@Override public List<Long> getWorkAreasForPrincipalInRoles( String principalId, List<String> roleIds, DateTime asOfDate, boolean isActiveOnly) { Set<Long> workAreas = new HashSet<Long>(); // iterate through the role ids getting the work areas for each one for (String roleId : roleIds) { // get the role for the role id from the role service Role role = getRoleService().getRole(roleId); if (role != null) { String roleName = role.getName(); String namespaceCode = role.getNamespaceCode(); Map<String, String> qualifiers = new HashMap<String, String>(); // empty qualifier map will match any attribute in the predicate query, i.e. will work like // wildcarded entries List<Map<String, String>> roleQualifiers = new ArrayList<Map<String, String>>(); List<RoleMember> principalAndGroupRoleMembers = getRoleMembers(namespaceCode, roleName, qualifiers, asOfDate, isActiveOnly); for (RoleMember roleMember : principalAndGroupRoleMembers) { // check for principals or groups if (MemberType.PRINCIPAL.equals(roleMember.getType())) { if (roleMember.getMemberId().equals(principalId)) { roleQualifiers.add(roleMember.getAttributes()); } } else if (MemberType.GROUP.equals(roleMember.getType())) { // query the helper to see if the principal is a member of this nested member group Group nestedGroup = getGroupService().getGroup(roleMember.getMemberId()); if (getRoleServiceHelper() .isMemberOfGroup(principalId, nestedGroup, asOfDate, isActiveOnly)) { roleQualifiers.add(roleMember.getAttributes()); } } } for (Map<String, String> roleQualifier : roleQualifiers) { Long workArea = MapUtils.getLong( roleQualifier, KPMERoleMemberAttribute.WORK_AREA.getRoleMemberAttributeName()); if (workArea != null) { workAreas.add(workArea); } } } } List<String> departments = getDepartmentsForPrincipalInRoles(principalId, roleIds, asOfDate, isActiveOnly); workAreas.addAll( getWorkAreaService().getWorkAreasForDepartments(departments, asOfDate.toLocalDate())); return new ArrayList<Long>(workAreas); }
protected boolean checkDelegationMember(RoleDocumentDelegationMember newMember) { if (StringUtils.isBlank(newMember.getMemberTypeCode()) || StringUtils.isBlank(newMember.getMemberId())) { GlobalVariables.getMessageMap() .putError( "document.delegationMember.memberId", RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member Type Code and Member ID"}); return false; } if (MemberType.PRINCIPAL.getCode().equals(newMember.getMemberTypeCode())) { Principal principalInfo = getIdentityService().getPrincipal(newMember.getMemberId()); if (principalInfo == null) { GlobalVariables.getMessageMap() .putError( "document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] {newMember.getMemberId()}); return false; } else { newMember.setMemberName(principalInfo.getPrincipalName()); } } else if (MemberType.GROUP.getCode().equals(newMember.getMemberTypeCode())) { Group groupInfo = null; groupInfo = getGroupService().getGroup(newMember.getMemberId()); if (groupInfo == null) { GlobalVariables.getMessageMap() .putError( "document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] {newMember.getMemberId()}); return false; } else { newMember.setMemberName(groupInfo.getName()); newMember.setMemberNamespaceCode(groupInfo.getNamespaceCode()); } } else if (MemberType.ROLE.getCode().equals(newMember.getMemberTypeCode())) { Role roleInfo = KimApiServiceLocator.getRoleService().getRole(newMember.getMemberId()); if (roleInfo == null) { GlobalVariables.getMessageMap() .putError( "document.delegationMember.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] {newMember.getMemberId()}); return false; } else { newMember.setMemberName(roleInfo.getName()); newMember.setMemberNamespaceCode(roleInfo.getNamespaceCode()); } } return true; }
