View Javadoc

1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.maintenance;
17  
18  import org.kuali.rice.kim.api.KimConstants;
19  import org.kuali.rice.kim.api.identity.Person;
20  import org.kuali.rice.krad.document.DocumentAuthorizerBase;
21  import org.kuali.rice.krad.service.DocumentDictionaryService;
22  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
23  import org.kuali.rice.krad.util.KRADConstants;
24  import org.kuali.rice.krad.util.KRADUtils;
25  
26  import java.util.HashMap;
27  import java.util.Map;
28  
29  /**
30   * Default implementation for {@link MaintenanceDocumentAuthorizer} that perform KIM permission checks to authorize
31   * the actions
32   *
33   * @author Kuali Rice Team (rice.collab@kuali.org)
34   * @see org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer
35   */
36  public class MaintenanceDocumentAuthorizerBase extends DocumentAuthorizerBase implements MaintenanceDocumentAuthorizer {
37      private static final long serialVersionUID = 6780013889553259327L;
38  
39      private transient DocumentDictionaryService documentDictionaryService;
40  
41      /**
42       * @see org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer#canCreate(Class, org.kuali.rice.kim.api.identity.Person)
43       */
44      @Override
45      public boolean canCreate(Class boClass, Person user) {
46          Map<String, String> permissionDetails = new HashMap<String, String>();
47          permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
48                  getDocumentDictionaryService().getMaintenanceDocumentTypeName(boClass));
49          permissionDetails.put(KRADConstants.MAINTENANCE_ACTN, KRADConstants.MAINTENANCE_NEW_ACTION);
50  
51          return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
52                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, permissionDetails)
53                  || getPermissionService().isAuthorizedByTemplate(user.getPrincipalId(), KRADConstants.KNS_NAMESPACE,
54                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, permissionDetails,
55                  new HashMap<String, String>());
56      }
57  
58      /**
59       * @see org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer#canMaintain(Object, org.kuali.rice.kim.api.identity.Person)
60       */
61      @Override
62      public boolean canMaintain(Object dataObject, Person user) {
63          Map<String, String> permissionDetails = new HashMap<String, String>(2);
64          permissionDetails.put(KimConstants.AttributeConstants.DOCUMENT_TYPE_NAME,
65                  getDocumentDictionaryService().getMaintenanceDocumentTypeName(dataObject.getClass()));
66          permissionDetails.put(KRADConstants.MAINTENANCE_ACTN, KRADConstants.MAINTENANCE_EDIT_ACTION);
67  
68          return !permissionExistsByTemplate(KRADConstants.KNS_NAMESPACE,
69                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, permissionDetails)
70                  || isAuthorizedByTemplate(dataObject, KRADConstants.KNS_NAMESPACE,
71                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, user.getPrincipalId(), permissionDetails,
72                  null);
73      }
74  
75      /**
76       * @see org.kuali.rice.krad.maintenance.MaintenanceDocumentAuthorizer#canCreateOrMaintain(MaintenanceDocument, org.kuali.rice.kim.api.identity.Person)
77       */
78      @Override
79      public boolean canCreateOrMaintain(MaintenanceDocument maintenanceDocument, Person user) {
80          return !permissionExistsByTemplate(maintenanceDocument, KRADConstants.KNS_NAMESPACE,
81                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS) || isAuthorizedByTemplate(
82                  maintenanceDocument, KRADConstants.KNS_NAMESPACE,
83                  KimConstants.PermissionTemplateNames.CREATE_MAINTAIN_RECORDS, user.getPrincipalId());
84      }
85  
86      /**
87       * Adds the namespace and component to the role qualification attributes
88       *
89       * @see org.kuali.rice.krad.document.DocumentAuthorizerBase#addRoleQualification(Object, java.util.Map)
90       */
91      @SuppressWarnings("unchecked")
92      @Override
93      protected void addRoleQualification(Object dataObject, Map<String, String> attributes) {
94          super.addRoleQualification(dataObject, attributes);
95  
96          if (dataObject instanceof MaintenanceDocument) {
97              MaintenanceDocument maintDoc = (MaintenanceDocument) dataObject;
98              if (maintDoc.getNewMaintainableObject() != null) {
99                  attributes.putAll(KRADUtils.getNamespaceAndComponentSimpleName(
100                         maintDoc.getNewMaintainableObject().getDataObjectClass()));
101             }
102         }
103     }
104 
105     /**
106      * Adds the namespace, component and maintenance actions to the permission details attributes
107      *
108      * @see org.kuali.rice.krad.document.DocumentAuthorizerBase#addPermissionDetails(Object, java.util.Map)
109      */
110     @SuppressWarnings("unchecked")
111     @Override
112     protected void addPermissionDetails(Object dataObject, Map<String, String> attributes) {
113         super.addPermissionDetails(dataObject, attributes);
114 
115         if (dataObject instanceof MaintenanceDocument) {
116             MaintenanceDocument maintDoc = (MaintenanceDocument) dataObject;
117             if (maintDoc.getNewMaintainableObject() != null) {
118                 attributes.putAll(KRADUtils.getNamespaceAndComponentSimpleName(
119                         maintDoc.getNewMaintainableObject().getDataObjectClass()));
120                 attributes.put(KRADConstants.MAINTENANCE_ACTN,
121                         maintDoc.getNewMaintainableObject().getMaintenanceAction());
122             }
123         }
124     }
125 
126     protected DocumentDictionaryService getDocumentDictionaryService() {
127         if (documentDictionaryService == null) {
128             documentDictionaryService = KRADServiceLocatorWeb.getDocumentDictionaryService();
129         }
130         return documentDictionaryService;
131     }
132 
133     public void setDocumentDictionaryService(DocumentDictionaryService documentDictionaryService) {
134         this.documentDictionaryService = documentDictionaryService;
135     }
136 }