View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kns.web.struts.action;
17  
18  import org.apache.commons.lang.ObjectUtils;
19  import org.apache.commons.lang.StringUtils;
20  import org.apache.struts.action.ActionForm;
21  import org.apache.struts.action.ActionForward;
22  import org.apache.struts.action.ActionMapping;
23  import org.apache.struts.actions.DispatchAction;
24  import org.kuali.rice.coreservice.framework.CoreFrameworkServiceLocator;
25  import org.kuali.rice.coreservice.framework.parameter.ParameterService;
26  import org.kuali.rice.core.api.CoreApiServiceLocator;
27  import org.kuali.rice.core.api.encryption.EncryptionService;
28  import org.kuali.rice.core.api.util.RiceConstants;
29  import org.kuali.rice.kew.api.KewApiConstants;
30  import org.kuali.rice.kim.api.KimConstants;
31  import org.kuali.rice.kim.api.services.KimApiServiceLocator;
32  import org.kuali.rice.kns.document.authorization.DocumentAuthorizerBase;
33  import org.kuali.rice.kns.lookup.LookupUtils;
34  import org.kuali.rice.kns.service.BusinessObjectAuthorizationService;
35  import org.kuali.rice.kns.service.KNSServiceLocator;
36  import org.kuali.rice.kns.util.KNSGlobalVariables;
37  import org.kuali.rice.kns.util.WebUtils;
38  import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase;
39  import org.kuali.rice.kns.web.struts.form.KualiForm;
40  import org.kuali.rice.kns.web.struts.form.LookupForm;
41  import org.kuali.rice.kns.web.struts.form.pojo.PojoForm;
42  import org.kuali.rice.kns.web.struts.form.pojo.PojoFormBase;
43  import org.kuali.rice.krad.bo.BusinessObject;
44  import org.kuali.rice.krad.exception.AuthorizationException;
45  import org.kuali.rice.krad.service.KRADServiceLocator;
46  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
47  import org.kuali.rice.krad.service.KualiModuleService;
48  import org.kuali.rice.krad.service.ModuleService;
49  import org.kuali.rice.krad.util.GlobalVariables;
50  import org.kuali.rice.krad.util.KRADConstants;
51  import org.kuali.rice.krad.util.KRADUtils;
52  import org.kuali.rice.krad.util.UrlFactory;
53  
54  import javax.servlet.http.HttpServletRequest;
55  import javax.servlet.http.HttpServletResponse;
56  import java.util.Arrays;
57  import java.util.Enumeration;
58  import java.util.HashMap;
59  import java.util.HashSet;
60  import java.util.Map;
61  import java.util.Properties;
62  import java.util.Set;
63  
64  /**
65   * <p>The base {@link org.apache.struts.action.Action} class for all KNS-based Actions. Extends from the standard 
66   * {@link org.apache.struts.actions.DispatchAction} which allows for a <i>methodToCall</i> request parameter to
67   * be used to indicate which method to invoke.</p>
68   * 
69   * <p>This Action overrides #execute to set methodToCall for image submits.  Also performs other setup
70   * required for KNS framework calls.</p>
71   *
72   * @author Kuali Rice Team (rice.collab@kuali.org)
73   */
74  public abstract class KualiAction extends DispatchAction {
75      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(KualiAction.class);
76  
77      private static KualiModuleService kualiModuleService = null;
78      private static BusinessObjectAuthorizationService businessObjectAuthorizationService = null;
79      private static EncryptionService encryptionService = null;
80      private static Boolean OUTPUT_ENCRYPTION_WARNING = null;
81      private static String applicationBaseUrl = null;
82      
83      private Set<String> methodToCallsToNotCheckAuthorization = new HashSet<String>();
84      
85      {
86      	methodToCallsToNotCheckAuthorization.add( "performLookup" );
87      	methodToCallsToNotCheckAuthorization.add( "performQuestion" );
88      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithInput" );
89      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithInputAgainBecauseOfErrors" );
90      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithoutInput" );
91      	methodToCallsToNotCheckAuthorization.add( "performWorkgroupLookup" );
92      }
93      
94      /**
95       * Entry point to all actions.
96       *
97       * NOTE: No need to hook into execute for handling framework setup anymore. Just implement the methodToCall for the framework
98       * setup, Constants.METHOD_REQUEST_PARAMETER will contain the full parameter, which can be sub stringed for getting framework
99       * parameters.
100      *
101      * @see org.apache.struts.action.Action#execute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm,
102      *      javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
103      */
104     public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
105         ActionForward returnForward = null;
106 
107         String methodToCall = findMethodToCall(form, request);
108         
109         if(isModuleLocked(form, methodToCall, request)) {
110         	return mapping.findForward(RiceConstants.MODULE_LOCKED_MAPPING);
111         }
112         
113         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) {
114             if (StringUtils.isNotBlank(getImageContext(request, KRADConstants.ANCHOR))) {
115                 ((KualiForm) form).setAnchor(getImageContext(request, KRADConstants.ANCHOR));
116             }
117             else if (StringUtils.isNotBlank(request.getParameter(KRADConstants.ANCHOR))) {
118                 ((KualiForm) form).setAnchor(request.getParameter(KRADConstants.ANCHOR));
119             }
120             else {
121                 ((KualiForm) form).setAnchor(KRADConstants.ANCHOR_TOP_OF_FORM);
122             }
123         }
124         // if found methodToCall, pass control to that method, else return the basic forward
125         if (StringUtils.isNotBlank(methodToCall)) {
126         	if ( LOG.isDebugEnabled() ) {
127         		LOG.debug("methodToCall: '" + methodToCall+"'");
128         	}
129             returnForward = dispatchMethod(mapping, form, request, response, methodToCall);
130         }
131         else {
132             returnForward = defaultDispatch(mapping, form, request, response);
133         }
134 
135         // make sure the user can do what they're trying to according to the module that owns the functionality
136         if ( !methodToCallsToNotCheckAuthorization.contains(methodToCall) ) {
137         	if ( LOG.isDebugEnabled() ) {
138         		LOG.debug( "'" + methodToCall + "' not in set of excempt methods: " + methodToCallsToNotCheckAuthorization);
139         	}
140         	checkAuthorization(form, methodToCall);
141         } else {
142         	if ( LOG.isDebugEnabled() ) {
143         		LOG.debug("'" + methodToCall + "' is exempt from auth checks." );
144         	}
145         }
146 
147         // Add the ActionForm to GlobalVariables
148         // This will allow developers to retrieve both the Document and any request parameters that are not
149         // part of the Form and make them available in ValueFinder classes and other places where they are needed.
