public class DocumentViewAuthorizerBase extends ViewAuthorizerBase implements DocumentAuthorizer
ViewAuthorizer
for
DocumentView
instances
Performs KIM permission checks for the various document actions such as save, approve, cancel
By default delegates to the DocumentAuthorizer
configured for the document in the data dictionary
Modifier and Type | Field and Description |
---|---|
protected static org.apache.commons.logging.Log |
LOG |
static String |
PRE_ROUTING_ROUTE_NAME |
Constructor and Description |
---|
DocumentViewAuthorizerBase() |
Modifier and Type | Method and Description |
---|---|
protected void |
addPermissionDetails(Object dataObject,
Map<String,String> attributes)
Override this method to populate the permission details from the primary
data object or document.
|
protected void |
addRoleQualification(Object dataObject,
Map<String,String> attributes)
Override this method to populate the role qualifier attributes from the
primary data object or document.
|
protected void |
addStandardAttributes(Document document,
Map<String,String> attributes) |
boolean |
canAcknowledge(Document document,
Person user) |
boolean |
canAddNoteAttachment(Document document,
String attachmentTypeCode,
Person user) |
boolean |
canAnnotate(Document document,
Person user) |
boolean |
canApprove(Document document,
Person user) |
boolean |
canBlanketApprove(Document document,
Person user) |
boolean |
canCancel(Document document,
Person user)
Determines if the user has permission to cancel the document
|
boolean |
canClose(Document document,
Person user) |
boolean |
canCopy(Document document,
Person user)
Determines if the user has permission to copy the document
|
boolean |
canDeleteNoteAttachment(Document document,
String attachmentTypeCode,
String authorUniversalIdentifier,
Person user) |
boolean |
canDisapprove(Document document,
Person user) |
boolean |
canEdit(Document document,
Person user)
Determines if the document can be edited; if false is returned, then all fields are in a
read only state
|
boolean |
canEditDocumentOverview(Document document,
Person user) |
boolean |
canEditView(View view,
ViewModel model,
Person user)
Checks for an edit view permission for the view id, and if found verifies the user has that permission
|
boolean |
canFyi(Document document,
Person user) |
boolean |
canInitiate(String documentTypeName,
Person user)
Checks if a user has the permissions to initiate a document
|
boolean |
canOpen(Document document,
Person user)
Checks if a user has the permissions to open a document
|
boolean |
canOpenView(View view,
ViewModel model,
Person user)
Checks for an open view permission for the view id, and if found verifies the user has that permission
|
boolean |
canPerformRouteReport(Document document,
Person user) |
boolean |
canRecall(Document document,
Person user) |
boolean |
canReceiveAdHoc(Document document,
Person user,
String actionRequestCode) |
boolean |
canReload(Document document,
Person user) |
boolean |
canRoute(Document document,
Person user)
Determines if the user has permission to route the document
|
boolean |
canSave(Document document,
Person user) |
boolean |
canSendAdHocRequests(Document document,
String actionRequestCd,
Person user) |
boolean |
canSendAnyTypeAdHocRequests(Document document,
Person user) |
boolean |
canSendNoteFyi(Document document,
Person user) |
boolean |
canSuperUserApprove(Document document,
Person user)
Determines if the user has permission to approve a document as a super user.
|
boolean |
canSuperUserDisapprove(Document document,
Person user)
Determines if the user has permission to disapprove a document as a super user.
|
boolean |
canSuperUserTakeAction(Document document,
Person user)
Determines if the user has permission to take a super user action.
|
boolean |
canTakeRequestedAction(Document document,
String actionRequestCode,
Person user) |
boolean |
canUnmaskField(View view,
ViewModel model,
DataField field,
String propertyName,
Person user)
Checks whether the mask authorization exists for the given property and if so whether the given user has the
ability to unmask the value
|
boolean |
canViewNoteAttachment(Document document,
String attachmentTypeCode,
Person user) |
boolean |
canViewNoteAttachment(Document document,
String attachmentTypeCode,
String authorUniversalIdentifier,
Person user)
Deprecated.
|
Set<String> |
getActionFlags(View view,
ViewModel model,
Person user,
Set<String> actions)
Returns the set of action flags that are authorized for the given user
|
DocumentAuthorizer |
getDocumentAuthorizer() |
DocumentDictionaryService |
getDocumentDictionaryService() |
void |
initializeDocumentAuthorizerIfNecessary(Document document)
If the document authorizer is null, gets the authorizer from the document dictionary service for the given
document's class.
