1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.rice.kns.util;
17
18 import org.apache.commons.lang.StringEscapeUtils;
19 import org.apache.commons.lang.StringUtils;
20 import org.apache.log4j.Level;
21 import org.apache.log4j.Logger;
22 import org.apache.struts.Globals;
23 import org.apache.struts.action.ActionForm;
24 import org.apache.struts.action.ActionMapping;
25 import org.apache.struts.action.ActionServletWrapper;
26 import org.apache.struts.upload.CommonsMultipartRequestHandler;
27 import org.apache.struts.upload.FormFile;
28 import org.apache.struts.upload.MultipartRequestHandler;
29 import org.apache.struts.upload.MultipartRequestWrapper;
30 import org.kuali.rice.core.api.config.property.ConfigContext;
31 import org.kuali.rice.core.api.config.property.ConfigurationService;
32 import org.kuali.rice.core.api.util.RiceKeyConstants;
33 import org.kuali.rice.kew.api.action.ActionRequest;
34 import org.kuali.rice.kew.api.action.RecipientType;
35 import org.kuali.rice.kim.api.role.Role;
36 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
37 import org.kuali.rice.kns.datadictionary.KNSDocumentEntry;
38 import org.kuali.rice.kns.datadictionary.MaintenanceDocumentEntry;
39 import org.kuali.rice.kns.document.authorization.DocumentAuthorizer;
40 import org.kuali.rice.kns.service.KNSServiceLocator;
41 import org.kuali.rice.kns.web.struts.action.KualiMultipartRequestHandler;
42 import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase;
43 import org.kuali.rice.kns.web.struts.form.KualiForm;
44 import org.kuali.rice.kns.web.struts.form.KualiMaintenanceForm;
45 import org.kuali.rice.kns.web.struts.form.pojo.PojoFormBase;
46 import org.kuali.rice.kns.web.ui.Field;
47 import org.kuali.rice.kns.web.ui.Row;
48 import org.kuali.rice.kns.web.ui.Section;
49 import org.kuali.rice.krad.datadictionary.AttributeDefinition;
50 import org.kuali.rice.krad.datadictionary.AttributeSecurity;
51 import org.kuali.rice.krad.datadictionary.DataDictionary;
52 import org.kuali.rice.krad.datadictionary.DataDictionaryEntryBase;
53 import org.kuali.rice.krad.datadictionary.mask.MaskFormatter;
54 import org.kuali.rice.krad.document.Document;
55 import org.kuali.rice.krad.exception.ValidationException;
56 import org.kuali.rice.krad.service.KRADServiceLocator;
57 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
58 import org.kuali.rice.krad.util.GlobalVariables;
59 import org.kuali.rice.krad.util.KRADConstants;
60 import org.kuali.rice.krad.util.MessageMap;
61 import org.kuali.rice.krad.util.ObjectUtils;
62
63 import javax.servlet.ServletException;
64 import javax.servlet.http.HttpServletRequest;
65 import javax.servlet.http.HttpServletResponse;
66 import javax.servlet.http.HttpSession;
67 import javax.servlet.jsp.PageContext;
68 import java.io.ByteArrayOutputStream;
69 import java.io.IOException;
70 import java.io.InputStream;
71 import java.io.OutputStream;
72 import java.net.URI;
73 import java.net.URISyntaxException;
74 import java.util.Arrays;
75 import java.util.Collection;
76 import java.util.Enumeration;
77 import java.util.HashMap;
78 import java.util.Hashtable;
79 import java.util.Iterator;
80 import java.util.LinkedHashMap;
81 import java.util.List;
82 import java.util.Map;
83 import java.util.Set;
84 import java.util.regex.Matcher;
85 import java.util.regex.Pattern;
86
87
88
89
90 public class WebUtils {
91 private static final Logger LOG = Logger.getLogger(WebUtils.class);
92
93 private static final String IMAGE_COORDINATE_CLICKED_X_EXTENSION = ".x";
94 private static final String IMAGE_COORDINATE_CLICKED_Y_EXTENSION = ".y";
95
96 private static final String APPLICATION_IMAGE_URL_PROPERTY_PREFIX = "application.custom.image.url";
97 private static final String DEFAULT_IMAGE_URL_PROPERTY_NAME = "kr.externalizable.images.url";
98
99
100
101
102 private static final String[] SCHEMES = { "http://", "https://" };
103
104
105
106
107
108
109 public static final String FILE_UPLOAD_LIMIT_EXCEEDED_EXCEPTION_ALREADY_THROWN = "fileUploadLimitExceededExceptionAlreadyThrown";
110
111 private static ConfigurationService configurationService;
112
113
114
115
116
117
118
119
120 public static String parseMethodToCall(ActionForm form, HttpServletRequest request) {
121 String methodToCall = null;
122
123
124 if (StringUtils.isNotBlank(request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER))) {
125 if (form instanceof KualiForm
126 && !((KualiForm) form).shouldMethodToCallParameterBeUsed(KRADConstants.DISPATCH_REQUEST_PARAMETER,
127 request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER), request)) {
128 throw new RuntimeException("Cannot verify that the methodToCall should be "
129 + request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER));
130 }
131 methodToCall = request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER);
132
133
134 request.setAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE, KRADConstants.DISPATCH_REQUEST_PARAMETER + "."
