Coverage Report

Coverage Report - org.kuali.rice.kns.authorization.BusinessObjectAuthorizerBase

Classes in this File

Line Coverage

Branch Coverage

Complexity

BusinessObjectAuthorizerBase

0/54

0/16

1.421

 /*
  * Copyright 2007-2009 The Kuali Foundation
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kns.authorization;
 
 import java.util.HashMap;
 import java.util.Map;
 
 import org.kuali.rice.core.xml.dto.AttributeSet;
 
 import org.kuali.rice.kim.service.IdentityManagementService;
 import org.kuali.rice.kim.service.KIMServiceLocator;
 import org.kuali.rice.kim.service.PersonService;
 import org.kuali.rice.kim.util.KimConstants;
 import org.kuali.rice.kns.bo.BusinessObject;
 import org.kuali.rice.kns.service.DataDictionaryService;
 import org.kuali.rice.kns.service.KNSServiceLocatorWeb;
 import org.kuali.rice.kns.service.KualiModuleService;
 import org.kuali.rice.kns.service.PersistenceStructureService;
 import org.kuali.rice.kns.util.GlobalVariables;
 import org.kuali.rice.kns.util.KNSUtils;
 
 public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
 //        private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
 //                        .getLogger(BusinessObjectAuthorizerBase.class);
 
     private static IdentityManagementService identityManagementService;
     private static PersonService personService;
     private static KualiModuleService kualiModuleService;
     private static DataDictionaryService dataDictionaryService;
     private static PersistenceStructureService persistenceStructureService;
 
     /**
      * Override this method to populate the role qualifier attributes from the
      * primary business object or document. This will only be called once per
      * request.
      *
      * @param primaryBusinessObjectOrDocument
      *                   the primary business object (i.e. the main BO instance behind
      *                   the lookup result row or inquiry) or the document
      * @param attributes role qualifiers will be added to this map
      */
     protected void addRoleQualification(
             BusinessObject primaryBusinessObjectOrDocument,
             Map<String, String> attributes) {
         addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
     }
 
     /**
      * Override this method to populate the permission details from the primary
      * business object or document. This will only be called once per request.
      *
      * @param primaryBusinessObjectOrDocument
      *                   the primary business object (i.e. the main BO instance behind
      *                   the lookup result row or inquiry) or the document
      * @param attributes permission details will be added to this map
      */
     protected void addPermissionDetails(
             BusinessObject primaryBusinessObjectOrDocument,
             Map<String, String> attributes) {
         addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
     }
 
     /**
      * @param primaryBusinessObjectOrDocument
      *                   the primary business object (i.e. the main BO instance behind
      *                   the lookup result row or inquiry) or the document
      * @param attributes attributes (i.e. role qualifications or permission details)
      *                   will be added to this map
      */
     private void addStandardAttributes(
             BusinessObject primaryBusinessObjectOrDocument,
             Map<String, String> attributes) {
         attributes
                 .putAll(KNSUtils
                         .getNamespaceAndComponentSimpleName(primaryBusinessObjectOrDocument
                                 .getClass()));
     }
 
     protected final boolean permissionExistsByTemplate(
             BusinessObject businessObject, String namespaceCode,
             String permissionTemplateName) {
         return getIdentityManagementService()
                 .isPermissionDefinedForTemplateName(
                         namespaceCode,
                         permissionTemplateName,
                         new AttributeSet(
                                 getPermissionDetailValues(businessObject)));
     }
 
     protected final boolean permissionExistsByTemplate(String namespaceCode,
                                                        String permissionTemplateName, Map<String, String> permissionDetails) {
         return getIdentityManagementService()
                 .isPermissionDefinedForTemplateName(namespaceCode,
                         permissionTemplateName,
                         new AttributeSet(permissionDetails));
     }
 
