Coverage Report

 /**
  * Copyright 2010 The Kuali Foundation Licensed under the
  * Educational Community License, Version 2.0 (the "License"); you may
  * not use this file except in compliance with the License. You may
  * obtain a copy of the License at
  *
  * http://www.osedu.org/licenses/ECL-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an "AS IS"
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing
  * permissions and limitations under the License.
  */
 
 package org.kuali.student.common.ui.client.security;
 
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Map.Entry;
 
 import org.kuali.student.common.rice.authorization.PermissionType;
 import org.kuali.student.common.ui.client.application.KSAsyncCallback;
 import org.kuali.student.common.ui.client.mvc.Callback;
 import org.kuali.student.common.ui.client.service.SecurityRpcService;
 import org.kuali.student.common.ui.client.service.SecurityRpcServiceAsync;
 
 import com.google.gwt.core.client.GWT;
 
 /**
  * An interface to access the Kuali Student security context 
  * 
  * @author Kuali Student Team
  *
  */
 public class SecurityContext {
 
     protected SecurityRpcServiceAsync securityRpcService = GWT.create(SecurityRpcService.class);
     
         private String principalName = "";
         
         private Map <String,Boolean> permissionCache = new HashMap<String, Boolean>();
      
         public void initializeSecurityContext(final Callback<Boolean> contextIntializedCallback){
             securityRpcService.getPrincipalUsername(new KSAsyncCallback<String>(){
                 public void handleFailure(Throwable caught) {
                         permissionCache.clear();
                                 throw new RuntimeException("Fatal - Unable to initialze security context");
                         }
         
                 @Override
                 public void onSuccess(String userId) {
                         permissionCache.clear();
                         setPrincipalName(userId);
                     contextIntializedCallback.exec(true);
                 }            
             });
         }
 
         /**
          * Set principalName of the user logged in (eg. jDoe)   
          *
          * @param principalId
          */
         public void setPrincipalName(String principalName) {
                 this.principalName = principalName;
         }
 
         /**
          * @return the userId of user logged into the system. (NOTE: When using KIM userId=principalName)
          */
         public String getUserId() {
                 return principalName;
         }
         
         /**
          * Used to check if the permission has been loaded into the cache.
          * 
          * @return true if permission exists in cache
          */
         public boolean checkPermissionCache(String permission){
                 return permissionCache.containsKey(permission);
         }
         
         /**
          * Used to check if user has a screen permission. If the permission has been cached
          * in the browser, it will use the cached permission.
          * 
          * @param screenComponent
          * @return true if user has access to the screen component
          */
         public void checkScreenPermission(final String screenComponent, final Callback<Boolean> checkPermissionCallback){
         if (permissionCache.containsKey(screenComponent)){
                 checkPermissionCallback.exec(permissionCache.get(screenComponent));
         } else {
                         securityRpcService.hasScreenPermission(screenComponent, new KSAsyncCallback<Boolean>() {
                     @Override
                     public void onSuccess(Boolean result) {
                             permissionCache.put(screenComponent, result);
                             checkPermissionCallback.exec(result);
                     }
                 });
         }
         }
         
         /**
          * Used to check if user has a permission by its permission name. If the permission has been cached
          * in the browser, it will use the cached permission.
          * 
          * @param permissionName
          * @return true if user has the permission
          */
         public void checkPermission(final String permissionName, final Callback<Boolean> checkPermissionCallback){
         if (permissionCache.containsKey(permissionName)){
                 checkPermissionCallback.exec(permissionCache.get(permissionName));
         } else {
                         securityRpcService.hasPermissionByPermissionName(permissionName, new KSAsyncCallback<Boolean>() {
                     @Override
                     public void onSuccess(Boolean result) {
                             permissionCache.put(permissionName, result);
                             checkPermissionCallback.exec(result);
                     }
                 });
         }
         }
         
         /**
          * Used to check if user has at least one of the permissions listed in the set of permissions passed in
          * 
          * @param permissionNames list of permission names to check
          * @return true if user has the permission
          */
         public void checkPermission(final String[] permissionNames, final Callback<Boolean> checkPermissionCallback){
         ArrayList<String> permissionsToGet = new ArrayList<String>();
         
                 //Check if any of the permission names are already in the permission cache, and return if
         //user has permission for one already in the cache.
         for (String permissionName:permissionNames){
                         if (permissionCache.containsKey(permissionName)){
                                 if (permissionCache.get(permissionName)){
                                         checkPermissionCallback.exec(permissionCache.get(true));
                                         break;
                                 }
                         } else {
                                 permissionsToGet.add(permissionName);
                         }                
                 }
                 
