View Javadoc

1   /**
2    * Copyright 2005-2012 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kns.web.struts.action;
17  
18  import org.apache.commons.lang.ObjectUtils;
19  import org.apache.commons.lang.StringUtils;
20  import org.apache.struts.action.ActionForm;
21  import org.apache.struts.action.ActionForward;
22  import org.apache.struts.action.ActionMapping;
23  import org.apache.struts.actions.DispatchAction;
24  import org.kuali.rice.coreservice.framework.CoreFrameworkServiceLocator;
25  import org.kuali.rice.coreservice.framework.parameter.ParameterService;
26  import org.kuali.rice.core.api.CoreApiServiceLocator;
27  import org.kuali.rice.core.api.encryption.EncryptionService;
28  import org.kuali.rice.core.api.util.RiceConstants;
29  import org.kuali.rice.kew.api.KewApiConstants;
30  import org.kuali.rice.kim.api.KimConstants;
31  import org.kuali.rice.kim.api.services.KimApiServiceLocator;
32  import org.kuali.rice.kns.document.authorization.DocumentAuthorizerBase;
33  import org.kuali.rice.kns.lookup.LookupUtils;
34  import org.kuali.rice.kns.service.BusinessObjectAuthorizationService;
35  import org.kuali.rice.kns.service.KNSServiceLocator;
36  import org.kuali.rice.kns.util.KNSGlobalVariables;
37  import org.kuali.rice.kns.util.WebUtils;
38  import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase;
39  import org.kuali.rice.kns.web.struts.form.KualiForm;
40  import org.kuali.rice.kns.web.struts.form.LookupForm;
41  import org.kuali.rice.kns.web.struts.form.pojo.PojoForm;
42  import org.kuali.rice.kns.web.struts.form.pojo.PojoFormBase;
43  import org.kuali.rice.krad.bo.BusinessObject;
44  import org.kuali.rice.krad.exception.AuthorizationException;
45  import org.kuali.rice.krad.service.KRADServiceLocator;
46  import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
47  import org.kuali.rice.krad.service.KualiModuleService;
48  import org.kuali.rice.krad.service.ModuleService;
49  import org.kuali.rice.krad.util.GlobalVariables;
50  import org.kuali.rice.krad.util.KRADConstants;
51  import org.kuali.rice.krad.util.KRADUtils;
52  import org.kuali.rice.krad.util.UrlFactory;
53  
54  import javax.servlet.http.HttpServletRequest;
55  import javax.servlet.http.HttpServletResponse;
56  import java.util.Arrays;
57  import java.util.Enumeration;
58  import java.util.HashMap;
59  import java.util.HashSet;
60  import java.util.Map;
61  import java.util.Properties;
62  import java.util.Set;
63  
64  /**
65   * <p>The base {@link org.apache.struts.action.Action} class for all KNS-based Actions. Extends from the standard 
66   * {@link org.apache.struts.actions.DispatchAction} which allows for a <i>methodToCall</i> request parameter to
67   * be used to indicate which method to invoke.</p>
68   * 
69   * <p>This Action overrides #execute to set methodToCall for image submits.  Also performs other setup
70   * required for KNS framework calls.</p>
71   *
72   * @author Kuali Rice Team (rice.collab@kuali.org)
73   */
74  public abstract class KualiAction extends DispatchAction {
75      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(KualiAction.class);
76  
77      private static KualiModuleService kualiModuleService = null;
78      private static BusinessObjectAuthorizationService businessObjectAuthorizationService = null;
79      private static EncryptionService encryptionService = null;
80      private static Boolean OUTPUT_ENCRYPTION_WARNING = null;
81      private static String applicationBaseUrl = null;
82      
83      private Set<String> methodToCallsToNotCheckAuthorization = new HashSet<String>();
84      
85      {
86      	methodToCallsToNotCheckAuthorization.add( "performLookup" );
87      	methodToCallsToNotCheckAuthorization.add( "performQuestion" );
88      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithInput" );
89      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithInputAgainBecauseOfErrors" );
90      	methodToCallsToNotCheckAuthorization.add( "performQuestionWithoutInput" );
91      	methodToCallsToNotCheckAuthorization.add( "performWorkgroupLookup" );
92      }
93      
94      /**
95       * Entry point to all actions.
96       *
97       * NOTE: No need to hook into execute for handling framework setup anymore. Just implement the methodToCall for the framework
98       * setup, Constants.METHOD_REQUEST_PARAMETER will contain the full parameter, which can be sub stringed for getting framework
99       * parameters.
100      *
101      * @see org.apache.struts.action.Action#execute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm,
102      *      javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
103      */
104     public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
105         ActionForward returnForward = null;
106 
107         String methodToCall = findMethodToCall(form, request);
108         
109         if(isModuleLocked(form, methodToCall, request)) {
110         	return mapping.findForward(RiceConstants.MODULE_LOCKED_MAPPING);
111         }
112         
113         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) {
114             if (StringUtils.isNotBlank(getImageContext(request, KRADConstants.ANCHOR))) {
115                 ((KualiForm) form).setAnchor(getImageContext(request, KRADConstants.ANCHOR));
116             }
117             else if (StringUtils.isNotBlank(request.getParameter(KRADConstants.ANCHOR))) {
118                 ((KualiForm) form).setAnchor(request.getParameter(KRADConstants.ANCHOR));
119             }
120             else {
121                 ((KualiForm) form).setAnchor(KRADConstants.ANCHOR_TOP_OF_FORM);
122             }
123         }
124         // if found methodToCall, pass control to that method, else return the basic forward
125         if (StringUtils.isNotBlank(methodToCall)) {
126         	if ( LOG.isDebugEnabled() ) {
127         		LOG.debug("methodToCall: '" + methodToCall+"'");
128         	}
129             returnForward = dispatchMethod(mapping, form, request, response, methodToCall);
130         }
131         else {
132             returnForward = defaultDispatch(mapping, form, request, response);
133         }
134 
135         // make sure the user can do what they're trying to according to the module that owns the functionality
136         if ( !methodToCallsToNotCheckAuthorization.contains(methodToCall) ) {
137         	if ( LOG.isDebugEnabled() ) {
138         		LOG.debug( "'" + methodToCall + "' not in set of excempt methods: " + methodToCallsToNotCheckAuthorization);
139         	}
140         	checkAuthorization(form, methodToCall);
141         } else {
142         	if ( LOG.isDebugEnabled() ) {
143         		LOG.debug("'" + methodToCall + "' is exempt from auth checks." );
144         	}
145         }
146 
147         // Add the ActionForm to GlobalVariables
148         // This will allow developers to retrieve both the Document and any request parameters that are not
149         // part of the Form and make them available in ValueFinder classes and other places where they are needed.