protected boolean checkKimDocumentRoleMember(KimDocumentRoleMember newMember) { boolean memberExists = false; String memberName = null; String memberNamespace = null; if (StringUtils.isBlank(newMember.getMemberId())) { GlobalVariables.getMessageMap() .putError( "document.member.memberId", RiceKeyConstants.ERROR_EMPTY_ENTRY, new String[] {"Member ID"}); return false; } if (MemberType.PRINCIPAL.getCode().equals(newMember.getMemberTypeCode())) { Principal pi = this.getIdentityService().getPrincipal(newMember.getMemberId()); if (pi != null) { memberExists = true; memberName = pi.getPrincipalName(); memberNamespace = ""; } } else if (MemberType.GROUP.getCode().equals(newMember.getMemberTypeCode())) { Group gi = KimApiServiceLocator.getGroupService().getGroup(newMember.getMemberId()); if (gi != null) { memberExists = true; memberName = gi.getName(); memberNamespace = gi.getNamespaceCode(); } } else if (MemberType.ROLE.getCode().equals(newMember.getMemberTypeCode())) { Role ri = KimApiServiceLocator.getRoleService().getRole(newMember.getMemberId()); if (!validateRole(newMember.getMemberId(), ri, "document.member.memberId", "Role")) { return false; } else { memberExists = true; memberName = ri.getName(); memberNamespace = ri.getNamespaceCode(); } } if (!memberExists) { GlobalVariables.getMessageMap() .putError( "document.member.memberId", RiceKeyConstants.ERROR_MEMBERID_MEMBERTYPE_MISMATCH, new String[] {newMember.getMemberId()}); return false; } newMember.setMemberName(memberName); newMember.setMemberNamespaceCode(memberNamespace); return true; }
public List<String> getLocationsForPrincipalInRole( String principalId, String namespaceCode, String roleName, DateTime asOfDate, boolean isActiveOnly) { List<String> locations = new ArrayList<String>(); Role role = getRoleService().getRoleByNamespaceCodeAndName(namespaceCode, roleName); if (role != null) { locations = getLocationsForPrincipalInRoles( principalId, Collections.singletonList(role.getId()), asOfDate, isActiveOnly); } return locations; }
private RoleMember assignPrincipal2Role(String principalId, Role role, String subjArea) { Map<String, String> qualifiers = new LinkedHashMap<String, String>(); if (subjArea != null) { qualifiers.put(KimPermissionConstants.SUBJECT_AREA_ATTR_DEFINITION, subjArea); } RoleMember roleMember = this.roleService.assignPrincipalToRole( principalId, role.getNamespaceCode(), role.getName(), qualifiers); assertEquals(principalId, roleMember.getMemberId()); assertEquals(role.getId(), roleMember.getRoleId()); assertEquals(KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE, roleMember.getType()); assertEquals(qualifiers, roleMember.getAttributes()); List<String> roleIds = this.roleService.getMemberParentRoleIds( KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE.getCode(), principalId); // assertEquals(1, roleIds.size()); assertTrue(roleIds.contains(role.getId())); return roleMember; }
public List<String> getDepartmentsForPrincipalInRole( String principalId, String namespaceCode, String roleName, DateTime asOfDate, boolean isActiveOnly) { List<String> departments = new ArrayList<String>(); Role role = getRoleService().getRoleByNamespaceCodeAndName(namespaceCode, roleName); if (role != null) { departments = getDepartmentsForPrincipalInRoles( principalId, Collections.singletonList(role.getId()), asOfDate, isActiveOnly); } // TODO: // Do we want to pass groupKeyCode instead of location to speed up the performance? List<String> locations = getLocationsForPrincipalInRole( principalId, namespaceCode, roleName, asOfDate, isActiveOnly); departments.addAll( getDepartmentService().getDepartmentValuesWithLocations(locations, asOfDate.toLocalDate())); return new ArrayList<String>(departments); }
/** * Gets the derived role service for {@code role}. * * @param role the role * @return the derived role service name for {@code role}. */ protected RoleTypeService getRoleTypeService(Role role) { RoleTypeService roleTypeService = null; if (role != null) { String serviceName = getDerivedRoleServiceName(role.getKimTypeId()); if (serviceName != null) { try { KimTypeService service = (KimTypeService) GlobalResourceLoader.getService(QName.valueOf(serviceName)); if (service != null && service instanceof RoleTypeService) { return (RoleTypeService) service; } } catch (Exception ex) { LOG.error("Unable to find role type service with name: " + serviceName, ex); } } } return roleTypeService; }
