1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
|
12 | |
|
13 | |
|
14 | |
|
15 | |
|
16 | |
package org.kuali.student.common.assembly.old; |
17 | |
|
18 | |
import java.util.HashMap; |
19 | |
import java.util.List; |
20 | |
import java.util.Map; |
21 | |
|
22 | |
import org.apache.commons.lang.StringUtils; |
23 | |
import org.apache.log4j.Logger; |
24 | |
import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo; |
25 | |
import org.kuali.rice.kim.bo.types.dto.AttributeSet; |
26 | |
import org.kuali.rice.kim.service.IdentityManagementService; |
27 | |
import org.kuali.student.common.assembly.data.AssemblyException; |
28 | |
import org.kuali.student.common.assembly.data.Data; |
29 | |
import org.kuali.student.common.assembly.data.Metadata; |
30 | |
import org.kuali.student.common.assembly.dictionary.old.MetadataServiceImpl; |
31 | |
import org.kuali.student.common.rice.authorization.PermissionType; |
32 | |
import org.kuali.student.common.util.security.SecurityUtils; |
33 | |
import org.kuali.student.common.validation.dto.ValidationResultInfo; |
34 | |
import org.kuali.student.common.validation.dto.ValidationResultInfo.ErrorLevel; |
35 | |
|
36 | |
@Deprecated |
37 | 0 | public abstract class BaseAssembler<TargetType, SourceType> implements Assembler<TargetType, SourceType> { |
38 | 0 | protected final Logger LOG = Logger.getLogger(getClass()); |
39 | |
|
40 | |
protected IdentityManagementService permissionService; |
41 | |
protected MetadataServiceImpl metadataService; |
42 | |
|
43 | 0 | public enum Permission { |
44 | 0 | EDIT("edit"), READ_ONLY("readonly"), UNMASK("unmask"); |
45 | |
final String kimName; |
46 | 0 | private Permission(String kimName) { |
47 | 0 | this.kimName = kimName; |
48 | 0 | } |
49 | |
@Override |
50 | |
public String toString() { |
51 | 0 | return kimName; |
52 | |
} |
53 | |
public static Permission kimValueOf(String kimName) { |
54 | 0 | for(Permission p : values()) { |
55 | 0 | if(p.kimName.equals(kimName)) { |
56 | 0 | return p; |
57 | |
} |
58 | |
} |
59 | |
|
60 | 0 | throw new IllegalArgumentException("The value " + kimName + " is not enumerated in Permission"); |
61 | |
} |
62 | |
} |
63 | |
|
64 | |
|
65 | |
|
66 | |
protected Map<String, String> getFieldAccessPermissions(String dtoName, String idType, String id) { |
67 | |
try { |
68 | |
|
69 | 0 | String principalId = SecurityUtils.getCurrentUserId(); |
70 | 0 | AttributeSet qualification = getQualification(idType, id); |
71 | 0 | AttributeSet permissionDetails = new AttributeSet("dtoName", dtoName); |
72 | 0 | List<? extends KimPermissionInfo> permissions = permissionService.getAuthorizedPermissionsByTemplateName(principalId, |
73 | |
PermissionType.FIELD_ACCESS.getPermissionNamespace(), PermissionType.FIELD_ACCESS.getPermissionTemplateName(), permissionDetails, qualification); |
74 | 0 | Map<String, String> permMap = new HashMap<String, String>(); |
75 | 0 | if (permissions != null) { |
76 | 0 | for (KimPermissionInfo permission : permissions) { |
77 | 0 | String dtoFieldKey = permission.getDetails().get("dtoFieldKey"); |
78 | 0 | String fieldAccessLevel = permission.getDetails().get("fieldAccessLevel"); |
79 | 0 | permMap.put(dtoFieldKey, fieldAccessLevel); |
80 | 0 | } |
81 | |
} |
82 | 0 | return permMap; |
83 | 0 | } catch (Exception e) { |
84 | 0 | LOG.warn("Error calling permission service.", e); |
85 | |
} |
86 | 0 | return null; |
87 | |
} |
88 | |
|
89 | |
|
90 | |
|
91 | |
|
92 | |
|
93 | |
private void setReadOnly(Metadata metadata, boolean readOnly) { |
94 | 0 | metadata.setCanEdit(!readOnly); |
95 | 0 | Map<String, Metadata> childProperties = metadata.getProperties(); |
96 | 0 | if (childProperties != null && childProperties.size() > 0) { |
97 | 0 | for (Metadata child : childProperties.values()) { |
98 | 0 | setReadOnly(child, readOnly); |
99 | |
} |
100 | |
} |
101 | 0 | } |
102 | |
|
103 | |
@Override |
104 | |
public Metadata getMetadata(String idType, String id, String type, String state) throws AssemblyException { |
105 | 0 | Metadata metadata = metadataService.getMetadata(getDataType(), type, state); |
106 | 0 | applyPermissionsToMetadata(metadata,idType, id); |
107 | 0 | return metadata; |
108 | |
} |
109 | |
|
110 | |
protected void applyPermissionsToMetadata(Metadata metadata, String idType, String id){ |