     protected final boolean permissionExistsByTemplate(
             BusinessObject businessObject, String namespaceCode,
             String permissionTemplateName, Map<String, String> permissionDetails) {
         AttributeSet combinedPermissionDetails = new AttributeSet(
                 getPermissionDetailValues(businessObject));
         combinedPermissionDetails.putAll(permissionDetails);
         return getIdentityManagementService()
                 .isPermissionDefinedForTemplateName(namespaceCode,
                         permissionTemplateName, combinedPermissionDetails);
     }
 
     public final boolean isAuthorized(BusinessObject businessObject,
                                       String namespaceCode, String permissionName, String principalId) {
         return getIdentityManagementService().isAuthorized(principalId,
                 namespaceCode, permissionName,
                 new AttributeSet(getPermissionDetailValues(businessObject)),
                 new AttributeSet(getRoleQualification(businessObject, principalId)));
     }
 
     public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
                                                 String namespaceCode, String permissionTemplateName,
                                                 String principalId) {
         return getIdentityManagementService().isAuthorizedByTemplateName(
                 principalId, namespaceCode, permissionTemplateName,
                 new AttributeSet(getPermissionDetailValues(businessObject)),
                 new AttributeSet(getRoleQualification(businessObject, principalId)));
     }
 
     public final boolean isAuthorized(BusinessObject businessObject,
                                       String namespaceCode, String permissionName, String principalId,
                                       Map<String, String> collectionOrFieldLevelPermissionDetails,
                                       Map<String, String> collectionOrFieldLevelRoleQualification) {
         AttributeSet roleQualifiers = null;
         AttributeSet permissionDetails = null;
         if (collectionOrFieldLevelRoleQualification != null) {
             roleQualifiers = new AttributeSet(
                     getRoleQualification(businessObject, principalId));
             roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
         } else {
             roleQualifiers = new AttributeSet(
                     getRoleQualification(businessObject, principalId));
         }
         if (collectionOrFieldLevelPermissionDetails != null) {
             permissionDetails = new AttributeSet(
                     getPermissionDetailValues(businessObject));
             permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
         } else {
             permissionDetails = new AttributeSet(
                     getPermissionDetailValues(businessObject));
         }
         return getIdentityManagementService().isAuthorized(principalId,
                 namespaceCode, permissionName, permissionDetails,
                 roleQualifiers);
     }
 
     public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
                                                 String namespaceCode, String permissionTemplateName,
                                                 String principalId,
                                                 Map<String, String> collectionOrFieldLevelPermissionDetails,
                                                 Map<String, String> collectionOrFieldLevelRoleQualification) {
         AttributeSet roleQualifiers = new AttributeSet(
                 getRoleQualification(businessObject, principalId));
         AttributeSet permissionDetails = new AttributeSet(
                 getPermissionDetailValues(businessObject));
         if (collectionOrFieldLevelRoleQualification != null) {
             roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
         }
         if (collectionOrFieldLevelPermissionDetails != null) {
             permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
         }
         return getIdentityManagementService().isAuthorizedByTemplateName(
                 principalId, namespaceCode, permissionTemplateName,
                 permissionDetails, roleQualifiers);
     }
 
     /**
      * Returns a role qualification map based off data from the primary business
      * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      *
      * @param primaryBusinessObjectOrDocument
      *         the primary business object (i.e. the main BO instance behind
      *         the lookup result row or inquiry) or the document
      * @return a Map containing role qualifications
      */
     protected final Map<String, String> getRoleQualification(
             BusinessObject primaryBusinessObjectOrDocument) {
         return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
                 .getUserSession().getPerson().getPrincipalId());
     }
 
     protected final Map<String, String> getRoleQualification(
             BusinessObject primaryBusinessObjectOrDocument, String principalId) {
         Map<String, String> roleQualification = new HashMap<String, String>();
         addRoleQualification(primaryBusinessObjectOrDocument,
                 roleQualification);
         roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
         return roleQualification;
     }
 
 
     /**
      * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
      */
     public Map<String, String> getCollectionItemPermissionDetails(
             BusinessObject collectionItemBusinessObject) {
         return new AttributeSet();
     }
 
     /**
      * @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
      */
     public Map<String, String> getCollectionItemRoleQualifications(
             BusinessObject collectionItemBusinessObject) {
         return new AttributeSet();
     }
 