public boolean principalHasRole( String principalId, String namespaceCode, String roleName, Map<String, String> qualification, DateTime asOfDate) { boolean principalHasRole = false; String roleId = getRoleService().getRoleIdByNamespaceCodeAndName(namespaceCode, roleName); if (roleId == null) { return false; } if (asOfDate.compareTo(LocalDate.now().toDateTimeAtStartOfDay()) == 0) { principalHasRole = getRoleService() .principalHasRole(principalId, Collections.singletonList(roleId), qualification); } else { List<RoleMember> roleMembers = getRoleMembers(namespaceCode, roleName, qualification, asOfDate, true); for (RoleMember roleMember : roleMembers) { if (MemberType.PRINCIPAL.equals(roleMember.getType())) { if (StringUtils.equals(roleMember.getMemberId(), principalId)) { principalHasRole = true; break; } } else if (MemberType.GROUP.equals(roleMember.getType())) { if (HrServiceLocator.getKPMEGroupService() .isMemberOfGroupWithId(principalId, roleMember.getMemberId(), asOfDate)) { // if (getGroupService().isMemberOfGroup(principalId, roleMember.getMemberId())) { principalHasRole = true; break; } } else if (MemberType.ROLE.equals(roleMember.getType())) { Role derivedRole = getRoleService() .getRoleByNamespaceCodeAndName( KPMENamespace.KPME_HR.getNamespaceCode(), KPMERole.DERIVED_ROLE_POSITION.getRoleName()); // check if the member represents the (nested) derived role 'position' if (derivedRole != null && roleMember.getMemberId().equals(derivedRole.getId())) { // add custom attributes Map<String, String> qual = new HashMap<String, String>(); qual.putAll(roleMember.getAttributes()); qual.put("asOfDate", asOfDate.toString()); // return true if the principal id is a member of the (nested) derived role 'position' RoleTypeService roleTypeService = getRoleTypeService(derivedRole); if (roleTypeService.hasDerivedRole( principalId, new ArrayList<String>(), derivedRole.getNamespaceCode(), derivedRole.getName(), qual)) { principalHasRole = true; break; } } } } } return principalHasRole; }
protected List<RoleMember> getPrimaryRoleMembers( Role role, Map<String, String> qualification, DateTime asOfDate, boolean isActiveOnly) { // define the return value List<RoleMember> primaryRoleMembers = new ArrayList<RoleMember>(); if (role != null) { RoleTypeService roleTypeService = getRoleTypeService(role); // use predicate based filtering only on non-derived role. if (roleTypeService == null || !roleTypeService.isDerivedRoleType()) { List<Predicate> predicates = new ArrayList<Predicate>(); predicates.add(equal(KimConstants.PrimaryKeyConstants.SUB_ROLE_ID, role.getId())); if (isActiveOnly) { predicates.add( or(isNull("activeFromDateValue"), lessThanOrEqual("activeFromDateValue", asOfDate))); predicates.add( or(isNull("activeToDateValue"), greaterThan("activeToDateValue", asOfDate))); } // LookupCustomizer<RoleMemberBo> lookupCustomizer = builder.build(); // guard for default type roles if (roleTypeService != null) { if (MapUtils.isEmpty(qualification)) { primaryRoleMembers = getRoleService() .findRoleMembers( QueryByCriteria.Builder.fromPredicates( predicates.toArray(new Predicate[predicates.size()]))) .getResults(); } else { // get the keys (name) of the qualifiers needed for membership in this role List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch(); if (CollectionUtils.isNotEmpty(attributesForExactMatch)) { if (attributesForExactMatch.size() <= 1) { for (Map.Entry<String, String> qualificationEntry : qualification.entrySet()) { // do not add a qualification predicate for an attribute unless it is required for // matching