001/** 002 * Copyright 2005-2015 The Kuali Foundation 003 * 004 * Licensed under the Educational Community License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.opensource.org/licenses/ecl2.php 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.kuali.rice.kns.web.struts.action; 017 018import org.apache.commons.lang.ObjectUtils; 019import org.apache.commons.lang.StringUtils; 020import org.apache.struts.action.ActionForm; 021import org.apache.struts.action.ActionForward; 022import org.apache.struts.action.ActionMapping; 023import org.apache.struts.actions.DispatchAction; 024import org.kuali.rice.coreservice.framework.CoreFrameworkServiceLocator; 025import org.kuali.rice.coreservice.framework.parameter.ParameterService; 026import org.kuali.rice.core.api.CoreApiServiceLocator; 027import org.kuali.rice.core.api.encryption.EncryptionService; 028import org.kuali.rice.core.api.util.RiceConstants; 029import org.kuali.rice.kew.api.KewApiConstants; 030import org.kuali.rice.kim.api.KimConstants; 031import org.kuali.rice.kim.api.services.KimApiServiceLocator; 032import org.kuali.rice.kns.document.authorization.DocumentAuthorizerBase; 033import org.kuali.rice.kns.lookup.LookupUtils; 034import org.kuali.rice.kns.service.BusinessObjectAuthorizationService; 035import org.kuali.rice.kns.service.KNSServiceLocator; 036import org.kuali.rice.kns.util.KNSGlobalVariables; 037import org.kuali.rice.kns.util.WebUtils; 038import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase; 039import org.kuali.rice.kns.web.struts.form.KualiForm; 040import org.kuali.rice.kns.web.struts.form.LookupForm; 041import org.kuali.rice.kns.web.struts.form.pojo.PojoForm; 042import org.kuali.rice.kns.web.struts.form.pojo.PojoFormBase; 043import org.kuali.rice.krad.bo.BusinessObject; 044import org.kuali.rice.krad.exception.AuthorizationException; 045import org.kuali.rice.krad.service.KRADServiceLocatorWeb; 046import org.kuali.rice.krad.service.KualiModuleService; 047import org.kuali.rice.krad.service.ModuleService; 048import org.kuali.rice.krad.util.GlobalVariables; 049import org.kuali.rice.krad.util.KRADConstants; 050import org.kuali.rice.krad.util.KRADUtils; 051import org.kuali.rice.krad.util.UrlFactory; 052 053import javax.servlet.http.HttpServletRequest; 054import javax.servlet.http.HttpServletResponse; 055import java.util.Arrays; 056import java.util.Enumeration; 057import java.util.HashMap; 058import java.util.HashSet; 059import java.util.Map; 060import java.util.Properties; 061import java.util.Set; 062 063/** 064 * <p>The base {@link org.apache.struts.action.Action} class for all KNS-based Actions. Extends from the standard 065 * {@link org.apache.struts.actions.DispatchAction} which allows for a <i>methodToCall</i> request parameter to 066 * be used to indicate which method to invoke.</p> 067 * 068 * <p>This Action overrides #execute to set methodToCall for image submits. Also performs other setup 069 * required for KNS framework calls.</p> 070 * 071 * @author Kuali Rice Team (rice.collab@kuali.org) 072 * 073 * @deprecated KNS Struts deprecated, use KRAD and the Spring MVC framework. 074 */ 075@Deprecated 076public abstract class KualiAction extends DispatchAction { 077 private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(KualiAction.class); 078 079 private static KualiModuleService kualiModuleService = null; 080 private static BusinessObjectAuthorizationService businessObjectAuthorizationService = null; 081 private static EncryptionService encryptionService = null; 082 private static Boolean OUTPUT_ENCRYPTION_WARNING = null; 083 private static String applicationBaseUrl = null; 084 085 private Set<String> methodToCallsToNotCheckAuthorization = new HashSet<String>(); 086 087 { 088 methodToCallsToNotCheckAuthorization.add( "performLookup" ); 089 methodToCallsToNotCheckAuthorization.add( "performQuestion" ); 090 methodToCallsToNotCheckAuthorization.add( "performQuestionWithInput" ); 091 methodToCallsToNotCheckAuthorization.add( "performQuestionWithInputAgainBecauseOfErrors" ); 092 methodToCallsToNotCheckAuthorization.add( "performQuestionWithoutInput" ); 093 methodToCallsToNotCheckAuthorization.add( "performWorkgroupLookup" ); 094 } 095 096 /** 097 * Entry point to all actions. 098 * 099 * NOTE: No need to hook into execute for handling framework setup anymore. Just implement the methodToCall for the framework 100 * setup, Constants.METHOD_REQUEST_PARAMETER will contain the full parameter, which can be sub stringed for getting framework 101 * parameters. 102 * 103 * @see org.apache.struts.action.Action#execute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, 104 * javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) 105 */ 106 public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 107 ActionForward returnForward = null; 108 109 String methodToCall = findMethodToCall(form, request); 110 111 if(isModuleLocked(form, methodToCall, request)) { 112 return mapping.findForward(RiceConstants.MODULE_LOCKED_MAPPING); 113 } 114 115 if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) { 116 if (StringUtils.isNotBlank(getImageContext(request, KRADConstants.ANCHOR))) { 117 ((KualiForm) form).setAnchor(getImageContext(request, KRADConstants.ANCHOR)); 118 } 119 else if (StringUtils.isNotBlank(request.getParameter(KRADConstants.ANCHOR))) { 120 ((KualiForm) form).setAnchor(request.getParameter(KRADConstants.ANCHOR)); 121 } 122 else { 123 ((KualiForm) form).setAnchor(KRADConstants.ANCHOR_TOP_OF_FORM); 124 } 125 } 126 // if found methodToCall, pass control to that method, else return the basic forward 127 if (StringUtils.isNotBlank(methodToCall)) { 128 if ( LOG.isDebugEnabled() ) { 129 LOG.debug("methodToCall: '" + methodToCall+"'"); 130 } 131 returnForward = dispatchMethod(mapping, form, request, response, methodToCall); 132 if ( returnForward!=null && returnForward.getRedirect() && returnForward.getName()!