150         if(KNSGlobalVariables.getKualiForm() == null) {
151         	KNSGlobalVariables.setKualiForm((KualiForm)form);
152         }
153 
154         return returnForward;
155     }
156     
157     /**
158      * When no methodToCall is specified, the defaultDispatch method is invoked.  Default implementation
159      * returns the "basic" ActionForward.
160      */
161     protected ActionForward defaultDispatch(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
162     	return mapping.findForward(RiceConstants.MAPPING_BASIC);
163     }
164 
165     @Override
166     protected ActionForward dispatchMethod(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String methodToCall) throws Exception {
167         GlobalVariables.getUserSession().addObject(DocumentAuthorizerBase.USER_SESSION_METHOD_TO_CALL_OBJECT_KEY, methodToCall);
168         return super.dispatchMethod(mapping, form, request, response, methodToCall);
169     }
170     
171     protected String findMethodToCall(ActionForm form, HttpServletRequest request) throws Exception {
172         String methodToCall;
173         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) {
174             methodToCall = ((KualiForm) form).getMethodToCall();
175         }
176         else {
177             // call utility method to parse the methodToCall from the request.
178             methodToCall = WebUtils.parseMethodToCall(form, request);
179         }
180         return methodToCall;
181     }
182 
183     /**
184      * Toggles the tab state in the ui
185      *
186      * @param mapping
187      * @param form
188      * @param request
189      * @param response
190      * @return
191      * @throws Exception
192      */
193     public ActionForward toggleTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
194         KualiForm kualiForm = (KualiForm) form;
195         String tabToToggle = getTabToToggle(request);
196         if (StringUtils.isNotBlank(tabToToggle)) {
197             if (kualiForm.getTabState(tabToToggle).equals("OPEN")) {
198             	kualiForm.getTabStates().remove(tabToToggle);
199             	kualiForm.getTabStates().put(tabToToggle, "CLOSE");
200             }
201             else {
202             	kualiForm.getTabStates().remove(tabToToggle);
203             	kualiForm.getTabStates().put(tabToToggle, "OPEN");
204             }
205         }
206 
207         doProcessingAfterPost( kualiForm, request );
208         return mapping.findForward(RiceConstants.MAPPING_BASIC);
209     }
210 
211     /**
212      * Toggles all tabs to open
213      *
214      * @param mapping
215      * @param form
216      * @param request
217      * @param response
218      * @return
219      * @throws Exception
220      */
221     public ActionForward showAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
222     	return this.doTabOpenOrClose(mapping, form, request, response, true);
223     }
224 
225     /**
226      * Toggles all tabs to closed
227      *
228      * @param mapping
229      * @param form
230      * @param request
231      * @param response
232      * @return
233      * @throws Exception
234      */
235     public ActionForward hideAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
236         return this.doTabOpenOrClose(mapping, form, request, response, false);
237     }
238     
239     /**
240      * 
241      * Toggles all tabs to open of closed depending on the boolean flag.
242      * 
243      * @param mapping the mapping
244      * @param form the form
245      * @param request the request
246      * @param response the response
247      * @param open whether to open of close the tabs
248      * @return the action forward
249      */
250     private ActionForward doTabOpenOrClose(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, boolean open) {
251         KualiForm kualiForm = (KualiForm) form;
252 
253         Map<String, String> tabStates = kualiForm.getTabStates();
254         Map<String, String> newTabStates = new HashMap<String, String>();
255         for (String tabKey: tabStates.keySet()) {
256         	newTabStates.put(tabKey, open ? "OPEN" : "CLOSE");
257         }
258         kualiForm.setTabStates(newTabStates);
259         doProcessingAfterPost( kualiForm, request );
260         return mapping.findForward(RiceConstants.MAPPING_BASIC);
261     }
262 
263     /**
264      * Default refresh method. Called from returning frameworks.
265      *
266      * @param mapping
267      * @param form
268      * @param request
269      * @param response
270      * @return
271      * @throws Exception
272      */
273     public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
274         return mapping.findForward(RiceConstants.MAPPING_BASIC);
275     }
276 
277 
278     /**
279      * Parses the method to call attribute to pick off the line number which should be deleted.
280      *
281      * @param request
282      * @return
283      */
284     protected int getLineToDelete(HttpServletRequest request) {
285         return getSelectedLine(request);
286     }
287 
288     /**
289      * Parses the method to call attribute to pick off the line number which should have an action performed on it.
290      *
291      * @param request
292      * @return
293      */
294     protected int getSelectedLine(HttpServletRequest request) {
295         int selectedLine = -1;
296         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
297         if (StringUtils.isNotBlank(parameterName)) {
298             String lineNumber = StringUtils.substringBetween(parameterName, ".line", ".");
299             selectedLine = Integer.parseInt(lineNumber);
300         }
301 
302         return selectedLine;
303     }
304 
305     /**
306      * Determines which tab was requested to be toggled
307      *
308      * @param request
309      * @return
310      */
311     protected String getTabToToggle(HttpServletRequest request) {
312         String tabToToggle = "";
313         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
314         if (StringUtils.isNotBlank(parameterName)) {
315             tabToToggle = StringUtils.substringBetween(parameterName, ".tab", ".");
316         }
317 
318         return tabToToggle;
319     }
320 
321     /**
322      * Retrieves the header tab to navigate to.
