001 /**
002 * Copyright 2005-2013 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.rice.kns.document.authorization;
017
018
019 import org.kuali.rice.kim.api.KimConstants;
020 import org.kuali.rice.kim.api.identity.Person;
021 import org.kuali.rice.krad.maintenance.MaintenanceDocument;
022 import org.kuali.rice.krad.service.DocumentDictionaryService;
023 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
024 import org.kuali.rice.krad.util.KRADConstants;
025 import org.kuali.rice.krad.util.KRADUtils;
026
027 import java.util.HashMap;
028 import java.util.HashSet;
029 import java.util.Map;
030 import java.util.Set;
031
032 public class MaintenanceDocumentAuthorizerBase extends DocumentAuthorizerBase implements MaintenanceDocumentAuthorizer {
033 // private static final org.apache.log4j.Logger LOG =
034 // org.apache.log4j.Logger.getLogger(MaintenanceDocumentAuthorizerBase.class);
035
036 transient protected static DocumentDictionaryService documentDictionaryService;
037
038 public boolean canCreate(Class boClass, Person user) {
039 Map<String, String> permissionDetails = new HashMap<String, String>();
040 permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
041 getDocumentDictionaryService().getMaintenanceDocumentTypeName(
042 boClass));
043 permissionDetails.put(KRADConstants.MAINTENANCE_ACTN,
044 KRADConstants.MAINTENANCE_NEW_ACTION);
045 return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
046 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
047 permissionDetails)
048 || getPermissionService()
049 .isAuthorizedByTemplate(user.getPrincipalId(), KRADConstants.KNS_NAMESPACE,
050 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, permissionDetails,
051 new HashMap<String, String>());
052 }
053
054 public boolean canMaintain(Object dataObject, Person user) {
055 Map<String, String> permissionDetails = new HashMap<String, String>(2);
056 permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
057 getDocumentDictionaryService().getMaintenanceDocumentTypeName(
058 dataObject.getClass()));
059 permissionDetails.put(KRADConstants.MAINTENANCE_ACTN,
060 KRADConstants.MAINTENANCE_EDIT_ACTION);
061 return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
062 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
063 permissionDetails)
064 || isAuthorizedByTemplate(
065 dataObject,
066 KRADConstants.KNS_NAMESPACE,
067 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
068 user.getPrincipalId(), permissionDetails, null);
069 }
070
071 public boolean canCreateOrMaintain(
072 MaintenanceDocument maintenanceDocument, Person user) {
073 return !permissionExistsByTemplate(maintenanceDocument,
074 KRADConstants.KNS_NAMESPACE,
075 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS)
076 || isAuthorizedByTemplate(
077 maintenanceDocument,
078 KRADConstants.KNS_NAMESPACE,
079 KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS,
080 user.getPrincipalId());
081 }
082
083 public Set<String> getSecurePotentiallyHiddenSectionIds() {
084 return new HashSet<String>();
085 }
086
087 public Set<String> getSecurePotentiallyReadOnlySectionIds() {
088 return new HashSet<String>();
089 }
090
091 @SuppressWarnings("unchecked")
092 @Override
093 protected void addRoleQualification(Object dataObject, Map<String, String> attributes) {
094 super.addRoleQualification(dataObject, attributes);
095 if (dataObject instanceof MaintenanceDocument) {
096 MaintenanceDocument maintDoc = (MaintenanceDocument)dataObject;
097 if ( maintDoc.getNewMaintainableObject() != null ) {
098 attributes.putAll(
099 KRADUtils.getNamespaceAndComponentSimpleName(maintDoc.getNewMaintainableObject().getDataObjectClass()));
100 }
101 }
102 }
103
104 @SuppressWarnings("unchecked")
105 @Override
106 protected void addPermissionDetails(Object dataObject, Map<String, String> attributes) {
107 super.addPermissionDetails(dataObject, attributes);
108 if (dataObject instanceof MaintenanceDocument) {
109 MaintenanceDocument maintDoc = (MaintenanceDocument)dataObject;
110 if ( maintDoc.getNewMaintainableObject() != null ) {
111 attributes.putAll(
112 KRADUtils.getNamespaceAndComponentSimpleName(maintDoc.getNewMaintainableObject().getDataObjectClass()));
113 attributes.put(KRADConstants.MAINTENANCE_ACTN,maintDoc.getNewMaintainableObject().getMaintenanceAction());
114 }
115 }
116 }
117
118 protected static DocumentDictionaryService getDocumentDictionaryService() {
119 if (documentDictionaryService == null) {
120 documentDictionaryService = KRADServiceLocatorWeb.getDocumentDictionaryService();
121 }
122 return documentDictionaryService;
123 }
124
125 }