     /**
      * Returns a permission details map based off data from the primary business
      * object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
      *
      * @param businessObject
      *         the primary business object (i.e. the main BO instance behind
      *         the lookup result row or inquiry) or the document
      * @return a Map containing permission details
      */
     protected final Map<String, String> getPermissionDetailValues(
             BusinessObject businessObject) {
         Map<String, String> permissionDetails = new HashMap<String, String>();
         addPermissionDetails(businessObject, permissionDetails);
         return permissionDetails;
     }
 
     protected static final IdentityManagementService getIdentityManagementService() {
         if (identityManagementService == null) {
             identityManagementService = KIMServiceLocator.getIdentityManagementService();
 
         }
         return identityManagementService;
     }
 
     protected static final PersonService getPersonService() {
         if (personService == null) {
             personService = KIMServiceLocator.getPersonService();
         }
         return personService;
     }
 
     protected static final KualiModuleService getKualiModuleService() {
         if (kualiModuleService == null) {
             kualiModuleService = KNSServiceLocatorWeb.getKualiModuleService();
         }
         return kualiModuleService;
     }
 
     protected static final DataDictionaryService getDataDictionaryService() {
         if (dataDictionaryService == null) {
             dataDictionaryService = KNSServiceLocatorWeb.getDataDictionaryService();
 