323      *
324      * @param request
325      * @return
326      */
327     protected String getHeaderTabNavigateTo(HttpServletRequest request) {
328         String headerTabNavigateTo = RiceConstants.MAPPING_BASIC;
329         String imageContext = getImageContext(request, KRADConstants.NAVIGATE_TO);
330         if (StringUtils.isNotBlank(imageContext)) {
331             headerTabNavigateTo = imageContext;
332         }
333         return headerTabNavigateTo;
334     }
335 
336     /**
337      * Retrieves the header tab dispatch.
338      *
339      * @param request
340      * @return
341      */
342     protected String getHeaderTabDispatch(HttpServletRequest request) {
343         String headerTabDispatch = null;
344         String imageContext = getImageContext(request, KRADConstants.HEADER_DISPATCH);
345         if (StringUtils.isNotBlank(imageContext)) {
346             headerTabDispatch = imageContext;
347         }
348         else {
349             // In some cases it might be in request params instead
350             headerTabDispatch = request.getParameter(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
351         }
352         return headerTabDispatch;
353     }
354 
355     /**
356      * Retrieves the image context
357      *
358      * @param request
359      * @param contextKey
360      * @return
361      */
362     protected String getImageContext(HttpServletRequest request, String contextKey) {
363         String imageContext = "";
364         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
365         if (StringUtils.isBlank(parameterName)) {
366             parameterName = request.getParameter("methodToCallPath");
367         }
368         if (StringUtils.isNotBlank(parameterName)) {
369             imageContext = StringUtils.substringBetween(parameterName, contextKey, ".");
370         }
371         return imageContext;
372     }
373 
374     protected String getReturnLocation(HttpServletRequest request, ActionMapping mapping) {
375     	String mappingPath = mapping.getPath();
376     	String basePath = getApplicationBaseUrl();
377         return basePath + ("/lookup".equals(mappingPath) || "/maintenance".equals(mappingPath) || "/multipleValueLookup".equals(mappingPath) ? "/kr" : "") + mappingPath + ".do";
378     }
379 
380     /**
381      * Retrieves the value of a parameter to be passed into the lookup or inquiry frameworks.  The default implementation of this method will attempt to look
382      * in the request to determine wheter the appropriate value exists as a request parameter.  If not, it will attempt to look through the form object to find
383      * the property.
384      * 
385      * @param boClass a class implementing boClass, representing the BO that will be looked up
386      * @param parameterName the name of the parameter
387      * @param parameterValuePropertyName the property (relative to the form object) where the value to be passed into the lookup/inquiry may be found
388      * @param form
389      * @param request
390      * @return
391      */
392     protected String retrieveLookupParameterValue(Class<? extends BusinessObject> boClass, String parameterName, String parameterValuePropertyName, ActionForm form, HttpServletRequest request) throws Exception {
393     	String value;
394     	if (StringUtils.contains(parameterValuePropertyName, "'")) {
395     		value = StringUtils.replace(parameterValuePropertyName, "'", "");
396     	} else if (request.getParameterMap().containsKey(parameterValuePropertyName)) {
397     		value = request.getParameter(parameterValuePropertyName);
398     	} else if (request.getParameterMap().containsKey(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName)) {
399             value = request.getParameter(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName);
400         } else {
401     		if (form instanceof KualiForm) {
402     			value = ((KualiForm) form).retrieveFormValueForLookupInquiryParameters(parameterName, parameterValuePropertyName);
403     		} else {
404 	    		if (LOG.isDebugEnabled()) {
405 	    			LOG.debug("Unable to retrieve lookup/inquiry parameter value for parameter name " + parameterName + " parameter value property " + parameterValuePropertyName);
406 	    		}
407 	    		value = null;
408     		}
409     	}
410     	
411     	if (value != null && boClass != null && getBusinessObjectAuthorizationService().attributeValueNeedsToBeEncryptedOnFormsAndLinks(boClass, parameterName)) {
412     		value = getEncryptionService().encrypt(value) + EncryptionService.ENCRYPTION_POST_PREFIX;
413     	}
414     	return value;
415     }
416     
417     /**
418      * Takes care of storing the action form in the User session and forwarding to the lookup action.
