001    /**
002     * Copyright 2005-2012 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.krad.lookup;
017    
018    import org.kuali.rice.core.api.exception.RiceRuntimeException;
019    import org.kuali.rice.kim.api.KimConstants;
020    import org.kuali.rice.kim.api.identity.Person;
021    import org.kuali.rice.krad.uif.view.View;
022    import org.kuali.rice.krad.uif.view.ViewAuthorizerBase;
023    import org.kuali.rice.krad.uif.view.ViewModel;
024    import org.kuali.rice.krad.util.KRADConstants;
025    import org.kuali.rice.krad.util.KRADUtils;
026    import org.kuali.rice.krad.web.form.LookupForm;
027    
028    import java.util.Map;
029    
030    /**
031     * Implementation of {@link org.kuali.rice.krad.uif.view.ViewAuthorizer} for
032     * {@link org.kuali.rice.krad.uif.view.LookupView} instances
033     *
034     * @author Kuali Rice Team (rice.collab@kuali.org)
035     */
036    public class LookupViewAuthorizerBase extends ViewAuthorizerBase {
037        private static final long serialVersionUID = 3755133641536256283L;
038    
039        /**
040         * Override to check the for permissions of type 'Look Up Records' in addition to the open view check
041         * done in super
042         */
043        @Override
044        public boolean canOpenView(View view, ViewModel model, Person user) {
045            boolean canOpen = super.canOpenView(view, model, user);
046    
047            if (canOpen) {
048                LookupForm lookupForm = (LookupForm) model;
049    
050                Map<String, String> additionalPermissionDetails;
051                try {
052                    additionalPermissionDetails = KRADUtils.getNamespaceAndComponentSimpleName(Class.forName(
053                            lookupForm.getDataObjectClassName()));
054                } catch (ClassNotFoundException e) {
055                    throw new RiceRuntimeException(
056                            "Unable to create class for lookup class name: " + lookupForm.getDataObjectClassName());
057                }
058    
059                if (permissionExistsByTemplate(model, KRADConstants.KNS_NAMESPACE,
060                        KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, additionalPermissionDetails)) {
061                    canOpen = isAuthorizedByTemplate(model, KRADConstants.KNS_NAMESPACE,
062                            KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, user.getPrincipalId(),
063                            additionalPermissionDetails, null);
064                }
065            }
066    
067            return canOpen;
068        }
069    }