135 + methodToCall + IMAGE_COORDINATE_CLICKED_X_EXTENSION);
136 }
137
138
139
140
141
142
143
144
145
146
147 if (methodToCall == null) {
148
149 for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
150 String parameterName = (String) i.nextElement();
151
152
153 if (isMethodToCall(parameterName)) {
154 methodToCall = getMethodToCallSettingAttribute(form, request, parameterName);
155 break;
156 }
157 else {
158
159
160 for (String value : request.getParameterValues(parameterName)) {
161
162
163 if (isMethodToCall(value)) {
164 methodToCall = getMethodToCallSettingAttribute(form, request, value);
165
166 }
167 }
168 }
169 }
170 }
171
172 return methodToCall;
173 }
174
175
176
177
178
179
180
181
182 private static boolean isMethodToCall(String string) {
183
184
185 return string.startsWith(KRADConstants.DISPATCH_REQUEST_PARAMETER + ".");
186 }
187
188
189
190
191
192
193
194
195
196
197
198
199
200 private static String getMethodToCallSettingAttribute(ActionForm form, HttpServletRequest request, String string) {
201
202 if (form instanceof KualiForm
203 && !((KualiForm) form).shouldMethodToCallParameterBeUsed(string, request.getParameter(string), request)) {
204 throw new RuntimeException("Cannot verify that the methodToCall should be " + string);
205 }
206
207 final String attributeValue = endsWithCoordinates(string) ? string : string
208 + IMAGE_COORDINATE_CLICKED_X_EXTENSION;
209 final String methodToCall = StringUtils.substringBetween(attributeValue,
210 KRADConstants.DISPATCH_REQUEST_PARAMETER + ".", ".");
211 request.setAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE, attributeValue);
212 return methodToCall;
213 }
214
215
216
217
218
219
220
221
222 public static void logRequestContents(Logger logger, Level level, HttpServletRequest request) {
223 if (logger.isEnabledFor(level)) {
224 logger.log(level, "--------------------");
225 logger.log(level, "HttpRequest attributes:");
226 for (Enumeration e = request.getAttributeNames(); e.hasMoreElements();) {
227 String attrName = (String) e.nextElement();
228 Object attrValue = request.getAttribute(attrName);
229
230 if (attrValue.getClass().isArray()) {
231 logCollection(logger, level, attrName, Arrays.asList((Object[]) attrValue));
232 }
233 else if (attrValue instanceof Collection) {
234 logCollection(logger, level, attrName, (Collection) attrValue);
235 }
236 else if (attrValue instanceof Map) {
237 logMap(logger, level, attrName, (Map) attrValue);
238 }
239 else {
240 logObject(logger, level, attrName, attrValue);
241 }
242 }
243
244 logger.log(level, "--------------------");
245 logger.log(level, "HttpRequest parameters:");
246 for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
247 String paramName = (String) i.nextElement();
248 String[] paramValues = (String[]) request.getParameterValues(paramName);
249
250 logArray(logger, level, paramName, paramValues);
251 }
252
253 logger.log(level, "--------------------");
254 }
255 }
256
257 private static void logArray(Logger logger, Level level, String arrayName, Object[] array) {
258 StringBuffer value = new StringBuffer("[");
259 for (int i = 0; i < array.length; ++i) {
260 if (i > 0) {
261 value.append(",");
262 }
263 value.append(array[i]);
264 }
265 value.append("]");
266
267 logThing(logger, level, arrayName, value);
268 }
269
270 private static void logCollection(Logger logger, Level level, String collectionName, Collection c) {
271 StringBuffer value = new StringBuffer("{");
272 for (Iterator i = c.iterator(); i.hasNext();) {
273 value.append(i.next());
274 if (i.hasNext()) {
275 value.append(",");
276 }
277 }
278 value.append("}");
279
280 logThing(logger, level, collectionName, value);
281 }
282
283 private static void logMap(Logger logger, Level level, String mapName, Map m) {