419      *
420      * @param mapping
421      * @param form
422      * @param request
423      * @param response
424      * @return
425      * @throws Exception
426      */
427     @SuppressWarnings("unchecked")
428 	public ActionForward performLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
429         // parse out the important strings from our methodToCall parameter
430         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
431         validateLookupInquiryFullParameter(request, form, fullParameter);
432         
433         KualiForm kualiForm = (KualiForm) form;
434         
435         // when we return from the lookup, our next request's method to call is going to be refresh
436         kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER);
437         
438         // parse out the baseLookupUrl if there is one
439         String baseLookupUrl = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM14_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM14_RIGHT_DEL);
440         
441         // parse out business object class name for lookup
442         String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL);
443         if (StringUtils.isBlank(boClassName)) {
444             throw new RuntimeException("Illegal call to perform lookup, no business object class name specified.");
445         }
446         Class boClass = null;
447 		try{
448 			boClass = Class.forName(boClassName);
449 		} catch(ClassNotFoundException cnfex){
450             throw new IllegalArgumentException("The classname (" + boClassName + ") does not represent a valid class which this application understands.");
451 		}
452 		
453         // build the parameters for the lookup url
454         Properties parameters = new Properties();
455         String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL);
456         if (StringUtils.isNotBlank(conversionFields)) {
457             parameters.put(KRADConstants.CONVERSION_FIELDS_PARAMETER, conversionFields);
458             
459             // register each of the destination parameters of the field conversion string as editable
460             String[] fieldConversions = conversionFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
461             for (String fieldConversion : fieldConversions) {
462             	String destination = fieldConversion.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2)[1];
463             	kualiForm.registerEditableProperty(destination);
464             }
465         }
466 
467         // pass values from form that should be pre-populated on lookup search
468         String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
469         if ( LOG.isDebugEnabled() ) {
470             LOG.debug( "fullParameter: " + fullParameter );
471             LOG.debug( "parameterFields: " + parameterFields );
472         }
473         if (StringUtils.isNotBlank(parameterFields)) {
474             String[] lookupParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
475             if ( LOG.isDebugEnabled() ) {
476             	 LOG.debug( "lookupParams: " + Arrays.toString(lookupParams) ); 
477             }
478             for (String lookupParam : lookupParams) {
479                 String[] keyValue = lookupParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
480                 if (keyValue.length != 2) {
481 					throw new RuntimeException("malformed field conversion pair: " + Arrays.toString(keyValue));
482 				} 
483 
484                 String lookupParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request);
485                 if (StringUtils.isNotBlank(lookupParameterValue)) {
486                 	parameters.put(keyValue[1], lookupParameterValue);
487                 }
488 
489                 if ( LOG.isDebugEnabled() ) {
490                     LOG.debug( "keyValue[0]: " + keyValue[0] );
491                     LOG.debug( "keyValue[1]: " + keyValue[1] );
492                 }
493             }
494         }
495 
496         // pass values from form that should be read-Only on lookup search
497         String readOnlyFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM8_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM8_RIGHT_DEL);
498         if (StringUtils.isNotBlank(readOnlyFields)) {
499             parameters.put(KRADConstants.LOOKUP_READ_ONLY_FIELDS, readOnlyFields);
500         }
501 
502         if ( LOG.isDebugEnabled() ) {
503             LOG.debug( "fullParameter: " + fullParameter );
504             LOG.debug( "readOnlyFields: " + readOnlyFields );
505         }
506 
507         // grab whether or not the "return value" link should be hidden or not
508         String hideReturnLink = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM3_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM3_RIGHT_DEL);
509         if (StringUtils.isNotBlank(hideReturnLink)) {
510             parameters.put(KRADConstants.HIDE_LOOKUP_RETURN_LINK, hideReturnLink);
511         }
512 
513         // add the optional extra button source and parameters string
514         String extraButtonSource = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM4_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM4_RIGHT_DEL);
515         if (StringUtils.isNotBlank(extraButtonSource)) {
516             parameters.put(KRADConstants.EXTRA_BUTTON_SOURCE, extraButtonSource);
517         }
518         String extraButtonParams = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM5_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM5_RIGHT_DEL);
519         if (StringUtils.isNotBlank(extraButtonParams)) {
520             parameters.put(KRADConstants.EXTRA_BUTTON_PARAMS, extraButtonParams);
521         }
522 
523         String lookupAction = KRADConstants.LOOKUP_ACTION;
524 
525         // is this a multi-value return?
526         boolean isMultipleValue = false;
527         String multipleValues = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM6_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM6_RIGHT_DEL);
528         if ((new Boolean(multipleValues).booleanValue())) {
529             parameters.put(KRADConstants.MULTIPLE_VALUE, multipleValues);
530             lookupAction = KRADConstants.MULTIPLE_VALUE_LOOKUP_ACTION;
531             isMultipleValue = true;
532         }
533 
534         // the name of the collection being looked up (primarily for multivalue lookups
535         String lookedUpCollectionName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM11_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM11_RIGHT_DEL);
536         if (StringUtils.isNotBlank(lookedUpCollectionName)) {
537             parameters.put(KRADConstants.LOOKED_UP_COLLECTION_NAME, lookedUpCollectionName);
538         }
539 
540         // grab whether or not the "supress actions" column should be hidden or not
541         String supressActions = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM7_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM7_RIGHT_DEL);
542         if (StringUtils.isNotBlank(supressActions)) {
543             parameters.put(KRADConstants.SUPPRESS_ACTIONS, supressActions);
544         }
545 
546         // grab the references that should be refreshed upon returning from the lookup
547         String referencesToRefresh = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM10_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM10_RIGHT_DEL);
548         if (StringUtils.isNotBlank(referencesToRefresh)) {
549             parameters.put(KRADConstants.REFERENCES_TO_REFRESH, referencesToRefresh);
550         }
551 
552         // anchor, if it exists
553         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) {
554             parameters.put(KRADConstants.LOOKUP_ANCHOR, ((KualiForm) form).getAnchor());
555         }
556 
557         // now add required parameters
558         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
559 
560         // pass value from form that shows if autoSearch is desired for lookup search
561         String autoSearch = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM9_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM9_RIGHT_DEL);
562 
563         if (StringUtils.isNotBlank(autoSearch)) {
564             parameters.put(KRADConstants.LOOKUP_AUTO_SEARCH, autoSearch);
565             if ("YES".equalsIgnoreCase(autoSearch)){
