View Javadoc

1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.student.enrollment.class1.krms.view;
17  
18  import org.apache.commons.lang.StringUtils;
19  import org.kuali.rice.kim.api.KimConstants;
20  import org.kuali.rice.kim.api.identity.Person;
21  import org.kuali.rice.krad.uif.component.Component;
22  import org.kuali.rice.krad.uif.container.Group;
23  import org.kuali.rice.krad.uif.element.Action;
24  import org.kuali.rice.krad.uif.view.View;
25  import org.kuali.rice.krad.uif.view.ViewModel;
26  import org.kuali.rice.krad.web.form.MaintenanceDocumentForm;
27  import org.kuali.rice.krms.dto.AgendaEditor;
28  import org.kuali.rice.krms.dto.RuleManagementWrapper;
29  import org.kuali.rice.krms.dto.RuleTypeInfo;
30  import org.kuali.student.enrollment.class1.krms.dto.CORuleManagementWrapper;
31  import org.kuali.student.enrollment.main.view.KsViewAuthorizerBase;
32  
33  import java.util.HashMap;
34  import java.util.Map;
35  
36  /**
37   * @author Kuali Student Team
38   */
39  public class KSKRMSViewAuthorizer extends KsViewAuthorizerBase {
40  
41      private static final String KRMS_COMPARE_ACTION_EVENT = "compare";
42      private static final String KRMS_ADD_EDIT_ACTION_EVENT = "addEditRequisite";
43      private static final String KRMS_DELETE_ACTION_EVENT = "deleteRequisite";
44      private static final String KRMS_SUBMIT_ACTION_EVENT = "submitRequisite";
45  
46      public boolean canPerformAction(View view, ViewModel model, Action action, String actionEvent,
47                                      String actionId, Person user) {
48          // check action authz flag is set
49          if (!action.getActionSecurity().isPerformActionAuthz()) {
50              return true;
51          }
52  
53          MaintenanceDocumentForm maintenanceDocumentForm = (MaintenanceDocumentForm) model;
54          CORuleManagementWrapper wrapper = (CORuleManagementWrapper) maintenanceDocumentForm.getDocument().getNewMaintainableObject().getDataObject();
55  
56          String ruleType = null;
57          if(wrapper.getRuleEditor() != null) {
58              ruleType = wrapper.getRuleEditor().getRuleTypeInfo().getType();
59          } else {
60              ruleType = action.getActionParameters().get("ruleType");
61          }
62  
63          Map<String,String> permissionDetails = new HashMap<String,String>();
64          Map<String,String> roleQualifications = new HashMap<String,String>();
65  
66          String socState = StringUtils.lowerCase(wrapper.getContextBar().getTermSocState());
67  
68          if(!actionEvent.equals(KRMS_COMPARE_ACTION_EVENT)) {
69              roleQualifications.put("offeringAdminOrgId", wrapper.getAdminOrg());
70          }
71  
72          permissionDetails.put("socState", socState);
73          if(ruleType != null) {
74              permissionDetails.put("ruleType", ruleType);
75          }
76  
77          if (StringUtils.isNotBlank(actionEvent)) {
78              permissionDetails.put(KimConstants.AttributeConstants.ACTION_EVENT, actionEvent);
79          }
80  
81          if(KRMS_SUBMIT_ACTION_EVENT.equals(actionEvent)){
82              return isAuthorizedToUpdate(wrapper, view, action, model, user, permissionDetails, roleQualifications);
83          } else {
84              return isAuthorizedByTemplate(view, action, model, KimConstants.PermissionTemplateNames.PERFORM_ACTION,
85                  user, permissionDetails, roleQualifications, false);
86          }
87  
88      }
89  
90      private boolean isAuthorizedToUpdate(RuleManagementWrapper ruleWrapper, View view, Component action, ViewModel model, Person user,
91                                           Map<String, String> permissionDetails, Map<String, String> roleQualifications) {
92  
93          for(AgendaEditor agenda : ruleWrapper.getAgendas()){
94              for(RuleTypeInfo ruleType : agenda.getAgendaTypeInfo().getRuleTypes()){
95  
96                  permissionDetails.put("ruleType", ruleType.getType());
97  
98                  permissionDetails.put(KimConstants.AttributeConstants.ACTION_EVENT, KRMS_ADD_EDIT_ACTION_EVENT);
99                  if(isAuthorizedByTemplate(view, action, model, KimConstants.PermissionTemplateNames.PERFORM_ACTION,
100                         user, permissionDetails, roleQualifications, false)){
101                     return true;
102                 }
103 
104                 permissionDetails.put(KimConstants.AttributeConstants.ACTION_EVENT, KRMS_DELETE_ACTION_EVENT);
105                 if(isAuthorizedByTemplate(view, action, model, KimConstants.PermissionTemplateNames.PERFORM_ACTION,
106                         user, permissionDetails, roleQualifications, false)){
107                     return true;
108                 }
109             }
110         }
111 
112         return false;
113     }
114 
115     public boolean canEditGroup(View view, ViewModel model, Group group, String groupId, Person user) {
116         // check edit group authz flag is set
117         if (!group.getComponentSecurity().isEditAuthz()) {
118             return true;
119         }
120 
121         MaintenanceDocumentForm maintenanceDocumentForm = (MaintenanceDocumentForm) model;
122         CORuleManagementWrapper wrapper = (CORuleManagementWrapper) maintenanceDocumentForm.getDocument().getNewMaintainableObject().getDataObject();
123 
124         String ruleType = null;
125         if(wrapper.getRuleEditor() != null) {
126             ruleType = wrapper.getRuleEditor().getRuleTypeInfo().getType();
127         }
128 
129         Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
130         Map<String,String> roleQualifications = new HashMap<String,String>();
131 
132         String socState = StringUtils.lowerCase(wrapper.getContextBar().getTermSocState());
133 
134         roleQualifications.put("offeringAdminOrgId", wrapper.getAdminOrg());
135 
136         additionalPermissionDetails.put(KimConstants.AttributeConstants.NAMESPACE_CODE, "KS-ENR");
137         additionalPermissionDetails.put(KimConstants.AttributeConstants.VIEW_ID, model.getViewId());
138         additionalPermissionDetails.put(KimConstants.AttributeConstants.GROUP_ID, groupId);
139         additionalPermissionDetails.put("socState", socState);
140 
141         if(ruleType != null) {
142             additionalPermissionDetails.put("ruleType", ruleType);
143         }
144 
145         return isAuthorizedByTemplate(view, group, model, KimConstants.PermissionTemplateNames.EDIT_GROUP, user, additionalPermissionDetails,
146                 roleQualifications, false);
147     }
148 
149 }