=null && returnForward.getName().equals(KRADConstants.KRAD_INITIATED_DOCUMENT_VIEW_NAME)) { 133 return returnForward; 134 } 135 } 136 else { 137 returnForward = defaultDispatch(mapping, form, request, response); 138 } 139 140 // make sure the user can do what they're trying to according to the module that owns the functionality 141 if ( !methodToCallsToNotCheckAuthorization.contains(methodToCall) ) { 142 if ( LOG.isDebugEnabled() ) { 143 LOG.debug( "'" + methodToCall + "' not in set of excempt methods: " + methodToCallsToNotCheckAuthorization); 144 } 145 checkAuthorization(form, methodToCall); 146 } else { 147 if ( LOG.isDebugEnabled() ) { 148 LOG.debug("'" + methodToCall + "' is exempt from auth checks." ); 149 } 150 } 151 152 // Add the ActionForm to GlobalVariables 153 // This will allow developers to retrieve both the Document and any request parameters that are not 154 // part of the Form and make them available in ValueFinder classes and other places where they are needed. 155 if(KNSGlobalVariables.getKualiForm() == null) { 156 KNSGlobalVariables.setKualiForm((KualiForm)form); 157 } 158 159 return returnForward; 160 } 161 162 /** 163 * When no methodToCall is specified, the defaultDispatch method is invoked. Default implementation 164 * returns the "basic" ActionForward. 165 */ 166 protected ActionForward defaultDispatch(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 167 return mapping.findForward(RiceConstants.MAPPING_BASIC); 168 } 169 170 @Override 171 protected ActionForward dispatchMethod(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String methodToCall) throws Exception { 172 GlobalVariables.getUserSession().addObject(DocumentAuthorizerBase.USER_SESSION_METHOD_TO_CALL_OBJECT_KEY, methodToCall); 173 return super.dispatchMethod(mapping, form, request, response, methodToCall); 174 } 175 176 protected String findMethodToCall(ActionForm form, HttpServletRequest request) throws Exception { 177 String methodToCall; 178 if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getMethodToCall())) { 179 methodToCall = ((KualiForm) form).getMethodToCall(); 180 } 181 else { 182 // call utility method to parse the methodToCall from the request. 183 methodToCall = WebUtils.parseMethodToCall(form, request); 184 } 185 return methodToCall; 186 } 187 188 /** 189 * Toggles the tab state in the ui 190 * 191 * @param mapping 192 * @param form 193 * @param request 194 * @param response 195 * @return 196 * @throws Exception 197 */ 198 public ActionForward toggleTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 199 KualiForm kualiForm = (KualiForm) form; 200 String tabToToggle = getTabToToggle(request); 201 if (StringUtils.isNotBlank(tabToToggle)) { 202 if (kualiForm.getTabState(tabToToggle).equals(KualiForm.TabState.OPEN.name())) { 203 kualiForm.getTabStates().remove(tabToToggle); 204 kualiForm.getTabStates().put(tabToToggle, KualiForm.TabState.CLOSE.name()); 205 } 206 else { 207 kualiForm.getTabStates().remove(tabToToggle); 208 kualiForm.getTabStates().put(tabToToggle, KualiForm.TabState.OPEN.name()); 209 } 210 } 211 212 doProcessingAfterPost( kualiForm, request ); 213 return mapping.findForward(RiceConstants.MAPPING_BASIC); 214 } 215 216 /** 217 * Toggles all tabs to open 218 * 219 * @param mapping 220 * @param form 221 * @param request 222 * @param response 223 * @return 224 * @throws Exception 225 */ 226 public ActionForward showAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 227 return this.doTabOpenOrClose(mapping, form, request, response, true); 228 } 229 230 /** 231 * Toggles all tabs to closed 232 * 233 * @param mapping 234 * @param form 235 * @param request 236 * @param response 237 * @return 238 * @throws Exception 239 */ 240 public ActionForward hideAllTabs(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 241 return this.doTabOpenOrClose(mapping, form, request, response, false); 242 } 243 244 /** 245 * 246 * Toggles all tabs to open of closed depending on the boolean flag. 247 * 248 * @param mapping the mapping 249 * @param form the form 250 * @param request the request 251 * @param response the response 252 * @param open whether to open of close the tabs 253 * @return the action forward 254 */ 255 private ActionForward doTabOpenOrClose(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, boolean open) { 256 KualiForm kualiForm = (KualiForm) form; 257 258 Map<String, String> tabStates = kualiForm.getTabStates(); 259 Map<String, String> newTabStates = new HashMap<String, String>(); 260 for (String tabKey: tabStates.keySet()) { 261 newTabStates.put(tabKey, open ? "OPEN" : "CLOSE"); 262 } 263 kualiForm.setTabStates(newTabStates); 264 doProcessingAfterPost( kualiForm, request ); 265 return mapping.findForward(RiceConstants.MAPPING_BASIC); 266 } 267 268 /** 269 * Default refresh method. Called from returning frameworks. 270 * 271 * @param mapping 272 * @param form 273 * @param request 274 * @param response 275 * @return 276 * @throws Exception 277 */ 278 public ActionForward refresh(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 279 return mapping.findForward(RiceConstants.MAPPING_BASIC); 280 } 281 282 283 /** 284 * Parses the method to call attribute to pick off the line number which should be deleted. 285 * 286 * @param request 287 * @return 288 */ 289 protected int getLineToDelete(HttpServletRequest request) { 290 return getSelectedLine(request); 291 } 292 293 /** 294 * Parses the method to call attribute to pick off the line number which should be edited. 295 * 296 * @param request 297 * @return 298 */ 299 protected int getLineToEdit(HttpServletRequest request) { 300 return getSelectedLine(request); 301 } 302 303 /** 304 * Parses the method to call attribute to pick off the line number which should have an action performed on it. 305 * 306 * @param request 307 * @return 308 */ 309 protected int getSelectedLine(HttpServletRequest request) { 310 int selectedLine = -1; 311 String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 312 if (StringUtils.isNotBlank(parameterName)) { 313 String lineNumber = StringUtils.substringBetween(parameterName, ".line", "."); 314 if (StringUtils.isEmpty(lineNumber)) { 315 return selectedLine; 316 } 317 selectedLine = Integer.parseInt(lineNumber); 318 } 319 320 return selectedLine; 321 } 322 323 /** 324 * Determines which tab was requested to be toggled 325 * 326 * @param request 327 * @return 328 */ 329 protected String getTabToToggle(HttpServletRequest request) { 330 String tabToToggle = ""; 331 String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 332 if (StringUtils.isNotBlank(parameterName)) { 333 tabToToggle = StringUtils.substringBetween(parameterName, ".tab", "."); 334 } 335 336 return tabToToggle; 337 } 338 339 /** 340 * Retrieves the header tab to navigate to. 341 * 342 * @param request 343 * @return 344 */ 345 protected String getHeaderTabNavigateTo(HttpServletRequest request) { 346 String headerTabNavigateTo = RiceConstants.MAPPING_BASIC; 347 String imageContext = getImageContext(request, KRADConstants.NAVIGATE_TO); 348 if (StringUtils.isNotBlank(imageContext)) { 349 headerTabNavigateTo = imageContext; 350 } 351 return headerTabNavigateTo; 352 } 353 354 /** 355 * Retrieves the header tab dispatch. 