if (attributesForExactMatch.contains(qualificationEntry.getKey())) { predicates.add( equal( "attributes[" + qualificationEntry.getKey() + "]", qualificationEntry.getValue())); } } primaryRoleMembers = getRoleService() .findRoleMembers( QueryByCriteria.Builder.fromPredicates( predicates.toArray(new Predicate[predicates.size()]))) .getResults(); } else { // rice's transformation doesn't work with more than one attribute. // here is a terrible hack List<RoleMember> intersectedMembers = null; for (Map.Entry<String, String> qualificationEntry : qualification.entrySet()) { // do not add a qualification predicate for an attribute unless it is required for // matching if (attributesForExactMatch.contains(qualificationEntry.getKey())) { Predicate attrPredicates = equal( "attributes[" + qualificationEntry.getKey() + "]", qualificationEntry.getValue()); Predicate[] tempPredicates = predicates.toArray(new Predicate[predicates.size() + 1]); tempPredicates[predicates.size()] = attrPredicates; List<RoleMember> tempMembers = new ArrayList<RoleMember>( getRoleService() .findRoleMembers( QueryByCriteria.Builder.fromPredicates(tempPredicates)) .getResults()); if (intersectedMembers == null) { intersectedMembers = new ArrayList<>(); intersectedMembers.addAll(tempMembers); } else { intersectedMembers = intersect(intersectedMembers, tempMembers); } } } primaryRoleMembers = intersectedMembers; } } } } } else { // for derived roles just add the as-of date and active only flag to a copy of the // qualification Map<String, String> derivedRoleQualification = new HashMap<String, String>(qualification); derivedRoleQualification.put("asOfDate", asOfDate.toString()); derivedRoleQualification.put("activeOnly", String.valueOf(isActiveOnly)); List<RoleMembership> derivedRoleMembers = roleTypeService.getRoleMembersFromDerivedRole( role.getNamespaceCode(), role.getName(), derivedRoleQualification); // convert the role memberships into role members for (RoleMembership derivedRoleMember : derivedRoleMembers) { RoleMember roleMember = RoleMember.Builder.create( derivedRoleMember.getRoleId(), derivedRoleMember.getId(), derivedRoleMember.getMemberId(), derivedRoleMember.getType(), null, null, derivedRoleMember.getQualifier(), role.getName(), role.getNamespaceCode()) .build(); primaryRoleMembers.add(roleMember); } } } return primaryRoleMembers; }
/** * Helper method to recursively search for role members. * * @param role The role * @param qualification The map of role qualifiers * @param asOfDate The effective date of the role * @param activeOnly or not to get only active role members * @return the list of role members in {@code role}. */ private List<RoleMember> getRoleMembers( Role role, Map<String, String> qualification, DateTime asOfDate, boolean activeOnly) { List<RoleMember> roleMembers = new ArrayList<RoleMember>(); if (asOfDate == null) { asOfDate = LocalDate.now().toDateTimeAtStartOfDay(); } if (role != null) { RoleTypeService roleTypeService = getRoleTypeService(role); if (roleTypeService == null || !roleTypeService.isDerivedRoleType()) { List<RoleMember> primaryRoleMembers = getPrimaryRoleMembers(role, qualification, asOfDate, activeOnly); if (CollectionUtils.isNotEmpty(primaryRoleMembers)) { // flatten into constituent group and principal role members for (RoleMember primaryRoleMember : primaryRoleMembers) { if (MemberType.PRINCIPAL.equals(primaryRoleMember.getType())) { roleMembers.add(primaryRoleMember); } else if (MemberType.GROUP.equals(primaryRoleMember.getType())) { roleMembers.add(primaryRoleMember); } else if (MemberType.ROLE.equals(primaryRoleMember.getType())) { // recursive call to get role members Map<String, String> copiedQualification = addCustomDerivedQualifications( primaryRoleMember.getAttributes(), asOfDate, activeOnly); List<RoleMembership> memberships = getRoleService() .getRoleMembers( Collections.singletonList(primaryRoleMember.getMemberId()), copiedQualification); for (RoleMembership membership : memberships) { RoleMember roleMember = RoleMember.Builder.create( membership.getRoleId(), membership.getId(), membership.getMemberId(), membership.getType(), null, null, membership.getQualifier(), "", "") .build(); roleMembers.add(roleMember); } } } } } else { Map<String, String> qual = addCustomDerivedQualifications(qualification, asOfDate, activeOnly); List<RoleMembership> derivedRoleMembers = roleTypeService.getRoleMembersFromDerivedRole( role.getNamespaceCode(), role.getName(), qual); if (CollectionUtils.isNotEmpty(derivedRoleMembers)) { for (RoleMembership derivedRoleMember : derivedRoleMembers) { RoleMember roleMember = RoleMember.Builder.create( derivedRoleMember.getRoleId(), derivedRoleMember.getId(), derivedRoleMember.getMemberId(), derivedRoleMember.getType(), null, null, derivedRoleMember.getQualifier(), role.getName(), role.getNamespaceCode()) .build(); roleMembers.add(roleMember); } } } } return roleMembers; }
/** Test of clear method, of class RoleAndPermissionServiceMockImpl. */ @Test public void testBasicOperations() { System.out.println("test basic operations"); // Make sure we have a handle on all the templates we need Template CAN_INVOKE_SERVICE_METHOD_TEMPLATE = this.permissionService.findPermTemplateByNamespaceCodeAndName( KimPermissionConstants.KS_ENRL_NAMESPACE, KimPermissionConstants.CAN_INVOKE_SERVICE_METHOD_TEMPLATE_NAME); assertNotNull(CAN_INVOKE_SERVICE_METHOD_TEMPLATE); Template OPEN_VIEW_TEMPLATE = this.permissionService.findPermTemplateByNamespaceCodeAndName( KimPermissionConstants.KR_KRAD_NAMESPACE, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME); assertNotNull(OPEN_VIEW_TEMPLATE); Template EDIT_VIEW_TEMPLATE = this.permissionService.findPermTemplateByNamespaceCodeAndName( KimPermissionConstants.KR_KRAD_NAMESPACE, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME); assertNotNull(EDIT_VIEW_TEMPLATE); // create permissions Permission CREATE_ACTIVITY_OFFERING_PERMISSION = this.createPermission( KimPermissionConstants.CREATE_ACTIVITYOFFERING_PERMISSION, CAN_INVOKE_SERVICE_METHOD_TEMPLATE, null); Permission CREATE_SOC_PERMISSION = this.createPermission( KimPermissionConstants.CREATE_SOC_PERMISSION, CAN_INVOKE_SERVICE_METHOD_TEMPLATE, null); Permission OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION = this.createPermission( KimPermissionConstants.OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION, OPEN_VIEW_TEMPLATE, CO_CREATE_MAINTENANCE_VIEW); Permission EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION = this.createPermission( KimPermissionConstants.EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION, EDIT_VIEW_TEMPLATE, CO_CREATE_MAINTENANCE_VIEW); Permission OPEN_VIEWS_FOR_SOC_PERMISSION = this.createPermission( KimPermissionConstants.OPEN_VIEWS_FOR_SOC_PERMISSION, OPEN_VIEW_TEMPLATE, ROLLOVER_MANAGEMENT_VIEW); Permission EDIT_VIEWS_FOR_SOC_PERMISSION = this.createPermission( KimPermissionConstants.EDIT_VIEWS_FOR_SOC_PERMISSION, EDIT_VIEW_TEMPLATE, ROLLOVER_MANAGEMENT_VIEW); // create some roles Role CENTRAL_ADMIN_ROLE = createRole( KimPermissionConstants.KS_ENRL_NAMESPACE, KimPermissionConstants.KUALI_STUDENT_COURSE_OFFERING_CENTRAL_ADMIN_ROLE_NAME, KimPermissionConstants.DEFAULT_KIM_TYPE_ID); Role DEPT_ADMIN_ROLE = createRole( KimPermissionConstants.KS_ENRL_NAMESPACE, KimPermissionConstants.KUALI_STUDENT_COURSE_OFFERING_DEPARTMENTAL_ADMIN_ROLE_NAME, KimPermissionConstants.DEFAULT_KIM_TYPE_ID); // Assign some permissions to some roles this.roleService.assignPermissionToRole( CREATE_ACTIVITY_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( CREATE_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( CREATE_ACTIVITY_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( OPEN_VIEWS_FOR_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( EDIT_VIEWS_FOR_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId()); this.roleService.assignPermissionToRole( OPEN_VIEWS_FOR_SOC_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId()); List<String> roleIds = this.permissionService.getRoleIdsForPermission( CREATE_ACTIVITY_OFFERING_PERMISSION.getNamespaceCode(), CREATE_ACTIVITY_OFFERING_PERMISSION.getName()); assertEquals(2, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId())); roleIds = this.permissionService.getRoleIdsForPermission( CREATE_SOC_PERMISSION.getNamespaceCode(), CREATE_SOC_PERMISSION.getName()); assertEquals(1, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); roleIds = this.permissionService.getRoleIdsForPermission( OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getNamespaceCode(), OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getName()); assertEquals(2, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId())); roleIds = this.permissionService.getRoleIdsForPermission( EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getNamespaceCode(), EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getName()); assertEquals(2, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId())); roleIds = this.permissionService.getRoleIdsForPermission( OPEN_VIEWS_FOR_SOC_PERMISSION.getNamespaceCode(), OPEN_VIEWS_FOR_SOC_PERMISSION.getName()); assertEquals(2, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId())); roleIds = this.permissionService.getRoleIdsForPermission( EDIT_VIEWS_FOR_SOC_PERMISSION.getNamespaceCode(), EDIT_VIEWS_FOR_SOC_PERMISSION.getName()); assertEquals(1, roleIds.size()); assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId())); // assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId())); this.assignPrincipal2Role(CENTRAL_ADMIN1, CENTRAL_ADMIN_ROLE, null); this.assignPrincipal2Role(DEPT_ADMIN1, DEPT_ADMIN_ROLE, "ENGL"); this.assignPrincipal2Role(DEPT_ADMIN2, DEPT_ADMIN_ROLE, "PHYS"); this.assignPrincipal2Role(DEPT_ADMIN3, DEPT_ADMIN_ROLE, "ENGL"); this.assignPrincipal2Role(DEPT_ADMIN3, DEPT_ADMIN_ROLE, "PHYS"); // check is auth by template assertTrue( isAuthorizedByTemplate( CENTRAL_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW)); assertTrue( isAuthorizedByTemplate( CENTRAL_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW)); assertTrue( isAuthorizedByTemplate( CENTRAL_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW)); assertTrue( isAuthorizedByTemplate( CENTRAL_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW)); assertTrue( isAuthorizedByTemplate( DEPT_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW)); assertTrue( isAuthorizedByTemplate( DEPT_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW)); assertTrue( isAuthorizedByTemplate( DEPT_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW)); assertFalse( isAuthorizedByTemplate( DEPT_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW)); assertTrue(isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL")); assertTrue(isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS")); assertTrue(isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH")); assertTrue(isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL")); assertFalse(isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS")); assertFalse(isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH")); assertFalse(isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL")); assertTrue(isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS")); assertFalse(isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH")); assertTrue(isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL")); assertTrue(isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS")); assertFalse(isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH")); }