         }
         return dataDictionaryService;
     }
 }

1		/*
2		* Copyright 2007-2009 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kns.authorization;
17
18		import java.util.HashMap;
19		import java.util.Map;
20
21		import org.kuali.rice.core.xml.dto.AttributeSet;
22
23		import org.kuali.rice.kim.service.IdentityManagementService;
24		import org.kuali.rice.kim.service.KIMServiceLocator;
25		import org.kuali.rice.kim.service.PersonService;
26		import org.kuali.rice.kim.util.KimConstants;
27		import org.kuali.rice.kns.bo.BusinessObject;
28		import org.kuali.rice.kns.service.DataDictionaryService;
29		import org.kuali.rice.kns.service.KNSServiceLocatorWeb;
30		import org.kuali.rice.kns.service.KualiModuleService;
31		import org.kuali.rice.kns.service.PersistenceStructureService;
32		import org.kuali.rice.kns.util.GlobalVariables;
33		import org.kuali.rice.kns.util.KNSUtils;
34
35	0	public class BusinessObjectAuthorizerBase implements BusinessObjectAuthorizer {
36		// private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger
37		// .getLogger(BusinessObjectAuthorizerBase.class);
38
39		private static IdentityManagementService identityManagementService;
40		private static PersonService personService;
41		private static KualiModuleService kualiModuleService;
42		private static DataDictionaryService dataDictionaryService;
43		private static PersistenceStructureService persistenceStructureService;
44
45		/**
46		* Override this method to populate the role qualifier attributes from the
47		* primary business object or document. This will only be called once per
48		* request.
49		*
50		* @param primaryBusinessObjectOrDocument
51		* the primary business object (i.e. the main BO instance behind
52		* the lookup result row or inquiry) or the document
53		* @param attributes role qualifiers will be added to this map
54		*/
55		protected void addRoleQualification(
56		BusinessObject primaryBusinessObjectOrDocument,
57		Map<String, String> attributes) {
58	0	addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
59	0	}
60
61		/**
62		* Override this method to populate the permission details from the primary
63		* business object or document. This will only be called once per request.
64		*
65		* @param primaryBusinessObjectOrDocument
66		* the primary business object (i.e. the main BO instance behind
67		* the lookup result row or inquiry) or the document
68		* @param attributes permission details will be added to this map
69		*/
70		protected void addPermissionDetails(
71		BusinessObject primaryBusinessObjectOrDocument,
72		Map<String, String> attributes) {
73	0	addStandardAttributes(primaryBusinessObjectOrDocument, attributes);
74	0	}
75
76		/**
77		* @param primaryBusinessObjectOrDocument
78		* the primary business object (i.e. the main BO instance behind
79		* the lookup result row or inquiry) or the document
80		* @param attributes attributes (i.e. role qualifications or permission details)
81		* will be added to this map
82		*/
83		private void addStandardAttributes(
84		BusinessObject primaryBusinessObjectOrDocument,
85		Map<String, String> attributes) {
86	0	attributes
87		.putAll(KNSUtils
88		.getNamespaceAndComponentSimpleName(primaryBusinessObjectOrDocument
89		.getClass()));
90	0	}
91
92		protected final boolean permissionExistsByTemplate(
93		BusinessObject businessObject, String namespaceCode,
94		String permissionTemplateName) {
95	0	return getIdentityManagementService()
96		.isPermissionDefinedForTemplateName(
97		namespaceCode,
98		permissionTemplateName,
99		new AttributeSet(
100		getPermissionDetailValues(businessObject)));
101		}
102
103		protected final boolean permissionExistsByTemplate(String namespaceCode,
104		String permissionTemplateName, Map<String, String> permissionDetails) {
105	0	return getIdentityManagementService()
106		.isPermissionDefinedForTemplateName(namespaceCode,
107		permissionTemplateName,
108		new AttributeSet(permissionDetails));
109		}
110
111		protected final boolean permissionExistsByTemplate(
112		BusinessObject businessObject, String namespaceCode,
113		String permissionTemplateName, Map<String, String> permissionDetails) {
114	0	AttributeSet combinedPermissionDetails = new AttributeSet(
115		getPermissionDetailValues(businessObject));
116	0	combinedPermissionDetails.putAll(permissionDetails);
117	0	return getIdentityManagementService()
118		.isPermissionDefinedForTemplateName(namespaceCode,
119		permissionTemplateName, combinedPermissionDetails);
120		}
121
122		public final boolean isAuthorized(BusinessObject businessObject,
123		String namespaceCode, String permissionName, String principalId) {
124	0	return getIdentityManagementService().isAuthorized(principalId,
125		namespaceCode, permissionName,
126		new AttributeSet(getPermissionDetailValues(businessObject)),
127		new AttributeSet(getRoleQualification(businessObject, principalId)));
128		}
129
130		public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
131		String namespaceCode, String permissionTemplateName,
132		String principalId) {
133	0	return getIdentityManagementService().isAuthorizedByTemplateName(
134		principalId, namespaceCode, permissionTemplateName,
135		new AttributeSet(getPermissionDetailValues(businessObject)),
136		new AttributeSet(getRoleQualification(businessObject, principalId)));
137		}
138
139		public final boolean isAuthorized(BusinessObject businessObject,
