Coverage Report

Coverage Report - org.kuali.student.common.assembly.old.BaseAssembler

Classes in this File

Line Coverage

Branch Coverage

Complexity

BaseAssembler

0/73

0/50

2.667

BaseAssembler$Permission

0/10

0/4

2.667

 /**
  * Copyright 2010 The Kuali Foundation Licensed under the
  * Educational Community License, Version 2.0 (the "License"); you may
  * not use this file except in compliance with the License. You may
  * obtain a copy of the License at
  *
  * http://www.osedu.org/licenses/ECL-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an "AS IS"
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 
 package org.kuali.student.common.assembly.old;
 
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo;
 import org.kuali.rice.kim.bo.types.dto.AttributeSet;
 import org.kuali.rice.kim.service.IdentityManagementService;
 import org.kuali.student.common.assembly.data.AssemblyException;
 import org.kuali.student.common.assembly.data.Data;
 import org.kuali.student.common.assembly.data.Metadata;
 import org.kuali.student.common.assembly.dictionary.old.MetadataServiceImpl;
 import org.kuali.student.common.rice.authorization.PermissionType;
 import org.kuali.student.common.util.security.SecurityUtils;
 import org.kuali.student.common.validation.dto.ValidationResultInfo;
 import org.kuali.student.common.validation.dto.ValidationResultInfo.ErrorLevel;
 
 @Deprecated
 public abstract class BaseAssembler<TargetType, SourceType> implements Assembler<TargetType, SourceType> {
     protected final Logger LOG = Logger.getLogger(getClass());
 
     protected IdentityManagementService permissionService;
     protected MetadataServiceImpl metadataService;
     
     public enum Permission {
         EDIT("edit"), READ_ONLY("readonly"), UNMASK("unmask");
         final String kimName;
         private Permission(String kimName) {
             this.kimName = kimName;
         }
         @Override
         public String toString() {
             return kimName;
         }
         public static Permission kimValueOf(String kimName) {
             for(Permission p : values()) {
                 if(p.kimName.equals(kimName)) {
                     return p;
                 }
             }
             //fall through
             throw new IllegalArgumentException("The value " + kimName + " is not enumerated in Permission"); 
         }
     }
     
 
     // TODO: Below must be changed to use constants from KualiStudentKimAttributes class (class is currently in LUM)
     protected Map<String, String> getFieldAccessPermissions(String dtoName, String idType, String id) {
         try {
             //get permissions and turn into a map of fieldName=>access
             String principalId = SecurityUtils.getCurrentUserId();
             AttributeSet qualification = getQualification(idType, id);
             AttributeSet permissionDetails = new AttributeSet("dtoName", dtoName);
             List<? extends KimPermissionInfo> permissions = permissionService.getAuthorizedPermissionsByTemplateName(principalId,
                             PermissionType.FIELD_ACCESS.getPermissionNamespace(), PermissionType.FIELD_ACCESS.getPermissionTemplateName(), permissionDetails, qualification);
             Map<String, String> permMap = new HashMap<String, String>();
             if (permissions != null) {
                 for (KimPermissionInfo permission : permissions) {
                     String dtoFieldKey = permission.getDetails().get("dtoFieldKey");
                     String fieldAccessLevel = permission.getDetails().get("fieldAccessLevel");
                     permMap.put(dtoFieldKey, fieldAccessLevel);
                 }
             }
             return permMap;
         } catch (Exception e) {
             LOG.warn("Error calling permission service.", e);
         }
         return null;
     }
 
    /* protected Map<String, String> getScreenComponentAccessPermissions(List<SectionViewInfo> sectionViewInfo) {
         return null;
     }*/
     
         private void setReadOnly(Metadata metadata, boolean readOnly) {
                 metadata.setCanEdit(!readOnly);
                 Map<String, Metadata> childProperties = metadata.getProperties();
                 if (childProperties != null && childProperties.size() > 0) {
                         for (Metadata child : childProperties.values()) {
                                 setReadOnly(child, readOnly);
                         }
                 }
         }
 
