1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.kuali.rice.kns.util;
17
18 import java.io.ByteArrayOutputStream;
19 import java.io.IOException;
20 import java.io.InputStream;
21 import java.io.OutputStream;
22 import java.util.Arrays;
23 import java.util.Collection;
24 import java.util.Enumeration;
25 import java.util.HashMap;
26 import java.util.Hashtable;
27 import java.util.Iterator;
28 import java.util.LinkedHashMap;
29 import java.util.List;
30 import java.util.Map;
31 import java.util.Set;
32 import java.util.regex.Matcher;
33 import java.util.regex.Pattern;
34
35 import javax.servlet.ServletException;
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.http.HttpServletResponse;
38 import javax.servlet.http.HttpSession;
39 import javax.servlet.jsp.PageContext;
40
41 import org.apache.commons.lang.StringEscapeUtils;
42 import org.apache.commons.lang.StringUtils;
43 import org.apache.log4j.Level;
44 import org.apache.log4j.Logger;
45 import org.apache.struts.Globals;
46 import org.apache.struts.action.ActionForm;
47 import org.apache.struts.action.ActionMapping;
48 import org.apache.struts.action.ActionServletWrapper;
49 import org.apache.struts.upload.CommonsMultipartRequestHandler;
50 import org.apache.struts.upload.FormFile;
51 import org.apache.struts.upload.MultipartRequestHandler;
52 import org.apache.struts.upload.MultipartRequestWrapper;
53 import org.kuali.rice.core.api.CoreApiServiceLocator;
54 import org.kuali.rice.core.api.config.property.ConfigContext;
55 import org.kuali.rice.core.api.config.property.ConfigurationService;
56 import org.kuali.rice.core.api.util.RiceKeyConstants;
57 import org.kuali.rice.kew.api.action.ActionRequest;
58 import org.kuali.rice.kew.api.action.RecipientType;
59 import org.kuali.rice.kim.api.role.Role;
60 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
61 import org.kuali.rice.kns.datadictionary.KNSDocumentEntry;
62 import org.kuali.rice.kns.datadictionary.MaintenanceDocumentEntry;
63 import org.kuali.rice.kns.document.authorization.DocumentAuthorizer;
64 import org.kuali.rice.kns.service.KNSServiceLocator;
65 import org.kuali.rice.kns.web.struts.action.KualiMultipartRequestHandler;
66 import org.kuali.rice.kns.web.struts.form.KualiDocumentFormBase;
67 import org.kuali.rice.kns.web.struts.form.KualiForm;
68 import org.kuali.rice.kns.web.struts.form.KualiMaintenanceForm;
69 import org.kuali.rice.kns.web.struts.form.pojo.PojoFormBase;
70 import org.kuali.rice.kns.web.ui.Field;
71 import org.kuali.rice.kns.web.ui.Row;
72 import org.kuali.rice.kns.web.ui.Section;
73 import org.kuali.rice.krad.datadictionary.AttributeDefinition;
74 import org.kuali.rice.krad.datadictionary.AttributeSecurity;
75 import org.kuali.rice.krad.datadictionary.DataDictionary;
76 import org.kuali.rice.krad.datadictionary.DataDictionaryEntryBase;
77 import org.kuali.rice.krad.datadictionary.mask.MaskFormatter;
78 import org.kuali.rice.krad.document.Document;
79 import org.kuali.rice.krad.exception.ValidationException;
80 import org.kuali.rice.krad.service.KRADServiceLocatorWeb;
81 import org.kuali.rice.krad.util.GlobalVariables;
82 import org.kuali.rice.krad.util.KRADConstants;
83 import org.kuali.rice.krad.util.MessageMap;
84 import org.kuali.rice.krad.util.ObjectUtils;
85
86
87
88
89
90
91 @Deprecated
92 public class WebUtils {
93 private static final Logger LOG = Logger.getLogger(WebUtils.class);
94
95 private static final String IMAGE_COORDINATE_CLICKED_X_EXTENSION = ".x";
96 private static final String IMAGE_COORDINATE_CLICKED_Y_EXTENSION = ".y";
97
98 private static final String APPLICATION_IMAGE_URL_PROPERTY_PREFIX = "application.custom.image.url";
99 private static final String DEFAULT_IMAGE_URL_PROPERTY_NAME = "kr.externalizable.images.url";
100
101
102
103
104 private static final String[] SCHEMES = { "http://", "https://" };
105
106
107
108
109
110
111 public static final String FILE_UPLOAD_LIMIT_EXCEEDED_EXCEPTION_ALREADY_THROWN = "fileUploadLimitExceededExceptionAlreadyThrown";
112
113 private static ConfigurationService configurationService;
114
115
116
117
118
119
120
121
122 public static String parseMethodToCall(ActionForm form, HttpServletRequest request) {
123 String methodToCall = null;
124
125
126 if (StringUtils.isNotBlank(request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER))) {
127 if (form instanceof KualiForm
128 && !((KualiForm) form).shouldMethodToCallParameterBeUsed(KRADConstants.DISPATCH_REQUEST_PARAMETER,
129 request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER), request)) {
130 throw new RuntimeException("Cannot verify that the methodToCall should be "
131 + request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER));
132 }
133 methodToCall = request.getParameter(KRADConstants.DISPATCH_REQUEST_PARAMETER);
134
135
136 request.setAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE, KRADConstants.DISPATCH_REQUEST_PARAMETER + "."
