001 /**
002 * Copyright 2005-2012 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.rice.kns.bo.authorization;
017
018 import org.kuali.rice.kns.authorization.BusinessObjectAuthorizer;
019 import org.kuali.rice.krad.bo.BusinessObject;
020 import org.kuali.rice.krad.bo.DataObjectAuthorizerBase;
021 import org.kuali.rice.krad.service.DataDictionaryService;
022 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
023 import org.kuali.rice.krad.service.KualiModuleService;
024 import org.kuali.rice.krad.service.PersistenceStructureService;
025 import org.kuali.rice.krad.util.GlobalVariables;
026
027 import java.util.HashMap;
028 import java.util.Map;
029
030 public class BusinessObjectAuthorizerBase extends DataObjectAuthorizerBase implements BusinessObjectAuthorizer {
031 private static final long serialVersionUID = -6315759348728853851L;
032
033 private static KualiModuleService kualiModuleService;
034 private static DataDictionaryService dataDictionaryService;
035 private static PersistenceStructureService persistenceStructureService;
036
037 protected final boolean permissionExistsByTemplate(
038 BusinessObject businessObject, String namespaceCode,
039 String permissionTemplateName) {
040 return getPermissionService()
041 .isPermissionDefinedByTemplate(namespaceCode, permissionTemplateName, new HashMap<String, String>(
042 getPermissionDetailValues(businessObject)));
043 }
044
045 protected final boolean permissionExistsByTemplate(
046 BusinessObject businessObject, String namespaceCode,
047 String permissionTemplateName, Map<String, String> permissionDetails) {
048 Map<String, String> combinedPermissionDetails = new HashMap<String, String>(
049 getPermissionDetailValues(businessObject));
050 combinedPermissionDetails.putAll(permissionDetails);
051 return getPermissionService()
052 .isPermissionDefinedByTemplate(namespaceCode, permissionTemplateName, combinedPermissionDetails);
053 }
054
055 public final boolean isAuthorized(BusinessObject businessObject,
056 String namespaceCode, String permissionName, String principalId) {
057 return getPermissionService().isAuthorized(principalId,
058 namespaceCode, permissionName,
059 new HashMap<String, String>(getRoleQualification(businessObject, principalId)));
060 }
061
062 public final boolean isAuthorizedByTemplate(BusinessObject dataObject,
063 String namespaceCode, String permissionTemplateName,
064 String principalId) {
065 return getPermissionService().isAuthorizedByTemplate(principalId, namespaceCode, permissionTemplateName,
066 new HashMap<String, String>(getPermissionDetailValues(dataObject)), new HashMap<String, String>(
067 getRoleQualification(dataObject, principalId)));
068 }
069
070 public final boolean isAuthorized(BusinessObject businessObject,
071 String namespaceCode, String permissionName, String principalId,
072 Map<String, String> collectionOrFieldLevelPermissionDetails,
073 Map<String, String> collectionOrFieldLevelRoleQualification) {
074 Map<String, String> roleQualifiers = null;
075 Map<String, String> permissionDetails = null;
076 if (collectionOrFieldLevelRoleQualification != null) {
077 roleQualifiers = new HashMap<String, String>(
078 getRoleQualification(businessObject, principalId));
079 roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
080 } else {
081 roleQualifiers = new HashMap<String, String>(
082 getRoleQualification(businessObject, principalId));
083 }
084 /*if (collectionOrFieldLevelPermissionDetails != null) {
085 permissionDetails = new HashMap<String, String>(
086 getPermissionDetailValues(businessObject));
087 permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
088 } else {
089 permissionDetails = new HashMap<String, String>(
090 getPermissionDetailValues(businessObject));
091 }*/
092
093 return getPermissionService().isAuthorized(principalId,
094 namespaceCode, permissionName,
095 roleQualifiers);
096 }
097
098
099 /**
100 * Returns a role qualification map based off data from the primary business
101 * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
102 *
103 * @param primaryBusinessObjectOrDocument
104 * the primary business object (i.e. the main BO instance behind
105 * the lookup result row or inquiry) or the document
106 * @return a Map containing role qualifications
107 */
108 protected final Map<String, String> getRoleQualification(
109 BusinessObject primaryBusinessObjectOrDocument) {
110 return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
111 .getUserSession().getPerson().getPrincipalId());
112 }
113
114 /**
115 * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.krad.bo.BusinessObject)
116 */
117 @Override
118 public Map<String, String> getCollectionItemPermissionDetails(
119 BusinessObject collectionItemBusinessObject) {
120 return new HashMap<String, String>();
121 }
122
123 /**
124 * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.krad.bo.BusinessObject)
125 */
126 @Override
127 public Map<String, String> getCollectionItemRoleQualifications(
128 BusinessObject collectionItemBusinessObject) {
129 return new HashMap<String, String>();
130 }
131
132 protected static KualiModuleService getKualiModuleService() {
133 if (kualiModuleService == null) {
134 kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
135 }
136 return kualiModuleService;
137 }
138
139 protected static DataDictionaryService getDataDictionaryService() {
140 if (dataDictionaryService == null) {
141 dataDictionaryService = KRADServiceLocatorWeb
142 .getDataDictionaryService();
143 }
144 return dataDictionaryService;
145 }
146 }