356 * 357 * @param request 358 * @return 359 */ 360 protected String getHeaderTabDispatch(HttpServletRequest request) { 361 String headerTabDispatch = null; 362 String imageContext = getImageContext(request, KRADConstants.HEADER_DISPATCH); 363 if (StringUtils.isNotBlank(imageContext)) { 364 headerTabDispatch = imageContext; 365 } 366 else { 367 // In some cases it might be in request params instead 368 headerTabDispatch = request.getParameter(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 369 } 370 return headerTabDispatch; 371 } 372 373 /** 374 * Retrieves the image context 375 * 376 * @param request 377 * @param contextKey 378 * @return 379 */ 380 protected String getImageContext(HttpServletRequest request, String contextKey) { 381 String imageContext = ""; 382 String parameterName = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 383 if (StringUtils.isBlank(parameterName)) { 384 parameterName = request.getParameter("methodToCallPath"); 385 } 386 if (StringUtils.isNotBlank(parameterName)) { 387 imageContext = StringUtils.substringBetween(parameterName, contextKey, "."); 388 } 389 return imageContext; 390 } 391 392 protected String getReturnLocation(HttpServletRequest request, ActionMapping mapping) { 393 String mappingPath = mapping.getPath(); 394 String basePath = getApplicationBaseUrl(); 395 return basePath + ("/lookup".equals(mappingPath) || "/maintenance".equals(mappingPath) || "/multipleValueLookup".equals(mappingPath) ? "/kr" : "") + mappingPath + ".do"; 396 } 397 398 /** 399 * Retrieves the value of a parameter to be passed into the lookup or inquiry frameworks. The default implementation of this method will attempt to look 400 * in the request to determine wheter the appropriate value exists as a request parameter. If not, it will attempt to look through the form object to find 401 * the property. 402 * 403 * @param boClass a class implementing boClass, representing the BO that will be looked up 404 * @param parameterName the name of the parameter 405 * @param parameterValuePropertyName the property (relative to the form object) where the value to be passed into the lookup/inquiry may be found 406 * @param form 407 * @param request 408 * @return 409 */ 410 protected String retrieveLookupParameterValue(Class<? extends BusinessObject> boClass, String parameterName, String parameterValuePropertyName, ActionForm form, HttpServletRequest request) throws Exception { 411 String value; 412 if (StringUtils.contains(parameterValuePropertyName, "'")) { 413 value = StringUtils.replace(parameterValuePropertyName, "'", ""); 414 } else if (request.getParameterMap().containsKey(parameterValuePropertyName)) { 415 value = request.getParameter(parameterValuePropertyName); 416 } else if (request.getParameterMap().containsKey(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName)) { 417 value = request.getParameter(KewApiConstants.DOCUMENT_ATTRIBUTE_FIELD_PREFIX + parameterValuePropertyName); 418 } else { 419 if (form instanceof KualiForm) { 420 value = ((KualiForm) form).retrieveFormValueForLookupInquiryParameters(parameterName, parameterValuePropertyName); 421 } else { 422 if (LOG.isDebugEnabled()) { 423 LOG.debug("Unable to retrieve lookup/inquiry parameter value for parameter name " + parameterName + " parameter value property " + parameterValuePropertyName); 424 } 425 value = null; 426 } 427 } 428 429 if (value != null && boClass != null && getBusinessObjectAuthorizationService().attributeValueNeedsToBeEncryptedOnFormsAndLinks(boClass, parameterName)) { 430 LOG.warn("field name " + parameterName + " is a secure value and not returned in parameter result value"); 431 value = null; 432 } 433 return value; 434 } 435 436 /** 437 * Takes care of storing the action form in the User session and forwarding to the lookup action. 438 * 439 * @param mapping 440 * @param form 441 * @param request 442 * @param response 443 * @return 444 * @throws Exception 445 */ 446 @SuppressWarnings("unchecked") 447 public ActionForward performLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 448 // parse out the important strings from our methodToCall parameter 449 String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 450 validateLookupInquiryFullParameter(request, form, fullParameter); 451 452 KualiForm kualiForm = (KualiForm) form; 453 454 // when we return from the lookup, our next request's method to call is going to be refresh 455 kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER); 456 457 // parse out the baseLookupUrl if there is one 458 String baseLookupUrl = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM14_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM14_RIGHT_DEL); 459 460 // parse out business object class name for lookup 461 String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL); 462 if (StringUtils.isBlank(boClassName)) { 463 throw new RuntimeException("Illegal call to perform lookup, no business object class name specified."); 464 } 465 Class boClass = null; 466 467 try{ 468 boClass = Class.forName(boClassName); 469 } catch(ClassNotFoundException cnfex){ 470 if ((StringUtils.isNotEmpty(baseLookupUrl) && baseLookupUrl.startsWith(getApplicationBaseUrl() + "/kr/")) 471 || StringUtils.isEmpty(baseLookupUrl)) { 472 throw new IllegalArgumentException("The class (" + boClassName + ") cannot be found by this particular " 473 + "application. " + "ApplicationBaseUrl: " + getApplicationBaseUrl() 474 + " ; baseLookupUrl: " + baseLookupUrl); 475 } else { 476 LOG.info("The class (" + boClassName + ") cannot be found by this particular application. " 477 + "ApplicationBaseUrl: " + getApplicationBaseUrl() + " ; baseLookupUrl: " + baseLookupUrl); 478 } 479 } 480 481 // build the parameters for the lookup url 482 Properties parameters = new Properties(); 483 String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL); 484 if (StringUtils.isNotBlank(conversionFields)) { 485 parameters.put(KRADConstants.CONVERSION_FIELDS_PARAMETER, conversionFields); 486 487 // register each of the destination parameters of the field conversion string as editable 488 String[] fieldConversions = conversionFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR); 489 for (String fieldConversion : fieldConversions) { 490 String destination = fieldConversion.