137 + methodToCall + IMAGE_COORDINATE_CLICKED_X_EXTENSION);
138 }
139
140
141
142
143
144
145
146
147
148
149 if (methodToCall == null) {
150
151 for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
152 String parameterName = (String) i.nextElement();
153
154
155 if (isMethodToCall(parameterName)) {
156 methodToCall = getMethodToCallSettingAttribute(form, request, parameterName);
157 break;
158 }
159 else {
160
161
162 for (String value : request.getParameterValues(parameterName)) {
163
164
165 if (isMethodToCall(value)) {
166 methodToCall = getMethodToCallSettingAttribute(form, request, value);
167
168 }
169 }
170 }
171 }
172 }
173
174 return methodToCall;
175 }
176
177
178
179
180
181
182
183
184 private static boolean isMethodToCall(String string) {
185
186
187 return string.startsWith(KRADConstants.DISPATCH_REQUEST_PARAMETER + ".");
188 }
189
190
191
192
193
194
195
196
197
198
199
200
201
202 private static String getMethodToCallSettingAttribute(ActionForm form, HttpServletRequest request, String string) {
203
204 if (form instanceof KualiForm
205 && !((KualiForm) form).shouldMethodToCallParameterBeUsed(string, request.getParameter(string), request)) {
206 throw new RuntimeException("Cannot verify that the methodToCall should be " + string);
207 }
208
209 final String attributeValue = endsWithCoordinates(string) ? string : string
210 + IMAGE_COORDINATE_CLICKED_X_EXTENSION;
211 final String methodToCall = StringUtils.substringBetween(attributeValue,
212 KRADConstants.DISPATCH_REQUEST_PARAMETER + ".", ".");
213 request.setAttribute(KRADConstants.METHOD_TO_CALL_ATTRIBUTE, attributeValue);
214 return methodToCall;
215 }
216
217
218
219
220
221
222
223
224 public static void logRequestContents(Logger logger, Level level, HttpServletRequest request) {
225 if (logger.isEnabledFor(level)) {
226 logger.log(level, "--------------------");
227 logger.log(level, "HttpRequest attributes:");
228 for (Enumeration e = request.getAttributeNames(); e.hasMoreElements();) {
229 String attrName = (String) e.nextElement();
230 Object attrValue = request.getAttribute(attrName);
231
232 if (attrValue.getClass().isArray()) {
233 logCollection(logger, level, attrName, Arrays.asList((Object[]) attrValue));
234 }
235 else if (attrValue instanceof Collection) {
236 logCollection(logger, level, attrName, (Collection) attrValue);
237 }
238 else if (attrValue instanceof Map) {
239 logMap(logger, level, attrName, (Map) attrValue);
240 }
241 else {
242 logObject(logger, level, attrName, attrValue);
243 }
244 }
245
246 logger.log(level, "--------------------");
247 logger.log(level, "HttpRequest parameters:");
248 for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
249 String paramName = (String) i.nextElement();
250 String[] paramValues = (String[]) request.getParameterValues(paramName);
251
252 logArray(logger, level, paramName, paramValues);
253 }
254
255 logger.log(level, "--------------------");
256 }
257 }
258
259 private static void logArray(Logger logger, Level level, String arrayName, Object[] array) {
260 StringBuffer value = new StringBuffer("[");
261 for (int i = 0; i < array.length; ++i) {
262 if (i > 0) {
263 value.append(",");
264 }
265 value.append(array[i]);
266 }
267 value.append("]");
268
269 logThing(logger, level, arrayName, value);
270 }
271
272 private static void logCollection(Logger logger, Level level, String collectionName, Collection c) {
273 StringBuffer value = new StringBuffer("{");
274 for (Iterator i = c.iterator(); i.hasNext();) {
275 value.append(i.next());
276 if (i.hasNext()) {
277 value.append(",");
278 }
279 }
280 value.append("}");
281
282 logThing(logger, level, collectionName, value);
283 }
284
285 private static void logMap(Logger logger, Level level, String mapName, Map m) {
