001    /**
002     * Copyright 2005-2013 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.krad.service.impl;
017    
018    import org.kuali.rice.kim.api.identity.Person;
019    import org.kuali.rice.krad.datadictionary.AttributeSecurity;
020    import org.kuali.rice.krad.document.DocumentAuthorizer;
021    import org.kuali.rice.krad.document.DocumentPresentationController;
022    import org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer;
023    import org.kuali.rice.krad.maintenance.MaintenanceDocumentPresentationController;
024    import org.kuali.rice.krad.service.DataDictionaryService;
025    import org.kuali.rice.krad.service.DataObjectAuthorizationService;
026    import org.kuali.rice.krad.service.DocumentDictionaryService;
027    import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
028    
029    /**
030     * Implementation of <code>DataObjectAuthorizationService</code> that uses the
031     * configured <code>AttributeSecurity</code> for a field to determine authorization
032     * checks that need to be performed
033     *
034     * @author Kuali Rice Team (rice.collab@kuali.org)
035     */
036    public class DataObjectAuthorizationServiceImpl implements DataObjectAuthorizationService {
037    
038        private DataDictionaryService dataDictionaryService;
039        private DocumentDictionaryService documentDictionaryService;
040    
041        /**
042         * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#attributeValueNeedsToBeEncryptedOnFormsAndLinks
043         */
044        @Override
045        public boolean attributeValueNeedsToBeEncryptedOnFormsAndLinks(Class<?> dataObjectClass, String attributeName) {
046            AttributeSecurity attributeSecurity =
047                    getDataDictionaryService().getAttributeSecurity(dataObjectClass.getName(), attributeName);
048    
049            return attributeSecurity != null && attributeSecurity.hasRestrictionThatRemovesValueFromUI();
050        }
051    
052        /**
053         * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#canCreate
054         */
055        @Override
056        public boolean canCreate(Class<?> dataObjectClass, Person user, String docTypeName) {
057            DocumentPresentationController documentPresentationController =
058                    getDocumentDictionaryService().getDocumentPresentationController(docTypeName);
059            boolean canCreate =
060                    ((MaintenanceDocumentPresentationController) documentPresentationController).canCreate(dataObjectClass);
061            if (canCreate) {
062                DocumentAuthorizer documentAuthorizer = getDocumentDictionaryService().getDocumentAuthorizer(docTypeName);
063                canCreate = ((MaintenanceDocumentAuthorizer) documentAuthorizer).canCreate(dataObjectClass, user);
064            }
065            return canCreate;
066        }
067    
068        /**
069         * @see org.kuali.rice.krad.service.impl.DataObjectAuthorizationServiceImpl#canMaintain
070         */
071        @Override
072        public boolean canMaintain(Object dataObject, Person user, String docTypeName) {
073            return ((MaintenanceDocumentAuthorizer) getDocumentDictionaryService().getDocumentAuthorizer(docTypeName))
074                    .canMaintain(dataObject, user);
075        }
076    
077        protected DataDictionaryService getDataDictionaryService() {
078            if (dataDictionaryService == null) {
079                this.dataDictionaryService = KRADServiceLocatorWeb.getDataDictionaryService();
080            }
081            return dataDictionaryService;
082        }
083    
084        public void setDataDictionaryService(DataDictionaryService dataDictionaryService) {
085            this.dataDictionaryService = dataDictionaryService;
086        }
087    
088        protected DocumentDictionaryService getDocumentDictionaryService() {
089            if (documentDictionaryService == null) {
090                documentDictionaryService = KRADServiceLocatorWeb.getDocumentDictionaryService();
091            }
092            return documentDictionaryService;
093        }
094    
095        public void setDocumentDictionaryService(DocumentDictionaryService documentDictionaryService) {
096            this.documentDictionaryService = documentDictionaryService;
097        }
098    }