied from interface: PermissionService
Checks whether the principal has been granted a permission matching the given details without taking role qualifiers into account. This method should not be used for true authorization checks since a principal may only have this permission within a given context. It could be used to identify that the user would have some permissions within a certain area. Later checks would identify exactly what permissions were granted. It can also be used when the client application KNOWS that this is a role which is never qualified.

Specified by:
hasPermissionByTemplateName in interface PermissionService

isAuthorizedByTemplateName

public boolean isAuthorizedByTemplateName(String principalId,
                                          String namespaceCode,
                                          String permissionTemplateName,
                                          Map<String,String> permissionDetails,
                                          Map<String,String> qualification)
Description copied from interface: PermissionService
Checks whether the given qualified permission is granted to the principal given the passed roleQualification. If no roleQualification is passed (null or empty) then this method behaves the same as #hasPermission(String, String, String, Map). Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined. Each permission is checked against the permissionDetails. The PermissionTypeService is called for each permission with the given permissionName to see if the permissionDetails matches its details.

Specified by:
isAuthorizedByTemplateName in interface PermissionService

getAuthorizedPermissions

public List<Permission> getAuthorizedPermissions(String principalId,
                                                 String namespaceCode,
                                                 String permissionName,
                                                 Map<String,String> permissionDetails,
                                                 Map<String,String> qualification)
Description copied from interface: PermissionService
Returns permissions (with their details) that are granted to the principal given the passed qualification. If no qualification is passed (null or empty) then this method does not check any qualifications on the roles. All permissions with the given name are checked against the permissionDetails. The PermissionTypeService is called for each permission to see if the permissionDetails matches its details. An asterisk (*) as a value in any permissionDetails key-value pair will match any value. This forms a way to provide a wildcard to obtain multiple permissions in one call. After the permissions are determined, the roles that hold those permissions are determined. Each role that matches between the principal and the permission objects is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked through the role's type service.

Specified by:
getAuthorizedPermissions in interface PermissionService

getAuthorizedPermissionsByTemplateName

public List<Permission> getAuthorizedPermissionsByTemplateName(String principalId,
                                                               String namespaceCode,
                                                               String permissionTemplateName,
                                                               Map<String,String> permissionDetails,
                                                               Map<String,String> qualification)
Description copied from interface: PermissionService
Returns permissions (with their details) that are granted to the principal given the passed qualification. If no qualification is passed (null or empty) then this method does not check any qualifications on the roles. All permissions with the given name are checked against the permissionDetails. The PermissionTypeService is called for each permission to see if the permissionDetails matches its details. An asterisk (*) as a value in any permissionDetails key-value pair will match any value. This forms a way to provide a wildcard to obtain multiple permissions in one call. After the permissions are determined, the roles that hold those permissions are determined. Each role that matches between the principal and the permission objects is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked through the role's type service.

Specified by:
getAuthorizedPermissionsByTemplateName in interface PermissionService

getPermissionsForUser

protected List<Permission> getPermissionsForUser(String principalId,
                                                 List<Permission> permissions,
                                                 Map<String,String> qualification)
Checks the list of permissions against the principal's roles and returns a subset of the list which match.

getPermissionTypeServicesByTemplateId

protected Map<String,PermissionTypeService> getPermissionTypeServicesByTemplateId(Collection<PermissionBo> permissions)

groupPermissionsByTemplate

protected Map<String,List<Permission>> groupPermissionsByTemplate(Collection<PermissionBo> permissions)

getMatchingPermissions

protected List<Permission> getMatchingPermissions(List<PermissionBo> permissions,
                                                  Map<String,String> permissionDetails)
Compare each of the passed in permissions with the given permissionDetails. Those that match are added to the result list.

getPermissionAssignees

public List<Assignee> getPermissionAssignees(String namespaceCode,
                                             String permissionName,
                                             Map<String,String> permissionDetails,
                                             Map<String,String> qualification)
Description copied from interface: PermissionService
Get the list of principals/groups who have a given permission. This also returns delegates for the given principals/groups who also have this permission given the context in the qualification parameter. Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined.