286 StringBuffer value = new StringBuffer("{");
287 for (Iterator i = m.entrySet().iterator(); i.hasNext();) {
288 Map.Entry e = (Map.Entry) i.next();
289 value.append("('" + e.getKey() + "','" + e.getValue() + "')");
290 }
291 value.append("}");
292
293 logThing(logger, level, mapName, value);
294 }
295
296 private static void logObject(Logger logger, Level level, String objectName, Object o) {
297 logThing(logger, level, objectName, "'" + o + "'");
298 }
299
300 private static void logThing(Logger logger, Level level, String thingName, Object thing) {
301 logger.log(level, " '" + thingName + "' => " + thing);
302 }
303
304
305
306
307
308
309
310
311
312
313 public static void saveMimeOutputStreamAsFile(HttpServletResponse response, String contentType,
314 ByteArrayOutputStream byteArrayOutputStream, String fileName) throws IOException {
315
316
317
318 String updateFileName;
319 if(fileName.contains("\"")) {
320 updateFileName = fileName.replaceAll("\"", "");
321 } else {
322 updateFileName = fileName;
323 }
324
325
326 response.setContentType(contentType);
327 response.setHeader("Content-disposition", "attachment; filename=\"" + updateFileName + "\"");
328 response.setHeader("Expires", "0");
329 response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
330 response.setHeader("Pragma", "public");
331 response.setContentLength(byteArrayOutputStream.size());
332
333
334 OutputStream outputStream = response.getOutputStream();
335 byteArrayOutputStream.writeTo(response.getOutputStream());
336 outputStream.flush();
337 outputStream.close();
338 }
339
340
341
342
343
344
345
346
347
348
349 public static void saveMimeInputStreamAsFile(HttpServletResponse response, String contentType,
350 InputStream inStream, String fileName, int fileSize) throws IOException {
351
352
353
354 String updateFileName;
355 if(fileName.contains("\"")) {
356 updateFileName = fileName.replaceAll("\"", "");
357 } else {
358 updateFileName = fileName;
359 }
360
361
362 response.setContentType(contentType);
363 response.setHeader("Content-disposition", "attachment; filename=\"" + updateFileName + "\"");
364 response.setHeader("Expires", "0");
365 response.setHeader("Cache-Control", "must-revalidate, post-check=0, pre-check=0");
366 response.setHeader("Pragma", "public");
367 response.setContentLength(fileSize);
368
369
370 OutputStream out = response.getOutputStream();
371 while (inStream.available() > 0) {
372 out.write(inStream.read());
373 }
374 out.flush();
375 }
376
377
378
379
380
381
382
383
384 public static String getTabState(KualiForm form, String tabKey) {
385 return form.getTabState(tabKey);
386 }
387
388 public static void incrementTabIndex(KualiForm form, String tabKey) {
389 form.incrementTabIndex();
390 }
391
392
393
394
395
396
397
398
399 public static void reopenInactiveRecords(List<Section> sections, Map<String, String> tabStates, String collectionName) {
400 for (Section section : sections) {
401 for (Row row: section.getRows()) {
402 for (Field field : row.getFields()) {
403 if (field != null) {
404 if (Field.CONTAINER.equals(field.getFieldType()) && StringUtils.startsWith(field.getContainerName(), collectionName)) {
405 final String tabKey = WebUtils.generateTabKey(FieldUtils.generateCollectionSubTabName(field));
406 tabStates.put(tabKey, KualiForm.TabState.OPEN.name());
407 }
408 }
409 }
410 }
411 }
412 }
413
414
415
416
417
418
419
420 public static String generateTabKey(String tabTitle) {
421 String key = "";
422 if (!StringUtils.isBlank(tabTitle)) {
423 key = tabTitle.replaceAll("\\W", "");
424
425
426
427 }
428
429 return key;
430 }
431
432 public static void getMultipartParameters(HttpServletRequest request, ActionServletWrapper servletWrapper,