150         if(KNSGlobalVariables.getKualiForm() == null) {
151         	KNSGlobalVariables.setKualiForm((KualiForm)form);
152         }
153 
154         return returnForward;
155     }
156     
157     /**
158      * When no methodToCall is specified, the defaultDispatch method is invoked.  Default implementation
159      * returns the "basic" ActionForward.
160      */
161     protected ActionForward defaultDispatch(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
162     	return mapping.findForward(RiceConstants.MAPPING_BASIC);
163     }
164 
165     @Override
166     protected ActionForward dispatchMethod(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String methodToCall) throws Exception {
167         GlobalVariables.getUserSession().addObject(DocumentAuthorizerBase.USER_SESSION_METHOD_TO_CALL_OBJECT_KEY, methodToCall);
168         return super.dispatchMethod(mapping, form, request, response, methodToCall);
169     }
170     
171     protected String findMethodToCall(ActionForm form, HttpServletRequest request) throws Exception {
172         String methodToCall;
173         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) {
174             methodToCall = ((KualiForm) form).getMethodToCall();
175         }
176         else {
177             // call utility method to parse the methodToCall from the request.
178             methodToCall = WebUtils.parseMethodToCall(form, request);
179         }
180         return methodToCall;
181     }
182 
183     /**
184      * Toggles the tab state in the ui
185      *
186      * @param mapping
187      * @param form
188      * @param request
189      * @param response
190      * @return
191      * @throws Exception
192      */
193     public ActionForward toggleTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
194         KualiForm kualiForm = (KualiForm) form;
195         String tabToToggle = getTabToToggle(request);
196         if (StringUtils.isNotBlank(tabToToggle)) {
197             if (kualiForm.getTabState(tabToToggle).equals("OPEN")) {
198             	kualiForm.getTabStates().remove(tabToToggle);
199             	kualiForm.getTabStates().put(tabToToggle, "CLOSE");
200             }
201             else {
202             	kualiForm.getTabStates().remove(tabToToggle);
203             	kualiForm.getTabStates().put(tabToToggle, "OPEN");
204             }
205         }
206 
207         doProcessingAfterPost( kualiForm, request );
208         return mapping.findForward(RiceConstants.MAPPING_BASIC);
209     }
210 
211     /**
212      * Toggles all tabs to open
213      *
214      * @param mapping
215      * @param form
216      * @param request
217      * @param response
218      * @return
219      * @throws Exception
220      */
221     public ActionForward showAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
222     	return this.doTabOpenOrClose(mapping, form, request, response, true);
223     }
224 
225     /**
226      * Toggles all tabs to closed
227      *
228      * @param mapping
229      * @param form
230      * @param request
231      * @param response
232      * @return
233      * @throws Exception
234      */
235     public ActionForward hideAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
236         return this.doTabOpenOrClose(mapping, form, request, response, false);
237     }
238     
239     /**
240      * 
241      * Toggles all tabs to open of closed depending on the boolean flag.
242      * 
243      * @param mapping the mapping
244      * @param form the form
245      * @param request the request
246      * @param response the response
247      * @param open whether to open of close the tabs
248      * @return the action forward
249      */
250     private ActionForward doTabOpenOrClose(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, boolean open) {
251         KualiForm kualiForm = (KualiForm) form;
252 
253         Map<String, String> tabStates = kualiForm.getTabStates();
254         Map<String, String> newTabStates = new HashMap<String, String>();
255         for (String tabKey: tabStates.keySet()) {
256         	newTabStates.put(tabKey, open ? "OPEN" : "CLOSE");
257         }
258         kualiForm.setTabStates(newTabStates);
259         doProcessingAfterPost( kualiForm, request );
260         return mapping.findForward(RiceConstants.MAPPING_BASIC);
261     }
262 
263     /**
264      * Default refresh method. Called from returning frameworks.
265      *
266      * @param mapping
267      * @param form
268      * @param request
269      * @param response
270      * @return
271      * @throws Exception
272      */
273     public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
274         return mapping.findForward(RiceConstants.MAPPING_BASIC);
275     }
276 
277 
278     /**
279      * Parses the method to call attribute to pick off the line number which should be deleted.
280      *
281      * @param request
282      * @return
283      */
284     protected int getLineToDelete(HttpServletRequest request) {
285         return getSelectedLine(request);
286     }
287 
288     /**
289      * Parses the method to call attribute to pick off the line number which should have an action performed on it.
290      *
291      * @param request
292      * @return
293      */
294     protected int getSelectedLine(HttpServletRequest request) {
295         int selectedLine = -1;
296         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
297         if (StringUtils.isNotBlank(parameterName)) {
298             String lineNumber = StringUtils.substringBetween(parameterName, ".line", ".");
299             if (StringUtils.isEmpty(lineNumber)) {
300                 return selectedLine;
301             }
302             selectedLine = Integer.parseInt(lineNumber);
303         }
304 
305         return selectedLine;
306     }
307 
308     /**
309      * Determines which tab was requested to be toggled
310      *
311      * @param request
312      * @return
313      */
314     protected String getTabToToggle(HttpServletRequest request) {
315         String tabToToggle = "";
316         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
317         if (StringUtils.isNotBlank(parameterName)) {
318             tabToToggle = StringUtils.substringBetween(parameterName, ".tab", ".");
319         }
320 
321         return tabToToggle;
322     }
323 
324     /**
325      * Retrieves the header tab to navigate to.