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2)[1]; 491 kualiForm.registerEditableProperty(destination); 492 } 493 } 494 495 // pass values from form that should be pre-populated on lookup search 496 String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL); 497 if ( LOG.isDebugEnabled() ) { 498 LOG.debug( "fullParameter: " + fullParameter ); 499 LOG.debug( "parameterFields: " + parameterFields ); 500 } 501 if (StringUtils.isNotBlank(parameterFields)) { 502 String[] lookupParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR); 503 if ( LOG.isDebugEnabled() ) { 504 LOG.debug( "lookupParams: " + Arrays.toString(lookupParams) ); 505 } 506 for (String lookupParam : lookupParams) { 507 String[] keyValue = lookupParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2); 508 if (keyValue.length != 2) { 509 throw new RuntimeException("malformed field conversion pair: " + Arrays.toString(keyValue)); 510 } 511 512 String lookupParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request); 513 if (StringUtils.isNotBlank(lookupParameterValue)) { 514 parameters.put(keyValue[1], lookupParameterValue); 515 } 516 517 if ( LOG.isDebugEnabled() ) { 518 LOG.debug( "keyValue[0]: " + keyValue[0] ); 519 LOG.debug( "keyValue[1]: " + keyValue[1] ); 520 } 521 } 522 } 523 524 // pass values from form that should be read-Only on lookup search 525 String readOnlyFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM8_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM8_RIGHT_DEL); 526 if (StringUtils.isNotBlank(readOnlyFields)) { 527 parameters.put(KRADConstants.LOOKUP_READ_ONLY_FIELDS, readOnlyFields); 528 } 529 530 if ( LOG.isDebugEnabled() ) { 531 LOG.debug( "fullParameter: " + fullParameter ); 532 LOG.debug( "readOnlyFields: " + readOnlyFields ); 533 } 534 535 // grab whether or not the "return value" link should be hidden or not 536 String hideReturnLink = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM3_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM3_RIGHT_DEL); 537 if (StringUtils.isNotBlank(hideReturnLink)) { 538 parameters.put(KRADConstants.HIDE_LOOKUP_RETURN_LINK, hideReturnLink); 539 } 540 541 // add the optional extra button source and parameters string 542 String extraButtonSource = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM4_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM4_RIGHT_DEL); 543 if (StringUtils.isNotBlank(extraButtonSource)) { 544 parameters.put(KRADConstants.EXTRA_BUTTON_SOURCE, extraButtonSource); 545 } 546 String extraButtonParams = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM5_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM5_RIGHT_DEL); 547 if (StringUtils.isNotBlank(extraButtonParams)) { 548 parameters.put(KRADConstants.EXTRA_BUTTON_PARAMS, extraButtonParams); 549 } 550 551 String lookupAction = KRADConstants.LOOKUP_ACTION; 552 553 // is this a multi-value return? 554 boolean isMultipleValue = false; 555 String multipleValues = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM6_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM6_RIGHT_DEL); 556 if ((new Boolean(multipleValues).booleanValue())) { 557 parameters.put(KRADConstants.MULTIPLE_VALUE, multipleValues); 558 lookupAction = KRADConstants.MULTIPLE_VALUE_LOOKUP_ACTION; 559 isMultipleValue = true; 560 } 561 562 // the name of the collection being looked up (primarily for multivalue lookups 563 String lookedUpCollectionName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM11_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM11_RIGHT_DEL); 564 if (StringUtils.isNotBlank(lookedUpCollectionName)) { 565 parameters.put(KRADConstants.LOOKED_UP_COLLECTION_NAME, lookedUpCollectionName); 566 } 567 568 // grab whether or not the "suppress actions" column should be hidden or not 569 String suppressActions = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM7_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM7_RIGHT_DEL); 570 if (StringUtils.isNotBlank(suppressActions)) { 571 parameters.put(KRADConstants.SUPPRESS_ACTIONS, suppressActions); 572 } 573 574 // grab the references that should be refreshed upon returning from the lookup 575 String referencesToRefresh = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM10_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM10_RIGHT_DEL); 576 if (StringUtils.isNotBlank(referencesToRefresh)) { 577 parameters.put(KRADConstants.REFERENCES_TO_REFRESH, referencesToRefresh); 578 } 579 580 // anchor, if it exists 581 if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) { 582 parameters.put(KRADConstants.LOOKUP_ANCHOR, ((KualiForm) form).getAnchor()); 583 } 584 585 // now add required parameters 586 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start"); 587 588 // pass value from form that shows if autoSearch is desired for lookup search 589 String autoSearch = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM9_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM9_RIGHT_DEL); 590 591 if (StringUtils.isNotBlank(autoSearch)) { 592 parameters.put(KRADConstants.LOOKUP_AUTO_SEARCH, autoSearch); 593 if ("YES".equalsIgnoreCase(autoSearch)){ 594 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "search"); 595 } 596 } 597 598 parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form)); 599 parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName); 600 601 parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping)); 602 603 if (form instanceof KualiDocumentFormBase) { 604 String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber(); 605 if(docNum != null){ 606 parameters.put(KRADConstants.DOC_NUM, docNum); 607 } 608 }else if(form instanceof LookupForm){ 609 String docNum = ((LookupForm) form).getDocNum(); 610 if(docNum != null){ 611 parameters.put(KRADConstants.DOC_NUM, ((LookupForm) form).getDocNum()); 612 } 613 } 614 615 if (boClass != null) { 616 ModuleService responsibleModuleService = getKualiModuleService().getResponsibleModuleService(boClass); 617 if(responsibleModuleService!