|
void |
initializeDocumentAuthorizerIfNecessary(String documentTypeName)
If the document authorizer is null, gets the authorizer from the document dictionary service for the given
document type name.
|
protected boolean |
isDocumentInitiator(Document document,
Person user) |
protected boolean |
isInitiator(ViewModel model,
Person user)
Checks if the user is the initiator for the current document
|
void |
setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer) |
void |
setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass) |
void |
setDocumentDictionaryService(DocumentDictionaryService documentDictionaryService) |
canEditField, canEditGroup, canEditLine, canEditLineField, canEditWidget, canPartialUnmaskField, canPerformAction, canPerformLineAction, canViewField, canViewGroup, canViewLine, canViewLineField, canViewWidget, getActionPermissionDetails, getConfigurationService, getDataObjectContext, getEditModes, getFieldPermissionDetails, getGroupPermissionDetails, getWidgetPermissionDetails, isAuthorizedByTemplate, setConfigurationService
getPermissionDetailValues, getPermissionService, getPersonService, getRoleQualification, isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate, permissionExistsByTemplate, permissionExistsByTemplate, permissionExistsByTemplate
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
isAuthorized, isAuthorized, isAuthorizedByTemplate, isAuthorizedByTemplate
protected static org.apache.commons.logging.Log LOG
public static final String PRE_ROUTING_ROUTE_NAME
public DocumentViewAuthorizerBase()
public Set<String> getActionFlags(View view, ViewModel model, Person user, Set<String> actions)
Action flags are created for views to indicate some action or feature should be enabled. These flags can be
used within expressions for configuring the view content.
For example:
For each action flag, KIM is consulted to determine if a permission exist for the template associated with the action flag. If so, a check is then made to determine if the user has that permission. If the permission fails for the user, the action flag is removed from the returned set.
The Set of available action flags should first be exported by the
ViewPresentationController.getActionFlags(View, org.kuali.rice.krad.web.form.UifFormBase)
method. The
set returned from this method will be passed as the method argument here by the framework.
getActionFlags
in interface ViewAuthorizer
getActionFlags
in class ViewAuthorizerBase
view
- - view instance the action flags apply tomodel
- - object containing the view datauser
- - user we are authorizing the actions foractions
- - set of action flags to authorizeViewAuthorizer#getActionFlags(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel,
org.kuali.rice.kim.api.identity.Person, java.util.Set)
public final boolean canInitiate(String documentTypeName, Person user)
canInitiate
in interface DocumentAuthorizer
documentTypeName
- document type nameuser
- current userpublic final boolean canOpen(Document document, Person user)
canOpen
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canOpenView(View view, ViewModel model, Person user)
canOpenView
in interface ViewAuthorizer
canOpenView
in class ViewAuthorizerBase
view
- - view instance to check authorization formodel
- - object containing the view datauser
- - user to authorizeViewAuthorizer.canOpenView(View, ViewModel, org.kuali.rice.kim.api.identity.Person)
public boolean canEdit(Document document, Person user)
canEdit
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canEditView(View view, ViewModel model, Person user)
canEditView
in interface ViewAuthorizer
canEditView
in class ViewAuthorizerBase
view
- - view instance to check authorization formodel
- - object containing the view datauser
- - user to authorizeViewAuthorizer.canEditView(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel,
org.kuali.rice.kim.api.identity.Person)
public boolean canUnmaskField(View view, ViewModel model, DataField field, String propertyName, Person user)
canUnmaskField
in interface ViewAuthorizer
canUnmaskField
in class ViewAuthorizerBase
view
- - view instance the field belongs tomodel
- - object containing the view datafield
- - field associated for the property and from which the
ComponentSecurity
will be retrievedpropertyName
- - name of the property associated with the fielduser
- - user we are authorizingViewAuthorizer.canUnmaskField(org.kuali.rice.krad.uif.view.View, org.kuali.rice.krad.uif.view.ViewModel,
org.kuali.rice.krad.uif.field.DataField, java.lang.String, org.kuali.rice.kim.api.identity.Person)
protected boolean isInitiator(ViewModel model, Person user)
model
- object containing the view datauser
- user we are authorizingpublic boolean canAnnotate(Document document, Person user)
canAnnotate
in interface DocumentAuthorizer