140		String namespaceCode, String permissionName, String principalId,
141		Map<String, String> collectionOrFieldLevelPermissionDetails,
142		Map<String, String> collectionOrFieldLevelRoleQualification) {
143	0	AttributeSet roleQualifiers = null;
144	0	AttributeSet permissionDetails = null;
145	0	if (collectionOrFieldLevelRoleQualification != null) {
146	0	roleQualifiers = new AttributeSet(
147		getRoleQualification(businessObject, principalId));
148	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
149		} else {
150	0	roleQualifiers = new AttributeSet(
151		getRoleQualification(businessObject, principalId));
152		}
153	0	if (collectionOrFieldLevelPermissionDetails != null) {
154	0	permissionDetails = new AttributeSet(
155		getPermissionDetailValues(businessObject));
156	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
157		} else {
158	0	permissionDetails = new AttributeSet(
159		getPermissionDetailValues(businessObject));
160		}
161	0	return getIdentityManagementService().isAuthorized(principalId,
162		namespaceCode, permissionName, permissionDetails,
163		roleQualifiers);
164		}
165
166		public final boolean isAuthorizedByTemplate(BusinessObject businessObject,
167		String namespaceCode, String permissionTemplateName,
168		String principalId,
169		Map<String, String> collectionOrFieldLevelPermissionDetails,
170		Map<String, String> collectionOrFieldLevelRoleQualification) {
171	0	AttributeSet roleQualifiers = new AttributeSet(
172		getRoleQualification(businessObject, principalId));
173	0	AttributeSet permissionDetails = new AttributeSet(
174		getPermissionDetailValues(businessObject));
175	0	if (collectionOrFieldLevelRoleQualification != null) {
176	0	roleQualifiers.putAll(collectionOrFieldLevelRoleQualification);
177		}
178	0	if (collectionOrFieldLevelPermissionDetails != null) {
179	0	permissionDetails.putAll(collectionOrFieldLevelPermissionDetails);
180		}
181	0	return getIdentityManagementService().isAuthorizedByTemplateName(
182		principalId, namespaceCode, permissionTemplateName,
183		permissionDetails, roleQualifiers);
184		}
185
186		/**
187		* Returns a role qualification map based off data from the primary business
188		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
189		*
190		* @param primaryBusinessObjectOrDocument
191		* the primary business object (i.e. the main BO instance behind
192		* the lookup result row or inquiry) or the document
193		* @return a Map containing role qualifications
194		*/
195		protected final Map<String, String> getRoleQualification(
196		BusinessObject primaryBusinessObjectOrDocument) {
197	0	return getRoleQualification(primaryBusinessObjectOrDocument, GlobalVariables
198		.getUserSession().getPerson().getPrincipalId());
199		}
200
201		protected final Map<String, String> getRoleQualification(
202		BusinessObject primaryBusinessObjectOrDocument, String principalId) {
203	0	Map<String, String> roleQualification = new HashMap<String, String>();
204	0	addRoleQualification(primaryBusinessObjectOrDocument,
205		roleQualification);
206	0	roleQualification.put(KimConstants.AttributeConstants.PRINCIPAL_ID, principalId);
207	0	return roleQualification;
208		}
209
210
211		/**
212		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemPermissionDetails(org.kuali.rice.kns.bo.BusinessObject)
213		*/
214		public Map<String, String> getCollectionItemPermissionDetails(
215		BusinessObject collectionItemBusinessObject) {
216	0	return new AttributeSet();
217		}
218
219		/**
220		* @see org.kuali.rice.kns.authorization.BusinessObjectAuthorizer#getCollectionItemRoleQualifications(org.kuali.rice.kns.bo.BusinessObject)
221		*/
222		public Map<String, String> getCollectionItemRoleQualifications(
223		BusinessObject collectionItemBusinessObject) {
224	0	return new AttributeSet();
225		}
226
227		/**
228		* Returns a permission details map based off data from the primary business
229		* object or the document. DO NOT MODIFY THE MAP RETURNED BY THIS METHOD
230		*
231		* @param businessObject
232		* the primary business object (i.e. the main BO instance behind
233		* the lookup result row or inquiry) or the document
234		* @return a Map containing permission details
235		*/
236		protected final Map<String, String> getPermissionDetailValues(
237		BusinessObject businessObject) {
238	0	Map<String, String> permissionDetails = new HashMap<String, String>();
239	0	addPermissionDetails(businessObject, permissionDetails);
240	0	return permissionDetails;
241		}
242
243		protected static final IdentityManagementService getIdentityManagementService() {
244	0	if (identityManagementService == null) {
245	0	identityManagementService = KIMServiceLocator.getIdentityManagementService();
246
247		}
248	0	return identityManagementService;
249		}
250
251		protected static final PersonService getPersonService() {
252	0	if (personService == null) {
253	0	personService = KIMServiceLocator.getPersonService();
254		}
255	0	return personService;
256		}
257
258		protected static final KualiModuleService getKualiModuleService() {
259	0	if (kualiModuleService == null) {
260	0	kualiModuleService = KNSServiceLocatorWeb.getKualiModuleService();
261		}
262	0	return kualiModuleService;
263		}
264
265		protected static final DataDictionaryService getDataDictionaryService() {
266	0	if (dataDictionaryService == null) {
267	0	dataDictionaryService = KNSServiceLocatorWeb.getDataDictionaryService();
268
269		}
270	0	return dataDictionaryService;
271		}
272		}