Coverage Report - org.kuali.student.common.ui.server.gwt.SecurityRpcGwtServlet
 
Classes in this File Line Coverage Branch Coverage Complexity
SecurityRpcGwtServlet
0%
0/51
0%
0/12
1.778
 
 1   
 /**
 2   
  * Copyright 2010 The Kuali Foundation Licensed under the
 3   
  * Educational Community License, Version 2.0 (the "License"); you may
 4   
  * not use this file except in compliance with the License. You may
 5   
  * obtain a copy of the License at
 6   
  *
 7   
  * http://www.osedu.org/licenses/ECL-2.0
 8   
  *
 9   
  * Unless required by applicable law or agreed to in writing,
 10   
  * software distributed under the License is distributed on an "AS IS"
 11   
  * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 12   
  * or implied. See the License for the specific language governing
 13   
  * permissions and limitations under the License.
 14   
  */
 15   
 
 16   
 package org.kuali.student.common.ui.server.gwt;
 17   
 
 18   
 import java.util.ArrayList;
 19   
 import java.util.HashMap;
 20   
 import java.util.List;
 21   
 
 22   
 import org.apache.log4j.Logger;
 23   
 import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo;
 24   
 import org.kuali.rice.kim.bo.types.dto.AttributeSet;
 25   
 import org.kuali.rice.kim.service.IdentityManagementService;
 26   
 import org.kuali.student.common.rice.StudentIdentityConstants;
 27   
 import org.kuali.student.common.rice.authorization.PermissionType;
 28   
 import org.kuali.student.common.ui.client.service.SecurityRpcService;
 29   
 import org.kuali.student.common.ui.client.service.exceptions.OperationFailedException;
 30   
 import org.kuali.student.common.util.security.SecurityUtils;
 31   
 
 32   
 import com.google.gwt.user.server.rpc.RemoteServiceServlet;
 33   
 
 34   
 /**
 35   
  * This provides security RPC services to the GWT Application.  It should be noted that this
 36   
  * does not provide true client authorization as these calls can be easily manipulated by the
 37   
  * end user.  These calls are to be used to solely hide application components for
 38   
  * users which are not privileged to view them and the check is merely for visual display.
 39   
  *
 40   
  * The real security checks are performed via security checks on the data RPC get/save
 41   
  * operations as well as masking/hiding of data returned to the browser.
 42   
  *
 43   
  * @author Kuali Student Team
 44   
  *
 45   
  */
 46  0 
 public class SecurityRpcGwtServlet extends RemoteServiceServlet implements SecurityRpcService{
 47   
 
 48  0 
         final Logger LOG = Logger.getLogger(SecurityRpcGwtServlet.class);
 49   
 
 50   
         private static final long serialVersionUID = 1L;
 51   
 
 52   
         private IdentityManagementService permissionService;
 53   
 
 54   
         @Override
 55   
     public String getPrincipalUsername(){
 56  0 
             return SecurityUtils.getCurrentPrincipalName();
 57   
     }
 58   
 
 59   
         @Override
 60   
         public HashMap<String, Boolean> getScreenPermissions(ArrayList<String> screens) throws OperationFailedException {
 61  0 
                 HashMap<String,Boolean> screenPermissions = new HashMap<String,Boolean>();
 62  0 
                 for (String screenName:screens){
 63  0 
                         boolean hasAccess = hasScreenPermission(screenName);
 64  0 
                         screenPermissions.put(screenName, hasAccess);
 65  0 
                 }
 66   
 
 67  0 
                 return screenPermissions;
 68   
         }
 69   
 
 70   
         @Override
 71   
         public HashMap<String, Boolean> getPermissions(ArrayList<String> permissionNames) throws OperationFailedException{
 72  0 
                 String principalId = SecurityUtils.getCurrentPrincipalId();
 73   
 
 74  0 
                 LOG.debug("Retreiving permissions for permission name: " + permissionNames + " for " + principalId);
 75   
 
 76   
                 //FIXME: Is there a way to retrieve multiple permissions at once instead of calling isAuthorized multiple times?
 77  0 
                 HashMap<String,Boolean> permissions = new HashMap<String,Boolean>();
 78  0 
                 for (String permissionName:permissionNames){
 79  0 
                         boolean hasAccess = getPermissionService().isAuthorized(principalId, "KS-SYS", permissionName, null, null);
 80  0 
                         permissions.put(permissionName, hasAccess);
 81  0 
                 }
 82   
 
 83  0 
                 return permissions;
 84   
         }
 85   
 
 86   
         @Override
 87   
         public Boolean hasScreenPermission(String screenName) throws OperationFailedException {
 88  0 
                 String principalId = SecurityUtils.getCurrentPrincipalId();
 89   
 
 90  0 
                 LOG.debug("Retreiving screen permission " + screenName + " for " + principalId);
 91   
 