326      *
327      * @param request
328      * @return
329      */
330     protected String getHeaderTabNavigateTo(HttpServletRequest request) {
331         String headerTabNavigateTo = RiceConstants.MAPPING_BASIC;
332         String imageContext = getImageContext(request, KRADConstants.NAVIGATE_TO);
333         if (StringUtils.isNotBlank(imageContext)) {
334             headerTabNavigateTo = imageContext;
335         }
336         return headerTabNavigateTo;
337     }
338 
339     /**
340      * Retrieves the header tab dispatch.
341      *
342      * @param request
343      * @return
344      */
345     protected String getHeaderTabDispatch(HttpServletRequest request) {
346         String headerTabDispatch = null;
347         String imageContext = getImageContext(request, KRADConstants.HEADER_DISPATCH);
348         if (StringUtils.isNotBlank(imageContext)) {
349             headerTabDispatch = imageContext;
350         }
351         else {
352             // In some cases it might be in request params instead
353             headerTabDispatch = request.getParameter(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
354         }
355         return headerTabDispatch;
356     }
357 
358     /**
359      * Retrieves the image context
360      *
361      * @param request
362      * @param contextKey
363      * @return
364      */
365     protected String getImageContext(HttpServletRequest request, String contextKey) {
366         String imageContext = "";
367         String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
368         if (StringUtils.isBlank(parameterName)) {
369             parameterName = request.getParameter("methodToCallPath");
370         }
371         if (StringUtils.isNotBlank(parameterName)) {
372             imageContext = StringUtils.substringBetween(parameterName, contextKey, ".");
373         }
374         return imageContext;
375     }
376 
377     protected String getReturnLocation(HttpServletRequest request, ActionMapping mapping) {
378     	String mappingPath = mapping.getPath();
379     	String basePath = getApplicationBaseUrl();
380         return basePath + ("/lookup".equals(mappingPath) || "/maintenance".equals(mappingPath) || "/multipleValueLookup".equals(mappingPath) ? "/kr" : "") + mappingPath + ".do";
381     }
382 
383     /**
384      * Retrieves the value of a parameter to be passed into the lookup or inquiry frameworks.  The default implementation of this method will attempt to look
385      * in the request to determine wheter the appropriate value exists as a request parameter.  If not, it will attempt to look through the form object to find
386      * the property.
387      * 
388      * @param boClass a class implementing boClass, representing the BO that will be looked up
389      * @param parameterName the name of the parameter
390      * @param parameterValuePropertyName the property (relative to the form object) where the value to be passed into the lookup/inquiry may be found
391      * @param form
392      * @param request
393      * @return
394      */
395     protected String retrieveLookupParameterValue(Class<? extends BusinessObject> boClass, String parameterName, String parameterValuePropertyName, ActionForm form, HttpServletRequest request) throws Exception {
396     	String value;
397     	if (StringUtils.contains(parameterValuePropertyName, "'")) {
398     		value = StringUtils.replace(parameterValuePropertyName, "'", "");
399     	} else if (request.getParameterMap().containsKey(parameterValuePropertyName)) {
400     		value = request.getParameter(parameterValuePropertyName);
401     	} else if (request.getParameterMap().containsKey(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName)) {
402             value = request.getParameter(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName);
403         } else {
404     		if (form instanceof KualiForm) {
405     			value = ((KualiForm) form).retrieveFormValueForLookupInquiryParameters(parameterName, parameterValuePropertyName);
406     		} else {
407 	    		if (LOG.isDebugEnabled()) {
408 	    			LOG.debug("Unable to retrieve lookup/inquiry parameter value for parameter name " + parameterName + " parameter value property " + parameterValuePropertyName);
409 	    		}
410 	    		value = null;
411     		}
412     	}
413     	
414     	if (value != null && boClass != null && getBusinessObjectAuthorizationService().attributeValueNeedsToBeEncryptedOnFormsAndLinks(boClass, parameterName)) {
415     		value = getEncryptionService().encrypt(value) + EncryptionService.ENCRYPTION_POST_PREFIX;
416     	}
417     	return value;
418     }
419     
420     /**
421      * Takes care of storing the action form in the User session and forwarding to the lookup action.