=null && responsibleModuleService.isExternalizable(boClass)){ 618 Map<String, String> parameterMap = new HashMap<String, String>(); 619 Enumeration<Object> e = parameters.keys(); 620 while (e.hasMoreElements()) { 621 String paramName = (String) e.nextElement(); 622 parameterMap.put(paramName, parameters.getProperty(paramName)); 623 } 624 return new ActionForward(responsibleModuleService.getExternalizableBusinessObjectLookupUrl(boClass, parameterMap), true); 625 } 626 } 627 628 if (StringUtils.isBlank(baseLookupUrl)) { 629 baseLookupUrl = getApplicationBaseUrl() + "/kr/" + lookupAction; 630 } else { 631 if (isMultipleValue) { 632 LookupUtils.transformLookupUrlToMultiple(baseLookupUrl); 633 } 634 } 635 String lookupUrl = UrlFactory.parameterizeUrl(baseLookupUrl, parameters); 636 return new ActionForward(lookupUrl, true); 637 } 638 639 protected void validateLookupInquiryFullParameter(HttpServletRequest request, ActionForm form, String fullParameter){ 640 PojoFormBase pojoFormBase = (PojoFormBase) form; 641 if(WebUtils.isFormSessionDocument((PojoFormBase) form)){ 642 if(!pojoFormBase.isPropertyEditable(fullParameter)) { 643 throw new RuntimeException("The methodToCallAttribute is not registered as an editable property."); 644 } 645 } 646 } 647 648 @SuppressWarnings("unchecked") 649 public ActionForward performInquiry(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 650 // parse out the important strings from our methodToCall parameter 651 String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 652 validateLookupInquiryFullParameter(request, form, fullParameter); 653 654 // when javascript is disabled, the inquiry will appear in the same window as the document. when we close the inquiry, 655 // our next request's method to call is going to be refresh 656 KualiForm kualiForm = (KualiForm) form; 657 kualiForm.registerEditableProperty(KRADConstants.DISPATCH_REQUEST_PARAMETER); 658 659 // parse out business object class name for lookup 660 String boClassName = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_BOPARM_LEFT_DEL, KRADConstants.METHOD_TO_CALL_BOPARM_RIGHT_DEL); 661 if (StringUtils.isBlank(boClassName)) { 662 throw new RuntimeException("Illegal call to perform inquiry, no business object class name specified."); 663 } 664 665 // build the parameters for the inquiry url 666 Properties parameters = new Properties(); 667 parameters.put(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE, boClassName); 668 669 parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping)); 670 671 // pass values from form that should be pre-populated on inquiry 672 String parameterFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL); 673 if ( LOG.isDebugEnabled() ) { 674 LOG.debug( "fullParameter: " + fullParameter ); 675 LOG.debug( "parameterFields: " + parameterFields ); 676 } 677 if (StringUtils.isNotBlank(parameterFields)) { 678 // TODO : create a method for this to be used by both lookup & inquiry ? 679 String[] inquiryParams = parameterFields.split(KRADConstants.FIELD_CONVERSIONS_SEPARATOR); 680 if ( LOG.isDebugEnabled() ) { 681 LOG.debug( "inquiryParams: " + inquiryParams ); 682 } 683 Class<? extends BusinessObject> boClass = (Class<? extends BusinessObject>) Class.forName(boClassName); 684 for (String inquiryParam : inquiryParams) { 685 String[] keyValue = inquiryParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2); 686 687 String inquiryParameterValue = retrieveLookupParameterValue(boClass, keyValue[1], keyValue[0], form, request); 688 if (inquiryParameterValue == null) { 689 parameters.put(keyValue[1], "directInquiryKeyNotSpecified"); 690 } 691 else { 692 parameters.put(keyValue[1], inquiryParameterValue); 693 } 694 695 if ( LOG.isDebugEnabled() ) { 696 LOG.debug( "keyValue[0]: " + keyValue[0] ); 697 LOG.debug( "keyValue[1]: " + keyValue[1] ); 698 } 699 } 700 } 701 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start"); 702 parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form)); 703 String inquiryUrl = null; 704 try { 705 Class.forName(boClassName); 706 inquiryUrl = getApplicationBaseUrl() + "/kr/" + KRADConstants.DIRECT_INQUIRY_ACTION; 707 } catch ( ClassNotFoundException ex ) { 708 // allow inquiry url to be null (and therefore no inquiry link will be displayed) but at least log a warning 709 LOG.warn("Class name does not represent a valid class which this application understands: " + boClassName); 710 } 711 inquiryUrl = UrlFactory.parameterizeUrl(inquiryUrl, parameters); 712 return new ActionForward(inquiryUrl, true); 713 714 } 715 716 /** 717 * This method handles rendering the question component, but without any of the extra error fields 718 * 719 * @param mapping 720 * @param form 721 * @param request 722 * @param response 723 * @param questionId 724 * @param questionText 725 * @param questionType 726 * @param caller 727 * @param context 728 * @return ActionForward 729 * @throws Exception 730 */ 731 protected ActionForward performQuestionWithoutInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception { 732 return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, false, "", "", "", ""); 733 } 734 735 /** 736 * Handles rendering a question prompt - without a specified context. 737 * 738 * @param mapping 739 * @param form 740 * @param request 741 * @param response 742 * @param questionId 743 * @param questionText 744 * @param questionType 745 * @param caller 746 * @param context 747 * @return ActionForward 748 * @throws Exception 749 */ 750 protected ActionForward performQuestionWithInput(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context) throws Exception { 751 return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, "", "", "", ""); 752 } 753 754 /** 755 * Handles re-rendering a question prompt because of an error on what was submitted. 