View Javadoc

1   /**
2    * Copyright 2010 The Kuali Foundation Licensed under the
3    * Educational Community License, Version 2.0 (the "License"); you may
4    * not use this file except in compliance with the License. You may
5    * obtain a copy of the License at
6    *
7    * http://www.osedu.org/licenses/ECL-2.0
8    *
9    * Unless required by applicable law or agreed to in writing,
10   * software distributed under the License is distributed on an "AS IS"
11   * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12   * or implied. See the License for the specific language governing
13   * permissions and limitations under the License.
14   */
15  
16  package org.kuali.student.common.ui.client.security;
17  
18  import java.util.ArrayList;
19  import java.util.HashMap;
20  import java.util.Map;
21  import java.util.Map.Entry;
22  
23  import org.kuali.student.common.ui.client.application.KSAsyncCallback;
24  import org.kuali.student.common.ui.client.mvc.Callback;
25  import org.kuali.student.common.ui.client.service.SecurityRpcService;
26  import org.kuali.student.common.ui.client.service.SecurityRpcServiceAsync;
27  import org.kuali.student.r1.common.rice.authorization.PermissionType;
28  
29  import com.google.gwt.core.client.GWT;
30  
31  /**
32   * An interface to access the Kuali Student security context 
33   * 
34   * @author Kuali Student Team
35   *
36   */
37  public class SecurityContext {
38  
39      protected SecurityRpcServiceAsync securityRpcService = GWT.create(SecurityRpcService.class);
40      
41  	private String principalName = "";
42  	
43  	private Map <String,Boolean> permissionCache = new HashMap<String, Boolean>();
44       
45  	public void initializeSecurityContext(final Callback<Boolean> contextIntializedCallback){
46  	    securityRpcService.getPrincipalUsername(new KSAsyncCallback<String>(){
47  	        public void handleFailure(Throwable caught) {
48  	        	permissionCache.clear();
49  				throw new RuntimeException("Fatal - Unable to initialze security context");
50  			}
51  	
52  	        @Override
53  	        public void onSuccess(String userId) {
54  	        	permissionCache.clear();
55  	        	setPrincipalName(userId);
56  	            contextIntializedCallback.exec(true);
57  	        }            
58  	    });
59  	}
60  
61  	/**
62  	 * Set principalName of the user logged in (eg. jDoe)   
63  	 *
64  	 * @param principalId
65  	 */
66  	public void setPrincipalName(String principalName) {
67  		this.principalName = principalName;
68  	}
69  
70  	/**
71  	 * @return the userId of user logged into the system. (NOTE: When using KIM userId=principalName)
72  	 */
73  	public String getUserId() {
74  		return principalName;
75  	}
76  	
77  	/**
78  	 * Used to check if the permission has been loaded into the cache.
79  	 * 
80  	 * @return true if permission exists in cache
81  	 */
82  	public boolean checkPermissionCache(String permission){
83  		return permissionCache.containsKey(permission);
84  	}
85  	
86  	/**
87       * Used to check if user has a screen permission. If the permission has been cached
88       * in the browser, it will use the cached permission.
89       * 
90       * @param screenComponent
91       * @return true if user has access to the screen component
92       */
93      public void checkScreenPermission(final String screenComponent, final Callback<Boolean> checkPermissionCallback){
94          if (permissionCache.containsKey(screenComponent)){
95              checkPermissionCallback.exec(permissionCache.get(screenComponent));
96          } else {
97              securityRpcService.hasScreenPermission(screenComponent, new KSAsyncCallback<Boolean>() {
98                  @Override
99                  public void onSuccess(Boolean result) {
100                     permissionCache.put(screenComponent, result);
101                     checkPermissionCallback.exec(result);
102                 }
103             });
104         }
105     }
106     
107     /**
108      * Used to check a pre-loaded or cached screen permission.  Note: This should only be called if the permission has
109      * been loaded via the loadScreenPermissions method.  
110      * 
111      * @param screenComponent
112      * @return true if user has access to the screen component
113      */
114     public boolean checkCachedScreenPermission(final String screenComponent){       
115         if (permissionCache.containsKey(screenComponent)){
116             return permissionCache.get(screenComponent);
117         } else{
118             throw new RuntimeException("Permission not cached " + screenComponent);
119         }
120     }
121 	
122 	/**
123 	 * Used to check if user has a permission by its permission name. If the permission has been cached
124 	 * in the browser, it will use the cached permission.