566                 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "search");
567             }
568         }
569 
570         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
571         parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName);
572 
573         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
574         
575     	if (form instanceof KualiDocumentFormBase) {
576     		String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
577 			if(docNum != null){
578 				parameters.put(KRADConstants.DOC_NUM, docNum);
579 			}
580 		}else if(form instanceof LookupForm){
581 			String docNum = ((LookupForm) form).getDocNum();
582 			if(docNum != null){
583 				parameters.put(KRADConstants.DOC_NUM, ((LookupForm) form).getDocNum());
584 			}
585     	}
586 
587     	if (boClass != null) {
588     		ModuleService responsibleModuleService = getKualiModuleService().getResponsibleModuleService(boClass);
589     		if(responsibleModuleService!=null && responsibleModuleService.isExternalizable(boClass)){
590     			Map<String, String> parameterMap = new HashMap<String, String>();
591     			Enumeration<Object> e = parameters.keys();
592     			while (e.hasMoreElements()) {
593     				String paramName = (String) e.nextElement();
594     				parameterMap.put(paramName, parameters.getProperty(paramName));
595     			}
596     			return new ActionForward(responsibleModuleService.getExternalizableBusinessObjectLookupUrl(boClass, parameterMap), true);
597     		}
598     	}
599 		
600     	if (StringUtils.isBlank(baseLookupUrl)) {
601     		baseLookupUrl = getApplicationBaseUrl() + "/kr/" + lookupAction;
602     	} else {
603     		if (isMultipleValue) {
604     			LookupUtils.transformLookupUrlToMultiple(baseLookupUrl);
605     		}
606     	}
607     	String lookupUrl = UrlFactory.parameterizeUrl(baseLookupUrl, parameters);
608         return new ActionForward(lookupUrl, true);
609     }
610 
611     protected void validateLookupInquiryFullParameter(HttpServletRequest request, ActionForm form, String fullParameter){
612     	PojoFormBase pojoFormBase = (PojoFormBase) form;
613         if(WebUtils.isFormSessionDocument((PojoFormBase) form)){
614         	if(!pojoFormBase.isPropertyEditable(fullParameter)) {
615         		throw new RuntimeException("The methodToCallAttribute is not registered as an editable property.");
616         	}
617         }
618     }
619     
620     @SuppressWarnings("unchecked")
621 	public ActionForward performInquiry(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
622         // parse out the important strings from our methodToCall parameter
623         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
624         validateLookupInquiryFullParameter(request, form, fullParameter);
625         
626         // when javascript is disabled, the inquiry will appear in the same window as the document.  when we close the inquiry, 
627         // our next request's method to call is going to be refresh
628         KualiForm kualiForm = (KualiForm) form;
629         kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER);
630         
631         // parse out business object class name for lookup
632         String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL);
633         if (StringUtils.isBlank(boClassName)) {
634             throw new RuntimeException("Illegal call to perform inquiry, no business object class name specified.");
635         }
636 
637         // build the parameters for the inquiry url
638         Properties parameters = new Properties();
639         parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName);
640 
641         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
642 
643         // pass values from form that should be pre-populated on inquiry
644         String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
645         if ( LOG.isDebugEnabled() ) {
646             LOG.debug( "fullParameter: " + fullParameter );
647             LOG.debug( "parameterFields: " + parameterFields );
648         }
649         if (StringUtils.isNotBlank(parameterFields)) {
650             // TODO : create a method for this to be used by both lookup & inquiry ?
651             String[] inquiryParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
652             if ( LOG.isDebugEnabled() ) {
653                 LOG.debug( "inquiryParams: " + inquiryParams );
654             }
655             Class<? extends BusinessObject> boClass = (Class<? extends BusinessObject>) Class.forName(boClassName);
656             for (String inquiryParam : inquiryParams) {
657                 String[] keyValue = inquiryParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
658 
659                 String inquiryParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request);
660                 if (inquiryParameterValue == null) {
661                 	parameters.put(keyValue[1], "directInquiryKeyNotSpecified");
662                 }
663                 else {
664                 	parameters.put(keyValue[1], inquiryParameterValue);
665                 }
666 
667                 if ( LOG.isDebugEnabled() ) {
668                     LOG.debug( "keyValue[0]: " + keyValue[0] );
669                     LOG.debug( "keyValue[1]: " + keyValue[1] );
670                 }
671             }
672         }
673         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
674         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
675         String inquiryUrl = null;
676         try {
677         	Class.forName(boClassName);
678         	inquiryUrl = getApplicationBaseUrl() + "/kr/" + KRADConstants.DIRECT_INQUIRY_ACTION;
679         } catch ( ClassNotFoundException ex ) {
680             // allow inquiry url to be null (and therefore no inquiry link will be displayed) but at least log a warning
681         	LOG.warn("Class name does not represent a valid class which this application understands: " + boClassName);
682         }
683         inquiryUrl = UrlFactory.parameterizeUrl(inquiryUrl, parameters);
684         return new ActionForward(inquiryUrl, true);
685 
686     }
687 
688     /**
689      * This method handles rendering the question component, but without any of the extra error fields
690      *
691      * @param mapping
692      * @param form
693      * @param request
694      * @param response
695      * @param questionId
696      * @param questionText
697      * @param questionType
698      * @param caller
699      * @param context
700      * @return ActionForward
701      * @throws Exception
702      */
703     protected ActionForward performQuestionWithoutInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception {
704         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, false, "", "", "", "");
705     }
706 
707     /**
708      * Handles rendering a question prompt - without a specified context.
709      *
710      * @param mapping
711      * @param form
712      * @param request
713      * @param response
714      * @param questionId
715      * @param questionText
716      * @param questionType
717      * @param caller
718      * @param context
719      * @return ActionForward
720      * @throws Exception
721      */
722     protected ActionForward performQuestionWithInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception {
723         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, "", "", "", "");
724     }
725 
726     /**
727      * Handles re-rendering a question prompt because of an error on what was submitted.
728      *
729      * @param mapping
730      * @param form
731      * @param request
732      * @param response
733      * @param questionId
734      * @param questionText
735      * @param questionType
736      * @param caller
737      * @param context
738      * @param reason
739      * @param errorKey
740      * @param errorPropertyName
741      * @param errorParameter
742      * @return ActionForward
743      * @throws Exception
744      */
745     protected ActionForward performQuestionWithInputAgainBecauseOfErrors(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception {
746         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, reason, errorKey, errorPropertyName, errorParameter);
747     }
748 
749     /**
750      * Handles rendering a question prompt - with a specified context.
