View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.document;
17  
18  import org.apache.commons.logging.Log;
19  import org.apache.commons.logging.LogFactory;
20  import org.kuali.rice.kew.api.WorkflowDocument;
21  import org.kuali.rice.kim.api.KimConstants;
22  import org.kuali.rice.kim.api.identity.Person;
23  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
24  import org.kuali.rice.krad.uif.view.View;
25  import org.kuali.rice.krad.uif.view.ViewAuthorizerBase;
26  import org.kuali.rice.krad.uif.view.ViewModel;
27  import org.kuali.rice.krad.util.KRADConstants;
28  import org.kuali.rice.krad.util.ObjectUtils;
29  import org.kuali.rice.krad.web.form.DocumentFormBase;
30  
31  import java.util.Map;
32  import java.util.Set;
33  
34  /**
35   * Implementation of {@link org.kuali.rice.krad.uif.view.ViewAuthorizer} for
36   * {@link org.kuali.rice.krad.uif.view.DocumentView} instances
37   *
38   * <p>
39   * Performs KIM permission checks for the various document actions such as save, approve, cancel
40   * </p>
41   *
42   * <p>
43   * By default delegates to the {@link DocumentAuthorizer} configured for the document in the data dictionary
44   * </p>
45   *
46   * @author Kuali Rice Team (rice.collab@kuali.org)
47   */
48  public class DocumentViewAuthorizerBase extends ViewAuthorizerBase implements DocumentAuthorizer {
49      private static final long serialVersionUID = 3800780934223224565L;
50  
51      protected static Log LOG = LogFactory.getLog(DocumentViewAuthorizerBase.class);
52  
53      public static final String PRE_ROUTING_ROUTE_NAME = "PreRoute";
54  
55      private DocumentAuthorizer documentAuthorizer;
56  
57      /**
58       * @see org.kuali.rice.krad.uif.view.ViewAuthorizer#getActionFlags(org.kuali.rice.krad.uif.view.View,
59       *      org.kuali.rice.krad.uif.view.ViewModel, org.kuali.rice.kim.api.identity.Person,
60       *      java.util.Set<java.lang.String>)
61       */
62      @Override
63      public Set<String> getActionFlags(View view, ViewModel model, Person user, Set<String> actions) {
64          Document document = ((DocumentFormBase) model).getDocument();
65  
66          if (LOG.isDebugEnabled()) {
67              LOG.debug("calling DocumentAuthorizerBase.getDocumentActionFlags for document '"
68                      + document.getDocumentNumber()
69                      + "'. user '"
70                      + user.getPrincipalName()
71                      + "'");
72          }
73  
74          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT) && !canEdit(document, user)) {
75              actions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT);
76          }
77  
78          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_COPY) && !canCopy(document, user)) {
79              actions.remove(KRADConstants.KUALI_ACTION_CAN_COPY);
80          }
81  
82          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_CLOSE) && !canClose(document, user)) {
83              actions.remove(KRADConstants.KUALI_ACTION_CAN_CLOSE);
84          }
85  
86          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_RELOAD) && !canReload(document, user)) {
87              actions.remove(KRADConstants.KUALI_ACTION_CAN_RELOAD);
88          }
89  
90          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE) && !canBlanketApprove(document, user)) {
91              actions.remove(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE);
92          }
93  
94          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_CANCEL) && !canCancel(document, user)) {
95              actions.remove(KRADConstants.KUALI_ACTION_CAN_CANCEL);
96          }
97  
98          if (actions.contains(KRADConstants.KUALI_ACTION_CAN_RECALL) && !canRecall(document, user)) {
99              actions.remove(KRADConstants.KUALI_ACTION_CAN_RECALL);
100         }
101 
102         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_SAVE) && !canSave(document, user)) {
103             actions.remove(KRADConstants.KUALI_ACTION_CAN_SAVE);
104         }
105 
106         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_ROUTE) && !canRoute(document, user)) {
107             actions.remove(KRADConstants.KUALI_ACTION_CAN_ROUTE);
108         }
109 
110         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE) && !canAcknowledge(document, user)) {
111             actions.remove(KRADConstants.KUALI_ACTION_CAN_ACKNOWLEDGE);
112         }
113 
114         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_FYI) && !canFyi(document, user)) {
115             actions.remove(KRADConstants.KUALI_ACTION_CAN_FYI);
116         }
117 