284 StringBuffer value = new StringBuffer("{");
285 for (Iterator i = m.entrySet().iterator(); i.hasNext();) {
286 Map.Entry e = (Map.Entry) i.next();
287 value.append("('" + e.getKey() + "','" + e.getValue() + "')");
288 }
289 value.append("}");
290
291 logThing(logger, level, mapName, value);
292 }
293
294 private static void logObject(Logger logger, Level level, String objectName, Object o) {
295 logThing(logger, level, objectName, "'" + o + "'");
296 }
297
298 private static void logThing(Logger logger, Level level, String thingName, Object thing) {
299 logger.log(level, " '" + thingName + "' => " + thing);
300 }
301
302
303
304
305
306
307
308
309
310
311 public static void saveMimeOutputStreamAsFile(HttpServletResponse response, String contentType,
312 ByteArrayOutputStream byteArrayOutputStream, String fileName) throws IOException {
313
314
315
316 String updateFileName;
317 if(fileName.contains("\"")) {
318 updateFileName = fileName.replaceAll("\"", "");
319 } else {
320 updateFileName = fileName;
321 }
322
323
324 response.setContentType(contentType);
325 response.setHeader("Content-disposition", "attachment; filename=\"" + updateFileName + "\"");
326 response.setHeader("Expires", "0");
327 response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
328 response.setHeader("Pragma", "public");
329 response.setContentLength(byteArrayOutputStream.size());
330
331
332 OutputStream outputStream = response.getOutputStream();
333 byteArrayOutputStream.writeTo(response.getOutputStream());
334 outputStream.flush();
335 outputStream.close();
336 }
337
338
339
340
341
342
343
344
345
346
347 public static void saveMimeInputStreamAsFile(HttpServletResponse response, String contentType,
348 InputStream inStream, String fileName, int fileSize) throws IOException {
349
350
351
352 String updateFileName;
353 if(fileName.contains("\"")) {
354 updateFileName = fileName.replaceAll("\"", "");
355 } else {
356 updateFileName = fileName;
357 }
358
359
360 response.setContentType(contentType);
361 response.setHeader("Content-disposition", "attachment; filename=\"" + updateFileName + "\"");
362 response.setHeader("Expires", "0");
363 response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
364 response.setHeader("Pragma", "public");
365 response.setContentLength(fileSize);
366
367
368 OutputStream out = response.getOutputStream();
369 while (inStream.available() > 0) {
370 out.write(inStream.read());
371 }
372 out.flush();
373 }
374
375
376
377
378
379
380
381
382 public static String getTabState(KualiForm form, String tabKey) {
383 return form.getTabState(tabKey);
384 }
385
386 public static void incrementTabIndex(KualiForm form, String tabKey) {
387 form.incrementTabIndex();
388 }
389
390
391
392
393
394
395
396
397 public static void reopenInactiveRecords(List<Section> sections, Map<String, String> tabStates, String collectionName) {
398 for (Section section : sections) {
399 for (Row row: section.getRows()) {
400 for (Field field : row.getFields()) {
401 if (field != null) {
402 if (Field.CONTAINER.equals(field.getFieldType()) && StringUtils.startsWith(field.getContainerName(), collectionName)) {
403 final String tabKey = WebUtils.generateTabKey(FieldUtils.generateCollectionSubTabName(field));
404 tabStates.put(tabKey, KualiForm.TabState.OPEN.name());
405 }
406 }
407 }
408 }
409 }
410 }
411
412
413
414
415
416
417
418 public static String generateTabKey(String tabTitle) {
419 String key = "";
420 if (!StringUtils.isBlank(tabTitle)) {
421 key = tabTitle.replaceAll("\\W", "");
422
423
424
425 }
426
427 return key;
428 }
429
430 public static void getMultipartParameters(HttpServletRequest request, ActionServletWrapper servletWrapper,
431 ActionForm form, ActionMapping mapping) {