422      *
423      * @param mapping
424      * @param form
425      * @param request
426      * @param response
427      * @return
428      * @throws Exception
429      */
430     @SuppressWarnings("unchecked")
431 	public ActionForward performLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
432         // parse out the important strings from our methodToCall parameter
433         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
434         validateLookupInquiryFullParameter(request, form, fullParameter);
435         
436         KualiForm kualiForm = (KualiForm) form;
437         
438         // when we return from the lookup, our next request's method to call is going to be refresh
439         kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER);
440         
441         // parse out the baseLookupUrl if there is one
442         String baseLookupUrl = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM14_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM14_RIGHT_DEL);
443         
444         // parse out business object class name for lookup
445         String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL);
446         if (StringUtils.isBlank(boClassName)) {
447             throw new RuntimeException("Illegal call to perform lookup, no business object class name specified.");
448         }
449         Class boClass = null;
450 
451         //no point in even trying if the lookup is for a class on a remote application
452 		if ((StringUtils.isNotEmpty(baseLookupUrl)
453                   && baseLookupUrl.startsWith(getApplicationBaseUrl() + "/kr/"))
454                 || StringUtils.isEmpty(baseLookupUrl)) {
455             try{
456                 boClass = Class.forName(boClassName);
457             } catch(ClassNotFoundException cnfex){
458                 throw new IllegalArgumentException("The classname (" + boClassName + ") does not represent a valid class which this application understands.");
459             }
460         }
461 		
462         // build the parameters for the lookup url
463         Properties parameters = new Properties();
464         String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL);
465         if (StringUtils.isNotBlank(conversionFields)) {
466             parameters.put(KRADConstants.CONVERSION_FIELDS_PARAMETER, conversionFields);
467             
468             // register each of the destination parameters of the field conversion string as editable
469             String[] fieldConversions = conversionFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
470             for (String fieldConversion : fieldConversions) {
471             	String destination = fieldConversion.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2)[1];
472             	kualiForm.registerEditableProperty(destination);
473             }
474         }
475 
476         // pass values from form that should be pre-populated on lookup search
477         String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
478         if ( LOG.isDebugEnabled() ) {
479             LOG.debug( "fullParameter: " + fullParameter );
480             LOG.debug( "parameterFields: " + parameterFields );
481         }
482         if (StringUtils.isNotBlank(parameterFields)) {
483             String[] lookupParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
484             if ( LOG.isDebugEnabled() ) {
485             	 LOG.debug( "lookupParams: " + Arrays.toString(lookupParams) ); 
486             }
487             for (String lookupParam : lookupParams) {
488                 String[] keyValue = lookupParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
489                 if (keyValue.length != 2) {
490 					throw new RuntimeException("malformed field conversion pair: " + Arrays.toString(keyValue));
491 				} 
492 
493                 String lookupParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request);
494                 if (StringUtils.isNotBlank(lookupParameterValue)) {
495                 	parameters.put(keyValue[1], lookupParameterValue);
496                 }
497 
498                 if ( LOG.isDebugEnabled() ) {
499                     LOG.debug( "keyValue[0]: " + keyValue[0] );
500                     LOG.debug( "keyValue[1]: " + keyValue[1] );
501                 }
502             }
503         }
504 
505         // pass values from form that should be read-Only on lookup search
506         String readOnlyFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM8_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM8_RIGHT_DEL);
507         if (StringUtils.isNotBlank(readOnlyFields)) {
508             parameters.put(KRADConstants.LOOKUP_READ_ONLY_FIELDS, readOnlyFields);
509         }
510 
511         if ( LOG.isDebugEnabled() ) {
512             LOG.debug( "fullParameter: " + fullParameter );
513             LOG.debug( "readOnlyFields: " + readOnlyFields );
514         }
515 
516         // grab whether or not the "return value" link should be hidden or not
517         String hideReturnLink = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM3_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM3_RIGHT_DEL);
518         if (StringUtils.isNotBlank(hideReturnLink)) {
519             parameters.put(KRADConstants.HIDE_LOOKUP_RETURN_LINK, hideReturnLink);
520         }
521 
522         // add the optional extra button source and parameters string
523         String extraButtonSource = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM4_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM4_RIGHT_DEL);
524         if (StringUtils.isNotBlank(extraButtonSource)) {
525             parameters.put(KRADConstants.EXTRA_BUTTON_SOURCE, extraButtonSource);
526         }
527         String extraButtonParams = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM5_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM5_RIGHT_DEL);
528         if (StringUtils.isNotBlank(extraButtonParams)) {
529             parameters.put(KRADConstants.EXTRA_BUTTON_PARAMS, extraButtonParams);
530         }
531 
532         String lookupAction = KRADConstants.LOOKUP_ACTION;
533 
534         // is this a multi-value return?
535         boolean isMultipleValue = false;
536         String multipleValues = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM6_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM6_RIGHT_DEL);
537         if ((new Boolean(multipleValues).booleanValue())) {
538             parameters.put(KRADConstants.MULTIPLE_VALUE, multipleValues);
539             lookupAction = KRADConstants.MULTIPLE_VALUE_LOOKUP_ACTION;
540             isMultipleValue = true;
541         }
542 
543         // the name of the collection being looked up (primarily for multivalue lookups
544         String lookedUpCollectionName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM11_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM11_RIGHT_DEL);
545         if (StringUtils.isNotBlank(lookedUpCollectionName)) {
546             parameters.put(KRADConstants.LOOKED_UP_COLLECTION_NAME, lookedUpCollectionName);
547         }
548 
549         // grab whether or not the "supress actions" column should be hidden or not
550         String supressActions = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM7_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM7_RIGHT_DEL);
551         if (StringUtils.isNotBlank(supressActions)) {
552             parameters.put(KRADConstants.SUPPRESS_ACTIONS, supressActions);
553         }
554 
555         // grab the references that should be refreshed upon returning from the lookup
556         String referencesToRefresh = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM10_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM10_RIGHT_DEL);
557         if (StringUtils.isNotBlank(referencesToRefresh)) {
558             parameters.put(KRADConstants.REFERENCES_TO_REFRESH, referencesToRefresh);
559         }
560 
561         // anchor, if it exists
562         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) {
563             parameters.put(KRADConstants.LOOKUP_ANCHOR, ((KualiForm) form).getAnchor());
564         }
565 
566         // now add required parameters
567         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
568 
569         // pass value from form that shows if autoSearch is desired for lookup search
570         String autoSearch = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM9_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM9_RIGHT_DEL);
571 
572         if (StringUtils.isNotBlank(autoSearch)) {