     @Override
     public Metadata getMetadata(String idType, String id, String type, String state) throws AssemblyException {
         Metadata metadata = metadataService.getMetadata(getDataType(), type, state);
         applyPermissionsToMetadata(metadata,idType, id);
         return metadata;
     }
 
     protected void applyPermissionsToMetadata(Metadata metadata, String idType, String id){
         Boolean authorized = null;
         if (StringUtils.isNotBlank(id) && checkDocumentLevelPermissions()) {
             AttributeSet qualification = getQualification(idType, id);
                 String currentUser = SecurityUtils.getCurrentUserId();
                 authorized = Boolean.valueOf(permissionService.isAuthorizedByTemplateName(currentUser, PermissionType.EDIT.getPermissionNamespace(),
                                 PermissionType.EDIT.getPermissionTemplateName(), null, qualification));
                         LOG.info("Permission '" + PermissionType.EDIT.getPermissionNamespace() + "/" + PermissionType.EDIT.getPermissionTemplateName() 
                                         + "' for user '" + currentUser + "': " + authorized);
                 metadata.setCanEdit(authorized.booleanValue());
         }  
         if(metadata != null && metadata.getProperties() != null) {
             for(Metadata child : metadata.getProperties().values()) {
                 if(!child.isCanEdit()) {
                     setReadOnly(child, true);
                 }
             }
         }
         // if we're checking doc level perms and user does not have "Edit Document" perm set metadata as readonly
         if (checkDocumentLevelPermissions() && Boolean.FALSE.equals(authorized)) {
                 setReadOnly(metadata, true);
         }
         // if not checking doc level perms or user does have "Edit Document" perm check field level authZ
         else {
                 Map<String, String> permissions = getFieldAccessPermissions(getDtoName(),idType,id);
                 if (permissions != null) {
                     for (Map.Entry<String, String> permission : permissions.entrySet()) {
                         String dtoFieldPath = permission.getKey();
                         String fieldAccessLevel = permission.getValue();
                         String[] fieldPathTokens = getPathTokens(dtoFieldPath);
                         Metadata fieldMetadata = metadata.getProperties().get(fieldPathTokens[0]);
                         for(int i = 1; i < fieldPathTokens.length; i++) {
                             if(fieldMetadata == null) {
                                 break;
                             }
                             fieldMetadata = fieldMetadata.getProperties().get(fieldPathTokens[i]);
                         }
                         if (fieldMetadata != null) {
                             Permission perm = Permission.kimValueOf(fieldAccessLevel);
                             if (Permission.EDIT.equals(perm)) {
                                 setReadOnly(fieldMetadata, false);
                                 //fieldMetadata.setCanEdit(true);
                             }
                         }
                     }
                 }
         }
             
     }
 
     public Metadata getDefaultMetadata() {
         return metadataService.getMetadata(getDataType(), null, null);
     }
     
     protected boolean hasValidationErrors(List<ValidationResultInfo> validationResults) {
         boolean result = false;
         if (validationResults != null) {
             for (ValidationResultInfo validationResult : validationResults) {
                 if (validationResult.getLevel() == ErrorLevel.ERROR) {
                     result = true;
                     break;
                 }
             }
         }
         return result;
     }
         
     public List<ValidationResultInfo> validate(Data data)  throws AssemblyException {
             List<ValidationResultInfo> validationResults = null; 
             
         return validationResults;
     }
 
     private static String[] getPathTokens(String fieldPath) {
         return (fieldPath != null && fieldPath.contains(".") ? fieldPath.split("\\.") : new String[]{fieldPath});
     }
 
     public boolean checkDocumentLevelPermissions() {
             return false;
     }
 
     /**
      * 
      * This method should return the data type of the implementing assembler
      * 
      * @return the data type, i.e. "CreditCourseProposal" from the CreditCourseProposalAssembler
      */
     protected abstract String getDataType();
 
     /**
      * 
      * This method should return the DTO name of the implementing assembler
      * 
      * @return the DTO name, i.e. "kuali.lu.type.CreditCourse" from the CreditCourseProposalAssembler
      */
     protected abstract String getDtoName();
 
     /**
      * 
      * This method should return the root document property name
      * 
      * @return the document property name, i.e. "course" from the CreditCourseProposalAssembler 
      */
     protected abstract String getDocumentPropertyName();
 
     /**
      * 
      * This method should return the qualification name for the document type
      * 
      * @return the qualifications in at AttributeSet
      */
     protected abstract AttributeSet getQualification(String idType, String id);
     
     public void setPermissionService(IdentityManagementService permissionService) {
         this.permissionService = permissionService;
     }
     
     public void setMetadataService(MetadataServiceImpl metadataService) {
         this.metadataService = metadataService;
     }
     
