Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.kuali.rice.krad.document
Class DocumentViewAuthorizerBase

java.lang.Object
  extended by org.kuali.rice.krad.bo.DataObjectAuthorizerBase
      extended by org.kuali.rice.krad.uif.view.ViewAuthorizerBase
          extended by org.kuali.rice.krad.document.DocumentViewAuthorizerBase
All Implemented Interfaces:
Serializable, DataObjectAuthorizer, DocumentAuthorizer, ViewAuthorizer
Direct Known Subclasses:
MaintenanceViewAuthorizerBase, TransactionalDocumentViewAuthorizerBase
public class DocumentViewAuthorizerBase
extends ViewAuthorizerBase
implements DocumentAuthorizer

Implementation of ViewAuthorizer for DocumentView instances

Performs KIM permission checks for the various document actions such as save, approve, cancel

By default delegates to the DocumentAuthorizer configured for the document in the data dictionary

Author:
Kuali Rice Team (rice.collab@kuali.org)
See Also:
Serialized Form

Field Summary
protected static org.apache.commons.logging.Log LOG
           
static String PRE_ROUTING_ROUTE_NAME
           
 
Constructor Summary
DocumentViewAuthorizerBase()
           
 
Method Summary
protected  void addPermissionDetails(Object dataObject, Map<String,String> attributes)
          Override this method to populate the permission details from the primary data object or document.
protected  void addRoleQualification(Object dataObject, Map<String,String> attributes)
          Override this method to populate the role qualifier attributes from the primary data object or document.
protected  void addStandardAttributes(Document document, Map<String,String> attributes)
           
 boolean canAcknowledge(Document document, Person user)
           
 boolean canAddNoteAttachment(Document document, String attachmentTypeCode, Person user)
           
 boolean canAnnotate(Document document, Person user)
           
 boolean canApprove(Document document, Person user)
           
 boolean canBlanketApprove(Document document, Person user)
           
 boolean canCancel(Document document, Person user)
          Determines if the user has permission to cancel the document
 boolean canClose(Document document, Person user)
           
 boolean canCopy(Document document, Person user)
          Determines if the user has permission to copy the document
 boolean canDeleteNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
           
 boolean canDisapprove(Document document, Person user)
           
 boolean canEdit(Document document, Person user)
          Determines if the document can be edited; if false is returned, then all fields are in a read only state
 boolean canEditDocumentOverview(Document document, Person user)
           
 boolean canEditView(View view, ViewModel model, Person user)
          Checks for an edit view permission for the view id, and if found verifies the user has that permission
 boolean canFyi(Document document, Person user)
           
 boolean canInitiate(String documentTypeName, Person user)
          Checks if a user has the permissions to initiate a document
 boolean canOpen(Document document, Person user)
          Checks if a user has the permissions to open a document
 boolean canOpenView(View view, ViewModel model, Person user)
          Checks for an open view permission for the view id, and if found verifies the user has that permission
 boolean canPerformRouteReport(Document document, Person user)
           
 boolean canRecall(Document document, Person user)
           
 boolean canReceiveAdHoc(Document document, Person user, String actionRequestCode)
           
 boolean canReload(Document document, Person user)
           
 boolean canRoute(Document document, Person user)
          Determines if the user has permission to route the document
 boolean canSave(Document document, Person user)
           
 boolean canSendAdHocRequests(Document document, String actionRequestCd, Person user)
           
 boolean canSendAnyTypeAdHocRequests(Document document, Person user)
           
 boolean canSendNoteFyi(Document document, Person user)
           
 boolean canTakeRequestedAction(Document document, String actionRequestCode, Person user)
           
 boolean canViewNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
           
 Set<String> getActionFlags(View view, ViewModel model, Person user, Set<String> actions)
          Returns the set of action flags that are authorized for the given user
 DocumentAuthorizer getDocumentAuthorizer()
           
protected  boolean isDocumentInitiator(Document document, Person user)
           
 void setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer)
           
 void setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass)
           
 
Methods inherited from class org.kuali.rice.krad.uif.view.ViewAuthorizerBase
canEditField, canEditGroup, canEditLine, canEditLineField, canEditWidget, canPartialUnmaskField, canPerformAction, canPerformLineAction, canUnmaskField, canViewField, canViewGroup, canViewLine, canViewLineField, canViewWidget, getActionPermissionDetails, getConfigurationService, getDataObjectContext, getEditModes, getFieldPermissionDetails, getGroupPermissionDetails, getWidgetPermissionDetails, isAuthorizedByTemplate, setConfigurationService
 