433 ActionForm form, ActionMapping mapping) {
434 Map params = new HashMap();
435
436
437
438
439 try {
440 CommonsMultipartRequestHandler multipartHandler = new CommonsMultipartRequestHandler();
441 if (multipartHandler != null) {
442
443 if (servletWrapper != null) {
444
445
446 servletWrapper.setServletFor(multipartHandler);
447 }
448 multipartHandler.setMapping((ActionMapping) request.getAttribute(Globals.MAPPING_KEY));
449
450 multipartHandler.handleRequest(request);
451
452 Collection<FormFile> files = multipartHandler.getFileElements().values();
453 Enumeration keys = multipartHandler.getFileElements().keys();
454
455 while (keys.hasMoreElements()) {
456 Object key = keys.nextElement();
457 FormFile file = (FormFile) multipartHandler.getFileElements().get(key);
458 long maxSize = WebUtils.getMaxUploadSize(form);
459 if (LOG.isDebugEnabled()) {
460 LOG.debug(file.getFileSize());
461 }
462 if (maxSize > 0 && Long.parseLong(file.getFileSize() + "") > maxSize) {
463
464 GlobalVariables.getMessageMap().putError(key.toString(),
465 RiceKeyConstants.ERROR_UPLOADFILE_SIZE,
466 new String[] { file.getFileName(), Long.toString(maxSize) });
467
468 }
469 }
470
471
472 if (servletWrapper == null) {
473 request.setAttribute(KRADConstants.UPLOADED_FILE_REQUEST_ATTRIBUTE_KEY,
474 getFileParametersForMultipartRequest(request, multipartHandler));
475 }
476 }
477 }
478 catch (ServletException e) {
479 throw new ValidationException("unable to handle multipart request " + e.getMessage(), e);
480 }
481 }
482
483 public static long getMaxUploadSize(ActionForm form) {
484 long max = 0L;
485 KualiMultipartRequestHandler multipartHandler = new KualiMultipartRequestHandler();
486 if (form instanceof PojoFormBase) {
487 max = multipartHandler.calculateMaxUploadSizeToMaxOfList(((PojoFormBase) form).getMaxUploadSizes());
488 }
489 if (LOG.isDebugEnabled()) {
490 LOG.debug("Max File Upload Size: " + max);
491 }
492 return max;
493 }
494
495 private static Map getFileParametersForMultipartRequest(HttpServletRequest request,
496 MultipartRequestHandler multipartHandler) {
497 Map parameters = new HashMap();
498 Hashtable elements = multipartHandler.getFileElements();
499 Enumeration e = elements.keys();
500 while (e.hasMoreElements()) {
501 String key = (String) e.nextElement();
502 parameters.put(key, elements.get(key));
503 }
504
505 if (request instanceof MultipartRequestWrapper) {
506 request = (HttpServletRequest) ((MultipartRequestWrapper) request).getRequest();
507 e = request.getParameterNames();
508 while (e.hasMoreElements()) {
509 String key = (String) e.nextElement();
510 parameters.put(key, request.getParameterValues(key));
511 }
512 }
513 else {
514 LOG.debug("Gathering multipart parameters for unwrapped request");
515 }
516 return parameters;
517 }
518
519
520
521 public static void registerEditableProperty(PojoFormBase form, String editablePropertyName) {
522 form.registerEditableProperty(editablePropertyName);
523 }
524
525 public static boolean isDocumentSession(Document document, PojoFormBase docForm) {
526 boolean sessionDoc = document instanceof org.kuali.rice.krad.document.SessionDocument;
527 boolean dataDictionarySessionDoc = false;
528 if (!sessionDoc) {
529 DataDictionary dataDictionary = KRADServiceLocatorWeb.getDataDictionaryService().getDataDictionary();
530 if (docForm instanceof KualiMaintenanceForm) {
531 KualiMaintenanceForm maintenanceForm = (KualiMaintenanceForm) docForm;
532 if (dataDictionary != null) {
533 if (maintenanceForm.getDocTypeName() != null) {
534 MaintenanceDocumentEntry maintenanceDocumentEntry = (MaintenanceDocumentEntry) dataDictionary.getDocumentEntry(maintenanceForm.getDocTypeName());
535 dataDictionarySessionDoc = maintenanceDocumentEntry.isSessionDocument();