 }

1		/**
2		* Copyright 2010 The Kuali Foundation Licensed under the
3		* Educational Community License, Version 2.0 (the "License"); you may
4		* not use this file except in compliance with the License. You may
5		* obtain a copy of the License at
6		*
7		* http://www.osedu.org/licenses/ECL-2.0
8		*
9		* Unless required by applicable law or agreed to in writing,
10		* software distributed under the License is distributed on an "AS IS"
11		* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12		* or implied. See the License for the specific language governing
13		* permissions and limitations under the License.
14		*/
15
16		package org.kuali.student.common.assembly.old;
17
18		import java.util.HashMap;
19		import java.util.List;
20		import java.util.Map;
21
22		import org.apache.commons.lang.StringUtils;
23		import org.apache.log4j.Logger;
24		import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo;
25		import org.kuali.rice.kim.bo.types.dto.AttributeSet;
26		import org.kuali.rice.kim.service.IdentityManagementService;
27		import org.kuali.student.common.assembly.data.AssemblyException;
28		import org.kuali.student.common.assembly.data.Data;
29		import org.kuali.student.common.assembly.data.Metadata;
30		import org.kuali.student.common.assembly.dictionary.old.MetadataServiceImpl;
31		import org.kuali.student.common.rice.authorization.PermissionType;
32		import org.kuali.student.common.util.security.SecurityUtils;
33		import org.kuali.student.common.validation.dto.ValidationResultInfo;
34		import org.kuali.student.common.validation.dto.ValidationResultInfo.ErrorLevel;
35
36		@Deprecated
37	0	public abstract class BaseAssembler<TargetType, SourceType> implements Assembler<TargetType, SourceType> {
38	0	protected final Logger LOG = Logger.getLogger(getClass());
39
40		protected IdentityManagementService permissionService;
41		protected MetadataServiceImpl metadataService;
42
43	0	public enum Permission {
44	0	EDIT("edit"), READ_ONLY("readonly"), UNMASK("unmask");
45		final String kimName;
46	0	private Permission(String kimName) {
47	0	this.kimName = kimName;
48	0	}
49		@Override
50		public String toString() {
51	0	return kimName;
52		}
53		public static Permission kimValueOf(String kimName) {
54	0	for(Permission p : values()) {
55	0	if(p.kimName.equals(kimName)) {
56	0	return p;
57		}
58		}
59		//fall through
60	0	throw new IllegalArgumentException("The value " + kimName + " is not enumerated in Permission");
61		}
62		}
63
64
65		// TODO: Below must be changed to use constants from KualiStudentKimAttributes class (class is currently in LUM)
66		protected Map<String, String> getFieldAccessPermissions(String dtoName, String idType, String id) {
67		try {
68		//get permissions and turn into a map of fieldName=>access
69	0	String principalId = SecurityUtils.getCurrentUserId();
70	0	AttributeSet qualification = getQualification(idType, id);
71	0	AttributeSet permissionDetails = new AttributeSet("dtoName", dtoName);
72	0	List<? extends KimPermissionInfo> permissions = permissionService.getAuthorizedPermissionsByTemplateName(principalId,
73		PermissionType.FIELD_ACCESS.getPermissionNamespace(), PermissionType.FIELD_ACCESS.getPermissionTemplateName(), permissionDetails, qualification);
74	0	Map<String, String> permMap = new HashMap<String, String>();
75	0	if (permissions != null) {
76	0	for (KimPermissionInfo permission : permissions) {
77	0	String dtoFieldKey = permission.getDetails().get("dtoFieldKey");
78	0	String fieldAccessLevel = permission.getDetails().get("fieldAccessLevel");
79	0	permMap.put(dtoFieldKey, fieldAccessLevel);
80	0	}
81		}
82	0	return permMap;
83	0	} catch (Exception e) {
84	0	LOG.warn("Error calling permission service.", e);
85		}
86	0	return null;
87		}
88
89		/* protected Map<String, String> getScreenComponentAccessPermissions(List<SectionViewInfo> sectionViewInfo) {
90		return null;
91		}*/
92
93		private void setReadOnly(Metadata metadata, boolean readOnly) {
94	0	metadata.setCanEdit(!readOnly);
95	0	Map<String, Metadata> childProperties = metadata.getProperties();
96	0	if (childProperties != null && childProperties.size() > 0) {
97	0	for (Metadata child : childProperties.values()) {
98	0	setReadOnly(child, readOnly);
99		}
100		}
101	0	}
102
103		@Override
104		public Metadata getMetadata(String idType, String id, String type, String state) throws AssemblyException {
105	0	Metadata metadata = metadataService.getMetadata(getDataType(), type, state);
106	0	applyPermissionsToMetadata(metadata,idType, id);
107	0	return metadata;
108		}