751      *
752      * @param mapping
753      * @param form
754      * @param request
755      * @param response
756      * @param questionId
757      * @param questionText
758      * @param questionType
759      * @param caller
760      * @param context
761      * @param showReasonField
762      * @param reason
763      * @param errorKey
764      * @param errorPropertyName
765      * @param errorParameter
766      * @return ActionForward
767      * @throws Exception
768      */
769     private ActionForward performQuestion(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, boolean showReasonField, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception {
770         Properties parameters = new Properties();
771 
772         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
773         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
774         parameters.put(KRADConstants.CALLING_METHOD, caller);
775         parameters.put(KRADConstants.QUESTION_INST_ATTRIBUTE_NAME, questionId);
776         parameters.put(KRADConstants.QUESTION_IMPL_ATTRIBUTE_NAME, questionType);
777         parameters.put(KRADConstants.QUESTION_TEXT_ATTRIBUTE_NAME, questionText);
778         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
779         parameters.put(KRADConstants.QUESTION_CONTEXT, context);
780         parameters.put(KRADConstants.QUESTION_SHOW_REASON_FIELD, Boolean.toString(showReasonField));
781         parameters.put(KRADConstants.QUESTION_REASON_ATTRIBUTE_NAME, reason);
782         parameters.put(KRADConstants.QUESTION_ERROR_KEY, errorKey);
783         parameters.put(KRADConstants.QUESTION_ERROR_PROPERTY_NAME, errorPropertyName);
784         parameters.put(KRADConstants.QUESTION_ERROR_PARAMETER, errorParameter);
785         parameters.put(KRADConstants.QUESTION_ANCHOR, form instanceof KualiForm ? ObjectUtils.toString(((KualiForm) form).getAnchor()) : "");
786         Object methodToCallAttribute = request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
787         if (methodToCallAttribute != null) {
788             parameters.put(KRADConstants.METHOD_TO_CALL_PATH, methodToCallAttribute);
789             ((PojoForm) form).registerEditableProperty(String.valueOf(methodToCallAttribute));
790         }
791         
792     	if (form instanceof KualiDocumentFormBase) {
793     		String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
794     		if(docNum != null){
795     			parameters.put(KRADConstants.DOC_NUM, ((KualiDocumentFormBase) form)
796 					.getDocument().getDocumentNumber());
797     		}
798 		}
799 
800         String questionUrl = UrlFactory.parameterizeUrl(getApplicationBaseUrl() + "/kr/" + KRADConstants.QUESTION_ACTION, parameters);
801         return new ActionForward(questionUrl, true);
802     }
803 
804 
805     /**
806      * Takes care of storing the action form in the User session and forwarding to the workflow workgroup lookup action.
807      *
808      * @param mapping
809      * @param form
810      * @param request
811      * @param response
812      * @return
813      * @throws Exception
814      */
815     public ActionForward performWorkgroupLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
816     	String returnUrl = null;
817     	if ("/kr".equals(mapping.getModuleConfig().getPrefix())) {
818     		returnUrl = getApplicationBaseUrl() + mapping.getModuleConfig().getPrefix() + mapping.getPath() + ".do";
819     	} else {
820     		returnUrl = getApplicationBaseUrl() + mapping.getPath() + ".do";
821     	}
822 
823 
824         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
825         String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL);
826 
827         String deploymentBaseUrl = KRADServiceLocator.getKualiConfigurationService().getPropertyValueAsString(
828                 KRADConstants.WORKFLOW_URL_KEY);
829         String workgroupLookupUrl = deploymentBaseUrl + "/Lookup.do?lookupableImplServiceName=WorkGroupLookupableImplService&methodToCall=start&docFormKey=" + GlobalVariables.getUserSession().addObjectWithGeneratedKey(form);
830 
831         if (conversionFields != null) {
832             workgroupLookupUrl += "&conversionFields=" + conversionFields;
833         }
834     	if (form instanceof KualiDocumentFormBase) {
835 			workgroupLookupUrl +="&docNum="+ ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
836 		}
837     	
838         workgroupLookupUrl += "&returnLocation=" + returnUrl;
839 
840         return new ActionForward(workgroupLookupUrl, true);
841     }
842 
843     /**
844      * Handles requests that originate via Header Tabs.
845      *
846      * @param mapping
847      * @param form
848      * @param request
849      * @param response
850      * @return
851      * @throws Exception
852      */
853     public ActionForward headerTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
854         // header tab actions can do two things - 1, call into an action and perform what needs to happen in there and 2, forward to
855         // a new location.
856         String headerTabDispatch = getHeaderTabDispatch(request);
857         if (StringUtils.isNotEmpty(headerTabDispatch)) {
858             ActionForward forward = dispatchMethod(mapping, form, request, response, headerTabDispatch);
859             if (GlobalVariables.getMessageMap().getNumberOfPropertiesWithErrors() > 0) {
860                 return mapping.findForward(RiceConstants.MAPPING_BASIC);
861             }
862             this.doTabOpenOrClose(mapping, form, request, response, false);
863             if (forward.getRedirect()) {
864                 return forward;
865             }
866         }
867         return dispatchMethod(mapping, form, request, response, getHeaderTabNavigateTo(request));
868     }
869 
870     /**
871      * Override this method to provide action-level access controls to the application.