private Role createRole(String namespaceCode, String name, String kimTypeId) { Role.Builder bldr = Role.Builder.create(); bldr.setNamespaceCode(namespaceCode); bldr.setName(name); bldr.setKimTypeId(kimTypeId); bldr.setActive(true); Role fromCreate = this.roleService.createRole(bldr.build()); assertEquals(namespaceCode, fromCreate.getNamespaceCode()); assertEquals(name, fromCreate.getName()); assertEquals(kimTypeId, fromCreate.getKimTypeId()); assertNotNull(fromCreate.getId()); assertNotNull(fromCreate.getVersionNumber()); assertTrue(fromCreate.isActive()); assertNull(fromCreate.getDescription()); bldr = Role.Builder.create(fromCreate); bldr.setDescription(namespaceCode + " " + name); Role fromUpdate = this.roleService.updateRole(bldr.build()); assertEquals(fromCreate.getNamespaceCode(), fromUpdate.getNamespaceCode()); assertEquals(fromCreate.getName(), fromUpdate.getName()); assertEquals(fromCreate.getId(), fromUpdate.getId()); assertNotSame(fromCreate.getVersionNumber(), fromUpdate.getVersionNumber()); assertEquals(fromCreate.isActive(), fromUpdate.isActive()); assertEquals(bldr.getDescription(), fromUpdate.getDescription()); Role fromGet = this.roleService.getRole(fromUpdate.getId()); assertEquals(fromUpdate.getNamespaceCode(), fromGet.getNamespaceCode()); assertEquals(fromUpdate.getName(), fromGet.getName()); assertEquals(fromUpdate.getKimTypeId(), fromGet.getKimTypeId()); assertEquals(fromUpdate.getId(), fromGet.getId()); assertEquals(fromUpdate.getVersionNumber(), fromGet.getVersionNumber()); assertEquals(fromUpdate.isActive(), fromGet.isActive()); assertEquals(fromUpdate.getDescription(), fromGet.getDescription()); Role fromFind = this.roleService.getRoleByNamespaceCodeAndName(namespaceCode, name); assertEquals(fromUpdate.getNamespaceCode(), fromFind.getNamespaceCode()); assertEquals(fromUpdate.getName(), fromFind.getName()); assertEquals(fromUpdate.getKimTypeId(), fromFind.getKimTypeId()); assertEquals(fromUpdate.getId(), fromFind.getId()); assertEquals(fromUpdate.getVersionNumber(), fromFind.getVersionNumber()); assertEquals(fromUpdate.isActive(), fromFind.isActive()); assertEquals(fromUpdate.getDescription(), fromFind.getDescription()); // TODO: test update return fromFind; }
@RequestMapping(method = RequestMethod.POST, params = "methodToCall=addAlertLine") public ModelAndView addAlertLine( @ModelAttribute("KualiForm") DocumentFormBase formBase, BindingResult result, HttpServletRequest request, HttpServletResponse response) { String selectedCollectionPath = formBase.getActionParamaterValue(UifParameters.SELLECTED_COLLECTION_PATH); if (StringUtils.isBlank(selectedCollectionPath)) { throw new RuntimeException( "Selected collection was not set for add line action, cannot add new line"); } CollectionGroup collectionGroup = formBase.getPostedView().getViewIndex().getCollectionGroupByPath(selectedCollectionPath); String addLinePath = collectionGroup.getAddLineBindingInfo().getBindingPath(); Object addLine = ObjectPropertyUtils.getPropertyValue(formBase, addLinePath); ModelAndView modelAndView = super.addLine(formBase, result, request, response); List<String> principalIds = new ArrayList<String>(); MaintenanceDocumentForm maintenanceDocumentForm = (MaintenanceDocumentForm) modelAndView.getModel().get("KualiForm"); OlePersistableBusinessObjectBase olePersistableBusinessObjectBase = (OlePersistableBusinessObjectBase) maintenanceDocumentForm.getDocument().getNewMaintainableObject().getDataObject(); AlertBo alertBo = olePersistableBusinessObjectBase.getAlertBoList().get(0); olePersistableBusinessObjectBase.getAlertBoList().remove(0); if (StringUtils.isBlank(alertBo.getReceivingGroupId()) && StringUtils.isBlank(alertBo.getReceivingUserId()) && StringUtils.isBlank(alertBo.getReceivingRoleId()) && StringUtils.isBlank(alertBo.getReceivingGroupId()) && StringUtils.isEmpty(alertBo.getReceivingUserName()) && StringUtils.isEmpty(alertBo.getReceivingRoleName()) && StringUtils.isEmpty(alertBo.getReceivingGroupName())) { GlobalVariables.getMessageMap() .putErrorForSectionId("OLE-AlertSection", OLEConstants.SELECT_USER); return