118         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_APPROVE) && !canApprove(document, user)) {
119             actions.remove(KRADConstants.KUALI_ACTION_CAN_APPROVE);
120         }
121 
122         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE) && !canDisapprove(document, user)) {
123             actions.remove(KRADConstants.KUALI_ACTION_CAN_DISAPPROVE);
124         }
125 
126         if (!canSendAnyTypeAdHocRequests(document, user)) {
127             actions.remove(KRADConstants.KUALI_ACTION_CAN_ADD_ADHOC_REQUESTS);
128             actions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_ADHOC_REQUESTS);
129             actions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
130         }
131 
132         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI) && !canSendNoteFyi(document, user)) {
133             actions.remove(KRADConstants.KUALI_ACTION_CAN_SEND_NOTE_FYI);
134         }
135 
136         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_ANNOTATE) && !canAnnotate(document, user)) {
137             actions.remove(KRADConstants.KUALI_ACTION_CAN_ANNOTATE);
138         }
139 
140         if (actions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW) && !canEditDocumentOverview(
141                 document, user)) {
142             actions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW);
143         }
144 
145         if (actions.contains(KRADConstants.KUALI_ACTION_PERFORM_ROUTE_REPORT) && !canPerformRouteReport(document,
146                 user)) {
147             actions.remove(KRADConstants.KUALI_ACTION_PERFORM_ROUTE_REPORT);
148         }
149 
150         return actions;
151     }
152 
153     public final boolean canInitiate(String documentTypeName, Person user) {
154         return getDocumentAuthorizer().canInitiate(documentTypeName, user);
155     }
156 
157     public final boolean canOpen(Document document, Person user) {
158         return getDocumentAuthorizer().canOpen(document, user);
159     }
160 
161     @Override
162     public boolean canOpenView(View view, ViewModel model, Person user) {
163         DocumentFormBase documentForm = (DocumentFormBase) model;
164 
165         return super.canOpenView(view, model, user) && canOpen(documentForm.getDocument(), user);
166     }
167 
168     public boolean canEdit(Document document, Person user) {
169         return getDocumentAuthorizer().canEdit(document, user);
170     }
171 
172     @Override
173     public boolean canEditView(View view, ViewModel model, Person user) {
174         DocumentFormBase documentForm = (DocumentFormBase) model;
175 
176         return super.canEditView(view, model, user) && canEdit(documentForm.getDocument(), user);
177     }
178 
179     public boolean canAnnotate(Document document, Person user) {
180         return getDocumentAuthorizer().canAnnotate(document, user);
181     }
182 
183     public boolean canReload(Document document, Person user) {
184         return getDocumentAuthorizer().canReload(document, user);
185     }
186 
187     public boolean canClose(Document document, Person user) {
188         return getDocumentAuthorizer().canClose(document, user);
189     }
190 
191     public boolean canSave(Document document, Person user) {
192         return getDocumentAuthorizer().canSave(document, user);
193     }
194 
195     public boolean canRoute(Document document, Person user) {
196         return getDocumentAuthorizer().canRoute(document, user);
197     }
198 
199     public boolean canCancel(Document document, Person user) {
200         return getDocumentAuthorizer().canCancel(document, user);
201     }
202 
203     public boolean canRecall(Document document, Person user) {
204         return getDocumentAuthorizer().canRecall(document, user);
205     }
206 
207     public boolean canCopy(Document document, Person user) {
208         return getDocumentAuthorizer().canCopy(document, user);
209     }
210 
211     public boolean canPerformRouteReport(Document document, Person user) {
212         return getDocumentAuthorizer().canPerformRouteReport(document, user);
213     }
214 
215     public boolean canBlanketApprove(Document document, Person user) {
216         return getDocumentAuthorizer().canBlanketApprove(document, user);
217     }
218 
219     public boolean canApprove(Document document, Person user) {
220         return getDocumentAuthorizer().canApprove(document, user);
221     }
222 
223     public boolean canDisapprove(Document document, Person user) {
224         return getDocumentAuthorizer().canDisapprove(document, user);
225     }
226 
227     public boolean canSendNoteFyi(Document document, Person user) {