536 }
537 }
538 }
539 else {
540 if (document != null && dataDictionary != null) {
541 KNSDocumentEntry documentEntry = (KNSDocumentEntry) dataDictionary.getDocumentEntry(document.getClass().getName());
542 dataDictionarySessionDoc = documentEntry.isSessionDocument();
543 }
544 }
545 }
546 return sessionDoc || dataDictionarySessionDoc;
547 }
548
549 public static boolean isFormSessionDocument(PojoFormBase form) {
550 Document document = null;
551 if (KualiDocumentFormBase.class.isAssignableFrom(form.getClass())) {
552 KualiDocumentFormBase docForm = (KualiDocumentFormBase) form;
553 document = docForm.getDocument();
554 }
555 return isDocumentSession(document, form);
556 }
557
558 public static String KEY_KUALI_FORM_IN_SESSION = "KualiForm";
559
560 public static ActionForm getKualiForm(PageContext pageContext) {
561 return getKualiForm((HttpServletRequest) pageContext.getRequest());
562 }
563
564 public static ActionForm getKualiForm(HttpServletRequest request) {
565 if (request.getAttribute(KEY_KUALI_FORM_IN_SESSION) != null) {
566 return (ActionForm) request.getAttribute(KEY_KUALI_FORM_IN_SESSION);
567 }
568 else {
569 final HttpSession session = request.getSession(false);
570 return session != null ? (ActionForm) session.getAttribute(KEY_KUALI_FORM_IN_SESSION) : null;
571 }
572 }
573
574 public static boolean isPropertyEditable(Set<String> editableProperties, String propertyName) {
575 if (LOG.isDebugEnabled()) {
576 LOG.debug("isPropertyEditable(" + propertyName + ")");
577 }
578
579 boolean returnVal = editableProperties == null
580 || editableProperties.contains(propertyName)
581 || (getIndexOfCoordinateExtension(propertyName) == -1 ? false : editableProperties
582 .contains(propertyName.substring(0, getIndexOfCoordinateExtension(propertyName))));
583 if (!returnVal) {
584 if (LOG.isDebugEnabled()) {
585 LOG.debug("isPropertyEditable(" + propertyName + ") == false / editableProperties: "
586 + editableProperties);
587 }
588 }
589 return returnVal;
590 }
591
592 public static boolean endsWithCoordinates(String parameter) {
593 return parameter.endsWith(WebUtils.IMAGE_COORDINATE_CLICKED_X_EXTENSION)
594 || parameter.endsWith(WebUtils.IMAGE_COORDINATE_CLICKED_Y_EXTENSION);
595 }
596
597 public static int getIndexOfCoordinateExtension(String parameter) {
598 int indexOfCoordinateExtension = parameter.lastIndexOf(WebUtils.IMAGE_COORDINATE_CLICKED_X_EXTENSION);
599 if (indexOfCoordinateExtension == -1) {
600 indexOfCoordinateExtension = parameter.lastIndexOf(WebUtils.IMAGE_COORDINATE_CLICKED_Y_EXTENSION);
601 }
602 return indexOfCoordinateExtension;
603 }
604
605 public static boolean isInquiryHiddenField(String className, String fieldName, Object formObject, String propertyName) {
606 boolean isHidden = false;
607 String hiddenInquiryFields = getKualiConfigurationService().getPropertyValueAsString(className + ".hidden");
608 if (StringUtils.isEmpty(hiddenInquiryFields)) {
609 return isHidden;
610 }
611 List hiddenFields = Arrays.asList(hiddenInquiryFields.replaceAll(" ", "").split(","));
612 if (hiddenFields.contains(fieldName.trim())) {
613 isHidden = true;
614 }
615 return isHidden;
616 }
617
618 public static boolean isHiddenKimObjectType(String type, String configParameter) {
619 boolean hideType = false;
620 String hiddenTypes = getKualiConfigurationService().getPropertyValueAsString(configParameter);
621 if (StringUtils.isEmpty(hiddenTypes)) {
622 return hideType;
623 }
624 List hiddenTypeValues = Arrays.asList(hiddenTypes.replaceAll(" ", "").split(","));
625 if (hiddenTypeValues.contains(type.trim())) {
626 hideType = true;
627 }
628 return hideType;
629 }
630
631 public static String getFullyMaskedValue(String className, String fieldName, Object formObject, String propertyName) {
