View Javadoc

1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krms.impl.authorization;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.kuali.rice.kim.api.identity.Person;
20  import org.kuali.rice.krad.document.DocumentAuthorizerBase;
21  import org.kuali.rice.krad.maintenance.MaintenanceDocument;
22  import org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer;
23  import org.kuali.rice.krms.api.KrmsConstants;
24  import org.kuali.rice.krms.impl.repository.KrmsRepositoryServiceLocator;
25  import org.kuali.rice.krms.impl.ui.AgendaEditor;
26  
27  import java.util.HashSet;
28  import java.util.Set;
29  
30  public class AgendaEditorAuthorizer extends DocumentAuthorizerBase implements MaintenanceDocumentAuthorizer {
31  
32      @Override
33      public boolean canCreate(Class boClass, Person user) {
34          // The context is unknown on create so we need to let the user in
35          // TODO: maybe restrict it so only user that have rights to some contexts are allowed to create agendas.
36          return true;
37      }
38  
39      @Override
40      public boolean canMaintain(Object dataObject, Person user) {
41          AgendaEditor agendaEditor = (AgendaEditor) dataObject;
42          return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
43      }
44  
45      @Override
46      public boolean canCreateOrMaintain(MaintenanceDocument maintenanceDocument, Person user) {
47          AgendaEditor agendaEditor = (AgendaEditor) maintenanceDocument.getOldMaintainableObject().getDataObject();
48          if (StringUtils.isEmpty(agendaEditor.getAgenda().getContextId())) {
49              // If this is a new document use the new contextId instead since an old one does not exist.
50              agendaEditor  = (AgendaEditor) maintenanceDocument.getNewMaintainableObject().getDataObject();
51              return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
52          } else {
53              return getAgendaAuthorizationService().isAuthorized(KrmsConstants.MAINTAIN_KRMS_AGENDA, agendaEditor.getAgenda().getContextId());
54          }
55      }
56  
57      private AgendaAuthorizationService getAgendaAuthorizationService() {
58          return KrmsRepositoryServiceLocator.getAgendaAuthorizationService();
59      }
60  }