View Javadoc

1   /**
2    * Copyright 2010 The Kuali Foundation Licensed under the
3    * Educational Community License, Version 2.0 (the "License"); you may
4    * not use this file except in compliance with the License. You may
5    * obtain a copy of the License at
6    *
7    * http://www.osedu.org/licenses/ECL-2.0
8    *
9    * Unless required by applicable law or agreed to in writing,
10   * software distributed under the License is distributed on an "AS IS"
11   * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12   * or implied. See the License for the specific language governing
13   * permissions and limitations under the License.
14   */
15  
16  package org.kuali.student.common.ui.server.gwt.old;
17  
18  import java.util.Map;
19  
20  import org.apache.commons.lang.StringUtils;
21  import org.apache.log4j.Logger;
22  import org.kuali.rice.kew.service.WorkflowUtility;
23  import org.kuali.rice.kew.webservice.SimpleDocumentActionsWebService;
24  import org.kuali.rice.kim.bo.types.dto.AttributeSet;
25  import org.kuali.rice.kim.service.IdentityManagementService;
26  import org.kuali.rice.kim.service.IdentityManagementService;
27  import org.kuali.student.common.assembly.data.AssemblyException;
28  import org.kuali.student.common.assembly.data.Data;
29  import org.kuali.student.common.assembly.data.Metadata;
30  import org.kuali.student.common.assembly.old.Assembler;
31  import org.kuali.student.common.assembly.old.data.SaveResult;
32  import org.kuali.student.common.rice.StudentIdentityConstants;
33  import org.kuali.student.common.rice.authorization.PermissionType;
34  import org.kuali.student.common.ui.client.service.BaseDataOrchestrationRpcService;
35  import org.kuali.student.common.ui.client.service.DataSaveResult;
36  import org.kuali.student.common.ui.client.service.exceptions.OperationFailedException;
37  import org.kuali.student.common.ui.shared.IdAttributes;
38  import org.kuali.student.common.util.security.SecurityUtils;
39  
40  import com.google.gwt.user.server.rpc.RemoteServiceServlet;
41  
42  /**
43   * Generic implementation of data orchestration calls and workflow calls
44   *
45   */
46  @Deprecated
47  public abstract class AbstractBaseDataOrchestrationRpcGwtServlet extends RemoteServiceServlet implements BaseDataOrchestrationRpcService {
48  	//FIXME issues:
49  	// -The Type/state config is hardcoded here which will cause troubles with different types and states
50  	// -Workflow filter should be combined with this for save
51  	// -The exception handling here needs standardization.  Should RPC errors throw operation failed with just the message and log the message and exception?
52  	// also should calls that return Boolean ever throw exceptions?
53  
54  	private static final long serialVersionUID = 1L;
55  
56  	final Logger LOG = Logger.getLogger(AbstractBaseDataOrchestrationRpcGwtServlet.class);
57  
58  	private Assembler<Data, Void> assembler;
59  
60      private SimpleDocumentActionsWebService simpleDocService;
61      private WorkflowUtility workflowUtilityService;
62  	private IdentityManagementService permissionService;
63  	private IdentityManagementService identityService;
64  
65  	@Override
66  	public Data getData(String dataId) {
67  		try {
68  			return assembler.get(dataId);
69  		} catch (AssemblyException e) {
70  			LOG.error("Error getting Data.",e);
71  		}
72  		return null;
73  	}
74  
75  	@Override
76  	public Metadata getMetadata(String id, Map<String,String> idAttributes) {
77  
78  		try {
79  		    //FIXME: should not pass empty id. What to do here?