632 String displayMaskValue = null;
633 Object propertyValue = ObjectUtils.getPropertyValue(formObject, propertyName);
634
635 DataDictionaryEntryBase entry = (DataDictionaryEntryBase) KRADServiceLocatorWeb.getDataDictionaryService()
636 .getDataDictionary().getDictionaryObjectEntry(className);
637 AttributeDefinition a = entry.getAttributeDefinition(fieldName);
638
639 AttributeSecurity attributeSecurity = a.getAttributeSecurity();
640 if (attributeSecurity != null && attributeSecurity.isMask()) {
641 MaskFormatter maskFormatter = attributeSecurity.getMaskFormatter();
642 displayMaskValue = maskFormatter.maskValue(propertyValue);
643
644 }
645 return displayMaskValue;
646 }
647
648 public static String getPartiallyMaskedValue(String className, String fieldName, Object formObject,
649 String propertyName) {
650 String displayMaskValue = null;
651 Object propertyValue = ObjectUtils.getPropertyValue(formObject, propertyName);
652
653 DataDictionaryEntryBase entry = (DataDictionaryEntryBase) KRADServiceLocatorWeb.getDataDictionaryService()
654 .getDataDictionary().getDictionaryObjectEntry(className);
655 AttributeDefinition a = entry.getAttributeDefinition(fieldName);
656
657 AttributeSecurity attributeSecurity = a.getAttributeSecurity();
658 if (attributeSecurity != null && attributeSecurity.isPartialMask()) {
659 MaskFormatter partialMaskFormatter = attributeSecurity.getPartialMaskFormatter();
660 displayMaskValue = partialMaskFormatter.maskValue(propertyValue);
661
662 }
663 return displayMaskValue;
664 }
665
666 public static boolean canFullyUnmaskField(String businessObjectClassName, String fieldName, KualiForm form) {
667 Class businessObjClass = null;
668 try {
669 businessObjClass = Class.forName(businessObjectClassName);
670 }
671 catch (Exception e) {
672 throw new RuntimeException("Unable to resolve class name: " + businessObjectClassName);
673 }
674 if (form instanceof KualiDocumentFormBase) {
675 return KNSServiceLocator.getBusinessObjectAuthorizationService().canFullyUnmaskField(
676 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName,
677 ((KualiDocumentFormBase) form).getDocument());
678 }
679 else {
680 return KNSServiceLocator.getBusinessObjectAuthorizationService().canFullyUnmaskField(
681 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName, null);
682 }
683 }
684
685 public static boolean canPartiallyUnmaskField(String businessObjectClassName, String fieldName, KualiForm form) {
686 Class businessObjClass = null;
687 try {
688 businessObjClass = Class.forName(businessObjectClassName);
689 }
690 catch (Exception e) {
691 throw new RuntimeException("Unable to resolve class name: " + businessObjectClassName);
692 }
693 if (form instanceof KualiDocumentFormBase) {
694 return KNSServiceLocator.getBusinessObjectAuthorizationService().canPartiallyUnmaskField(
695 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName,
696 ((KualiDocumentFormBase) form).getDocument());
697 }
698 else {
699 return KNSServiceLocator.getBusinessObjectAuthorizationService().canPartiallyUnmaskField(
700 GlobalVariables.getUserSession().getPerson(), businessObjClass, fieldName, null);
701 }
702 }
703
704 public static boolean canAddNoteAttachment(Document document) {
705 boolean canViewNoteAttachment = false;
706 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
707 document);
708 canViewNoteAttachment = documentAuthorizer.canAddNoteAttachment(document, null, GlobalVariables
709 .getUserSession().getPerson());
710 return canViewNoteAttachment;
711 }
712
713 public static boolean canViewNoteAttachment(Document document, String attachmentTypeCode) {
714 boolean canViewNoteAttachment = false;
715 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