         //If we have permissions we could not check in permission cache, retrieve them from the permission service
         if (!permissionsToGet.isEmpty()){
                         securityRpcService.getPermissions(permissionsToGet, new KSAsyncCallback<HashMap<String,Boolean>>() {
                                 @Override
                                 public void onSuccess(HashMap<String, Boolean> result) {
                                         boolean hasAccess = false;
                                         
                                         for (Entry<String,Boolean> entry:result.entrySet()){
                                     permissionCache.put(entry.getKey(), entry.getValue());
                                     if (entry.getValue()){
                                             hasAccess = true;
                                     }
                                         }        
                                         
                                         checkPermissionCallback.exec(hasAccess);
                                 }
                 });
         }
         }
         
         /**
          * Used to check if user has the permission with given permissionName without being cached.  This is useful
          * if the permission is a derived permission and needs to be re-checked each time.
          *  
          * @param permissionName
          */
         public void checkPermissionNoCache(final String permissionName, final Callback<Boolean> checkPermissionCallback){
                 securityRpcService.hasScreenPermission(permissionName, new KSAsyncCallback<Boolean>() {
             @Override
             public void onSuccess(Boolean result) {
                     checkPermissionCallback.exec(result);
             }
         });                
 
         }
         
         /**
          * Loads into the permission cache all the permissions user has for a permission type.
          */
         public void loadPermissionsByPermissionType(PermissionType permissionType){
                 securityRpcService.getPermissionsByType(permissionType, new KSAsyncCallback<ArrayList<String>>(){
 
                         @Override
                         public void onSuccess(ArrayList<String> result) {
                                 for (String permissionName:result){
                                         permissionCache.put(permissionName, true);
                                 }                                
                         }                        
                 });
         }
 }