109
110		protected void applyPermissionsToMetadata(Metadata metadata, String idType, String id){
111	0	Boolean authorized = null;
112	0	if (StringUtils.isNotBlank(id) && checkDocumentLevelPermissions()) {
113	0	AttributeSet qualification = getQualification(idType, id);
114	0	String currentUser = SecurityUtils.getCurrentUserId();
115	0	authorized = Boolean.valueOf(permissionService.isAuthorizedByTemplateName(currentUser, PermissionType.EDIT.getPermissionNamespace(),
116		PermissionType.EDIT.getPermissionTemplateName(), null, qualification));
117	0	LOG.info("Permission '" + PermissionType.EDIT.getPermissionNamespace() + "/" + PermissionType.EDIT.getPermissionTemplateName()
118		+ "' for user '" + currentUser + "': " + authorized);
119	0	metadata.setCanEdit(authorized.booleanValue());
120		}
121	0	if(metadata != null && metadata.getProperties() != null) {
122	0	for(Metadata child : metadata.getProperties().values()) {
123	0	if(!child.isCanEdit()) {
124	0	setReadOnly(child, true);
125		}
126		}
127		}
128		// if we're checking doc level perms and user does not have "Edit Document" perm set metadata as readonly
129	0	if (checkDocumentLevelPermissions() && Boolean.FALSE.equals(authorized)) {
130	0	setReadOnly(metadata, true);
131		}
132		// if not checking doc level perms or user does have "Edit Document" perm check field level authZ
133		else {
134	0	Map<String, String> permissions = getFieldAccessPermissions(getDtoName(),idType,id);
135	0	if (permissions != null) {
136	0	for (Map.Entry<String, String> permission : permissions.entrySet()) {
137	0	String dtoFieldPath = permission.getKey();
138	0	String fieldAccessLevel = permission.getValue();
139	0	String[] fieldPathTokens = getPathTokens(dtoFieldPath);
140	0	Metadata fieldMetadata = metadata.getProperties().get(fieldPathTokens[0]);
141	0	for(int i = 1; i < fieldPathTokens.length; i++) {
142	0	if(fieldMetadata == null) {
143	0	break;
144		}
145	0	fieldMetadata = fieldMetadata.getProperties().get(fieldPathTokens[i]);
146		}
147	0	if (fieldMetadata != null) {
148	0	Permission perm = Permission.kimValueOf(fieldAccessLevel);
149	0	if (Permission.EDIT.equals(perm)) {
150	0	setReadOnly(fieldMetadata, false);
151		//fieldMetadata.setCanEdit(true);
152		}
153		}
154	0	}
155		}
156		}
157
158	0	}
159
160		public Metadata getDefaultMetadata() {
161	0	return metadataService.getMetadata(getDataType(), null, null);
162		}
163
164		protected boolean hasValidationErrors(List<ValidationResultInfo> validationResults) {
165	0	boolean result = false;
166	0	if (validationResults != null) {
167	0	for (ValidationResultInfo validationResult : validationResults) {
168	0	if (validationResult.getLevel() == ErrorLevel.ERROR) {
169	0	result = true;
170	0	break;
171		}
172		}
173		}
174	0	return result;
175		}
176
177		public List<ValidationResultInfo> validate(Data data) throws AssemblyException {
178	0	List<ValidationResultInfo> validationResults = null;
179
180	0	return validationResults;
181		}
182
183		private static String[] getPathTokens(String fieldPath) {
184	0	return (fieldPath != null && fieldPath.contains(".") ? fieldPath.split("\\.") : new String[]{fieldPath});
185		}
186
187		public boolean checkDocumentLevelPermissions() {
188	0	return false;
189		}
190
191		/**
192		*
193		* This method should return the data type of the implementing assembler
194		*
195		* @return the data type, i.e. "CreditCourseProposal" from the CreditCourseProposalAssembler
196		*/
197		protected abstract String getDataType();
198
199		/**
200		*
201		* This method should return the DTO name of the implementing assembler
202		*
203		* @return the DTO name, i.e. "kuali.lu.type.CreditCourse" from the CreditCourseProposalAssembler
204		*/
205		protected abstract String getDtoName();
206
207		/**
208		*
209		* This method should return the root document property name
210		*
211		* @return the document property name, i.e. "course" from the CreditCourseProposalAssembler
212		*/
213		protected abstract String getDocumentPropertyName();
214
215		/**
216		*
217		* This method should return the qualification name for the document type
218		*
219		* @return the qualifications in at AttributeSet
220		*/
221		protected abstract AttributeSet getQualification(String idType, String id);
222
223		public void setPermissionService(IdentityManagementService permissionService) {
224	0	this.permissionService = permissionService;
225	0	}
226
227		public void setMetadataService(MetadataServiceImpl metadataService) {
228	0	this.metadataService = metadataService;
229	0	}
230
231		}