756 * 757 * @param mapping 758 * @param form 759 * @param request 760 * @param response 761 * @param questionId 762 * @param questionText 763 * @param questionType 764 * @param caller 765 * @param context 766 * @param reason 767 * @param errorKey 768 * @param errorPropertyName 769 * @param errorParameter 770 * @return ActionForward 771 * @throws Exception 772 */ 773 protected ActionForward performQuestionWithInputAgainBecauseOfErrors(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception { 774 return performQuestion(mapping, form, request, response, questionId, questionText, questionType, caller, context, true, reason, errorKey, errorPropertyName, errorParameter); 775 } 776 777 /** 778 * Handles rendering a question prompt - with a specified context. 779 * 780 * @param mapping 781 * @param form 782 * @param request 783 * @param response 784 * @param questionId 785 * @param questionText 786 * @param questionType 787 * @param caller 788 * @param context 789 * @param showReasonField 790 * @param reason 791 * @param errorKey 792 * @param errorPropertyName 793 * @param errorParameter 794 * @return ActionForward 795 * @throws Exception 796 */ 797 private ActionForward performQuestion(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response, String questionId, String questionText, String questionType, String caller, String context, boolean showReasonField, String reason, String errorKey, String errorPropertyName, String errorParameter) throws Exception { 798 Properties parameters = new Properties(); 799 800 parameters.put(KRADConstants.DISPATCH_REQUEST_PARAMETER, "start"); 801 parameters.put(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form)); 802 parameters.put(KRADConstants.CALLING_METHOD, caller); 803 parameters.put(KRADConstants.QUESTION_INST_ATTRIBUTE_NAME, questionId); 804 parameters.put(KRADConstants.QUESTION_IMPL_ATTRIBUTE_NAME, questionType); 805 //parameters.put(KRADConstants.QUESTION_TEXT_ATTRIBUTE_NAME, questionText); 806 parameters.put(KRADConstants.RETURN_LOCATION_PARAMETER, getReturnLocation(request, mapping)); 807 parameters.put(KRADConstants.QUESTION_CONTEXT, context); 808 parameters.put(KRADConstants.QUESTION_SHOW_REASON_FIELD, Boolean.toString(showReasonField)); 809 parameters.put(KRADConstants.QUESTION_REASON_ATTRIBUTE_NAME, reason); 810 parameters.put(KRADConstants.QUESTION_ERROR_KEY, errorKey); 811 parameters.put(KRADConstants.QUESTION_ERROR_PROPERTY_NAME, errorPropertyName); 812 parameters.put(KRADConstants.QUESTION_ERROR_PARAMETER, errorParameter); 813 parameters.put(KRADConstants.QUESTION_ANCHOR, form instanceof KualiForm ? ObjectUtils.toString(((KualiForm) form).getAnchor()) : ""); 814 Object methodToCallAttribute = request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 815 if (methodToCallAttribute != null) { 816 parameters.put(KRADConstants.METHOD_TO_CALL_PATH, methodToCallAttribute); 817 ((PojoForm) form).registerEditableProperty(String.valueOf(methodToCallAttribute)); 818 } 819 820 if (form instanceof KualiDocumentFormBase) { 821 String docNum = ((KualiDocumentFormBase) form).getDocument().getDocumentNumber(); 822 if(docNum != null){ 823 parameters.put(KRADConstants.DOC_NUM, ((KualiDocumentFormBase) form) 824 .getDocument().getDocumentNumber()); 825 } 826 } 827 828 // KULRICE-8077: PO Quote Limitation of Only 9 Vendors 829 String questionTextAttributeName = KRADConstants.QUESTION_TEXT_ATTRIBUTE_NAME + questionId; 830 GlobalVariables.getUserSession().addObject(questionTextAttributeName, (Object)questionText); 831 832 String questionUrl = UrlFactory.parameterizeUrl(getApplicationBaseUrl() + "/kr/" + KRADConstants.QUESTION_ACTION, parameters); 833 return new ActionForward(questionUrl, true); 834 } 835 836 837 /** 838 * Takes care of storing the action form in the User session and forwarding to the workflow workgroup lookup action. 839 * 840 * @param mapping 841 * @param form 842 * @param request 843 * @param response 844 * @return 845 * @throws Exception 846 */ 847 public ActionForward performWorkgroupLookup(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 848 String returnUrl = null; 849 if ("/kr".equals(mapping.getModuleConfig().getPrefix())) { 850 returnUrl = getApplicationBaseUrl() + mapping.getModuleConfig().getPrefix() + mapping.getPath() + ".do"; 851 } else { 852 returnUrl = getApplicationBaseUrl() + mapping.getPath() + ".do"; 853 } 854 855 856 String fullParameter = (String) request.getAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 857 String conversionFields = StringUtils.substringBetween(fullParameter, KRADConstants.METHOD_TO_CALL_PARM1_LEFT_DEL, KRADConstants.METHOD_TO_CALL_PARM1_RIGHT_DEL); 858 859 String deploymentBaseUrl = CoreApiServiceLocator.getKualiConfigurationService().getPropertyValueAsString( 860 KRADConstants.WORKFLOW_URL_KEY); 861 String workgroupLookupUrl = deploymentBaseUrl + "/Lookup.do?lookupableImplServiceName=WorkGroupLookupableImplService&methodToCall=start&docFormKey=" + GlobalVariables.getUserSession().addObjectWithGeneratedKey(form); 862 863 if (conversionFields != null) { 864 workgroupLookupUrl += "&conversionFields=" + conversionFields; 865 } 866 if (form instanceof KualiDocumentFormBase) { 867 workgroupLookupUrl +="&docNum="+ ((KualiDocumentFormBase) form).getDocument().getDocumentNumber(); 868 } 869 870 workgroupLookupUrl += "&returnLocation=" + returnUrl; 871 872 return new ActionForward(workgroupLookupUrl, true); 873 } 874 875 /** 876 * Handles requests that originate via Header Tabs. 877 * 878 * @param mapping 879 * @param form 880 * @param request 881 * @param response 882 * @return 883 * @throws Exception 884 */ 885 public ActionForward headerTab(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { 886 // header tab actions can do two things - 1, call into an action and perform what needs to happen in there and 2, forward to 887 // a new location. 