Methods inherited from class org.kuali.rice.krad.bo.DataObjectAuthorizerBase
getPermissionDetailValues, getPermissionService, getPersonService, getRoleQualification, isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate, permissionExistsByTemplate, permissionExistsByTemplate, permissionExistsByTemplate
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.kuali.rice.krad.bo.DataObjectAuthorizer
isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate
 

Field Detail

LOG

protected static org.apache.commons.logging.Log LOG

PRE_ROUTING_ROUTE_NAME

public static final String PRE_ROUTING_ROUTE_NAME
See Also:
Constant Field Values
Constructor Detail

DocumentViewAuthorizerBase

public DocumentViewAuthorizerBase()
Method Detail

getActionFlags

public Set<String> getActionFlags(View view,
                                  ViewModel model,
                                  Person user,
                                  Set<String> actions)
Description copied from interface: ViewAuthorizer
Returns the set of action flags that are authorized for the given user

Action flags are created for views to indicate some action or feature should be enabled. These flags can be used within expressions for configuring the view content. For example:

For each action flag, KIM is consulted to determine if a permission exist for the template associated with the action flag. If so, a check is then made to determine if the user has that permission. If the permission fails for the user, the action flag is removed from the returned set.

The Set of available action flags should first be exported by the ViewPresentationController.getActionFlags(View, org.kuali.rice.krad.web.form.UifFormBase) method. The set returned from this method will be passed as the method argument here by the framework.

Specified by:
getActionFlags in interface ViewAuthorizer
Overrides:
getActionFlags in class ViewAuthorizerBase
Parameters:
view - - view instance the action flags apply to
model - - object containing the view data
user - - user we are authorizing the actions for
actions - - set of action flags to authorize
Returns:
Set set of action flags that have been authorized, this will be equal to or a subset of the actions passed in
See Also:
org.kuali.rice.krad.uif.view.ViewAuthorizer#getActionFlags(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel, org.kuali.rice.kim.api.identity.Person, java.util.Set)

canInitiate

public final boolean canInitiate(String documentTypeName,
                                 Person user)
Description copied from interface: DocumentAuthorizer
Checks if a user has the permissions to initiate a document

Specified by:
canInitiate in interface DocumentAuthorizer
Returns:
boolean, true if the user has the permissions to initiate a document else false

canOpen

public final boolean canOpen(Document document,
                             Person user)
Description copied from interface: DocumentAuthorizer
Checks if a user has the permissions to open a document

Specified by:
canOpen in interface DocumentAuthorizer
Returns:
boolean, true if the user has the permissions to open a document else false

canOpenView

public boolean canOpenView(View view,
                           ViewModel model,
                           Person user)
Description copied from class: ViewAuthorizerBase
Checks for an open view permission for the view id, and if found verifies the user has that permission

Specified by:
canOpenView in interface ViewAuthorizer
Overrides:
canOpenView in class ViewAuthorizerBase
Parameters:
view - - view instance to check authorization for
model - - object containing the view data
user - - user to authorize
Returns:
boolean true if the user is authorized to open the view, false otherwise
See Also:
ViewAuthorizer.canOpenView(View, ViewModel, org.kuali.rice.kim.api.identity.Person)

canEdit

public boolean canEdit(Document document,
                       Person user)
Description copied from interface: DocumentAuthorizer
Determines if the document can be edited; if false is returned, then all fields are in a read only state

Specified by:
canEdit in interface DocumentAuthorizer
Returns:
boolean, true if the user has the permissions to edit a document else false

canEditView

public boolean canEditView(View view,
                           ViewModel model,
                           Person user)
Description copied from class: ViewAuthorizerBase
Checks for an edit view permission for the view id, and if found verifies the user has that permission

Specified by:
canEditView in interface ViewAuthorizer
Overrides:
canEditView in class ViewAuthorizerBase
Parameters:
view - - view instance to check authorization for
model - - object containing the view data
user - - user to authorize
Returns:
boolean true if the user is authorized to edit the view, false otherwise
See Also:
ViewAuthorizer.canEditView(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel, org.kuali.rice.kim.api.identity.Person)

canAnnotate

public boolean canAnnotate(Document document,
                           Person user)
Specified by:
canAnnotate in interface DocumentAuthorizer

canReload

public boolean canReload(Document document,
                         Person user)
Specified by:
canReload in interface DocumentAuthorizer

canClose

public boolean canClose(Document document,
                        Person user)
Specified by:
canClose in interface DocumentAuthorizer

canSave

public boolean canSave(Document document,
                       Person user)
Specified by:
canSave in interface DocumentAuthorizer

canRoute

public boolean canRoute(Document document,
                        Person user)
Description copied from interface: DocumentAuthorizer
Determines if the user has permission to route the document