716 document);
717 canViewNoteAttachment = documentAuthorizer.canViewNoteAttachment(document, attachmentTypeCode, GlobalVariables
718 .getUserSession().getPerson());
719 return canViewNoteAttachment;
720 }
721
722 public static boolean canDeleteNoteAttachment(Document document, String attachmentTypeCode,
723 String authorUniversalIdentifier) {
724 boolean canDeleteNoteAttachment = false;
725 DocumentAuthorizer documentAuthorizer = KNSServiceLocator.getDocumentHelperService().getDocumentAuthorizer(
726 document);
727 canDeleteNoteAttachment = documentAuthorizer.canDeleteNoteAttachment(document, attachmentTypeCode, "false",
728 GlobalVariables.getUserSession().getPerson());
729 if (canDeleteNoteAttachment) {
730 return canDeleteNoteAttachment;
731 }
732 else {
733 canDeleteNoteAttachment = documentAuthorizer.canDeleteNoteAttachment(document, attachmentTypeCode, "true",
734 GlobalVariables.getUserSession().getPerson());
735 if (canDeleteNoteAttachment
736 && !authorUniversalIdentifier.equals(GlobalVariables.getUserSession().getPerson().getPrincipalId())) {
737 canDeleteNoteAttachment = false;
738 }
739 }
740 return canDeleteNoteAttachment;
741 }
742
743 public static void reuseErrorMapFromPreviousRequest(KualiDocumentFormBase kualiDocumentFormBase) {
744 if (kualiDocumentFormBase.getMessageMapFromPreviousRequest() == null) {
745 LOG.error("Error map from previous request is null!");
746 return;
747 }
748 MessageMap errorMapFromGlobalVariables = GlobalVariables.getMessageMap();
749 if (kualiDocumentFormBase.getMessageMapFromPreviousRequest() == errorMapFromGlobalVariables) {
750
751 return;
752 }
753 if (!errorMapFromGlobalVariables.hasNoErrors()) {
754 throw new RuntimeException("Cannot replace error map because it is not empty");
755 }
756 GlobalVariables.setMessageMap(kualiDocumentFormBase.getMessageMapFromPreviousRequest());
757 GlobalVariables.getMessageMap().clearErrorPath();
758 }
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777 public static String filterHtmlAndReplaceRiceMarkup(String inputString) {
778 String outputString = StringEscapeUtils.escapeHtml(inputString);
779
780
781 Map<String, String> findAndReplacePatterns = new LinkedHashMap<String, String>();
782
783
784
785
786
787
788 findAndReplacePatterns.put("\\[a ((javascript|JAVASCRIPT|JavaScript).+)\\]", "");
789
790 findAndReplacePatterns.put("\\[a (.+)\\]", "<a href=\"$1\">");
791 findAndReplacePatterns.put("\\[/a\\]", "</a>");
792
793
794 findAndReplacePatterns.put("\\[([A-Za-z])\\]", "<$1>");
795 findAndReplacePatterns.put("\\[/([A-Za-z])\\]", "</$1>");
796
797 findAndReplacePatterns.put("\\[([A-Za-z]{2})\\]", "<$1>");
798 findAndReplacePatterns.put("\\[/([A-Za-z]{2})\\]", "</$1>");
799
800 findAndReplacePatterns.put("\\[font (#[0-9A-Fa-f]{1,6}|[A-Za-z]+)\\]", "<font color=\"$1\">");
801 findAndReplacePatterns.put("\\[/font\\]", "</font>");
802
803 findAndReplacePatterns.put("\\[table\\]", "<table>");
804 findAndReplacePatterns.put("\\[table ([A-Za-z]+)\\]", "<table class=\"$1\">");
805 findAndReplacePatterns.put("\\[/table\\]", "</table>");
806
807 findAndReplacePatterns.put("\\[td ([A-Za-z]+)\\]", "<td class=\"$1\">");
808
809 for (String findPattern : findAndReplacePatterns.keySet()) {
810 Pattern p = Pattern.compile(findPattern);
811 Matcher m = p.matcher(outputString);
812 if (m.find()) {
813 String replacePattern = findAndReplacePatterns.get(findPattern);
814 outputString = m.replaceAll(replacePattern);
815 }
816 }
817
818 return outputString;
819 }
820
821
822
823
824
825
826
827
828
829
830 public static String getButtonImageUrl(String imageName) {
831 String buttonImageUrl = getKualiConfigurationService().getPropertyValueAsString(
832 WebUtils.APPLICATION_IMAGE_URL_PROPERTY_PREFIX + "." + imageName);
