View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.lookup;
17  
18  import org.kuali.rice.core.api.exception.RiceRuntimeException;
19  import org.kuali.rice.kim.api.KimConstants;
20  import org.kuali.rice.kim.api.identity.Person;
21  import org.kuali.rice.krad.uif.view.View;
22  import org.kuali.rice.krad.uif.view.ViewAuthorizerBase;
23  import org.kuali.rice.krad.uif.view.ViewModel;
24  import org.kuali.rice.krad.util.KRADConstants;
25  import org.kuali.rice.krad.util.KRADUtils;
26  import org.kuali.rice.krad.web.form.LookupForm;
27  
28  import java.util.Map;
29  
30  /**
31   * Implementation of {@link org.kuali.rice.krad.uif.view.ViewAuthorizer} for
32   * {@link org.kuali.rice.krad.uif.view.LookupView} instances
33   *
34   * @author Kuali Rice Team (rice.collab@kuali.org)
35   */
36  public class LookupViewAuthorizerBase extends ViewAuthorizerBase {
37      private static final long serialVersionUID = 3755133641536256283L;
38  
39      /**
40       * Override to check the for permissions of type 'Look Up Records' in addition to the open view check
41       * done in super
42       */
43      @Override
44      public boolean canOpenView(View view, ViewModel model, Person user) {
45          boolean canOpen = super.canOpenView(view, model, user);
46  
47          if (canOpen) {
48              LookupForm lookupForm = (LookupForm) model;
49  
50              Map<String, String> additionalPermissionDetails;
51              try {
52                  additionalPermissionDetails = KRADUtils.getNamespaceAndComponentSimpleName(Class.forName(
53                          lookupForm.getDataObjectClassName()));
54              } catch (ClassNotFoundException e) {
55                  throw new RiceRuntimeException(
56                          "Unable to create class for lookup class name: " + lookupForm.getDataObjectClassName());
57              }
58  
59              if (permissionExistsByTemplate(model, KRADConstants.KNS_NAMESPACE,
60                      KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, additionalPermissionDetails)) {
61                  canOpen = isAuthorizedByTemplate(model, KRADConstants.KNS_NAMESPACE,
62                          KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, user.getPrincipalId(),
63                          additionalPermissionDetails, null);
64              }
65          }
66  
67          return canOpen;
68      }
69  }