432 Map params = new HashMap();
433
434
435
436
437 try {
438 CommonsMultipartRequestHandler multipartHandler = new CommonsMultipartRequestHandler();
439 if (multipartHandler != null) {
440
441 if (servletWrapper != null) {
442
443
444 servletWrapper.setServletFor(multipartHandler);
445 }
446 multipartHandler.setMapping((ActionMapping) request.getAttribute(Globals.MAPPING_KEY));
447
448 multipartHandler.handleRequest(request);
449
450 Collection<FormFile> files = multipartHandler.getFileElements().values();
451 Enumeration keys = multipartHandler.getFileElements().keys();
452
453 while (keys.hasMoreElements()) {
454 Object key = keys.nextElement();
455 FormFile file = (FormFile) multipartHandler.getFileElements().get(key);
456 long maxSize = WebUtils.getMaxUploadSize(form);
457 if (LOG.isDebugEnabled()) {
458 LOG.debug(file.getFileSize());
459 }
460 if (maxSize > 0 && Long.parseLong(file.getFileSize() + "") > maxSize) {
461
462 GlobalVariables.getMessageMap().putError(key.toString(),
463 RiceKeyConstants.ERROR_UPLOADFILE_SIZE,
464 new String[] { file.getFileName(), Long.toString(maxSize) });
465
466 }
467 }
468
469
470 if (servletWrapper == null) {
471 request.setAttribute(KRADConstants.UPLOADED_FILE_REQUEST_ATTRIBUTE_KEY,
472 getFileParametersForMultipartRequest(request, multipartHandler));
473 }
474 }
475 }
476 catch (ServletException e) {
477 throw new ValidationException("unable to handle multipart request " + e.getMessage(), e);
478 }
479 }
480
481 public static long getMaxUploadSize(ActionForm form) {
482 long max = 0L;
483 KualiMultipartRequestHandler multipartHandler = new KualiMultipartRequestHandler();
484 if (form instanceof PojoFormBase) {
485 max = multipartHandler.calculateMaxUploadSizeToMaxOfList(((PojoFormBase) form).getMaxUploadSizes());
486 }
487 if (LOG.isDebugEnabled()) {
488 LOG.debug("Max File Upload Size: " + max);
489 }
490 return max;
491 }
492
493 private static Map getFileParametersForMultipartRequest(HttpServletRequest request,
494 MultipartRequestHandler multipartHandler) {
495 Map parameters = new HashMap();
496 Hashtable elements = multipartHandler.getFileElements();
497 Enumeration e = elements.keys();
498 while (e.hasMoreElements()) {
499 String key = (String) e.nextElement();
500 parameters.put(key, elements.get(key));
501 }
502
503 if (request instanceof MultipartRequestWrapper) {
504 request = (HttpServletRequest) ((MultipartRequestWrapper) request).getRequest();
505 e = request.getParameterNames();
506 while (e.hasMoreElements()) {
507 String key = (String) e.nextElement();
508 parameters.put(key, request.getParameterValues(key));
509 }
510 }
511 else {
512 LOG.debug("Gathering multipart parameters for unwrapped request");
513 }
514 return parameters;
515 }
516
517
518
519 public static void registerEditableProperty(PojoFormBase form, String editablePropertyName) {
520 form.registerEditableProperty(editablePropertyName);
521 }
522
523 public static boolean isDocumentSession(Document document, PojoFormBase docForm) {
524 boolean sessionDoc = document instanceof org.kuali.rice.krad.document.SessionDocument;
525 boolean dataDictionarySessionDoc = false;
526 if (!sessionDoc) {
527 DataDictionary dataDictionary = KRADServiceLocatorWeb.getDataDictionaryService().getDataDictionary();
528 if (docForm instanceof KualiMaintenanceForm) {
529 KualiMaintenanceForm maintenanceForm = (KualiMaintenanceForm) docForm;
530 if (dataDictionary != null) {
531 if (maintenanceForm.getDocTypeName() != null) {
532 MaintenanceDocumentEntry maintenanceDocumentEntry = (MaintenanceDocumentEntry) dataDictionary.getDocumentEntry(maintenanceForm.getDocTypeName());
533 dataDictionarySessionDoc = maintenanceDocumentEntry.isSessionDocument();
534 }
535 }
536 }