888 String headerTabDispatch = getHeaderTabDispatch(request); 889 if (StringUtils.isNotEmpty(headerTabDispatch)) { 890 ActionForward forward = dispatchMethod(mapping, form, request, response, headerTabDispatch); 891 if (GlobalVariables.getMessageMap().getNumberOfPropertiesWithErrors() > 0) { 892 return mapping.findForward(RiceConstants.MAPPING_BASIC); 893 } 894 this.doTabOpenOrClose(mapping, form, request, response, false); 895 if (forward.getRedirect()) { 896 return forward; 897 } 898 } 899 return dispatchMethod(mapping, form, request, response, getHeaderTabNavigateTo(request)); 900 } 901 902 /** 903 * Override this method to provide action-level access controls to the application. 904 * 905 * @param form 906 * @throws AuthorizationException 907 */ 908 protected void checkAuthorization( ActionForm form, String methodToCall) throws AuthorizationException 909 { 910 String principalId = GlobalVariables.getUserSession().getPrincipalId(); 911 Map<String, String> roleQualifier = new HashMap<String, String>(getRoleQualification(form, methodToCall)); 912 Map<String, String> permissionDetails = KRADUtils.getNamespaceAndActionClass(this.getClass()); 913 914 if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId, 915 KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails, 916 roleQualifier)) 917 { 918 throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(), 919 methodToCall, 920 this.getClass().getSimpleName()); 921 } 922 } 923 924 /** 925 * override this method to add data from the form for role qualification in the authorization check 926 */ 927 protected Map<String,String> getRoleQualification(ActionForm form, String methodToCall) { 928 return new HashMap<String,String>(); 929 } 930 931 protected static KualiModuleService getKualiModuleService() { 932 if ( kualiModuleService == null ) { 933 kualiModuleService = KRADServiceLocatorWeb.getKualiModuleService(); 934 } 935 return kualiModuleService; 936 } 937 938 /** 939 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 940 * <p>Value is textAreaFieldName 941 */ 942 public static final String TEXT_AREA_FIELD_NAME="textAreaFieldName"; 943 /** 944 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 945 * <p>Value is textAreaFieldLabel 946 */ 947 public static final String TEXT_AREA_FIELD_LABEL="textAreaFieldLabel"; 948 /** 949 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 950 * <p>Value is textAreaReadOnly 951 */ 952 public static final String TEXT_AREA_READ_ONLY="textAreaReadOnly"; 953 /** 954 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 955 * <p>Value is textAreaFieldAnchor 956 */ 957 public static final String TEXT_AREA_FIELD_ANCHOR="textAreaFieldAnchor"; 958 /** 959 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 960 * <p>Value is textAreaFieldAnchor 961 */ 962 public static final String TEXT_AREA_MAX_LENGTH="textAreaMaxLength"; 963 /** 964 * Constant defined to match with TextArea.jsp and updateTextArea function in core.js 965 * <p>Value is htmlFormAction 966 */ 967 public static final String FORM_ACTION="htmlFormAction"; 968 /** 969 * Constant defined to match input parameter from URL and from TextArea.jsp. 970 * <p>Value is methodToCall 971 */ 972 public static final String METHOD_TO_CALL="methodToCall"; 973 /** 974 * Constant defined to match with global forwarding in struts-config.xml 975 * for Text Area Update. 976 * <p>Value is updateTextArea 977 */ 978 public static final String FORWARD_TEXT_AREA_UPDATE="updateTextArea"; 979 /** 980 * Constant defined to match with method to call in TextArea.jsp. 981 * <p>Value is postTextAreaToParent 982 */ 983 public static final String POST_TEXT_AREA_TO_PARENT="postTextAreaToParent"; 984 /** 985 * Constant defined to match with local forwarding in struts-config.xml 986 * for the parent of the Updated Text Area. 987 * <p>Value is forwardNext 988 */ 989 public static final String FORWARD_NEXT="forwardNext"; 990 991 /** 992 * This method is invoked when Java Script is turned off from the web browser. It 993 * setup the information that the update text area requires for copying current text 994 * in the calling page text area and returning to the calling page. The information 995 * is passed to the JSP through Http Request attributes. All other parameters are 996 * forwarded 997 * 998 * @param mapping 999 * @param form 1000 * @param request 1001 * @param response 1002 * @return 1003 */ 1004 public ActionForward updateTextArea(ActionMapping mapping, 1005 ActionForm form, 1006 HttpServletRequest request, 1007 HttpServletResponse response) { 1008 if (LOG.isTraceEnabled()) { 1009 String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(), 1010 request.getRequestURI()); 1011 LOG.trace(lm); 1012 } 1013 1014 final String[] keyValue = getTextAreaParams(request); 1015 1016 request.setAttribute(TEXT_AREA_FIELD_NAME, keyValue[0]); 1017 request.setAttribute(FORM_ACTION,keyValue[1]); 1018 request.setAttribute(TEXT_AREA_FIELD_LABEL,keyValue[2]); 1019 request.setAttribute(TEXT_AREA_READ_ONLY,keyValue[3]); 1020 request.setAttribute(TEXT_AREA_MAX_LENGTH,keyValue[4]); 1021 if (form instanceof KualiForm && StringUtils.isNotEmpty(((KualiForm) form).getAnchor())) { 1022 request.setAttribute(TEXT_AREA_FIELD_ANCHOR,((KualiForm) form).getAnchor()); 1023 } 1024 1025 // Set document related parameter 1026 String docWebScope=(String)request.getAttribute(KRADConstants.DOCUMENT_WEB_SCOPE); 1027 if (docWebScope != null && docWebScope.trim().length() >= 0) { 1028 request.setAttribute(KRADConstants.DOCUMENT_WEB_SCOPE, docWebScope); 1029 } 1030 1031 request.setAttribute(KRADConstants.DOC_FORM_KEY, GlobalVariables.getUserSession().addObjectWithGeneratedKey(form)); 1032 1033 ActionForward forward=mapping.findForward(FORWARD_TEXT_AREA_UPDATE); 1034 1035 if (LOG.isTraceEnabled()) { 1036 String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath()); 1037 LOG.trace(lm); 1038 } 1039 1040 return forward; 1041 } 1042 1043 /** 1044 * This method takes the {@link org.kuali.rice.krad.util.KRADConstants.METHOD_TO_CALL_ATTRIBUTE} out of the request 1045 * and parses it returning the required fields needed for a text area. The fields returned 1046 * are the following in this order. 