1 /** 2 * Copyright 2005-2013 The Kuali Foundation 3 * 4 * Licensed under the Educational Community License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.opensource.org/licenses/ecl2.php 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package org.kuali.rice.krad.uif.component; 17 18 import java.io.Serializable; 19 import java.util.HashMap; 20 import java.util.Map; 21 22 /** 23 * Component security is used to flag permissions that exist in KIM for various component state (like edit and view) 24 * 25 * <p> 26 * In addition, properties such as additional role and permission details can be configured to use when 27 * checking the KIM permissions 28 * </p> 29 * 30 * <p> 31 * Security subclasses exist adding on flags apporiate for that component 32 * </p> 33 * 34 * @author Kuali Rice Team (rice.collab@kuali.org) 35 */ 36 public class ComponentSecurity extends ConfigurableBase implements Serializable { 37 private static final long serialVersionUID = 726347449984853891L; 38 39 private boolean editAuthz; 40 private boolean viewAuthz; 41 42 private String namespaceAttribute; 43 private String componentAttribute; 44 private String idAttribute; 45 46 private Map<String, String> additionalPermissionDetails; 47 private Map<String, String> additionalRoleQualifiers; 48 49 public ComponentSecurity() { 50 editAuthz = false; 51 viewAuthz = false; 52 53 additionalPermissionDetails = new HashMap<String, String>(); 54 additionalRoleQualifiers = new HashMap<String, String>(); 55 } 56 57 /** 58 * Indicates whether the component has edit authorization and KIM should be consulted 59 * 60 * @return boolean true if the component has edit authorization, false if not 61 */ 62 public boolean isEditAuthz() { 63 return editAuthz; 64 } 65 66 /** 67 * Setter for the edit authorization flag 68 * 69 * @param editAuthz 70 */ 71 public void setEditAuthz(boolean editAuthz) { 72 this.editAuthz = editAuthz; 73 } 74 75 /** 76 * Indicates whether the component has view authorization and KIM should be consulted 77 * 78 * @return boolean true if the component has view authorization, false if not 79 */ 80 public boolean isViewAuthz() { 81 return viewAuthz; 82 } 83 84 /** 85 * Setter for the view authorization flag 86 * 87 * @param viewAuthz 88 */ 89 public void setViewAuthz(boolean viewAuthz) { 90 this.viewAuthz = viewAuthz; 91 } 92 93 /** 94 * Namespace code that should be sent as permission detail when doing a permission check on this field 95 * 96 * <p> 97 * When the namespace code is a detail for a permission check, this property can be configured to override the 98 * namespace derived by the system 99 * </p> 100 * 101 * @return String namespace code 102 */ 103 public String getNamespaceAttribute() { 104 return namespaceAttribute; 105 } 106 107 /** 108 * Setter for the namespace code to use for details 109 * 110 * @param namespaceAttribute 111 */ 112 public void setNamespaceAttribute(String namespaceAttribute) { 113 this.namespaceAttribute = namespaceAttribute; 114 } 115 116 /** 117 * Component code that should be sent as permission detail when doing a permission check on this field 118 * 119 * <p> 120 * When the component code is a detail for a permission check, this property can be configured to override the 121 * component code derived by the system 122 * </p> 123 * 124 * @return String component code 125 */ 126 public String getComponentAttribute() { 127 return componentAttribute; 128 } 129 130 /** 131 * Setter for the component code to use for details 132 * 133 * @param componentAttribute 134 */ 135 public void setComponentAttribute(String componentAttribute) { 136 this.componentAttribute = componentAttribute; 137 } 138 139 /** 140 * Id that should be sent as permission detail when doing a permission check on this field 141 * 142 * <p> 143 * By default they system will send the component id as a permission detail, this property can be configured to 144 * send a different id for the permission check 145 * </p> 146 * 147 * @return String id 148 */ 149 public String getIdAttribute() { 150 return idAttribute; 151 } 152 153 /** 154 * Setter for the id to use for details 155 * 156 * @param idAttribute 157 */ 158 public void setIdAttribute(String idAttribute) { 159 this.idAttribute = idAttribute; 160 } 161 162 /** 163 * Map of key value pairs that should be added as permission details when doing KIM permission checks for this 164 * component 165 * 166 * <p> 167 * Any details given here that will override details with the same key that were derived by the system 168 * </p> 169 * 170 * @return Map<String, String> 171 */ 172 public Map<String, String> getAdditionalPermissionDetails() { 173 return additionalPermissionDetails; 174 } 175 176 /** 177 * Setter for the map of additional permission details 178 * 179 * @param additionalPermissionDetails 180 */ 181 public void setAdditionalPermissionDetails(Map<String, String> additionalPermissionDetails) { 182 this.additionalPermissionDetails = additionalPermissionDetails; 183 } 184 185 /** 186 * Map of key value pairs that should be added as role qualifiers when doing KIM permission checks for this 187 * component 188 * 189 * <p> 190 * Any qualifiers given here that will override qualifiers with the same key that were derived by the system 191 * </p> 192 * 193 * @return Map<String, String> 194 */ 195 public Map<String, String> getAdditionalRoleQualifiers() { 196 return additionalRoleQualifiers; 197 } 198 199 /** 200 * Setter for the map of additional role qualifiers 201 * 202 * @param additionalRoleQualifiers 203 */ 204 public void setAdditionalRoleQualifiers(Map<String, String> additionalRoleQualifiers) { 205 this.additionalRoleQualifiers = additionalRoleQualifiers; 206 } 207 208 @Override 209 protected void finalize() throws Throwable { 210 try { 211 idAttribute = null; 212 componentAttribute = null; 213 namespaceAttribute = null; 214 additionalRoleQualifiers = null; 215 additionalPermissionDetails = null; 216 } finally { 217 // don't call super.finalize() in attempt to avoid loop between maps. 218 } 219 } 220 }