537 else {
538 if (document != null && dataDictionary != null) {
539 KNSDocumentEntry documentEntry = (KNSDocumentEntry) dataDictionary.getDocumentEntry(document.getClass().getName());
540 dataDictionarySessionDoc = documentEntry.isSessionDocument();
541 }
542 }
543 }
544 return sessionDoc || dataDictionarySessionDoc;
545 }
546
547 public static boolean isFormSessionDocument(PojoFormBase form) {
548 Document document = null;
549 if (KualiDocumentFormBase.class.isAssignableFrom(form.getClass())) {
550 KualiDocumentFormBase docForm = (KualiDocumentFormBase) form;
551 document = docForm.getDocument();
552 }
553 return isDocumentSession(document, form);
554 }
555
556 public static String KEY_KUALI_FORM_IN_SESSION = "KualiForm";
557
558 public static ActionForm getKualiForm(PageContext pageContext) {
559 return getKualiForm((HttpServletRequest) pageContext.getRequest());
560 }
561
562 public static ActionForm getKualiForm(HttpServletRequest request) {
563 if (request.getAttribute(KEY_KUALI_FORM_IN_SESSION) != null) {
564 return (ActionForm) request.getAttribute(KEY_KUALI_FORM_IN_SESSION);
565 }
566 else {
567 final HttpSession session = request.getSession(false);
568 return session != null ? (ActionForm) session.getAttribute(KEY_KUALI_FORM_IN_SESSION) : null;
569 }
570 }
571
572 public static boolean isPropertyEditable(Set<String> editableProperties, String propertyName) {
573 if (LOG.isDebugEnabled()) {
574 LOG.debug("isPropertyEditable(" + propertyName + ")");
575 }
576
577 boolean returnVal = editableProperties == null
578 || editableProperties.contains(propertyName)
579 || (getIndexOfCoordinateExtension(propertyName) == -1 ? false : editableProperties
580 .contains(propertyName.substring(0, getIndexOfCoordinateExtension(propertyName))));
581 if (!returnVal) {
582 if (LOG.isDebugEnabled()) {
583 LOG.debug("isPropertyEditable(" + propertyName + ") == false / editableProperties: "
584 + editableProperties);
585 }
586 }
587 return returnVal;
588 }
589
590 public static boolean endsWithCoordinates(String parameter) {
591 return parameter.endsWith(WebUtils.IMAGE_COORDINATE_CLICKED_X_EXTENSION)
592 || parameter.endsWith(WebUtils.IMAGE_COORDINATE_CLICKED_Y_EXTENSION);
593 }
594
595 public static int getIndexOfCoordinateExtension(String parameter) {
596 int indexOfCoordinateExtension = parameter.lastIndexOf(WebUtils.IMAGE_COORDINATE_CLICKED_X_EXTENSION);
597 if (indexOfCoordinateExtension == -1) {
598 indexOfCoordinateExtension = parameter.lastIndexOf(WebUtils.IMAGE_COORDINATE_CLICKED_Y_EXTENSION);
599 }
600 return indexOfCoordinateExtension;
601 }
602
603 public static boolean isInquiryHiddenField(String className, String fieldName, Object formObject, String propertyName) {
604 boolean isHidden = false;
605 String hiddenInquiryFields = getKualiConfigurationService().getPropertyValueAsString(className + ".hidden");
606 if (StringUtils.isEmpty(hiddenInquiryFields)) {
607 return isHidden;
608 }
609 List hiddenFields = Arrays.asList(hiddenInquiryFields.replaceAll(" ", "").split(","));
610 if (hiddenFields.contains(fieldName.trim())) {
611 isHidden = true;
612 }
613 return isHidden;
614 }
615
616 public static boolean isHiddenKimObjectType(String type, String configParameter) {
617 boolean hideType = false;
618 String hiddenTypes = getKualiConfigurationService().getPropertyValueAsString(configParameter);
619 if (StringUtils.isEmpty(hiddenTypes)) {
620 return hideType;
621 }
622 List hiddenTypeValues = Arrays.asList(hiddenTypes.replaceAll(" ", "").split(","));
623 if (hiddenTypeValues.contains(type.trim())) {
624 hideType = true;
625 }
626 return hideType;
627 }
628
629 public static String getFullyMaskedValue(String className, String fieldName, Object formObject, String propertyName) {
