1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.rice.kim.rules.ui;
17
18 import org.apache.commons.lang.StringUtils;
19 import org.kuali.rice.core.api.uif.RemotableAttributeError;
20 import org.kuali.rice.core.api.util.RiceKeyConstants;
21 import org.kuali.rice.kim.api.KimConstants;
22 import org.kuali.rice.kim.bo.ui.KimDocumentRoleMember;
23 import org.kuali.rice.kim.document.IdentityManagementRoleDocument;
24 import org.kuali.rice.kim.document.rule.AttributeValidationHelper;
25 import org.kuali.rice.kim.framework.services.KimFrameworkServiceLocator;
26 import org.kuali.rice.kim.framework.type.KimTypeService;
27 import org.kuali.rice.kim.rule.event.ui.AddMemberEvent;
28 import org.kuali.rice.kim.rule.ui.AddMemberRule;
29 import org.kuali.rice.krad.rules.DocumentRuleBase;
30 import org.kuali.rice.krad.util.GlobalVariables;
31
32 import java.util.ArrayList;
33 import java.util.HashMap;
34 import java.util.List;
35 import java.util.Map;
36
37
38
39
40
41
42
43
44 public class KimDocumentMemberRule extends DocumentRuleBase implements AddMemberRule {
45
46 private static final String ERROR_PATH = "member.memberId";
47
48 protected AttributeValidationHelper attributeValidationHelper = new AttributeValidationHelper();
49
50 public boolean processAddMember(AddMemberEvent addMemberEvent){
51 KimDocumentRoleMember newMember = addMemberEvent.getMember();
52 IdentityManagementRoleDocument document = (IdentityManagementRoleDocument)addMemberEvent.getDocument();
53 boolean rulePassed = true;
54
55 if (newMember == null || StringUtils.isBlank(newMember.getMemberId())){
56 GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member"});
57 return false;
58 }
59 if(!validAssignRole(newMember, document)) {
60 return false;
61 }
62 List<RemotableAttributeError> validationErrors = new ArrayList<RemotableAttributeError>();
63 KimTypeService kimTypeService = KimFrameworkServiceLocator.getKimTypeService(document.getKimType());
64
65 Long newMemberFromTime = newMember.getActiveFromDate() == null ? 0L : newMember.getActiveFromDate().getTime();
66 Long newMemberToTime = newMember.getActiveToDate() == null ? Long.MAX_VALUE : newMember.getActiveToDate().getTime();
67
68 List<RemotableAttributeError> errorsAttributesAgainstExisting;
69 int i = 0;
70 Map<String, String> newMemberQualifiers;
71 Map<String, String> oldMemberQualifiers;
72 for (KimDocumentRoleMember member: document.getMembers()){
73 Long memberFromTime = member.getActiveFromDate() == null ? 0L : member.getActiveFromDate().getTime();
74 Long memberToTime = member.getActiveToDate() == null ? Long.MAX_VALUE : member.getActiveToDate().getTime();
75 newMemberQualifiers = attributeValidationHelper.convertQualifiersToMap(newMember.getQualifiers());
76 oldMemberQualifiers = attributeValidationHelper.convertQualifiersToMap(member.getQualifiers());
77 errorsAttributesAgainstExisting = kimTypeService.validateAttributesAgainstExisting(
78 document.getKimType().getId(), newMemberQualifiers, oldMemberQualifiers);
79 validationErrors.addAll(
80 attributeValidationHelper.convertErrorsForMappedFields(ERROR_PATH, errorsAttributesAgainstExisting));
81 if (!errorsAttributesAgainstExisting.isEmpty() && (member.getMemberId().equals(newMember.getMemberId()) &&
82 member.getMemberTypeCode().equals(newMember.getMemberTypeCode()))
83 && ((newMemberFromTime >= memberFromTime && newMemberFromTime < memberToTime)
84 || (newMemberToTime >= memberFromTime && newMemberToTime <= memberToTime))
85 ){
86 rulePassed = false;
87 GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_DUPLICATE_ENTRY, new String[] {"Member"});
88 break;
89 }
90 i++;
91 }
92
93 if ( kimTypeService != null && !newMember.isRole()) {
94 List<RemotableAttributeError> localErrors = kimTypeService.validateAttributes( document.getKimType().getId(), attributeValidationHelper.convertQualifiersToMap( newMember.getQualifiers() ) );
95 validationErrors.addAll( attributeValidationHelper.convertErrors("member",
96 attributeValidationHelper.convertQualifiersToAttrIdxMap(newMember.getQualifiers()), localErrors) );
97 }
98 if (!validationErrors.isEmpty()) {
99 attributeValidationHelper.moveValidationErrorsToErrorMap(validationErrors);
100 rulePassed = false;
101 }
102
103 return rulePassed;
104 }
105
106 protected boolean validAssignRole(KimDocumentRoleMember roleMember, IdentityManagementRoleDocument document){
107 boolean rulePassed = true;
108 if(StringUtils.isNotEmpty(document.getRoleNamespace())){
109 Map<String,String> roleDetails = new HashMap<String,String>();
110 roleDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, document.getRoleNamespace());
111 roleDetails.put(KimConstants.AttributeConstants.ROLE_NAME, document.getRoleName());
112 if (!getDocumentDictionaryService().getDocumentAuthorizer(document).isAuthorizedByTemplate(
113 document,
114 KimConstants.NAMESPACE_CODE,
115 KimConstants.PermissionTemplateNames.ASSIGN_ROLE,
116 GlobalVariables.getUserSession().getPerson().getPrincipalId(),
117 roleDetails, null)){
118 GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_ROLE,
119 new String[] {document.getRoleNamespace(), document.getRoleName()});
120 rulePassed = false;
121 }
122 }
123 return rulePassed;
124 }
125
126 }