1047 * <ol> 1048 * <li>{@link #TEXT_AREA_FIELD_NAME}</li> 1049 * <li>{@link #FORM_ACTION}</li> 1050 * <li>{@link #TEXT_AREA_FIELD_LABEL}</li> 1051 * <li>{@link #TEXT_AREA_READ_ONLY}</li> 1052 * <li>{@link #TEXT_AREA_MAX_LENGTH}</li> 1053 * </ol> 1054 * 1055 * @param request the request to retrieve the textarea parameters 1056 * @return a string array holding the parsed fields 1057 */ 1058 private String[] getTextAreaParams(HttpServletRequest request) { 1059 // parse out the important strings from our methodToCall parameter 1060 String fullParameter = (String) request.getAttribute( 1061 KRADConstants.METHOD_TO_CALL_ATTRIBUTE); 1062 1063 // parse textfieldname:htmlformaction 1064 String parameterFields = StringUtils.substringBetween(fullParameter, 1065 KRADConstants.METHOD_TO_CALL_PARM2_LEFT_DEL, 1066 KRADConstants.METHOD_TO_CALL_PARM2_RIGHT_DEL); 1067 if ( LOG.isDebugEnabled() ) { 1068 LOG.debug( "fullParameter: " + fullParameter ); 1069 LOG.debug( "parameterFields: " + parameterFields ); 1070 } 1071 String[] keyValue = null; 1072 if (StringUtils.isNotBlank(parameterFields)) { 1073 String[] textAreaParams = parameterFields.split( 1074 KRADConstants.FIELD_CONVERSIONS_SEPARATOR); 1075 if ( LOG.isDebugEnabled() ) { 1076 LOG.debug( "lookupParams: " + textAreaParams ); 1077 } 1078 for (final String textAreaParam : textAreaParams) { 1079 keyValue = textAreaParam.split(KRADConstants.FIELD_CONVERSION_PAIR_SEPARATOR, 2); 1080 1081 if ( LOG.isDebugEnabled() ) { 1082 LOG.debug( "keyValue[0]: " + keyValue[0] ); 1083 LOG.debug( "keyValue[1]: " + keyValue[1] ); 1084 LOG.debug( "keyValue[2]: " + keyValue[2] ); 1085 LOG.debug( "keyValue[3]: " + keyValue[3] ); 1086 LOG.debug( "keyValue[4]: " + keyValue[4] ); 1087 } 1088 } 1089 } 1090 1091 return keyValue; 1092 } 1093 1094 /** 1095 * This method is invoked from the TextArea.jsp for posting its value to the parent 1096 * page that called the extended text area page. The invocation is done through 1097 * Struts action. The default forwarding id is RiceContants.MAPPING_BASIC. This 1098 * can be overridden using the parameter key FORWARD_NEXT. 1099 * 1100 * @param mapping 1101 * @param form 1102 * @param request 1103 * @param response 1104 * @return 1105 */ 1106 public ActionForward postTextAreaToParent(ActionMapping mapping, 1107 ActionForm form, 1108 HttpServletRequest request, 1109 HttpServletResponse response) { 1110 1111 if (LOG.isTraceEnabled()) { 1112 String lm=String.format("ENTRY %s%n%s", form.getClass().getSimpleName(), 1113 request.getRequestURI()); 1114 LOG.trace(lm); 1115 } 1116 1117 String forwardingId=request.getParameter(FORWARD_NEXT); 1118 if (forwardingId == null) { 1119 forwardingId=RiceConstants.MAPPING_BASIC; 1120 } 1121 ActionForward forward=mapping.findForward(forwardingId); 1122 1123 if (LOG.isTraceEnabled()) { 1124 String lm=String.format("EXIT %s", (forward==null)?"null":forward.getPath()); 1125 LOG.trace(lm); 1126 } 1127 1128 return forward; 1129 } 1130 1131 /** 1132 * Use to add a methodToCall to the a list which will not have authorization checks. 1133 * This assumes that the call will be redirected (as in the case of a lookup) that will perform 1134 * the authorization. 1135 */ 1136 protected final void addMethodToCallToUncheckedList( String methodToCall ) { 1137 methodToCallsToNotCheckAuthorization.add(methodToCall); 1138 } 1139 1140 /** 1141 * This method does all special processing on a document that should happen on each HTTP post (ie, save, route, approve, etc). 1142 */ 1143 protected void doProcessingAfterPost( KualiForm form, HttpServletRequest request ) { 1144 1145 } 1146 1147 protected BusinessObjectAuthorizationService getBusinessObjectAuthorizationService() { 1148 if (businessObjectAuthorizationService == null) { 1149 businessObjectAuthorizationService = KNSServiceLocator.getBusinessObjectAuthorizationService(); 1150 } 1151 return businessObjectAuthorizationService; 1152 } 1153 1154 protected EncryptionService getEncryptionService() { 1155 if (encryptionService == null) { 1156 encryptionService = CoreApiServiceLocator.getEncryptionService(); 1157 } 1158 return encryptionService; 1159 } 1160 1161 public static String getApplicationBaseUrl() { 1162 if ( applicationBaseUrl == null ) { 1163 applicationBaseUrl = CoreApiServiceLocator.getKualiConfigurationService().getPropertyValueAsString( 1164 KRADConstants.APPLICATION_URL_KEY); 1165 } 1166 return applicationBaseUrl; 1167 } 1168 1169 protected boolean isModuleLocked(ActionForm form, String methodToCall, HttpServletRequest request) { 1170 String boClass = request.getParameter(KRADConstants.BUSINESS_OBJECT_CLASS_ATTRIBUTE); 1171 ModuleService moduleService = null; 1172 if(StringUtils.isNotBlank(boClass)) { 1173 try { 1174 moduleService = getKualiModuleService().getResponsibleModuleService(Class.forName(boClass)); 1175 } catch (ClassNotFoundException classNotFoundException) { 1176 LOG.warn("BO class not found: " + boClass, classNotFoundException); 1177 } 1178 } else { 1179 moduleService = getKualiModuleService().getResponsibleModuleService(this.getClass()); 1180 } 1181 if(moduleService != null && moduleService.isLocked()) { 1182 String principalId = GlobalVariables.getUserSession().getPrincipalId(); 1183 String namespaceCode = KRADConstants.KUALI_RICE_SYSTEM_NAMESPACE; 1184 String permissionName = KimConstants.PermissionNames.ACCESS_LOCKED_MODULE; 1185 Map<String, String> qualification = getRoleQualification(form, methodToCall); 1186 if(!KimApiServiceLocator.getPermissionService().isAuthorized(principalId, namespaceCode, permissionName, qualification)) { 1187 ParameterService parameterSerivce = CoreFrameworkServiceLocator.getParameterService(); 1188 String messageParamNamespaceCode = moduleService.getModuleConfiguration().getNamespaceCode(); 1189 String messageParamComponentCode = KRADConstants.DetailTypes.ALL_DETAIL_TYPE; 1190 String messageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_MESSAGE_PARM; 1191 String lockoutMessage = parameterSerivce.getParameterValueAsString(messageParamNamespaceCode, messageParamComponentCode, messageParamName); 1192 1193 if(StringUtils.isBlank(lockoutMessage)) { 1194 String defaultMessageParamName = KRADConstants.SystemGroupParameterNames.OLTP_LOCKOUT_DEFAULT_MESSAGE; 1195 lockoutMessage = parameterSerivce.getParameterValueAsString(KRADConstants.KNS_NAMESPACE, messageParamComponentCode, defaultMessageParamName); 1196 } 1197 request.setAttribute(KRADConstants.MODULE_LOCKED_MESSAGE_REQUEST_PARAMETER, lockoutMessage); 1198 return true; 1199 } 1200 } 1201 return false; 1202 } 1203}