573             parameters.put(KRADConstants.LOOKUP_AUTO_SEARCH, autoSearch);
574             if ("YES".equalsIgnoreCase(autoSearch)){
575                 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "search");
576             }
577         }
578 
579         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
580         parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName);
581 
582         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
583         
584     	if (form instanceof KualiDocumentFormBase) {
585     		String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
586 			if(docNum != null){
587 				parameters.put(KRADConstants.DOC_NUM, docNum);
588 			}
589 		}else if(form instanceof LookupForm){
590 			String docNum = ((LookupForm) form).getDocNum();
591 			if(docNum != null){
592 				parameters.put(KRADConstants.DOC_NUM, ((LookupForm) form).getDocNum());
593 			}
594     	}
595 
596     	if (boClass != null) {
597     		ModuleService responsibleModuleService = getKualiModuleService().getResponsibleModuleService(boClass);
598     		if(responsibleModuleService!=null && responsibleModuleService.isExternalizable(boClass)){
599     			Map<String, String> parameterMap = new HashMap<String, String>();
600     			Enumeration<Object> e = parameters.keys();
601     			while (e.hasMoreElements()) {
602     				String paramName = (String) e.nextElement();
603     				parameterMap.put(paramName, parameters.getProperty(paramName));
604     			}
605     			return new ActionForward(responsibleModuleService.getExternalizableBusinessObjectLookupUrl(boClass, parameterMap), true);
606     		}
607     	}
608 		
609     	if (StringUtils.isBlank(baseLookupUrl)) {
610     		baseLookupUrl = getApplicationBaseUrl() + "/kr/" + lookupAction;
611     	} else {
612     		if (isMultipleValue) {
613     			LookupUtils.transformLookupUrlToMultiple(baseLookupUrl);
614     		}
615     	}
616     	String lookupUrl = UrlFactory.parameterizeUrl(baseLookupUrl, parameters);
617         return new ActionForward(lookupUrl, true);
618     }
619 
620     protected void validateLookupInquiryFullParameter(HttpServletRequest request, ActionForm form, String fullParameter){
621     	PojoFormBase pojoFormBase = (PojoFormBase) form;
622         if(WebUtils.isFormSessionDocument((PojoFormBase) form)){
623         	if(!pojoFormBase.isPropertyEditable(fullParameter)) {
624         		throw new RuntimeException("The methodToCallAttribute is not registered as an editable property.");
625         	}
626         }
627     }
628     
629     @SuppressWarnings("unchecked")
630 	public ActionForward performInquiry(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
631         // parse out the important strings from our methodToCall parameter
632         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
633         validateLookupInquiryFullParameter(request, form, fullParameter);
634         
635         // when javascript is disabled, the inquiry will appear in the same window as the document.  when we close the inquiry, 
636         // our next request's method to call is going to be refresh
637         KualiForm kualiForm = (KualiForm) form;
638         kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER);
639         
640         // parse out business object class name for lookup
641         String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL);
642         if (StringUtils.isBlank(boClassName)) {
643             throw new RuntimeException("Illegal call to perform inquiry, no business object class name specified.");
644         }
645 
646         // build the parameters for the inquiry url
647         Properties parameters = new Properties();
648         parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName);
649 
650         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
651 
652         // pass values from form that should be pre-populated on inquiry
653         String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
654         if ( LOG.isDebugEnabled() ) {
655             LOG.debug( "fullParameter: " + fullParameter );
656             LOG.debug( "parameterFields: " + parameterFields );
657         }
658         if (StringUtils.isNotBlank(parameterFields)) {
659             // TODO : create a method for this to be used by both lookup & inquiry ?
660             String[] inquiryParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
661             if ( LOG.isDebugEnabled() ) {
662                 LOG.debug( "inquiryParams: " + inquiryParams );
663             }
664             Class<? extends BusinessObject> boClass = (Class<? extends BusinessObject>) Class.forName(boClassName);
665             for (String inquiryParam : inquiryParams) {
666                 String[] keyValue = inquiryParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
667 
668                 String inquiryParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request);
669                 if (inquiryParameterValue == null) {
670                 	parameters.put(keyValue[1], "directInquiryKeyNotSpecified");
671                 }
672                 else {
673                 	parameters.put(keyValue[1], inquiryParameterValue);
674                 }
675 
676                 if ( LOG.isDebugEnabled() ) {
677                     LOG.debug( "keyValue[0]: " + keyValue[0] );
678                     LOG.debug( "keyValue[1]: " + keyValue[1] );
679                 }
680             }
681         }
682         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
683         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
684         String inquiryUrl = null;
685         try {
686         	Class.forName(boClassName);
687         	inquiryUrl = getApplicationBaseUrl() + "/kr/" + KRADConstants.DIRECT_INQUIRY_ACTION;
688         } catch ( ClassNotFoundException ex ) {
689             // allow inquiry url to be null (and therefore no inquiry link will be displayed) but at least log a warning
690         	LOG.warn("Class name does not represent a valid class which this application understands: " + boClassName);
691         }
692         inquiryUrl = UrlFactory.parameterizeUrl(inquiryUrl, parameters);
693         return new ActionForward(inquiryUrl, true);
694 
695     }
696 
697     /**
698      * This method handles rendering the question component, but without any of the extra error fields
699      *
700      * @param mapping
701      * @param form
702      * @param request
703      * @param response
704      * @param questionId
705      * @param questionText
706      * @param questionType
707      * @param caller
708      * @param context
709      * @return ActionForward
710      * @throws Exception
711      */
712     protected ActionForward performQuestionWithoutInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception {
713         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, false, "", "", "", "");
714     }
715 
716     /**
717      * Handles rendering a question prompt - without a specified context.
718      *
719      * @param mapping
720      * @param form
721      * @param request
722      * @param response
723      * @param questionId
724      * @param questionText
725      * @param questionType
726      * @param caller
727      * @param context
728      * @return ActionForward
729      * @throws Exception
730      */
731     protected ActionForward performQuestionWithInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception {
732         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, "", "", "", "");
733     }
734 
735     /**
736      * Handles re-rendering a question prompt because of an error on what was submitted.
737      *
738      * @param mapping
739      * @param form
740      * @param request
741      * @param response
742      * @param questionId
743      * @param questionText
744      * @param questionType
745      * @param caller
746      * @param context
747      * @param reason
748      * @param errorKey
749      * @param errorPropertyName
750      * @param errorParameter
751      * @return ActionForward
752      * @throws Exception
753      */
754     protected ActionForward performQuestionWithInputAgainBecauseOfErrors(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception {
755         return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, reason, errorKey, errorPropertyName, errorParameter);
756     }
757 
758     /**
759      * Handles rendering a question prompt - with a specified context.
