001 /** 002 * Copyright 2004-2013 The Kuali Foundation 003 * 004 * Licensed under the Educational Community License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.opensource.org/licenses/ecl2.php 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 package org.kuali.hr.time.timesheet.web; 017 018 import java.sql.Date; 019 020 import javax.servlet.http.HttpServletRequest; 021 import javax.servlet.http.HttpServletResponse; 022 023 import org.apache.commons.lang.StringUtils; 024 import org.apache.log4j.Logger; 025 import org.apache.struts.action.ActionForm; 026 import org.apache.struts.action.ActionForward; 027 import org.apache.struts.action.ActionMapping; 028 import org.apache.struts.action.ActionRedirect; 029 import org.kuali.hr.time.base.web.TkAction; 030 import org.kuali.hr.time.calendar.CalendarEntries; 031 import org.kuali.hr.time.detail.web.ActionFormUtils; 032 import org.kuali.hr.time.roles.TkUserRoles; 033 import org.kuali.hr.time.roles.UserRoles; 034 import org.kuali.hr.time.service.base.TkServiceLocator; 035 import org.kuali.hr.time.timesheet.TimesheetDocument; 036 import org.kuali.hr.time.util.TKContext; 037 import org.kuali.hr.time.util.TKUser; 038 import org.kuali.hr.time.util.TKUtils; 039 import org.kuali.hr.time.util.TkConstants; 040 import org.kuali.hr.time.workflow.TimesheetDocumentHeader; 041 import org.kuali.rice.kim.api.services.KimApiServiceLocator; 042 import org.kuali.rice.krad.exception.AuthorizationException; 043 import org.kuali.rice.krad.util.GlobalVariables; 044 045 public class TimesheetAction extends TkAction { 046 047 private static final Logger LOG = Logger.getLogger(TimesheetAction.class); 048 049 @Override 050 protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException { 051 UserRoles roles = TkUserRoles.getUserRoles(GlobalVariables.getUserSession().getPrincipalId()); 052 TimesheetDocument doc = TKContext.getCurrentTimesheetDocument(); 053 054 if (!roles.isDocumentReadable(doc)) { 055 throw new AuthorizationException(GlobalVariables.getUserSession().getPrincipalId(), "TimesheetAction: docid: " + doc.getDocumentId(), ""); 056 } 057 } 058 059 @Override 060 public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 061 TimesheetActionForm taForm = (TimesheetActionForm) form; 062 String documentId = taForm.getDocumentId(); 063 064 if (StringUtils.equals(request.getParameter("command"), "displayDocSearchView") 065 || StringUtils.equals(request.getParameter("command"), "displayActionListView") ) { 066 documentId = (String) request.getParameter("docId"); 067 } 068 069 LOG.debug("DOCID: " + documentId); 070 071 // Here - viewPrincipal will be the principal of the user we intend to 072 // view, be it target user, backdoor or otherwise. 073 String viewPrincipal = TKUser.getCurrentTargetPerson().getPrincipalId(); 074 075 // By handling the prev/next in the execute method, we are saving one 076 // fetch/construction of a TimesheetDocument. If it were broken out into 077 // methods, we would first fetch the current document, and then fetch 078 // the next one instead of doing it in the single action. 079 TimesheetDocument td; 080 if (StringUtils.isNotBlank(documentId)) { 081 td = TkServiceLocator.getTimesheetService().getTimesheetDocument(documentId); 082 } else { 083 // Default to whatever is active for "today". 084 Date currentDate = TKUtils.getTimelessDate(null); 085 CalendarEntries payCalendarEntries = TkServiceLocator.getCalendarService().getCurrentCalendarDates(viewPrincipal, currentDate); 086 if (payCalendarEntries == null) { 087 throw new RuntimeException("No pay calendar entry for " + viewPrincipal); 088 } 089 td = TkServiceLocator.getTimesheetService().openTimesheetDocument(viewPrincipal, payCalendarEntries); 090 } 091 092 // Set the TKContext for the current timesheet document id. 093 if (td != null) { 094 setupDocumentOnFormContext(taForm, td); 095 } else { 096 LOG.error("Null timesheet document in TimesheetAction."); 097 } 098 099 // Do this at the end, so we load the document first, 100 // then check security permissions via the superclass execution chain. 101 return super.execute(mapping, form, request, response); 102 } 103 104 public ActionForward docHandler(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 105 ActionForward forward = mapping.findForward("basic"); 106 String command = request.getParameter("command"); 107 108 if (StringUtils.equals(command, "displayDocSearchView") || StringUtils.equals(command, "displayActionListView")) { 109 String docId = (String) request.getParameter("docId"); 110 TimesheetDocument timesheetDocument = TkServiceLocator.getTimesheetService().getTimesheetDocument(docId); 111 String timesheetPrincipalName = KimApiServiceLocator.getPersonService().getPerson(timesheetDocument.getPrincipalId()).getPrincipalName(); 112 113 String principalId = TKUser.getCurrentTargetPerson().getPrincipalId(); 114 String principalName = KimApiServiceLocator.getPersonService().getPerson(principalId).getPrincipalName(); 115 116 StringBuilder builder = new StringBuilder(); 117 if (!StringUtils.equals(principalName, timesheetPrincipalName)) { 118 if (StringUtils.equals(command, "displayDocSearchView")) { 119 builder.append("changeTargetPerson.do?methodToCall=changeTargetPerson"); 120 builder.append("&documentId="); 121 builder.append(docId); 122 builder.append("&principalName="); 123 builder.append(timesheetPrincipalName); 124 builder.append("&targetUrl=TimeDetail.do"); 125 builder.append("?docmentId=" + docId); 126 builder.append("&returnUrl=TimeApproval.do"); 127 } else { 128 builder.append("TimeApproval.do"); 129 } 130 } else { 131 builder.append("TimeDetail.do"); 132 builder.append("?docmentId=" + docId); 133 } 134 135 forward = new ActionRedirect(builder.toString()); 136 } 137 138 return forward; 139 } 140 141 protected void setupDocumentOnFormContext(TimesheetActionForm taForm, TimesheetDocument td){ 142 String viewPrincipal = TKUser.getCurrentTargetPerson().getPrincipalId(); 143 TKContext.setCurrentTimesheetDocumentId(td.getDocumentId()); 144 TKContext.setCurrentTimesheetDocument(td); 145 taForm.setTimesheetDocument(td); 146 taForm.setDocumentId(td.getDocumentId()); 147 TimesheetDocumentHeader prevTdh = TkServiceLocator.getTimesheetDocumentHeaderService().getPrevOrNextDocumentHeader(TkConstants.PREV_TIMESHEET, viewPrincipal); 148 TimesheetDocumentHeader nextTdh = TkServiceLocator.getTimesheetDocumentHeaderService().getPrevOrNextDocumentHeader(TkConstants.NEXT_TIMESHEET, viewPrincipal); 149 150 taForm.setPrevDocumentId(prevTdh != null ? prevTdh.getDocumentId() : null); 151 taForm.setNextDocumentId(nextTdh != null ? nextTdh.getDocumentId() : null); 152 153 taForm.setPayCalendarDates(td.getPayCalendarEntry()); 154 taForm.setOnCurrentPeriod(ActionFormUtils.getOnCurrentPeriodFlag(taForm.getPayCalendarDates())); 155 } 156 157 }