872      *
873      * @param form
874      * @throws AuthorizationException
875      */
876     protected void checkAuthorization( ActionForm form, String methodToCall) throws AuthorizationException 
877     {
878     	String principalId = GlobalVariables.getUserSession().getPrincipalId();
879     	Map<String, String> roleQualifier = new HashMap<String, String>(getRoleQualification(form, methodToCall));
880     	Map<String, String> permissionDetails = KRADUtils.getNamespaceAndActionClass(this.getClass());
881     	
882         if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId,
883                 KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails,
884                 roleQualifier))
885         {
886             throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(), 
887             		methodToCall,
888             		this.getClass().getSimpleName());
889         }
890     }
891     
892     /** 
893      * override this method to add data from the form for role qualification in the authorization check
894      */
895     protected Map<String,String> getRoleQualification(ActionForm form, String methodToCall) {
896     	return new HashMap<String,String>();
897     }
898 
899     protected static KualiModuleService getKualiModuleService() {
900         if ( kualiModuleService == null ) {
901             kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
902         }
903         return kualiModuleService;
904     }
905 
906     /**
907      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
908      * <p>Value is textAreaFieldName
909      */
910     public static final String TEXT_AREA_FIELD_NAME="textAreaFieldName";
911     /**
912      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
913      * <p>Value is textAreaFieldLabel
914     */
915     public static final String TEXT_AREA_FIELD_LABEL="textAreaFieldLabel";
916     /**
917      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
918      * <p>Value is textAreaReadOnly
919     */
920     public static final String TEXT_AREA_READ_ONLY="textAreaReadOnly";
921     /**
922      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
923      * <p>Value is textAreaFieldAnchor
924     */
925     public static final String TEXT_AREA_FIELD_ANCHOR="textAreaFieldAnchor";
926     /**
927      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
928      * <p>Value is textAreaFieldAnchor
929     */
930     public static final String TEXT_AREA_MAX_LENGTH="textAreaMaxLength";
931     /**
932      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
933      * <p>Value is htmlFormAction
934     */
935     public static final String FORM_ACTION="htmlFormAction";
936     /**
937      * Constant defined to match input parameter from URL and from TextArea.jsp.
938      * <p>Value is methodToCall
939     */
940     public static final String METHOD_TO_CALL="methodToCall";
941     /**
942      * Constant defined to match with global forwarding in struts-config.xml
943      * for Text Area Update.
944      * <p>Value is updateTextArea
945     */
946     public static final String FORWARD_TEXT_AREA_UPDATE="updateTextArea";
947     /**
948      * Constant defined to match with method to call in TextArea.jsp.
949      * <p>Value is postTextAreaToParent
950     */
951     public static final String POST_TEXT_AREA_TO_PARENT="postTextAreaToParent";
952     /**
953      * Constant defined to match with local forwarding in struts-config.xml
954      * for the parent of the Updated Text Area.
955      * <p>Value is forwardNext
956     */
957     public static final String FORWARD_NEXT="forwardNext";
958 
959     /**
960      * This method is invoked when Java Script is turned off from the web browser. It
961      * setup the information that the update text area requires for copying current text
962      * in the calling page text area and returning to the calling page. The information
963      * is passed to the JSP through Http Request attributes. All other parameters are
964      * forwarded 
965      *  
966      * @param mapping
967      * @param form
968      * @param request
969      * @param response
970      * @return
971      */
972     public ActionForward updateTextArea(ActionMapping mapping,
973             ActionForm form,
974             HttpServletRequest request,
975             HttpServletResponse response)  {
976         if (LOG.isTraceEnabled()) {
977             String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(),
978                     request.getRequestURI());
979             LOG.trace(lm);
980         }
981                                 
982         final String[] keyValue = getTextAreaParams(request);
983         
984         request.setAttribute(TEXT_AREA_FIELD_NAME, keyValue[0]);
985         request.setAttribute(FORM_ACTION,keyValue[1]);
986         request.setAttribute(TEXT_AREA_FIELD_LABEL,keyValue[2]);
987         request.setAttribute(TEXT_AREA_READ_ONLY,keyValue[3]);
988         request.setAttribute(TEXT_AREA_MAX_LENGTH,keyValue[4]);
989         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) {
990             request.setAttribute(TEXT_AREA_FIELD_ANCHOR,((KualiForm) form).getAnchor());
991         }
992         
993         // Set document related parameter
994         String docWebScope=(String)request.getAttribute(KRADConstants.DOCUMENT_WEB_SCOPE);
995         if (docWebScope != null && docWebScope.trim().length() >= 0) {
996             request.setAttribute(KRADConstants.DOCUMENT_WEB_SCOPE, docWebScope);
997         }
998 
999         request.setAttribute(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
1000         
1001         ActionForward forward=mapping.findForward(FORWARD_TEXT_AREA_UPDATE);
1002 
1003         if (LOG.isTraceEnabled()) {
1004             String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath());
1005             LOG.trace(lm);
1006         }
1007                         
1008         return forward;
1009     }
1010     
1011     /**
1012      * This method takes the {@link org.kuali.rice.krad.util.KRADConstants.METHOD_TO_CALL_ATTRIBUTE} out of the request
1013      * and parses it returning the required fields needed for a text area. The fields returned
1014      * are the following in this order.
1015      * <ol>
1016      * <li>{@link #TEXT_AREA_FIELD_NAME}</li>
1017      * <li>{@link #FORM_ACTION}</li>
1018      * <li>{@link #TEXT_AREA_FIELD_LABEL}</li>
1019      * <li>{@link #TEXT_AREA_READ_ONLY}</li>
1020      * <li>{@link #TEXT_AREA_MAX_LENGTH}</li>
1021      * </ol>
1022      * 
1023      * @param request the request to retrieve the textarea parameters
1024      * @return a string array holding the parsed fields
1025      */
1026     private String[] getTextAreaParams(HttpServletRequest request) {
1027         // parse out the important strings from our methodToCall parameter
1028         String fullParameter = (String) request.getAttribute(
1029                 KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
1030 
1031         // parse textfieldname:htmlformaction
1032         String parameterFields = StringUtils.substringBetween(fullParameter,
1033                 KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL,
1034                 KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
1035         if ( LOG.isDebugEnabled() ) {
1036             LOG.debug( "fullParameter: " + fullParameter );
1037             LOG.debug( "parameterFields: " + parameterFields );
1038         }
1039         String[] keyValue = null;
1040         if (StringUtils.isNotBlank(parameterFields)) {
1041             String[] textAreaParams = parameterFields.split(
1042                     KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
1043             if ( LOG.isDebugEnabled() ) {
1044                 LOG.debug( "lookupParams: " + textAreaParams );
1045             }
1046             for (final String textAreaParam : textAreaParams) {
1047                 keyValue = textAreaParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
1048 
1049                 if ( LOG.isDebugEnabled() ) {
1050                     LOG.debug( "keyValue[0]: " + keyValue[0] );
1051                     LOG.debug( "keyValue[1]: " + keyValue[1] );
1052                     LOG.debug( "keyValue[2]: " + keyValue[2] );
1053                     LOG.debug( "keyValue[3]: " + keyValue[3] );
1054                     LOG.debug( "keyValue[4]: " + keyValue[4] );
1055                 }
1056             }
1057         }
1058         
1059         return keyValue;
1060     }
1061     
1062     /**
1063      * This method is invoked from the TextArea.jsp for posting its value to the parent
1064      * page that called the extended text area page. The invocation is done through
1065      * Struts action. The default forwarding id is RiceContants.MAPPING_BASIC. This
1066      * can be overridden using the parameter key FORWARD_NEXT.