760      *
761      * @param mapping
762      * @param form
763      * @param request
764      * @param response
765      * @param questionId
766      * @param questionText
767      * @param questionType
768      * @param caller
769      * @param context
770      * @param showReasonField
771      * @param reason
772      * @param errorKey
773      * @param errorPropertyName
774      * @param errorParameter
775      * @return ActionForward
776      * @throws Exception
777      */
778     private ActionForward performQuestion(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, boolean showReasonField, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception {
779         Properties parameters = new Properties();
780 
781         parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start");
782         parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
783         parameters.put(KRADConstants.CALLING_METHOD, caller);
784         parameters.put(KRADConstants.QUESTION_INST_ATTRIBUTE_NAME, questionId);
785         parameters.put(KRADConstants.QUESTION_IMPL_ATTRIBUTE_NAME, questionType);
786         parameters.put(KRADConstants.QUESTION_TEXT_ATTRIBUTE_NAME, questionText);
787         parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping));
788         parameters.put(KRADConstants.QUESTION_CONTEXT, context);
789         parameters.put(KRADConstants.QUESTION_SHOW_REASON_FIELD, Boolean.toString(showReasonField));
790         parameters.put(KRADConstants.QUESTION_REASON_ATTRIBUTE_NAME, reason);
791         parameters.put(KRADConstants.QUESTION_ERROR_KEY, errorKey);
792         parameters.put(KRADConstants.QUESTION_ERROR_PROPERTY_NAME, errorPropertyName);
793         parameters.put(KRADConstants.QUESTION_ERROR_PARAMETER, errorParameter);
794         parameters.put(KRADConstants.QUESTION_ANCHOR, form instanceof KualiForm ? ObjectUtils.toString(((KualiForm) form).getAnchor()) : "");
795         Object methodToCallAttribute = request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
796         if (methodToCallAttribute != null) {
797             parameters.put(KRADConstants.METHOD_TO_CALL_PATH, methodToCallAttribute);
798             ((PojoForm) form).registerEditableProperty(String.valueOf(methodToCallAttribute));
799         }
800         
801     	if (form instanceof KualiDocumentFormBase) {
802     		String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
803     		if(docNum != null){
804     			parameters.put(KRADConstants.DOC_NUM, ((KualiDocumentFormBase) form)
805 					.getDocument().getDocumentNumber());
806     		}
807 		}
808 
809         String questionUrl = UrlFactory.parameterizeUrl(getApplicationBaseUrl() + "/kr/" + KRADConstants.QUESTION_ACTION, parameters);
810         return new ActionForward(questionUrl, true);
811     }
812 
813 
814     /**
815      * Takes care of storing the action form in the User session and forwarding to the workflow workgroup lookup action.
816      *
817      * @param mapping
818      * @param form
819      * @param request
820      * @param response
821      * @return
822      * @throws Exception
823      */
824     public ActionForward performWorkgroupLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
825     	String returnUrl = null;
826     	if ("/kr".equals(mapping.getModuleConfig().getPrefix())) {
827     		returnUrl = getApplicationBaseUrl() + mapping.getModuleConfig().getPrefix() + mapping.getPath() + ".do";
828     	} else {
829     		returnUrl = getApplicationBaseUrl() + mapping.getPath() + ".do";
830     	}
831 
832 
833         String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
834         String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL);
835 
836         String deploymentBaseUrl = KRADServiceLocator.getKualiConfigurationService().getPropertyValueAsString(
837                 KRADConstants.WORKFLOW_URL_KEY);
838         String workgroupLookupUrl = deploymentBaseUrl + "/Lookup.do?lookupableImplServiceName=WorkGroupLookupableImplService&methodToCall=start&docFormKey=" + GlobalVariables.getUserSession().addObjectWithGeneratedKey(form);
839 
840         if (conversionFields != null) {
841             workgroupLookupUrl += "&conversionFields=" + conversionFields;
842         }
843     	if (form instanceof KualiDocumentFormBase) {
844 			workgroupLookupUrl +="&docNum="+ ((KualiDocumentFormBase) form).getDocument().getDocumentNumber();
845 		}
846     	
847         workgroupLookupUrl += "&returnLocation=" + returnUrl;
848 
849         return new ActionForward(workgroupLookupUrl, true);
850     }
851 
852     /**
853      * Handles requests that originate via Header Tabs.
854      *
855      * @param mapping
856      * @param form
857      * @param request
858      * @param response
859      * @return
860      * @throws Exception
861      */
862     public ActionForward headerTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
863         // header tab actions can do two things - 1, call into an action and perform what needs to happen in there and 2, forward to
864         // a new location.
865         String headerTabDispatch = getHeaderTabDispatch(request);
866         if (StringUtils.isNotEmpty(headerTabDispatch)) {
867             ActionForward forward = dispatchMethod(mapping, form, request, response, headerTabDispatch);
868             if (GlobalVariables.getMessageMap().getNumberOfPropertiesWithErrors() > 0) {
869                 return mapping.findForward(RiceConstants.MAPPING_BASIC);
870             }
871             this.doTabOpenOrClose(mapping, form, request, response, false);
872             if (forward.getRedirect()) {
873                 return forward;
874             }
875         }
876         return dispatchMethod(mapping, form, request, response, getHeaderTabNavigateTo(request));
877     }
878 
879     /**
880      * Override this method to provide action-level access controls to the application.