 92  0 
         AttributeSet permDetails = new AttributeSet();
 93  0 
         permDetails.put(StudentIdentityConstants.SCREEN_COMPONENT, screenName);
 94  0 
         boolean hasAccess = false;
 95  0 
         hasAccess = getPermissionService().isAuthorizedByTemplateName(principalId,
 96   
                                         PermissionType.USE_SCREEN.getPermissionNamespace(),
 97   
                                         PermissionType.USE_SCREEN.getPermissionTemplateName(), permDetails,
 98   
                                         permDetails);
 99   
 
 100  0 
         LOG.debug(principalId + " access : " + hasAccess);
 101   
 
 102  0 
                 return hasAccess;
 103   
         }
 104   
 
 105   
 
 106   
         @Override
 107   
         public Boolean hasPermissionByPermissionName(String permissionName)        throws OperationFailedException {
 108  0 
                 String principalId = SecurityUtils.getCurrentPrincipalId();
 109   
 
 110  0 
                 LOG.debug("Retreiving permissions for permission name: " + permissionName + " for " + principalId);
 111   
 
 112   
                 //TODO: Do we need to worry about permission details when checking by permission name
 113  0 
                 boolean hasAccess = false;
 114  0 
                 hasAccess = getPermissionService().isAuthorized(principalId, "KS-SYS", permissionName, null, null);
 115   
 
 116  0 
                 LOG.debug(principalId + " access : " + hasAccess);
 117   
 
 118  0 
                 return hasAccess;
 119   
         }
 120   
 
 121   
         /**
 122   
          * This will return all permissions assigned to this user.
 123   
          *
 124   
          * TODO: Need to determine if permission details are required.
 125   
          */
 126   
         @SuppressWarnings("unchecked")
 127   
         @Override
 128   
         public ArrayList<String> getPermissionsByType(PermissionType permissionType) throws OperationFailedException {
 129  0 
                 ArrayList<String> matchingPermissions = new ArrayList<String>();
 130   
 
 131  0 
                 String principalId = SecurityUtils.getCurrentPrincipalId();
 132   
 
 133  0 
                 LOG.debug("Retreiving permissions for template: " + permissionType.getPermissionTemplateName() + " for " + principalId);
 134   
 
 135  0 
                 List<KimPermissionInfo> permissions = (List<KimPermissionInfo>)getPermissionService().getAuthorizedPermissionsByTemplateName(
 136   
                                 principalId, permissionType.getPermissionNamespace(), permissionType.getPermissionTemplateName(), null, null);
 137   
 
 138   
 
 139  0 
                 for (KimPermissionInfo permissionInfo:permissions){
 140  0 
                         matchingPermissions.add(permissionInfo.getName());
 141   
                 }
 142   
 
 143  0 
                 return matchingPermissions;
 144   
         }
 145   
 
 146   
         /**
 147   
          * This will return all permissions assigned to this user.
 148   
          *
 149   
          * TODO: Need to determine if permission details are required.
 150   
          */
 151   
         @SuppressWarnings("unchecked")
 152   
         @Override
 153   
         public ArrayList<String> getPermissionsByType(PermissionType permissionType, HashMap<String,String> attributes) throws OperationFailedException {
 154  0 
                 ArrayList<String> matchingPermissions = new ArrayList<String>();
 155  0 
                 AttributeSet attributeSet = new AttributeSet(attributes);
 156  0 
                 String principalId = SecurityUtils.getCurrentPrincipalId();
 157   
 
 158  0 
                 LOG.debug("Retreiving permissions for template: " + permissionType.getPermissionTemplateName() + " for " + principalId +" with details: "+attributes!=null?attributes.toString():"null");
 159   
 
 160  0 
                 List<KimPermissionInfo> permissions = (List<KimPermissionInfo>)getPermissionService().getAuthorizedPermissionsByTemplateName(
 161   
                                 principalId, permissionType.getPermissionNamespace(), permissionType.getPermissionTemplateName(), attributeSet, attributeSet);
 162   
 
 163   
 
 164  0 
                 for (KimPermissionInfo permissionInfo:permissions){
 165  0 
                         matchingPermissions.add(permissionInfo.getName());
 166   
                 }
 167   
 
 168  0 
                 return matchingPermissions;
 169   
         }
 170   
 
 171   
         public void setPermissionService(IdentityManagementService permissionService) {
 172  0 
                 this.permissionService = permissionService;
 173  0 
         }
 174   
 
 175   
         public IdentityManagementService getPermissionService()throws OperationFailedException{
 176  0 
                 if(permissionService==null){
 177  0 
                 throw new OperationFailedException("Permission Service is unavailable");
 178   
         }
 179   
 
 180  0 
                 return permissionService;
 181   
         }
 182   
 
 183   
 
 184   
 }
Report generated by Cobertura 1.9.4.1 on 2/10/12 4:44 AM.