001 /**
002 * Copyright 2010 The Kuali Foundation Licensed under the
003 * Educational Community License, Version 2.0 (the "License"); you may
004 * not use this file except in compliance with the License. You may
005 * obtain a copy of the License at
006 *
007 * http://www.osedu.org/licenses/ECL-2.0
008 *
009 * Unless required by applicable law or agreed to in writing,
010 * software distributed under the License is distributed on an "AS IS"
011 * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
012 * or implied. See the License for the specific language governing
013 * permissions and limitations under the License.
014 */
015
016 package org.kuali.student.common.ui.server.gwt.old;
017
018 import java.util.LinkedHashMap;
019 import java.util.Map;
020
021 import org.apache.commons.lang.StringUtils;
022 import org.apache.log4j.Logger;
023
024 import org.kuali.rice.kew.api.action.WorkflowDocumentActionsService;
025 import org.kuali.rice.kim.api.identity.IdentityService;
026 import org.kuali.rice.kim.api.permission.PermissionService;
027 import org.kuali.student.r1.common.assembly.data.AssemblyException;
028 import org.kuali.student.r1.common.assembly.data.Data;
029 import org.kuali.student.r1.common.assembly.data.Metadata;
030 import org.kuali.student.r1.common.assembly.old.Assembler;
031 import org.kuali.student.r1.common.assembly.old.data.SaveResult;
032 import org.kuali.student.r1.common.rice.StudentIdentityConstants;
033 import org.kuali.student.r1.common.rice.authorization.PermissionType;
034 import org.kuali.student.r2.common.dto.ContextInfo;
035 import org.kuali.student.common.ui.client.service.BaseDataOrchestrationRpcService;
036 import org.kuali.student.common.ui.client.service.DataSaveResult;
037 import org.kuali.student.common.ui.client.service.exceptions.OperationFailedException;
038 import org.kuali.student.common.ui.shared.IdAttributes;
039 import org.kuali.student.common.util.security.SecurityUtils;
040
041 import com.google.gwt.user.server.rpc.RemoteServiceServlet;
042 import org.kuali.student.r2.common.util.ContextUtils;
043
044 /**
045 * Generic implementation of data orchestration calls and workflow calls
046 *
047 */
048 @Deprecated
049 public abstract class AbstractBaseDataOrchestrationRpcGwtServlet extends RemoteServiceServlet implements BaseDataOrchestrationRpcService {
050 //FIXME issues:
051 // -The Type/state config is hardcoded here which will cause troubles with different types and states
052 // -Workflow filter should be combined with this for save
053 // -The exception handling here needs standardization. Should RPC errors throw operation failed with just the message and log the message and exception?
054 // also should calls that return Boolean ever throw exceptions?
055
056 private static final long serialVersionUID = 1L;
057
058 final Logger LOG = Logger.getLogger(AbstractBaseDataOrchestrationRpcGwtServlet.class);
059
060 private Assembler<Data, Void> assembler;
061
062 private WorkflowDocumentActionsService simpleDocService;
063 private PermissionService permissionService;
064 private IdentityService identityService;
065
066 @Override
067 public Data getData(String dataId) {
068 try {
069 return assembler.get(dataId);
070 } catch (AssemblyException e) {
071 LOG.error("Error getting Data.",e);
072 }
073 return null;
074 }
075
076 @Override
077 public Metadata getMetadata(String id, Map<String,String> idAttributes) {
078
079 try {
080 //FIXME: should not pass empty id. What to do here?
081 String idType = "";
082 if (idAttributes != null){
083 idType = idAttributes.get(IdAttributes.ID_TYPE);
084 }
085 return assembler.getMetadata(idType, id, getDefaultMetaDataType(), getDefaultMetaDataState());
086 } catch (AssemblyException e) {
087 LOG.error("Error getting Metadata.",e);
088 }
089 return null;
090 }
091
092 @Override
093 public DataSaveResult saveData(Data data) throws OperationFailedException {
094 try {
095 SaveResult<Data> saveResult = assembler.save(data);
096 if (saveResult != null) {
097 return new DataSaveResult(saveResult.getValidationResults(), saveResult.getValue());
098 }
099 } catch (Exception e) {
100 LOG.error("Unable to save", e);
101 throw new OperationFailedException("Unable to save");
102 }
103 return null;
104 }
105
106
107 protected String getCurrentUser() {
108 String username = SecurityUtils.getCurrentPrincipalId();
109 //backdoorId is only for convenience
110 if(username==null&&this.getThreadLocalRequest().getSession().getAttribute("backdoorId")!=null){
111 username=(String)this.getThreadLocalRequest().getSession().getAttribute("backdoorId");
112 }
113 return username;
114 }
115
116 protected boolean checkDocumentLevelPermissions() {
117 return false;
118 }
119
120 public Boolean isAuthorized(PermissionType type, Map<String,String> attributes) {
121 try
122 {
123 String user = getCurrentUser();
124 boolean result = false;
125 if (checkDocumentLevelPermissions()) {
126 if (type == null) {
127 return null;
128 }
129 String namespaceCode = type.getPermissionNamespace();
130 String permissionTemplateName = type.getPermissionTemplateName();
131 Map<String, String> roleQuals = new LinkedHashMap<String, String>();
132 roleQuals.put(StudentIdentityConstants.DOCUMENT_TYPE_NAME, getDefaultWorkflowDocumentType());
133 if (attributes != null) {
134 roleQuals.putAll(attributes);
135 }
136 if (StringUtils.isNotBlank(namespaceCode) && StringUtils.isNotBlank(permissionTemplateName)) {
137 LOG.info("Checking Permission '" + namespaceCode + "/" + permissionTemplateName + "' for user '"
138 + user + "'");
139 result = getPermissionService().isAuthorizedByTemplate(user, namespaceCode, permissionTemplateName,
140 new LinkedHashMap<String, String>(), roleQuals);
141 }
142 else {
143 LOG.info("Can not check Permission with namespace '" + namespaceCode + "' and template name '"
144 + permissionTemplateName + "' for user '" + user + "'");
145 return Boolean.TRUE;
146 }
147 }
148 else {
149 LOG.info("Will not check for document level permissions. Defaulting authorization to true.");
150 result = true;
151 }
152 LOG.info("Result of authorization check for user '" + user + "': " + result);
153 return Boolean.valueOf(result);
154 } catch (Exception ex) {
155 // Log exception
156 ex.printStackTrace();
157 throw new RuntimeException(ex);
158 }
159 }
160
161 protected abstract String deriveAppIdFromData(Data data);
162 protected abstract String deriveDocContentFromData(Data data);
163 protected abstract String getDefaultWorkflowDocumentType();
164 protected abstract String getDefaultMetaDataState();
165 protected abstract String getDefaultMetaDataType();
166
167 //POJO methods
168 public void setAssembler(Assembler<Data, Void> assembler) {
169 this.assembler = assembler;
170 }
171
172 public PermissionService getPermissionService() {
173 return permissionService;
174 }
175
176 public void setPermissionService(PermissionService permissionService) {
177 this.permissionService = permissionService;
178 }
179
180 public IdentityService getIdentityService() {
181 return identityService;
182 }
183
184 public void setIdentityService(IdentityService identityService) {
185 this.identityService = identityService;
186 }
187
188 public void setSimpleDocService(WorkflowDocumentActionsService simpleDocService) {
189 this.simpleDocService = simpleDocService;
190 }
191
192 protected Assembler<Data, Void> getAssembler() {
193 return assembler;
194 }
195
196 protected WorkflowDocumentActionsService getSimpleDocService() {
197 return simpleDocService;
198 }
199
200 }