881      *
882      * @param form
883      * @throws AuthorizationException
884      */
885     protected void checkAuthorization( ActionForm form, String methodToCall) throws AuthorizationException 
886     {
887     	String principalId = GlobalVariables.getUserSession().getPrincipalId();
888     	Map<String, String> roleQualifier = new HashMap<String, String>(getRoleQualification(form, methodToCall));
889     	Map<String, String> permissionDetails = KRADUtils.getNamespaceAndActionClass(this.getClass());
890     	
891         if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId,
892                 KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails,
893                 roleQualifier))
894         {
895             throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(), 
896             		methodToCall,
897             		this.getClass().getSimpleName());
898         }
899     }
900     
901     /** 
902      * override this method to add data from the form for role qualification in the authorization check
903      */
904     protected Map<String,String> getRoleQualification(ActionForm form, String methodToCall) {
905     	return new HashMap<String,String>();
906     }
907 
908     protected static KualiModuleService getKualiModuleService() {
909         if ( kualiModuleService == null ) {
910             kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService();
911         }
912         return kualiModuleService;
913     }
914 
915     /**
916      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
917      * <p>Value is textAreaFieldName
918      */
919     public static final String TEXT_AREA_FIELD_NAME="textAreaFieldName";
920     /**
921      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
922      * <p>Value is textAreaFieldLabel
923     */
924     public static final String TEXT_AREA_FIELD_LABEL="textAreaFieldLabel";
925     /**
926      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
927      * <p>Value is textAreaReadOnly
928     */
929     public static final String TEXT_AREA_READ_ONLY="textAreaReadOnly";
930     /**
931      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
932      * <p>Value is textAreaFieldAnchor
933     */
934     public static final String TEXT_AREA_FIELD_ANCHOR="textAreaFieldAnchor";
935     /**
936      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
937      * <p>Value is textAreaFieldAnchor
938     */
939     public static final String TEXT_AREA_MAX_LENGTH="textAreaMaxLength";
940     /**
941      * Constant defined to match with TextArea.jsp and updateTextArea function in core.js
942      * <p>Value is htmlFormAction
943     */
944     public static final String FORM_ACTION="htmlFormAction";
945     /**
946      * Constant defined to match input parameter from URL and from TextArea.jsp.
947      * <p>Value is methodToCall
948     */
949     public static final String METHOD_TO_CALL="methodToCall";
950     /**
951      * Constant defined to match with global forwarding in struts-config.xml
952      * for Text Area Update.
953      * <p>Value is updateTextArea
954     */
955     public static final String FORWARD_TEXT_AREA_UPDATE="updateTextArea";
956     /**
957      * Constant defined to match with method to call in TextArea.jsp.
958      * <p>Value is postTextAreaToParent
959     */
960     public static final String POST_TEXT_AREA_TO_PARENT="postTextAreaToParent";
961     /**
962      * Constant defined to match with local forwarding in struts-config.xml
963      * for the parent of the Updated Text Area.
964      * <p>Value is forwardNext
965     */
966     public static final String FORWARD_NEXT="forwardNext";
967 
968     /**
969      * This method is invoked when Java Script is turned off from the web browser. It
970      * setup the information that the update text area requires for copying current text
971      * in the calling page text area and returning to the calling page. The information
972      * is passed to the JSP through Http Request attributes. All other parameters are
973      * forwarded 
974      *  
975      * @param mapping
976      * @param form
977      * @param request
978      * @param response
979      * @return
980      */
981     public ActionForward updateTextArea(ActionMapping mapping,
982             ActionForm form,
983             HttpServletRequest request,
984             HttpServletResponse response)  {
985         if (LOG.isTraceEnabled()) {
986             String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(),
987                     request.getRequestURI());
988             LOG.trace(lm);
989         }
990                                 
991         final String[] keyValue = getTextAreaParams(request);
992         
993         request.setAttribute(TEXT_AREA_FIELD_NAME, keyValue[0]);
994         request.setAttribute(FORM_ACTION,keyValue[1]);
995         request.setAttribute(TEXT_AREA_FIELD_LABEL,keyValue[2]);
996         request.setAttribute(TEXT_AREA_READ_ONLY,keyValue[3]);
997         request.setAttribute(TEXT_AREA_MAX_LENGTH,keyValue[4]);
998         if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) {
999             request.setAttribute(TEXT_AREA_FIELD_ANCHOR,((KualiForm) form).getAnchor());
1000         }
1001         
1002         // Set document related parameter
1003         String docWebScope=(String)request.getAttribute(KRADConstants.DOCUMENT_WEB_SCOPE);
1004         if (docWebScope != null && docWebScope.trim().length() >= 0) {
1005             request.setAttribute(KRADConstants.DOCUMENT_WEB_SCOPE, docWebScope);
1006         }
1007 
1008         request.setAttribute(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form));
1009         
1010         ActionForward forward=mapping.findForward(FORWARD_TEXT_AREA_UPDATE);
1011 
1012         if (LOG.isTraceEnabled()) {
1013             String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath());
1014             LOG.trace(lm);
1015         }
1016                         
1017         return forward;
1018     }
1019     
1020     /**
1021      * This method takes the {@link org.kuali.rice.krad.util.KRADConstants.METHOD_TO_CALL_ATTRIBUTE} out of the request
1022      * and parses it returning the required fields needed for a text area. The fields returned
1023      * are the following in this order.
1024      * <ol>
1025      * <li>{@link #TEXT_AREA_FIELD_NAME}</li>
1026      * <li>{@link #FORM_ACTION}</li>
1027      * <li>{@link #TEXT_AREA_FIELD_LABEL}</li>
1028      * <li>{@link #TEXT_AREA_READ_ONLY}</li>
1029      * <li>{@link #TEXT_AREA_MAX_LENGTH}</li>
1030      * </ol>
1031      * 
1032      * @param request the request to retrieve the textarea parameters
1033      * @return a string array holding the parsed fields
1034      */
1035     private String[] getTextAreaParams(HttpServletRequest request) {
1036         // parse out the important strings from our methodToCall parameter
1037         String fullParameter = (String) request.getAttribute(
1038                 KRADConstants.METHOD_TO_CALL_ATTRIBUTE);
1039 
1040         // parse textfieldname:htmlformaction
1041         String parameterFields = StringUtils.substringBetween(fullParameter,
1042                 KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL,
1043                 KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL);
1044         if ( LOG.isDebugEnabled() ) {
1045             LOG.debug( "fullParameter: " + fullParameter );
1046             LOG.debug( "parameterFields: " + parameterFields );
1047         }
1048         String[] keyValue = null;
1049         if (StringUtils.isNotBlank(parameterFields)) {
1050             String[] textAreaParams = parameterFields.split(
1051                     KRADConstants.FIELD_CONVERSIONS_SEPARATOR);
1052             if ( LOG.isDebugEnabled() ) {
1053                 LOG.debug( "lookupParams: " + textAreaParams );
1054             }
1055             for (final String textAreaParam : textAreaParams) {
1056                 keyValue = textAreaParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2);
1057 
1058                 if ( LOG.isDebugEnabled() ) {
1059                     LOG.debug( "keyValue[0]: " + keyValue[0] );
1060                     LOG.debug( "keyValue[1]: " + keyValue[1] );
1061                     LOG.debug( "keyValue[2]: " + keyValue[2] );
1062                     LOG.debug( "keyValue[3]: " + keyValue[3] );
1063                     LOG.debug( "keyValue[4]: " + keyValue[4] );
1064                 }
1065             }
1066         }
1067         
1068         return keyValue;
1069     }
1070     
1071     /**
1072      * This method is invoked from the TextArea.jsp for posting its value to the parent
1073      * page that called the extended text area page. The invocation is done through
1074      * Struts action. The default forwarding id is RiceContants.MAPPING_BASIC. This
1075      * can be overridden using the parameter key FORWARD_NEXT.
