View Javadoc
1   /**
2    * Copyright 2005-2016 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kim.rules.ui;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.kuali.rice.core.api.util.RiceKeyConstants;
20  import org.kuali.rice.kim.api.KimConstants;
21  import org.kuali.rice.kim.api.group.GroupService;
22  import org.kuali.rice.kim.api.services.KimApiServiceLocator;
23  import org.kuali.rice.kim.bo.ui.GroupDocumentMember;
24  import org.kuali.rice.kim.document.IdentityManagementGroupDocument;
25  import org.kuali.rice.kim.rule.event.ui.AddGroupMemberEvent;
26  import org.kuali.rice.kim.rule.ui.AddGroupMemberRule;
27  import org.kuali.rice.kns.rules.DocumentRuleBase;
28  import org.kuali.rice.krad.util.GlobalVariables;
29  
30  import java.util.HashMap;
31  import java.util.Map;
32  
33  //import org.kuali.rice.kim.api.group.GroupServiceBase;
34  
35  /**
36   * This is a description of what this class does - shyu don't forget to fill this in. 
37   * 
38   * @author Kuali Rice Team (rice.collab@kuali.org)
39   *
40   */
41  public class GroupDocumentMemberRule extends DocumentRuleBase implements AddGroupMemberRule {
42  
43  	private static final String ERROR_PATH = "document.member.memberId";
44  
45  	public boolean processAddGroupMember(AddGroupMemberEvent addGroupMemberEvent){
46  		GroupDocumentMember newMember = addGroupMemberEvent.getMember();
47  		IdentityManagementGroupDocument document = (IdentityManagementGroupDocument)addGroupMemberEvent.getDocument();
48  	    boolean rulePassed = true;
49  
50          if (newMember == null || StringUtils.isBlank(newMember.getMemberId())){
51              GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member"});
52              return false;
53          }
54      	if(!validAssignGroup(newMember, document))
55      		return false;
56  
57  	    int i = 0;
58  	    for (GroupDocumentMember member: document.getMembers()){
59  	    	if (member.getMemberId().equals(newMember.getMemberId()) && member.getMemberTypeCode().equals(newMember.getMemberTypeCode())){
60  	            rulePassed = false;
61  	            GlobalVariables.getMessageMap().putError("document.members["+i+"].memberId", RiceKeyConstants.ERROR_DUPLICATE_ENTRY, new String[] {"Member"});
62  	    	}
63  	    	i++;
64  	    }
65  	    
66  	    // check for circular reference
67  		GroupService groupService = KimApiServiceLocator.getGroupService();
68  		if (groupService.isGroupMemberOfGroup(document.getGroupId(),newMember.getMemberId())){
69              GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_GROUP_MEMBER_CIRCULAR, new String[] {newMember.getMemberId()});
70  			return false;
71  		}
72  	    
73  		return rulePassed;
74  	} 
75  
76  	protected boolean validAssignGroup(GroupDocumentMember groupMember, IdentityManagementGroupDocument document){
77          boolean rulePassed = true;
78  		if(StringUtils.isNotEmpty(document.getGroupNamespace())){
79  			Map<String,String> roleDetails = new HashMap<String,String>();
80  			roleDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, document.getGroupNamespace());
81  			roleDetails.put(KimConstants.AttributeConstants.GROUP_NAME, document.getGroupName());
82  			if (!getDocumentDictionaryService().getDocumentAuthorizer(document).isAuthorizedByTemplate(
83  					document, 
84  					KimConstants.NAMESPACE_CODE, 
85  					KimConstants.PermissionTemplateNames.POPULATE_GROUP,
86  					GlobalVariables.getUserSession().getPerson().getPrincipalId(), 
87  					roleDetails, null)){
88  	            GlobalVariables.getMessageMap().putError(ERROR_PATH, RiceKeyConstants.ERROR_ASSIGN_GROUP, 
89  	            		new String[] {document.getGroupNamespace(), document.getGroupName()});
90  	            rulePassed = false;
91  			}
92  		}
93  		return rulePassed;
94  	}
95  
96  }