111 | 0 | Boolean authorized = null; |
112 | 0 | if (StringUtils.isNotBlank(id) && checkDocumentLevelPermissions()) { |
113 | 0 | AttributeSet qualification = getQualification(idType, id); |
114 | 0 | String currentUser = SecurityUtils.getCurrentUserId(); |
115 | 0 | authorized = Boolean.valueOf(permissionService.isAuthorizedByTemplateName(currentUser, PermissionType.EDIT.getPermissionNamespace(), |
116 | |
PermissionType.EDIT.getPermissionTemplateName(), null, qualification)); |
117 | 0 | LOG.info("Permission '" + PermissionType.EDIT.getPermissionNamespace() + "/" + PermissionType.EDIT.getPermissionTemplateName() |
118 | |
+ "' for user '" + currentUser + "': " + authorized); |
119 | 0 | metadata.setCanEdit(authorized.booleanValue()); |
120 | |
} |
121 | 0 | if(metadata != null && metadata.getProperties() != null) { |
122 | 0 | for(Metadata child : metadata.getProperties().values()) { |
123 | 0 | if(!child.isCanEdit()) { |
124 | 0 | setReadOnly(child, true); |
125 | |
} |
126 | |
} |
127 | |
} |
128 | |
|
129 | 0 | if (checkDocumentLevelPermissions() && Boolean.FALSE.equals(authorized)) { |
130 | 0 | setReadOnly(metadata, true); |
131 | |
} |
132 | |
|
133 | |
else { |
134 | 0 | Map<String, String> permissions = getFieldAccessPermissions(getDtoName(),idType,id); |
135 | 0 | if (permissions != null) { |
136 | 0 | for (Map.Entry<String, String> permission : permissions.entrySet()) { |
137 | 0 | String dtoFieldPath = permission.getKey(); |
138 | 0 | String fieldAccessLevel = permission.getValue(); |
139 | 0 | String[] fieldPathTokens = getPathTokens(dtoFieldPath); |
140 | 0 | Metadata fieldMetadata = metadata.getProperties().get(fieldPathTokens[0]); |
141 | 0 | for(int i = 1; i < fieldPathTokens.length; i++) { |
142 | 0 | if(fieldMetadata == null) { |
143 | 0 | break; |
144 | |
} |
145 | 0 | fieldMetadata = fieldMetadata.getProperties().get(fieldPathTokens[i]); |
146 | |
} |
147 | 0 | if (fieldMetadata != null) { |
148 | 0 | Permission perm = Permission.kimValueOf(fieldAccessLevel); |
149 | 0 | if (Permission.EDIT.equals(perm)) { |
150 | 0 | setReadOnly(fieldMetadata, false); |
151 | |
|
152 | |
} |
153 | |
} |
154 | 0 | } |
155 | |
} |
156 | |
} |
157 | |
|
158 | 0 | } |
159 | |
|
160 | |
public Metadata getDefaultMetadata() { |
161 | 0 | return metadataService.getMetadata(getDataType(), null, null); |
162 | |
} |
163 | |
|
164 | |
protected boolean hasValidationErrors(List<ValidationResultInfo> validationResults) { |
165 | 0 | boolean result = false; |
166 | 0 | if (validationResults != null) { |
167 | 0 | for (ValidationResultInfo validationResult : validationResults) { |
168 | 0 | if (validationResult.getLevel() == ErrorLevel.ERROR) { |
169 | 0 | result = true; |
170 | 0 | break; |
171 | |
} |
172 | |
} |
173 | |
} |
174 | 0 | return result; |
175 | |
} |
176 | |
|
177 | |
public List<ValidationResultInfo> validate(Data data) throws AssemblyException { |
178 | 0 | List<ValidationResultInfo> validationResults = null; |
179 | |
|
180 | 0 | return validationResults; |
181 | |
} |
182 | |
|
183 | |
private static String[] getPathTokens(String fieldPath) { |
184 | 0 | return (fieldPath != null && fieldPath.contains(".") ? fieldPath.split("\\.") : new String[]{fieldPath}); |
185 | |
} |
186 | |
|
187 | |
public boolean checkDocumentLevelPermissions() { |
188 | 0 | return false; |
189 | |
} |
190 | |
|
191 | |
|
192 | |
|
193 | |
|
194 | |
|
195 | |
|
196 | |
|
197 | |
protected abstract String getDataType(); |
198 | |
|
199 | |
|
200 | |
|
201 | |
|
202 | |
|
203 | |
|
204 | |
|
205 | |
protected abstract String getDtoName(); |
206 | |
|
207 | |
|
208 | |
|
209 | |
|
210 | |
|
211 | |
|
212 | |
|
213 | |
protected abstract String getDocumentPropertyName(); |
214 | |
|
215 | |
|
216 | |
|
217 | |
|
218 | |
|
219 | |
|
220 | |
|
221 | |
protected abstract AttributeSet getQualification(String idType, String id); |
222 | |
|
223 | |
public void setPermissionService(IdentityManagementService permissionService) { |
224 | 0 | this.permissionService = permissionService; |
225 | 0 | } |
226 | |
|
227 | |
public void setMetadataService(MetadataServiceImpl metadataService) { |
228 | 0 | this.metadataService = metadataService; |
229 | 0 | } |
230 | |
|
231 | |
} |