1		/**
2		* Copyright 2010 The Kuali Foundation Licensed under the
3		* Educational Community License, Version 2.0 (the "License"); you may
4		* not use this file except in compliance with the License. You may
5		* obtain a copy of the License at
6		*
7		* http://www.osedu.org/licenses/ECL-2.0
8		*
9		* Unless required by applicable law or agreed to in writing,
10		* software distributed under the License is distributed on an "AS IS"
11		* BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12		* or implied. See the License for the specific language governing
13		* permissions and limitations under the License.
14		*/
15
16		package org.kuali.student.common.ui.client.security;
17
18		import java.util.ArrayList;
19		import java.util.HashMap;
20		import java.util.Map;
21		import java.util.Map.Entry;
22
23		import org.kuali.student.common.rice.authorization.PermissionType;
24		import org.kuali.student.common.ui.client.application.KSAsyncCallback;
25		import org.kuali.student.common.ui.client.mvc.Callback;
26		import org.kuali.student.common.ui.client.service.SecurityRpcService;
27		import org.kuali.student.common.ui.client.service.SecurityRpcServiceAsync;
28
29		import com.google.gwt.core.client.GWT;
30
31		/**
32		* An interface to access the Kuali Student security context
33		*
34		* @author Kuali Student Team
35		*
36		*/
37	0	public class SecurityContext {
38
39	0	protected SecurityRpcServiceAsync securityRpcService = GWT.create(SecurityRpcService.class);
40
41	0	private String principalName = "";
42
43	0	private Map <String,Boolean> permissionCache = new HashMap<String, Boolean>();
44
45		public void initializeSecurityContext(final Callback<Boolean> contextIntializedCallback){
46	0	securityRpcService.getPrincipalUsername(new KSAsyncCallback<String>(){
47		public void handleFailure(Throwable caught) {
48	0	permissionCache.clear();
49	0	throw new RuntimeException("Fatal - Unable to initialze security context");
50		}
51
52		@Override
53		public void onSuccess(String userId) {
54	0	permissionCache.clear();
55	0	setPrincipalName(userId);
56	0	contextIntializedCallback.exec(true);
57	0	}
58		});
59	0	}
60
61		/**
62		* Set principalName of the user logged in (eg. jDoe)
63		*
64		* @param principalId
65		*/
66		public void setPrincipalName(String principalName) {
67	0	this.principalName = principalName;
68	0	}
69
70		/**
71		* @return the userId of user logged into the system. (NOTE: When using KIM userId=principalName)
72		*/
73		public String getUserId() {
74	0	return principalName;
75		}
76
77		/**
78		* Used to check if the permission has been loaded into the cache.
79		*
80		* @return true if permission exists in cache
81		*/
82		public boolean checkPermissionCache(String permission){
83	0	return permissionCache.containsKey(permission);
84		}
85
86		/**
87		* Used to check if user has a screen permission. If the permission has been cached
88		* in the browser, it will use the cached permission.
89		*
90		* @param screenComponent
91		* @return true if user has access to the screen component
92		*/
93		public void checkScreenPermission(final String screenComponent, final Callback<Boolean> checkPermissionCallback){
94	0	if (permissionCache.containsKey(screenComponent)){
95	0	checkPermissionCallback.exec(permissionCache.get(screenComponent));
96		} else {
97	0	securityRpcService.hasScreenPermission(screenComponent, new KSAsyncCallback<Boolean>() {
98		@Override
99		public void onSuccess(Boolean result) {
100	0	permissionCache.put(screenComponent, result);
101	0	checkPermissionCallback.exec(result);
102	0	}
103		});
104		}
105	0	}
106
107		/**
108		* Used to check if user has a permission by its permission name. If the permission has been cached
109		* in the browser, it will use the cached permission.
110		*
111		* @param permissionName
112		* @return true if user has the permission
113		*/
114		public void checkPermission(final String permissionName, final Callback<Boolean> checkPermissionCallback){
115	0	if (permissionCache.containsKey(permissionName)){
116	0	checkPermissionCallback.exec(permissionCache.get(permissionName));
117		} else {
118	0	securityRpcService.hasPermissionByPermissionName(permissionName, new KSAsyncCallback<Boolean>() {
119		@Override
120		public void onSuccess(Boolean result) {
121	0	permissionCache.put(permissionName, result);
122	0	checkPermissionCallback.exec(result);
123	0	}
124		});
125		}
126	0	}
127
128		/**
129		* Used to check if user has at least one of the permissions listed in the set of permissions passed in
130		*
131		* @param permissionNames list of permission names to check
132		* @return true if user has the permission
133		*/
134		public void checkPermission(final String[] permissionNames, final Callback<Boolean> checkPermissionCallback){
135	0	ArrayList<String> permissionsToGet = new ArrayList<String>();
136
137		//Check if any of the permission names are already in the permission cache, and return if
138		//user has permission for one already in the cache.
139	0	for (String permissionName:permissionNames){
140	0	if (permissionCache.containsKey(permissionName)){
141	0	if (permissionCache.get(permissionName)){
142	0	checkPermissionCallback.exec(permissionCache.get(true));
143	0	break;
144		}
145		} else {
146	0	permissionsToGet.add(permissionName);
147		}
148		}
149
150		//If we have permissions we could not check in permission cache, retrieve them from the permission service
151	0	if (!permissionsToGet.isEmpty()){
152	0	securityRpcService.getPermissions(permissionsToGet, new KSAsyncCallback<HashMap<String,Boolean>>() {
153		@Override
154		public void onSuccess(HashMap<String, Boolean> result) {
155	0	boolean hasAccess = false;
156
157	0	for (Entry<String,Boolean> entry:result.entrySet()){
158	0	permissionCache.put(entry.getKey(), entry.getValue());
159	0	if (entry.getValue()){
160	0	hasAccess = true;
161		}
162		}
163
164	0	checkPermissionCallback.exec(hasAccess);
165	0	}
166		});
167		}
168	0	}
169
170		/**
171		* Used to check if user has the permission with given permissionName without being cached. This is useful
172		* if the permission is a derived permission and needs to be re-checked each time.
173		*
174		* @param permissionName
175		*/
176		public void checkPermissionNoCache(final String permissionName, final Callback<Boolean> checkPermissionCallback){
177	0	securityRpcService.hasScreenPermission(permissionName, new KSAsyncCallback<Boolean>() {
178		@Override
179		public void onSuccess(Boolean result) {
180	0	checkPermissionCallback.exec(result);
181	0	}
182		});
183
184	0	}
185
186		/**
187		* Loads into the permission cache all the permissions user has for a permission type.
188		*/
189		public void loadPermissionsByPermissionType(PermissionType permissionType){
190	0	securityRpcService.getPermissionsByType(permissionType, new KSAsyncCallback<ArrayList<String>>(){
191
192		@Override
193		public void onSuccess(ArrayList<String> result) {
194	0	for (String permissionName:result){
195	0	permissionCache.put(permissionName, true);
196		}
197	0	}
198		});
199	0	}
200		}