1067      * 
1068      * @param mapping
1069      * @param form
1070      * @param request
1071      * @param response
1072      * @return
1073      */
1074     public ActionForward postTextAreaToParent(ActionMapping mapping,
1075             ActionForm form,
1076             HttpServletRequest request,
1077             HttpServletResponse response) {
1078         
1079         if (LOG.isTraceEnabled()) {
1080             String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(),
1081                     request.getRequestURI());
1082             LOG.trace(lm);
1083         }
1084                         
1085         String forwardingId=request.getParameter(FORWARD_NEXT);
1086         if (forwardingId == null) {
1087             forwardingId=RiceConstants.MAPPING_BASIC;
1088         }
1089         ActionForward forward=mapping.findForward(forwardingId);
1090              
1091         if (LOG.isTraceEnabled()) {
1092             String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath());
1093             LOG.trace(lm);
1094         }
1095                         
1096         return forward;
1097     }
1098     
1099     /**
1100      * Use to add a methodToCall to the a list which will not have authorization checks.
1101      * This assumes that the call will be redirected (as in the case of a lookup) that will perform
1102      * the authorization.
1103      */
1104     protected final void addMethodToCallToUncheckedList( String methodToCall ) {
1105     	methodToCallsToNotCheckAuthorization.add(methodToCall);
1106     }
1107     
1108     /**
1109      * This method does all special processing on a document that should happen on each HTTP post (ie, save, route, approve, etc).
1110      */
1111     protected void doProcessingAfterPost( KualiForm form, HttpServletRequest request ) {
1112     	
1113     }
1114     
1115     protected BusinessObjectAuthorizationService getBusinessObjectAuthorizationService() {
1116     	if (businessObjectAuthorizationService == null) {
1117     		businessObjectAuthorizationService = KNSServiceLocator.getBusinessObjectAuthorizationService();
1118     	}
1119     	return businessObjectAuthorizationService;
1120     }
1121     
1122     protected EncryptionService getEncryptionService() {
1123     	if (encryptionService == null) {
1124     		encryptionService = CoreApiServiceLocator.getEncryptionService();
1125     	}
1126     	return encryptionService;
1127     }
1128 
1129 	public static String getApplicationBaseUrl() {
1130 		if ( applicationBaseUrl == null ) {
1131 			applicationBaseUrl = KRADServiceLocator.getKualiConfigurationService().getPropertyValueAsString(
1132                     KRADConstants.APPLICATION_URL_KEY);
1133 		}
1134 		return applicationBaseUrl;
1135 	}
1136 	
1137 	protected boolean isModuleLocked(ActionForm form, String methodToCall, HttpServletRequest request) {
1138 		String boClass = request.getParameter(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE);
1139 		ModuleService moduleService = null;
1140 		if(StringUtils.isNotBlank(boClass)) {
1141 			try {
1142 				moduleService = getKualiModuleService().getResponsibleModuleService(Class.forName(boClass));
1143 			} catch (ClassNotFoundException classNotFoundException) {
1144 				LOG.warn("BO class not found: " + boClass, classNotFoundException);
1145 			}
1146 		} else {
1147 			moduleService = getKualiModuleService().getResponsibleModuleService(this.getClass());
1148 		}
1149 		if(moduleService != null && moduleService.isLocked()) {
1150 			String principalId = GlobalVariables.getUserSession().getPrincipalId();
1151 			String namespaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE;
1152 			String permissionName = KimConstants.PermissionNames.ACCESS_LOCKED_MODULE;
1153 			Map<String, String> qualification = getRoleQualification(form, methodToCall);
1154 			if(!KimApiServiceLocator.getPermissionService().isAuthorized(principalId, namespaceCode, permissionName, qualification)) {
1155 				ParameterService parameterSerivce = CoreFrameworkServiceLocator.getParameterService();
1156 				String messageParamNamespaceCode = moduleService.getModuleConfiguration().getNamespaceCode();
1157 				String messageParamComponentCode = KRADConstants.DetailTypes.ALL_DETAIL_TYPE;
1158 				String messageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_MESSAGE_PARM;
1159 				String lockoutMessage = parameterSerivce.getParameterValueAsString(messageParamNamespaceCode, messageParamComponentCode, messageParamName);
1160 				
1161 				if(StringUtils.isBlank(lockoutMessage)) {
1162 					String defaultMessageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_DEFAULT_MESSAGE;
1163 					lockoutMessage = parameterSerivce.getParameterValueAsString(KRADConstants.KNS_NAMESPACE, messageParamComponentCode, defaultMessageParamName);
1164 				}
1165 				request.setAttribute(KRADConstants.MODULE_LOCKED_MESSAGE_REQUEST_PARAMETER, lockoutMessage);
1166 				return true;
1167 			}
1168 		}
1169 		return false;
1170 	}
1171 }