1076      * 
1077      * @param mapping
1078      * @param form
1079      * @param request
1080      * @param response
1081      * @return
1082      */
1083     public ActionForward postTextAreaToParent(ActionMapping mapping,
1084             ActionForm form,
1085             HttpServletRequest request,
1086             HttpServletResponse response) {
1087         
1088         if (LOG.isTraceEnabled()) {
1089             String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(),
1090                     request.getRequestURI());
1091             LOG.trace(lm);
1092         }
1093                         
1094         String forwardingId=request.getParameter(FORWARD_NEXT);
1095         if (forwardingId == null) {
1096             forwardingId=RiceConstants.MAPPING_BASIC;
1097         }
1098         ActionForward forward=mapping.findForward(forwardingId);
1099              
1100         if (LOG.isTraceEnabled()) {
1101             String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath());
1102             LOG.trace(lm);
1103         }
1104                         
1105         return forward;
1106     }
1107     
1108     /**
1109      * Use to add a methodToCall to the a list which will not have authorization checks.
1110      * This assumes that the call will be redirected (as in the case of a lookup) that will perform
1111      * the authorization.
1112      */
1113     protected final void addMethodToCallToUncheckedList( String methodToCall ) {
1114     	methodToCallsToNotCheckAuthorization.add(methodToCall);
1115     }
1116     
1117     /**
1118      * This method does all special processing on a document that should happen on each HTTP post (ie, save, route, approve, etc).
1119      */
1120     protected void doProcessingAfterPost( KualiForm form, HttpServletRequest request ) {
1121     	
1122     }
1123     
1124     protected BusinessObjectAuthorizationService getBusinessObjectAuthorizationService() {
1125     	if (businessObjectAuthorizationService == null) {
1126     		businessObjectAuthorizationService = KNSServiceLocator.getBusinessObjectAuthorizationService();
1127     	}
1128     	return businessObjectAuthorizationService;
1129     }
1130     
1131     protected EncryptionService getEncryptionService() {
1132     	if (encryptionService == null) {
1133     		encryptionService = CoreApiServiceLocator.getEncryptionService();
1134     	}
1135     	return encryptionService;
1136     }
1137 
1138 	public static String getApplicationBaseUrl() {
1139 		if ( applicationBaseUrl == null ) {
1140 			applicationBaseUrl = KRADServiceLocator.getKualiConfigurationService().getPropertyValueAsString(
1141                     KRADConstants.APPLICATION_URL_KEY);
1142 		}
1143 		return applicationBaseUrl;
1144 	}
1145 	
1146 	protected boolean isModuleLocked(ActionForm form, String methodToCall, HttpServletRequest request) {
1147 		String boClass = request.getParameter(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE);
1148 		ModuleService moduleService = null;
1149 		if(StringUtils.isNotBlank(boClass)) {
1150 			try {
1151 				moduleService = getKualiModuleService().getResponsibleModuleService(Class.forName(boClass));
1152 			} catch (ClassNotFoundException classNotFoundException) {
1153 				LOG.warn("BO class not found: " + boClass, classNotFoundException);
1154 			}
1155 		} else {
1156 			moduleService = getKualiModuleService().getResponsibleModuleService(this.getClass());
1157 		}
1158 		if(moduleService != null && moduleService.isLocked()) {
1159 			String principalId = GlobalVariables.getUserSession().getPrincipalId();
1160 			String namespaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE;
1161 			String permissionName = KimConstants.PermissionNames.ACCESS_LOCKED_MODULE;
1162 			Map<String, String> qualification = getRoleQualification(form, methodToCall);
1163 			if(!KimApiServiceLocator.getPermissionService().isAuthorized(principalId, namespaceCode, permissionName, qualification)) {
1164 				ParameterService parameterSerivce = CoreFrameworkServiceLocator.getParameterService();
1165 				String messageParamNamespaceCode = moduleService.getModuleConfiguration().getNamespaceCode();
1166 				String messageParamComponentCode = KRADConstants.DetailTypes.ALL_DETAIL_TYPE;
1167 				String messageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_MESSAGE_PARM;
1168 				String lockoutMessage = parameterSerivce.getParameterValueAsString(messageParamNamespaceCode, messageParamComponentCode, messageParamName);
1169 				
1170 				if(StringUtils.isBlank(lockoutMessage)) {
1171 					String defaultMessageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_DEFAULT_MESSAGE;
1172 					lockoutMessage = parameterSerivce.getParameterValueAsString(KRADConstants.KNS_NAMESPACE, messageParamComponentCode, defaultMessageParamName);
1173 				}
1174 				request.setAttribute(KRADConstants.MODULE_LOCKED_MESSAGE_REQUEST_PARAMETER, lockoutMessage);
1175 				return true;
1176 			}
1177 		}
1178 		return false;
1179 	}
1180 }