630 String displayMaskValue = null;
631 Object propertyValue = ObjectUtils.getPropertyValue(formObject, propertyName);
632
633 DataDictionaryEntryBase entry = (DataDictionaryEntryBase) KRADServiceLocatorWeb.getDataDictionaryService()
634 .getDataDictionary().getDictionaryObjectEntry(className);
635 AttributeDefinition a = entry.getAttributeDefinition(fieldName);
636
637 AttributeSecurity attributeSecurity = a.getAttributeSecurity();
638 if (attributeSecurity != null && attributeSecurity.isMask()) {
639 MaskFormatter maskFormatter = attributeSecurity.getMaskFormatter();
640 displayMaskValue = maskFormatter.maskValue(propertyValue);
641
642 }
643 return displayMaskValue;
644 }
645
646 public static String getPartiallyMaskedValue(String className, String fieldName, Object formObject,
647 String propertyName) {
648 String displayMaskValue = null;
649 Object propertyValue = ObjectUtils.getPropertyValue(formObject, propertyName);
650
651 DataDictionaryEntryBase entry = (DataDictionaryEntryBase) KRADServiceLocatorWeb.getDataDictionaryService()
652 .getDataDictionary().getDictionaryObjectEntry(className);
653 AttributeDefinition a = entry.getAttributeDefinition(fieldName);
654
655 AttributeSecurity attributeSecurity = a.getAttributeSecurity();
656 if (attributeSecurity != null && attributeSecurity.isPartialMask()) {
657 MaskFormatter partialMaskFormatter = attributeSecurity.getPartialMaskFormatter();
658 displayMaskValue = partialMaskFormatter.maskValue(propertyValue);
659
660 }
661 return displayMaskValue;
662 }
663
664 public static boolean canFullyUnmaskField(String businessObjectClassName, String fieldName, KualiForm form) {
665 Class businessObjClass = null;
666 try {
667 businessObjClass = Class.forName(businessObjectClassName);
668 }
669 catch (Exception e) {
670 throw new RuntimeException("Unable to resolve class name: " + businessObjectClassName);
671 }
672 if (form instanceof KualiDocumentFormBase) {
673 return KNSServiceLocator.getBusinessObjectAuthorizationService().canFullyUnmaskField(
674 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName,
675 ((KualiDocumentFormBase) form).getDocument());
676 }
677 else {
678 return KNSServiceLocator.getBusinessObjectAuthorizationService().canFullyUnmaskField(
679 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName, null);
680 }
681 }
682
683 public static boolean canPartiallyUnmaskField(String businessObjectClassName, String fieldName, KualiForm form) {
684 Class businessObjClass = null;
685 try {
686 businessObjClass = Class.forName(businessObjectClassName);
687 }
688 catch (Exception e) {
689 throw new RuntimeException("Unable to resolve class name: " + businessObjectClassName);
690 }
691 if (form instanceof KualiDocumentFormBase) {
692 return KNSServiceLocator.getBusinessObjectAuthorizationService().canPartiallyUnmaskField(
693 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName,
694 ((KualiDocumentFormBase) form).getDocument());
695 }
696 else {
697 return KNSServiceLocator.getBusinessObjectAuthorizationService().canPartiallyUnmaskField(
698 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName, null);
699 }
700 }
701
702 public static boolean canAddNoteAttachment(Document document) {
703 boolean canViewNoteAttachment = false;
704 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
705 document);
706 canViewNoteAttachment = documentAuthorizer.canAddNoteAttachment(document, null, GlobalVariables
707 .getUserSession().getPerson());
708 return canViewNoteAttachment;
709 }
710
711 public static boolean canViewNoteAttachment(Document document, String attachmentTypeCode) {
712 boolean canViewNoteAttachment = false;
713 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
714 document);