Specified by:
canRoute in interface DocumentAuthorizer
Returns:
boolean, true if the user has permissions to route a document else false

canCancel

public boolean canCancel(Document document,
                         Person user)
Description copied from interface: DocumentAuthorizer
Determines if the user has permission to cancel the document

Specified by:
canCancel in interface DocumentAuthorizer
Returns:
boolean, true if the user has permissions to cancel a document else false

canRecall

public boolean canRecall(Document document,
                         Person user)
Specified by:
canRecall in interface DocumentAuthorizer

canCopy

public boolean canCopy(Document document,
                       Person user)
Description copied from interface: DocumentAuthorizer
Determines if the user has permission to copy the document

Specified by:
canCopy in interface DocumentAuthorizer
Returns:
boolean, true if the user has permissions to cancel a document else false

canPerformRouteReport

public boolean canPerformRouteReport(Document document,
                                     Person user)
Specified by:
canPerformRouteReport in interface DocumentAuthorizer

canBlanketApprove

public boolean canBlanketApprove(Document document,
                                 Person user)
Specified by:
canBlanketApprove in interface DocumentAuthorizer

canApprove

public boolean canApprove(Document document,
                          Person user)
Specified by:
canApprove in interface DocumentAuthorizer

canDisapprove

public boolean canDisapprove(Document document,
                             Person user)
Specified by:
canDisapprove in interface DocumentAuthorizer

canSendNoteFyi

public boolean canSendNoteFyi(Document document,
                              Person user)
Specified by:
canSendNoteFyi in interface DocumentAuthorizer

canFyi

public boolean canFyi(Document document,
                      Person user)
Specified by:
canFyi in interface DocumentAuthorizer

canAcknowledge

public boolean canAcknowledge(Document document,
                              Person user)
Specified by:
canAcknowledge in interface DocumentAuthorizer

canReceiveAdHoc

public final boolean canReceiveAdHoc(Document document,
                                     Person user,
                                     String actionRequestCode)
Specified by:
canReceiveAdHoc in interface DocumentAuthorizer

canAddNoteAttachment

public final boolean canAddNoteAttachment(Document document,
                                          String attachmentTypeCode,
                                          Person user)
Specified by:
canAddNoteAttachment in interface DocumentAuthorizer

canDeleteNoteAttachment

public final boolean canDeleteNoteAttachment(Document document,
                                             String attachmentTypeCode,
                                             String authorUniversalIdentifier,
                                             Person user)
Specified by:
canDeleteNoteAttachment in interface DocumentAuthorizer

canViewNoteAttachment

public final boolean canViewNoteAttachment(Document document,
                                           String attachmentTypeCode,
                                           String authorUniversalIdentifier,
                                           Person user)
Specified by:
canViewNoteAttachment in interface DocumentAuthorizer

canSendAdHocRequests

public final boolean canSendAdHocRequests(Document document,
                                          String actionRequestCd,
                                          Person user)
Specified by:
canSendAdHocRequests in interface DocumentAuthorizer

canEditDocumentOverview

public boolean canEditDocumentOverview(Document document,
                                       Person user)
Specified by:
canEditDocumentOverview in interface DocumentAuthorizer

canSendAnyTypeAdHocRequests

public boolean canSendAnyTypeAdHocRequests(Document document,
                                           Person user)
Specified by:
canSendAnyTypeAdHocRequests in interface DocumentAuthorizer

canTakeRequestedAction

public boolean canTakeRequestedAction(Document document,
                                      String actionRequestCode,
                                      Person user)
Specified by:
canTakeRequestedAction in interface DocumentAuthorizer

addPermissionDetails

protected void addPermissionDetails(Object dataObject,
                                    Map<String,String> attributes)
Description copied from class: DataObjectAuthorizerBase
Override this method to populate the permission details from the primary data object or document. This will only be called once per request.

Overrides:
addPermissionDetails in class DataObjectAuthorizerBase
Parameters:
dataObject - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
attributes - - permission details will be added to this map

addRoleQualification

protected void addRoleQualification(Object dataObject,
                                    Map<String,String> attributes)
Description copied from class: DataObjectAuthorizerBase
Override this method to populate the role qualifier attributes from the primary data object or document. This will only be called once per request.

Overrides:
addRoleQualification in class DataObjectAuthorizerBase
Parameters:
dataObject - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
attributes - - role qualifiers will be added to this map

addStandardAttributes

protected void addStandardAttributes(Document document,
                                     Map<String,String> attributes)

isDocumentInitiator

protected boolean isDocumentInitiator(Document document,
                                      Person user)

getDocumentAuthorizer

public DocumentAuthorizer getDocumentAuthorizer()

setDocumentAuthorizer

public void setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer)

setDocumentAuthorizerClass

public void setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2012 The Kuali Foundation. All Rights Reserved.