org.kuali.rice.krad.bo
Class DataObjectAuthorizerBase

java.lang.Object
  extended by org.kuali.rice.krad.bo.DataObjectAuthorizerBase
All Implemented Interfaces:
Serializable, DataObjectAuthorizer
Direct Known Subclasses:
BusinessObjectAuthorizerBase, DocumentAuthorizerBase, ViewAuthorizerBase

public class DataObjectAuthorizerBase
extends Object
implements DataObjectAuthorizer, Serializable

Author:
Kuali Rice Team (rice.collab@kuali.org)
See Also:
Serialized Form

Constructor Summary
DataObjectAuthorizerBase()
           
 
Method Summary
protected  void addPermissionDetails(Object primaryDataObjectOrDocument, Map<String,String> attributes)
          Override this method to populate the permission details from the primary data object or document.
protected  void addRoleQualification(Object primaryDataObjectOrDocument, Map<String,String> attributes)
          Override this method to populate the role qualifier attributes from the primary data object or document.
protected  Map<String,String> getPermissionDetailValues(Object primaryDataObjectOrDocument)
          Returns a permission details map based off data from the primary business object or the document.
protected static PermissionService getPermissionService()
           
protected static PersonService getPersonService()
           
protected  Map<String,String> getRoleQualification(Object primaryDataObjectOrDocument, String principalId)
          Returns a role qualification map based off data from the primary business object or the document.
 boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId)
          Determines whether the user identified by the given principal ID has the given permission in the context of the data object
 boolean isAuthorized(Object dataObject, String namespaceCode, String permissionName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification)
          Determines whether the user identified by the given principal ID has the given permission in the context of the data object, the additional permission details and role qualifiers are used for the check
 boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId)
          Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object
 boolean isAuthorizedByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, String principalId, Map<String,String> collectionOrFieldLevelPermissionDetails, Map<String,String> collectionOrFieldLevelRoleQualification)
          Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object, the additional permission details and role qualifiers are used for the check
protected  boolean permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName)
           
protected  boolean permissionExistsByTemplate(Object dataObject, String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
           
protected  boolean permissionExistsByTemplate(String namespaceCode, String permissionTemplateName, Map<String,String> permissionDetails)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DataObjectAuthorizerBase

public DataObjectAuthorizerBase()
Method Detail

isAuthorized

public final boolean isAuthorized(Object dataObject,
                                  String namespaceCode,
                                  String permissionName,
                                  String principalId)
Description copied from interface: DataObjectAuthorizer
Determines whether the user identified by the given principal ID has the given permission in the context of the data object

Specified by:
isAuthorized in interface DataObjectAuthorizer
Returns:
boolean true if the user is authorized, false if not
See Also:
DataObjectAuthorizer.isAuthorized(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorizedByTemplate

public final boolean isAuthorizedByTemplate(Object dataObject,
                                            String namespaceCode,
                                            String permissionTemplateName,
                                            String principalId)
Description copied from interface: DataObjectAuthorizer
Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object

Specified by:
isAuthorizedByTemplate in interface DataObjectAuthorizer
Returns:
boolean true if the user is authorized, false if not
See Also:
DataObjectAuthorizer.isAuthorizedByTemplate(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorized

public final boolean isAuthorized(Object dataObject,
                                  String namespaceCode,
                                  String permissionName,
                                  String principalId,
                                  Map<String,String> collectionOrFieldLevelPermissionDetails,
                                  Map<String,String> collectionOrFieldLevelRoleQualification)
Description copied from interface: DataObjectAuthorizer
Determines whether the user identified by the given principal ID has the given permission in the context of the data object, the additional permission details and role qualifiers are used for the check

Specified by:
isAuthorized in interface DataObjectAuthorizer
Returns:
boolean true if the user is authorized, false if not
See Also:
DataObjectAuthorizer.isAuthorized(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

isAuthorizedByTemplate

public final boolean isAuthorizedByTemplate(Object dataObject,
                                            String namespaceCode,
                                            String permissionTemplateName,
                                            String principalId,
                                            Map<String,String> collectionOrFieldLevelPermissionDetails,
                                            Map<String,String> collectionOrFieldLevelRoleQualification)
Description copied from interface: DataObjectAuthorizer
Determines whether the user identified by the given principal ID has been granted a permission of the given template in the context of the data object, the additional permission details and role qualifiers are used for the check

Specified by:
isAuthorizedByTemplate in interface DataObjectAuthorizer
Returns:
boolean true if the user is authorized, false if not
See Also:
DataObjectAuthorizer.isAuthorizedByTemplate(java.lang.Object, java.lang.String, java.lang.String, java.lang.String)

addRoleQualification

protected void addRoleQualification(Object primaryDataObjectOrDocument,
                                    Map<String,String> attributes)
Override this method to populate the role qualifier attributes from the primary data object or document. This will only be called once per request.

Parameters:
primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
attributes - - role qualifiers will be added to this map

addPermissionDetails

protected void addPermissionDetails(Object primaryDataObjectOrDocument,
                                    Map<String,String> attributes)
Override this method to populate the permission details from the primary data object or document. This will only be called once per request.

Parameters:
primaryDataObjectOrDocument - - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
attributes - - permission details will be added to this map

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(Object dataObject,
                                                   String namespaceCode,
                                                   String permissionTemplateName)

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(String namespaceCode,
                                                   String permissionTemplateName,
                                                   Map<String,String> permissionDetails)

permissionExistsByTemplate

protected final boolean permissionExistsByTemplate(Object dataObject,
                                                   String namespaceCode,
                                                   String permissionTemplateName,
                                                   Map<String,String> permissionDetails)

getRoleQualification

protected final Map<String,String> getRoleQualification(Object primaryDataObjectOrDocument,
                                                        String principalId)
Returns a role qualification map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD

Parameters:
primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
principalId -
Returns:
a Map containing role qualifications

getPermissionDetailValues

protected final Map<String,String> getPermissionDetailValues(Object primaryDataObjectOrDocument)
Returns a permission details map based off data from the primary business object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD

Parameters:
primaryDataObjectOrDocument - the primary data object (i.e. the main object instance behind the lookup result row or inquiry) or the document
Returns:
a Map containing permission details

getPermissionService

protected static PermissionService getPermissionService()

getPersonService

protected static PersonService getPersonService()


Copyright © 2005–2014 The Kuali Foundation. All rights reserved.