125 	 * 
126 	 * @param permissionName
127 	 * @return true if user has the permission
128 	 */
129 	public void checkPermission(final String permissionName, final Callback<Boolean> checkPermissionCallback){
130         if (permissionCache.containsKey(permissionName)){
131         	checkPermissionCallback.exec(permissionCache.get(permissionName));
132         } else {
133 			securityRpcService.hasPermissionByPermissionName(permissionName, new KSAsyncCallback<Boolean>() {
134 	            @Override
135 	            public void onSuccess(Boolean result) {
136 	            	permissionCache.put(permissionName, result);
137 	            	checkPermissionCallback.exec(result);
138 	            }
139 	        });
140         }
141 	}
142 	
143 	/**
144 	 * Used to check if user has at least one of the permissions listed in the set of permissions passed in
145 	 * 
146 	 * @param permissionNames list of permission names to check
147 	 * @return true if user has the permission
148 	 */
149 	public void checkPermission(final String[] permissionNames, final Callback<Boolean> checkPermissionCallback){
150         ArrayList<String> permissionsToGet = new ArrayList<String>();
151         
152 		//Check if any of the permission names are already in the permission cache, and return if
153         //user has permission for one already in the cache.
154         for (String permissionName:permissionNames){
155 			if (permissionCache.containsKey(permissionName)){
156 				if (permissionCache.get(permissionName)){
157 					checkPermissionCallback.exec(permissionCache.get(true));
158 					break;
159 				}
160 			} else {
161 				permissionsToGet.add(permissionName);
162 			}		
163 		}
164 		
165         //If we have permissions we could not check in permission cache, retrieve them from the permission service
166         if (!permissionsToGet.isEmpty()){
167 			securityRpcService.getPermissions(permissionsToGet, new KSAsyncCallback<HashMap<String,Boolean>>() {
168 				@Override
169 				public void onSuccess(HashMap<String, Boolean> result) {
170 					boolean hasAccess = false;
171 					
172 					for (Entry<String,Boolean> entry:result.entrySet()){
173 		            	permissionCache.put(entry.getKey(), entry.getValue());
174 		            	if (entry.getValue()){
175 		            		hasAccess = true;
176 		            	}
177 					}	
178 					
179 					checkPermissionCallback.exec(hasAccess);
180 				}
181 	        });
182         }
183 	}
184 	
185 	/**
186 	 * Used to check if user has the permission with given permissionName without being cached.  This is useful
187 	 * if the permission is a derived permission and needs to be re-checked each time.
188 	 *  
189 	 * @param permissionName
190 	 */
191 	public void checkPermissionNoCache(final String permissionName, final Callback<Boolean> checkPermissionCallback){
192 		securityRpcService.hasScreenPermission(permissionName, new KSAsyncCallback<Boolean>() {
193             @Override
194             public void onSuccess(Boolean result) {
195             	checkPermissionCallback.exec(result);
196             }
197         });		
198 
199 	}
200 	
201 	/**
202 	 * Loads into the permission cache all the permissions user has for a permission type.
203 	 */
204 	public void loadPermissionsByPermissionType(PermissionType permissionType){
205 		securityRpcService.getPermissionsByType(permissionType, new KSAsyncCallback<ArrayList<String>>(){
206 
207 			@Override
208 			public void onSuccess(ArrayList<String> result) {
209 				for (String permissionName:result){
210 					permissionCache.put(permissionName, true);
211 				}				
212 			}			
213 		});
214 	}
215 	
216 	/**
217      * Loads into the permission cache all the permissions user has for a permission type.
218      */
219     public void loadScreenPermissions(final ArrayList<String> screenComponents, final Callback<Boolean> loadPermissionsCallback){
220         securityRpcService.getScreenPermissions(screenComponents, new KSAsyncCallback<HashMap<String, Boolean>>(){
221 
222             @Override
223             public void onSuccess(HashMap<String, Boolean> result) {
224                 for (Entry<String,Boolean> entry:result.entrySet()){
225                     permissionCache.put(entry.getKey(), entry.getValue());
226                 }
227                 loadPermissionsCallback.exec(true);
228             }
229             
230         });
231     }
232     
233 }