View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.lookup;
17  
18  import org.kuali.rice.core.api.exception.RiceRuntimeException;
19  import org.kuali.rice.kim.api.KimConstants;
20  import org.kuali.rice.kim.api.identity.Person;
21  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
22  import org.kuali.rice.krad.uif.view.View;
23  import org.kuali.rice.krad.uif.view.ViewAuthorizerBase;
24  import org.kuali.rice.krad.uif.view.ViewModel;
25  import org.kuali.rice.krad.util.KRADConstants;
26  import org.kuali.rice.krad.util.KRADUtils;
27  
28  import java.util.Map;
29  
30  /**
31   * Implementation of {@link org.kuali.rice.krad.uif.view.ViewAuthorizer} for
32   * {@link LookupView} instances
33   *
34   * @author Kuali Rice Team (rice.collab@kuali.org)
35   */
36  public class LookupViewAuthorizerBase extends ViewAuthorizerBase {
37      private static final long serialVersionUID = 3755133641536256283L;
38      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(
39              LookupViewAuthorizerBase.class);
40  
41      /**
42       * Override to check the for permissions of type 'Look Up Records' in addition to the open view check
43       * done in super
44       *
45       * @param view view instance the open permission should be checked for
46       * @param model object containing the model data associated with the view
47       * @param user user who is requesting the view
48       */
49      @Override
50      public boolean canOpenView(View view, ViewModel model, Person user) {
51          boolean canOpen = super.canOpenView(view, model, user);
52  
53          if (canOpen) {
54              LookupForm lookupForm = (LookupForm) model;
55  
56              Map<String, String> additionalPermissionDetails;
57              try {
58                  additionalPermissionDetails = KRADUtils.getNamespaceAndComponentSimpleName(Class.forName(
59                          lookupForm.getDataObjectClassName()));
60              } catch (ClassNotFoundException e) {
61                  throw new RiceRuntimeException(
62                          "Unable to create class for lookup class name: " + lookupForm.getDataObjectClassName(), e);
63              }
64  
65              if (permissionExistsByTemplate(model, KRADConstants.KNS_NAMESPACE,
66                      KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, additionalPermissionDetails)) {
67                  canOpen = isAuthorizedByTemplate(model, KRADConstants.KNS_NAMESPACE,
68                          KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, user.getPrincipalId(),
69                          additionalPermissionDetails, null);
70              }
71          }
72  
73          return canOpen;
74      }
75  
76      /**
77       * Check if user is allowed to initiate the maintenance document associated with the lookup data
78       * object class.
79       *
80       * @param dataObjectClassName data object class name associated with the lookup
81       * @param user user we are authorizing the actions for
82       * @return true if user is authorized to initiate the document, false otherwise
83       */
84      public boolean canInitiateMaintenanceDocument(String dataObjectClassName, Person user) {
85          boolean canInitiateDocument = false;
86  
87          try {
88              Class<?> dataObjectClass = Class.forName(dataObjectClassName);
89  
90              String documentTypeName = KRADServiceLocatorWeb.getDocumentDictionaryService()
91                      .getMaintenanceDocumentTypeName(dataObjectClass);
92              if ((documentTypeName != null) &&
93                      KRADServiceLocatorWeb.getDocumentDictionaryService().getDocumentAuthorizer(documentTypeName)
94                              .canInitiate(documentTypeName, user)) {
95                  canInitiateDocument = true;
96              }
97          } catch (ClassNotFoundException e) {
98              LOG.warn("Unable to load Data Object Class: " + dataObjectClassName, e);
99          }
100 
101         return canInitiateDocument;
102     }
103 }