715 canViewNoteAttachment = documentAuthorizer.canViewNoteAttachment(document, attachmentTypeCode, GlobalVariables
716 .getUserSession().getPerson());
717 return canViewNoteAttachment;
718 }
719
720 public static boolean canDeleteNoteAttachment(Document document, String attachmentTypeCode,
721 String authorUniversalIdentifier) {
722 boolean canDeleteNoteAttachment = false;
723 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
724 document);
725 canDeleteNoteAttachment = documentAuthorizer.canDeleteNoteAttachment(document, attachmentTypeCode, "false",
726 GlobalVariables.getUserSession().getPerson());
727 if (canDeleteNoteAttachment) {
728 return canDeleteNoteAttachment;
729 }
730 else {
731 canDeleteNoteAttachment = documentAuthorizer.canDeleteNoteAttachment(document, attachmentTypeCode, "true",
732 GlobalVariables.getUserSession().getPerson());
733 if (canDeleteNoteAttachment
734 && !authorUniversalIdentifier.equals(GlobalVariables.getUserSession().getPerson().getPrincipalId())) {
735 canDeleteNoteAttachment = false;
736 }
737 }
738 return canDeleteNoteAttachment;
739 }
740
741 public static void reuseErrorMapFromPreviousRequest(KualiDocumentFormBase kualiDocumentFormBase) {
742 if (kualiDocumentFormBase.getMessageMapFromPreviousRequest() == null) {
743 LOG.error("Error map from previous request is null!");
744 return;
745 }
746 MessageMap errorMapFromGlobalVariables = GlobalVariables.getMessageMap();
747 if (kualiDocumentFormBase.getMessageMapFromPreviousRequest() == errorMapFromGlobalVariables) {
748
749 return;
750 }
751 if (!errorMapFromGlobalVariables.hasNoErrors()) {
752 throw new RuntimeException("Cannot replace error map because it is not empty");
753 }
754 GlobalVariables.setMessageMap(kualiDocumentFormBase.getMessageMapFromPreviousRequest());
755 GlobalVariables.getMessageMap().clearErrorPath();
756 }
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775 public static String filterHtmlAndReplaceRiceMarkup(String inputString) {
776 String outputString = StringEscapeUtils.escapeHtml(inputString);
777
778
779 Map<String, String> findAndReplacePatterns = new LinkedHashMap<String, String>();
780
781
782
783
784
785
786 findAndReplacePatterns.put("\\[a ((javascript|JAVASCRIPT|JavaScript).+)\\]", "");
787
788 findAndReplacePatterns.put("\\[a (.+)\\]", "<a href=\"$1\">");
789 findAndReplacePatterns.put("\\[/a\\]", "</a>");
790
791
792 findAndReplacePatterns.put("\\[([A-Za-z])\\]", "<$1>");
793 findAndReplacePatterns.put("\\[/([A-Za-z])\\]", "</$1>");
794
795 findAndReplacePatterns.put("\\[([A-Za-z]{2})\\]", "<$1>");
796 findAndReplacePatterns.put("\\[/([A-Za-z]{2})\\]", "</$1>");
797
798 findAndReplacePatterns.put("\\[font (#[0-9A-Fa-f]{1,6}|[A-Za-z]+)\\]", "<font color=\"$1\">");
799 findAndReplacePatterns.put("\\[/font\\]", "</font>");
800
801 findAndReplacePatterns.put("\\[table\\]", "<table>");
802 findAndReplacePatterns.put("\\[table ([A-Za-z]+)\\]", "<table class=\"$1\">");
803 findAndReplacePatterns.put("\\[/table\\]", "</table>");
804
805 findAndReplacePatterns.put("\\[td ([A-Za-z]+)\\]", "<td class=\"$1\">");
806
807 for (String findPattern : findAndReplacePatterns.keySet()) {
808 Pattern p = Pattern.compile(findPattern);
809 Matcher m = p.matcher(outputString);
810 if (m.find()) {
811 String replacePattern = findAndReplacePatterns.get(findPattern);
812 outputString = m.replaceAll(replacePattern);
813 }
814 }
815
816 return outputString;
817 }
818
819
820
821
822
823
824
825
826
827
828 public static String getButtonImageUrl(String imageName) {
829 String buttonImageUrl = getKualiConfigurationService().getPropertyValueAsString(
830 WebUtils.APPLICATION_IMAGE_URL_PROPERTY_PREFIX + "." + imageName);
831 if (StringUtils.isBlank(buttonImageUrl)) {
832 buttonImageUrl = getDefaultButtonImageUrl(imageName);
833 }