228         return getDocumentAuthorizer().canSendNoteFyi(document, user);
229     }
230 
231     public boolean canFyi(Document document, Person user) {
232         return getDocumentAuthorizer().canFyi(document, user);
233     }
234 
235     public boolean canAcknowledge(Document document, Person user) {
236         return getDocumentAuthorizer().canAcknowledge(document, user);
237     }
238 
239     public final boolean canReceiveAdHoc(Document document, Person user, String actionRequestCode) {
240         return getDocumentAuthorizer().canReceiveAdHoc(document, user, actionRequestCode);
241     }
242 
243     public final boolean canAddNoteAttachment(Document document, String attachmentTypeCode, Person user) {
244         return getDocumentAuthorizer().canAddNoteAttachment(document, attachmentTypeCode, user);
245     }
246 
247     public final boolean canDeleteNoteAttachment(Document document, String attachmentTypeCode,
248             String authorUniversalIdentifier, Person user) {
249         return getDocumentAuthorizer().canDeleteNoteAttachment(document, attachmentTypeCode, authorUniversalIdentifier,
250                 user);
251     }
252 
253     public final boolean canViewNoteAttachment(Document document, String attachmentTypeCode,
254             String authorUniversalIdentifier, Person user) {
255         return getDocumentAuthorizer().canViewNoteAttachment(document, attachmentTypeCode, authorUniversalIdentifier,
256                 user);
257     }
258 
259     public final boolean canSendAdHocRequests(Document document, String actionRequestCd, Person user) {
260         return getDocumentAuthorizer().canSendAdHocRequests(document, actionRequestCd, user);
261     }
262 
263     public boolean canEditDocumentOverview(Document document, Person user) {
264         return getDocumentAuthorizer().canEditDocumentOverview(document, user);
265     }
266 
267     public boolean canSendAnyTypeAdHocRequests(Document document, Person user) {
268         return getDocumentAuthorizer().canSendAnyTypeAdHocRequests(document, user);
269     }
270 
271     public boolean canTakeRequestedAction(Document document, String actionRequestCode, Person user) {
272         return getDocumentAuthorizer().canTakeRequestedAction(document, actionRequestCode, user);
273     }
274 
275     @Override
276     protected void addPermissionDetails(Object dataObject, Map<String, String> attributes) {
277         super.addPermissionDetails(dataObject, attributes);
278 
279         if (dataObject instanceof Document) {
280             addStandardAttributes((Document) dataObject, attributes);
281         }
282     }
283 
284     @Override
285     protected void addRoleQualification(Object dataObject, Map<String, String> attributes) {
286         super.addRoleQualification(dataObject, attributes);
287 
288         if (dataObject instanceof Document) {
289             addStandardAttributes((Document) dataObject, attributes);
290         }
291     }
292 
293     protected void addStandardAttributes(Document document, Map<String, String> attributes) {
294         WorkflowDocument wd = document.getDocumentHeader().getWorkflowDocument();
295         attributes.put(KimConstants.AttributeConstants.DOCUMENT_NUMBER, document.getDocumentNumber());
296         attributes.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME, wd.getDocumentTypeName());
297 
298         if (wd.isInitiated() || wd.isSaved()) {
299             attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME, PRE_ROUTING_ROUTE_NAME);
300         } else {
301             attributes.put(KimConstants.AttributeConstants.ROUTE_NODE_NAME,
302                     KRADServiceLocatorWeb.getWorkflowDocumentService().getCurrentRouteNodeNames(wd));
303         }
304 
305         attributes.put(KimConstants.AttributeConstants.ROUTE_STATUS_CODE, wd.getStatus().getCode());
306     }
307 
308     protected boolean isDocumentInitiator(Document document, Person user) {
309         WorkflowDocument workflowDocument = document.getDocumentHeader().getWorkflowDocument();
310 
311         return workflowDocument.getInitiatorPrincipalId().equalsIgnoreCase(user.getPrincipalId());
312     }
313 
314     public DocumentAuthorizer getDocumentAuthorizer() {
315         return documentAuthorizer;
316     }
317 
318     public void setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer) {
319         this.documentAuthorizer = documentAuthorizer;
320     }
321 
322     public void setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass) {
323         this.documentAuthorizer = ObjectUtils.newInstance(documentAuthorizerClass);
324     }
325 }