Specified by:
getPermissionAssignees in interface PermissionService

getPermissionAssigneesForTemplateName

public List<Assignee> getPermissionAssigneesForTemplateName(String namespaceCode,
                                                            String permissionTemplateName,
                                                            Map<String,String> permissionDetails,
                                                            Map<String,String> qualification)
Description copied from interface: PermissionService
Get the list of principals/groups who have a given permission that match the given permission template and permission details. This also returns delegates for the given principals/groups who also have this permission given the context in the qualification parameter. Each role assigned to the principal is checked for qualifications. If a qualifier exists on the principal's membership in that role, that is checked first through the role's type service. Once it is determined that the principal has the role in the given context (qualification), the permissions are examined.

Specified by:
getPermissionAssigneesForTemplateName in interface PermissionService

isPermissionAssigned

public boolean isPermissionAssigned(String namespaceCode,
                                    String permissionName,
                                    Map<String,String> permissionDetails)

isPermissionDefined

public boolean isPermissionDefined(String namespaceCode,
                                   String permissionName,
                                   Map<String,String> permissionDetails)
Description copied from interface: PermissionService
Returns true if the given permission is defined on any Roles.

Specified by:
isPermissionDefined in interface PermissionService

isPermissionDefinedForTemplateName

public boolean isPermissionDefinedForTemplateName(String namespaceCode,
                                                  String permissionTemplateName,
                                                  Map<String,String> permissionDetails)
Description copied from interface: PermissionService
Returns true if the given permission template is defined on any Roles.

Specified by:
isPermissionDefinedForTemplateName in interface PermissionService

getRoleIdsForPermission

public List<String> getRoleIdsForPermission(String namespaceCode,
                                            String permissionName,
                                            Map<String,String> permissionDetails)
Description copied from interface: PermissionService
Get the role IDs for the given permission.

Specified by:
getRoleIdsForPermission in interface PermissionService

getRoleIdsForPermissionTemplate

protected List<String> getRoleIdsForPermissionTemplate(String namespaceCode,
                                                       String permissionTemplateName,
                                                       Map<String,String> permissionDetails)

getRoleIdsForPermissions

public List<String> getRoleIdsForPermissions(List<Permission> permissions)
Description copied from interface: PermissionService
Get the role IDs for the given list of permissions.

Specified by:
getRoleIdsForPermissions in interface PermissionService

getPermission

public Permission getPermission(String permissionId)
Description copied from interface: PermissionService
Get the permission object with the given ID.

Specified by:
getPermission in interface PermissionService
See Also:
PermissionService.getPermission(java.lang.String)

getPermissionsByTemplateName

public List<Permission> getPermissionsByTemplateName(String namespaceCode,
                                                     String permissionTemplateName)
Description copied from interface: PermissionService
Return the permission object for the given unique combination of namespace, component and permission template name.

Specified by:
getPermissionsByTemplateName in interface PermissionService
See Also:
PermissionService.getPermissionsByTemplateName(String, String)

getPermissionsByName

public List<Permission> getPermissionsByName(String namespaceCode,
                                             String permissionName)
Description copied from interface: PermissionService
Return the permission object for the given unique combination of namespace, component and permission name.

Specified by:
getPermissionsByName in interface PermissionService
See Also:
PermissionService.getPermissionsByName(String, String)

getPermissionImpl

protected PermissionBo getPermissionImpl(String permissionId)

getPermissionImplsByTemplateName

protected List<PermissionBo> getPermissionImplsByTemplateName(String namespaceCode,
                                                              String permissionTemplateName)

getPermissionImplsByName

protected List<PermissionBo> getPermissionImplsByName(String namespaceCode,
                                                      String permissionName)

getPermissionDao

public PermissionDao getPermissionDao()

setPermissionDao

public void setPermissionDao(PermissionDao permissionDao)

lookupPermissions

public List<Permission> lookupPermissions(Map<String,String> searchCriteria,
                                          boolean unbounded)
Description copied from interface: PermissionService
Search for permissions using arbitrary search criteria. JavaBeans property syntax should be used to reference the properties. If the searchCriteria parameter is null or empty, an empty list will be returned.

Specified by:
lookupPermissions in interface PermissionService

getPermissionDetailLabel

public String getPermissionDetailLabel(String permissionId,
                                       String kimTypeId,
                                       String attributeName)
Description copied from interface: PermissionService
Returns the label of the permission detail for the given permissionId, kimType and attributeName.