834 return buttonImageUrl;
835 }
836
837 public static String getAttachmentImageForUrl(String contentType) {
838 String image = getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ATTACHMENT_IMAGE_PREFIX + contentType);
839 if (StringUtils.isEmpty(image)) {
840 return getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ATTACHMENT_IMAGE_DEFAULT);
841 }
842 return image;
843 }
844
845
846
847
848
849
850
851
852
853 public static String getDefaultButtonImageUrl(String imageName) {
854 return getKualiConfigurationService().getPropertyValueAsString(WebUtils.DEFAULT_IMAGE_URL_PROPERTY_NAME)
855 + "buttonsmall_" + imageName + ".gif";
856 }
857
858
859
860
861 public static ConfigurationService getKualiConfigurationService() {
862 if (configurationService == null) {
863 configurationService = KRADServiceLocator.getKualiConfigurationService();
864 }
865 return configurationService;
866 }
867
868
869
870
871
872
873
874
875 public static String preserveWhitespace(String startingString) {
876 String convertedString = startingString.replaceAll("\n", "<br />");
877 convertedString = convertedString.replaceAll(" ", " ").replaceAll("( | )", " ");
878 return convertedString;
879 }
880
881 public static String getKimGroupDisplayName(String groupId) {
882 if(StringUtils.isBlank(groupId)) {
883 throw new IllegalArgumentException("Group ID must have a value");
884 }
885 return KimApiServiceLocator.getGroupService().getGroup(groupId).getName();
886 }
887
888 public static String getPrincipalDisplayName(String principalId) {
889 if(StringUtils.isBlank(principalId)) {
890 throw new IllegalArgumentException("Principal ID must have a value");
891 }
892 if (KimApiServiceLocator.getIdentityService().getDefaultNamesForPrincipalId(principalId) == null){
893 return "";
894 }
895 else {
896 return KimApiServiceLocator.getIdentityService().getDefaultNamesForPrincipalId(principalId).getDefaultName().getCompositeName();
897 }
898 }
899
900
901
902
903
904
905
906
907
908 public static String getRoleDisplayName(ActionRequest actionRequest) {
909 String result;
910
911 if(actionRequest == null) {
912 throw new IllegalArgumentException("actionRequest must be non-null");
913 }
914 if (RecipientType.ROLE != actionRequest.getRecipientType()) {
915 throw new IllegalArgumentException("actionRequest recipient must be a Role");
916 }
917
918 Role role = KimApiServiceLocator.getRoleService().getRole(actionRequest.getRoleName());
919
920 if (role != null) {
921 result = role.getName();
922 } else if (!StringUtils.isBlank(actionRequest.getQualifiedRoleNameLabel())) {
923 result = actionRequest.getQualifiedRoleNameLabel();
924 } else {
925 result = actionRequest.getRoleName();
926 }
927
928 return result;
929 }
930
931
932
933
934
935
936
937
938 public static String toAbsoluteURL(String base, String path) {
939 boolean abs = false;
940 if (StringUtils.isBlank(path)) {
941 path = "";
942 } else {
943 for (String scheme: SCHEMES) {
944 if (path.startsWith(scheme)) {
945 abs = true;
946 break;
947 }
948 }
949 }
950 if (abs) {
951 return path;
952 }
953 return base + path;
954 }
955
956 public static String sanitizeBackLocation(String backLocation) {
957 if(StringUtils.isBlank(backLocation)) {
958 return backLocation;
959 }
960
961 try {
962 URI uri = new URI(backLocation);
963 if (!uri.isAbsolute()) {
964 return backLocation;
965 }
966 } catch (URISyntaxException e) {
967
968 }
969 Pattern pattern = Pattern.compile(ConfigContext.getCurrentContextConfig().getProperty(KRADConstants.BACK_LOCATION_ALLOWED_REGEX));
970 if(pattern.matcher(backLocation).matches()) {
971 return backLocation;
972 } else {
973 return ConfigContext.getCurrentContextConfig().getProperty(KRADConstants.BACK_LOCATION_DEFAULT_URL);
974 }
975 }
976
977 }