modelAndView; } alertBo.setAlertCreateDate(new Date(System.currentTimeMillis())); alertBo.setAlertInitiatorId(GlobalVariables.getUserSession().getPrincipalId()); alertBo.setAlertInitiatorName( alertService.getName(GlobalVariables.getUserSession().getPrincipalId())); String status = null; if (alertBo.getAlertDate() != null) { Date alertDate = alertBo.getAlertDate(); if (alertDate.toString().equals(new Date(System.currentTimeMillis()).toString())) { status = "Active"; } else { int dateCompare = alertBo.getAlertDate().compareTo(new Date(System.currentTimeMillis())); if (dateCompare > 0) { status = "Future"; } else if (dateCompare < 0) { status = "Complete"; } } } alertBo.setStatus(status); alertBo.setAlertStatus(true); List<AlertBo> alerts = new ArrayList<AlertBo>(); if (StringUtils.isNotBlank(alertBo.getReceivingUserId()) && (alertBo.getReceivingUserName() == null || (alertBo.getReceivingUserName() != null && alertBo.getReceivingUserName().trim().isEmpty()))) { alertBo.setReceivingUserName(alertService.getName(alertBo.getReceivingUserId())); } if (StringUtils.isBlank(alertBo.getReceivingUserId()) && (alertBo.getReceivingUserName() != null && !alertBo.getReceivingUserName().trim().isEmpty())) { alertBo.setReceivingUserId(alertService.getPersonId(alertBo.getReceivingUserName())); } if (StringUtils.isNotBlank(alertBo.getReceivingUserId())) { principalIds.add(alertBo.getReceivingUserId()); } alerts.addAll(alertService.getAlertBo(alertBo, principalIds, false, false)); principalIds = new ArrayList<String>(); if (StringUtils.isNotBlank(alertBo.getReceivingGroupId()) && (alertBo.getReceivingGroupName() == null || (alertBo.getReceivingGroupName() != null && alertBo.getReceivingGroupName().trim().isEmpty()))) { alertBo.setReceivingGroupName(alertService.getGroupName(alertBo.getReceivingGroupId())); } if (StringUtils.isBlank(alertBo.getReceivingGroupId()) && (alertBo.getReceivingGroupName() != null && !alertBo.getReceivingGroupName().trim().isEmpty())) { alertBo.setReceivingGroupId(alertService.getGroupId((alertBo.getReceivingUserName()))); } if (StringUtils.isNotBlank(alertBo.getReceivingGroupId())) { List<String> memberIds = groupService.getMemberPrincipalIds(alertBo.getReceivingGroupId()); principalIds.addAll(memberIds); } alerts.addAll(alertService.getAlertBo(alertBo, principalIds, false, true)); principalIds = new ArrayList<String>(); if (StringUtils.isNotBlank(alertBo.getReceivingRoleId()) && (alertBo.getReceivingRoleName() == null || (alertBo.getReceivingRoleName() != null && alertBo.getReceivingRoleName().trim().isEmpty()))) { alertBo.setReceivingRoleName(alertService.getRoleName(alertBo.getReceivingRoleId())); } if (StringUtils.isBlank(alertBo.getReceivingRoleId()) && (alertBo.getReceivingRoleName() != null && !alertBo.getReceivingRoleName().trim().isEmpty())) { alertBo.setReceivingRoleId(alertService.getRoleId((alertBo.getReceivingRoleName()))); } if (StringUtils.isNotBlank(alertBo.getReceivingRoleId())) { List<String> roleIds = new ArrayList<String>(); roleIds.add(alertBo.getReceivingRoleId()); Role role = roleService.getRole(alertBo.getReceivingRoleId()); Collection collection = (Collection) roleService.getRoleMemberPrincipalIds( role.getNamespaceCode(), role.getName(), new HashMap<String, String>()); List<String> memberIds = new ArrayList<String>(); memberIds.addAll(collection); principalIds.addAll(memberIds); } alerts.addAll(alertService.getAlertBo(alertBo, principalIds, true, false)); olePersistableBusinessObjectBase.getAlertBoList().addAll(alerts); if (StringUtils.isBlank(alertBo.getReceivingUserId()) && StringUtils.isNotBlank(alertBo.getReceivingGroupId())) { olePersistableBusinessObjectBase.getAlertBoList().remove(0); } if (StringUtils.isNotBlank(alertBo.getReceivingUserId()) && StringUtils.isNotBlank(alertBo.getReceivingGroupId())) { alertBo.setReceivingGroupName(null); alertBo.setReceivingGroupId(null); } return modelAndView; }