Specified by:
getPermissionDetailLabel in interface PermissionService

getPermissionTemplate

public Template getPermissionTemplate(String permissionTemplateId)
Description copied from interface: PermissionService
Return the Permission Template given the Template ID.

Specified by:
getPermissionTemplate in interface PermissionService
Returns:
PermissionTemplate
See Also:
PermissionService.getPermissionTemplate(java.lang.String)

getPermissionTemplateByName

public Template getPermissionTemplateByName(String namespaceCode,
                                            String permissionTemplateName)
Description copied from interface: PermissionService
Return the Permission Template given the Template Name and Namespace Code.

Specified by:
getPermissionTemplateByName in interface PermissionService
Returns:
PermissionTemplate
See Also:
PermissionService.getPermissionTemplateByName(java.lang.String, java.lang.String)

getAllTemplates

public List<Template> getAllTemplates()
Description copied from interface: PermissionService
Return all Permission Templates.

Specified by:
getAllTemplates in interface PermissionService
Returns:
PermissionTemplate

getRoleIdsForPermissionId

public List<String> getRoleIdsForPermissionId(String permissionId)
Description copied from interface: PermissionService
Get the role IDs for the given permission.

Specified by:
getRoleIdsForPermissionId in interface PermissionService

getPermissionsByNameIncludingInactive

public List<Permission> getPermissionsByNameIncludingInactive(String namespaceCode,
                                                              String permissionName)
Description copied from interface: PermissionService
Return the permission object for the given unique combination of namespace, component and permission name. Inactive permissions are also returned

Specified by:
getPermissionsByNameIncludingInactive in interface PermissionService

getPermissionImplsByNameIncludingInactive

protected List<PermissionBo> getPermissionImplsByNameIncludingInactive(String namespaceCode,
                                                                       String permissionName)

createPermission

public Permission createPermission(Permission permission)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: PermissionService
This will create a Permission exactly like the permission passed in.

Specified by:
createPermission in interface PermissionService
Parameters:
permission - the permission to create
Returns:
the id of the newly created object. will never be null.
Throws:
RiceIllegalArgumentException
RiceIllegalStateException
See Also:
PermissionService.createPermission(org.kuali.rice.kim.api.permission.Permission)

updatePermission

public Permission updatePermission(Permission permission)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: PermissionService
This will update a Permission.

Specified by:
updatePermission in interface PermissionService
Parameters:
permission - the permission to update
Throws:
RiceIllegalArgumentException
RiceIllegalStateException
See Also:
PermissionService.updatePermission(org.kuali.rice.kim.api.permission.Permission)

getPermissionByName

public Permission getPermissionByName(String namespaceCode,
                                      String permissionName)
Description copied from interface: PermissionService
Get the Permission object with the unique combination of namespace and permission name. If any parameter is blank, this method returns null.

Specified by:
getPermissionByName in interface PermissionService

getPermissionBoByName

protected PermissionBo getPermissionBoByName(String namespaceCode,
                                             String permissionName)

setDataDictionaryService

public void setDataDictionaryService(DataDictionaryService dataDictionaryService)
Sets the dataDictionaryService attribute value.

Parameters:
dataDictionaryService - The dataDictionaryService to set.

setKimTypeInfoService

public void setKimTypeInfoService(KimTypeInfoService kimTypeInfoService)
Sets the kimTypeInfoService attribute value.

Parameters:
kimTypeInfoService - The kimTypeInfoService to set.

setDefaultPermissionTypeService

public void setDefaultPermissionTypeService(PermissionTypeService defaultPermissionTypeService)
Sets the defaultPermissionTypeService attribute value.

Parameters:
defaultPermissionTypeService - The defaultPermissionTypeService to set.

setBusinessObjectDictionaryService

public void setBusinessObjectDictionaryService(BusinessObjectDictionaryService businessObjectDictionaryService)
Sets the businessObjectDictionaryService attribute value.

Parameters:
businessObjectDictionaryService - The businessObjectDictionaryService to set.

setRoleService

public void setRoleService(RoleService roleService)
Sets the roleService attribute value.

Parameters:
roleService - The roleService to set.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2011 The Kuali Foundation. All Rights Reserved.