public boolean canReload(Document document, Person user)
canReload
in interface DocumentAuthorizer
public boolean canClose(Document document, Person user)
canClose
in interface DocumentAuthorizer
public boolean canSave(Document document, Person user)
canSave
in interface DocumentAuthorizer
public boolean canRoute(Document document, Person user)
canRoute
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canCancel(Document document, Person user)
canCancel
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canRecall(Document document, Person user)
canRecall
in interface DocumentAuthorizer
public boolean canCopy(Document document, Person user)
canCopy
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canPerformRouteReport(Document document, Person user)
canPerformRouteReport
in interface DocumentAuthorizer
public boolean canBlanketApprove(Document document, Person user)
canBlanketApprove
in interface DocumentAuthorizer
public boolean canApprove(Document document, Person user)
canApprove
in interface DocumentAuthorizer
public boolean canDisapprove(Document document, Person user)
canDisapprove
in interface DocumentAuthorizer
public boolean canSendNoteFyi(Document document, Person user)
canSendNoteFyi
in interface DocumentAuthorizer
public boolean canFyi(Document document, Person user)
canFyi
in interface DocumentAuthorizer
public boolean canAcknowledge(Document document, Person user)
canAcknowledge
in interface DocumentAuthorizer
public final boolean canReceiveAdHoc(Document document, Person user, String actionRequestCode)
canReceiveAdHoc
in interface DocumentAuthorizer
public final boolean canAddNoteAttachment(Document document, String attachmentTypeCode, Person user)
canAddNoteAttachment
in interface DocumentAuthorizer
public final boolean canDeleteNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
canDeleteNoteAttachment
in interface DocumentAuthorizer
public final boolean canViewNoteAttachment(Document document, String attachmentTypeCode, Person user)
canViewNoteAttachment
in interface DocumentAuthorizer
@Deprecated public final boolean canViewNoteAttachment(Document document, String attachmentTypeCode, String authorUniversalIdentifier, Person user)
canViewNoteAttachment
in interface DocumentAuthorizer
public final boolean canSendAdHocRequests(Document document, String actionRequestCd, Person user)
canSendAdHocRequests
in interface DocumentAuthorizer
public boolean canEditDocumentOverview(Document document, Person user)
canEditDocumentOverview
in interface DocumentAuthorizer
public boolean canSendAnyTypeAdHocRequests(Document document, Person user)
canSendAnyTypeAdHocRequests
in interface DocumentAuthorizer
public boolean canTakeRequestedAction(Document document, String actionRequestCode, Person user)
canTakeRequestedAction
in interface DocumentAuthorizer
public boolean canSuperUserTakeAction(Document document, Person user)
canSuperUserTakeAction
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canSuperUserApprove(Document document, Person user)
canSuperUserApprove
in interface DocumentAuthorizer
document
- document to checkuser
- current userpublic boolean canSuperUserDisapprove(Document document, Person user)
canSuperUserDisapprove
in interface DocumentAuthorizer
document
- document to checkuser
- current userprotected void addPermissionDetails(Object dataObject, Map<String,String> attributes)
addPermissionDetails
in class DataObjectAuthorizerBase
dataObject
- - the primary data object (i.e. the main object instance
behind the lookup result row or inquiry) or the documentattributes
- - permission details will be added to this mapprotected void addRoleQualification(Object dataObject, Map<String,String> attributes)
addRoleQualification
in class DataObjectAuthorizerBase
dataObject
- - the primary data object (i.e. the main object instance
behind the lookup result row or inquiry) or the documentattributes
- - role qualifiers will be added to this mapprotected void addStandardAttributes(Document document, Map<String,String> attributes)
protected boolean isDocumentInitiator(Document document, Person user)
public void initializeDocumentAuthorizerIfNecessary(Document document)
document
- document instance to get authorizer forpublic void initializeDocumentAuthorizerIfNecessary(String documentTypeName)
documentTypeName
- document type to get authorizer forpublic DocumentAuthorizer getDocumentAuthorizer()
public void setDocumentAuthorizer(DocumentAuthorizer documentAuthorizer)
public void setDocumentAuthorizerClass(Class<? extends DocumentAuthorizer> documentAuthorizerClass)
public DocumentDictionaryService getDocumentDictionaryService()
public void setDocumentDictionaryService(DocumentDictionaryService documentDictionaryService)
Copyright © 2005–2014 The Kuali Foundation. All rights reserved.