833 if (StringUtils.isBlank(buttonImageUrl)) {
834 buttonImageUrl = getDefaultButtonImageUrl(imageName);
835 }
836 return buttonImageUrl;
837 }
838
839 public static String getAttachmentImageForUrl(String contentType) {
840 String image = getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ATTACHMENT_IMAGE_PREFIX + contentType);
841 if (StringUtils.isEmpty(image)) {
842 return getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ATTACHMENT_IMAGE_DEFAULT);
843 }
844 return image;
845 }
846
847
848
849
850
851
852
853
854
855 public static String getDefaultButtonImageUrl(String imageName) {
856 return getKualiConfigurationService().getPropertyValueAsString(WebUtils.DEFAULT_IMAGE_URL_PROPERTY_NAME)
857 + "buttonsmall_" + imageName + ".gif";
858 }
859
860
861
862
863 public static ConfigurationService getKualiConfigurationService() {
864 if (configurationService == null) {
865 configurationService = CoreApiServiceLocator.getKualiConfigurationService();
866 }
867 return configurationService;
868 }
869
870
871
872
873
874
875
876
877 public static String preserveWhitespace(String startingString) {
878 String convertedString = startingString.replaceAll("\n", "<br />");
879 convertedString = convertedString.replaceAll(" ", " ").replaceAll("( | )", " ");
880 return convertedString;
881 }
882
883 public static String getKimGroupDisplayName(String groupId) {
884 if(StringUtils.isBlank(groupId)) {
885 throw new IllegalArgumentException("Group ID must have a value");
886 }
887 return KimApiServiceLocator.getGroupService().getGroup(groupId).getName();
888 }
889
890 public static String getPrincipalDisplayName(String principalId) {
891 if(StringUtils.isBlank(principalId)) {
892 throw new IllegalArgumentException("Principal ID must have a value");
893 }
894 if (KimApiServiceLocator.getIdentityService().getDefaultNamesForPrincipalId(principalId) == null){
895 return "";
896 }
897 else {
898 return KimApiServiceLocator.getIdentityService().getDefaultNamesForPrincipalId(principalId).getDefaultName().getCompositeName();
899 }
900 }
901
902
903
904
905
906
907
908
909
910 public static String getRoleDisplayName(ActionRequest actionRequest) {
911 String result;
912
913 if(actionRequest == null) {
914 throw new IllegalArgumentException("actionRequest must be non-null");
915 }
916 if (RecipientType.ROLE != actionRequest.getRecipientType()) {
917 throw new IllegalArgumentException("actionRequest recipient must be a Role");
918 }
919
920 Role role = KimApiServiceLocator.getRoleService().getRole(actionRequest.getRoleName());
921
922 if (role != null) {
923 result = role.getName();
924 } else if (!StringUtils.isBlank(actionRequest.getQualifiedRoleNameLabel())) {
925 result = actionRequest.getQualifiedRoleNameLabel();
926 } else {
927 result = actionRequest.getRoleName();
928 }
929
930 return result;
931 }
932
933
934
935
936
937
938
939
940 public static String toAbsoluteURL(String base, String path) {
941 boolean abs = false;
942 if (StringUtils.isBlank(path)) {
943 path = "";
944 } else {
945 for (String scheme: SCHEMES) {
946 if (path.startsWith(scheme)) {
947 abs = true;
948 break;
949 }
950 }
951 }
952 if (abs) {
953 return path;
954 }
955 return base + path;
956 }
957
958 public static String sanitizeBackLocation(String backLocation) {
959 if(StringUtils.isBlank(backLocation)) {
960 return backLocation;
961 }
962 Pattern pattern = Pattern.compile(ConfigContext.getCurrentContextConfig().getProperty(KRADConstants.BACK_LOCATION_ALLOWED_REGEX));
963 if(pattern.matcher(backLocation).matches()) {
964 return backLocation;
965 } else {
966 return ConfigContext.getCurrentContextConfig().getProperty(KRADConstants.BACK_LOCATION_DEFAULT_URL);
967 }
968 }
969
970 }