80  			String idType = "";
81  			if (idAttributes != null){
82  				idType = idAttributes.get(IdAttributes.ID_TYPE);
83  			}
84  			return assembler.getMetadata(idType, id, getDefaultMetaDataType(), getDefaultMetaDataState());
85  		} catch (AssemblyException e) {
86  			LOG.error("Error getting Metadata.",e);
87  		}
88  		return null;
89  	}
90  
91  	@Override
92  	public DataSaveResult saveData(Data data) throws OperationFailedException {
93  		try {
94  			SaveResult<Data> saveResult = assembler.save(data);
95  			if (saveResult != null) {
96  				return new DataSaveResult(saveResult.getValidationResults(), saveResult.getValue());
97  			}
98  		} catch (Exception e) {
99  			LOG.error("Unable to save", e);
100 			throw new OperationFailedException("Unable to save");
101 		}
102 		return null;
103 	}
104 
105 
106 	protected String getCurrentUser() {
107 		String username = SecurityUtils.getCurrentPrincipalId();
108 		//backdoorId is only for convenience
109 		if(username==null&&this.getThreadLocalRequest().getSession().getAttribute("backdoorId")!=null){
110 			username=(String)this.getThreadLocalRequest().getSession().getAttribute("backdoorId");
111         }
112 		return username;
113 	}
114 
115 	protected boolean checkDocumentLevelPermissions() {
116 		return false;
117 	}
118 
119 	public Boolean isAuthorized(PermissionType type, Map<String,String> attributes) {
120 		String user = getCurrentUser();
121 		boolean result = false;
122 		if (checkDocumentLevelPermissions()) {
123 			if (type == null) {
124 				return null;
125 			}
126 			String namespaceCode = type.getPermissionNamespace();
127 			String permissionTemplateName = type.getPermissionTemplateName();
128 			AttributeSet roleQuals = new AttributeSet(StudentIdentityConstants.DOCUMENT_TYPE_NAME, getDefaultWorkflowDocumentType());
129 			if (attributes != null) {
130 				roleQuals.putAll(attributes);
131 			}
132 			if (StringUtils.isNotBlank(namespaceCode) && StringUtils.isNotBlank(permissionTemplateName)) {
133 				LOG.info("Checking Permission '" + namespaceCode + "/" + permissionTemplateName + "' for user '" + user + "'");
134 				result = getPermissionService().isAuthorizedByTemplateName(user, namespaceCode, permissionTemplateName, null, roleQuals);
135 			}
136 			else {
137 				LOG.info("Can not check Permission with namespace '" + namespaceCode + "' and template name '" + permissionTemplateName + "' for user '" + user + "'");
138 				return Boolean.TRUE;
139 			}
140 		}
141 		else {
142 			LOG.info("Will not check for document level permissions. Defaulting authorization to true.");
143 			result = true;
144 		}
145 		LOG.info("Result of authorization check for user '" + user + "': " + result);
146 		return Boolean.valueOf(result);
147 	}
148 
149 	protected abstract String deriveAppIdFromData(Data data);
150 	protected abstract String deriveDocContentFromData(Data data);
151 	protected abstract String getDefaultWorkflowDocumentType();
152 	protected abstract String getDefaultMetaDataState();
153 	protected abstract String getDefaultMetaDataType();
154 
155 	//POJO methods
156 	public void setAssembler(Assembler<Data, Void> assembler) {
157 		this.assembler = assembler;
158 	}
159 
160 	public IdentityManagementService getPermissionService() {
161         return permissionService;
162     }
163 
164     public void setPermissionService(IdentityManagementService permissionService) {
165         this.permissionService = permissionService;
166     }
167 
168 	public IdentityManagementService getIdentityService() {
169     	return identityService;
170     }
171 
172 	public void setIdentityService(IdentityManagementService identityService) {
173     	this.identityService = identityService;
174     }
175 
176 	public void setSimpleDocService(SimpleDocumentActionsWebService simpleDocService) {
177 		this.simpleDocService = simpleDocService;
178 	}
179 
180 	public void setWorkflowUtilityService(WorkflowUtility workflowUtilityService) {
181 		this.workflowUtilityService = workflowUtilityService;
182 	}
183 
184 	protected Assembler<Data, Void> getAssembler() {
185 		return assembler;
186 	}
187 
188 	protected SimpleDocumentActionsWebService getSimpleDocService() {
189 		return simpleDocService;
190 	}
191 
192 	protected WorkflowUtility getWorkflowUtilityService() {
193 		return workflowUtilityService;
194 	}
195 
196 
197 }