@Override protected void populateAdHocActionRequestCodes(KualiDocumentFormBase formBase) { Document document = formBase.getDocument(); DocumentAuthorizer documentAuthorizer = getDocumentHelperService().getDocumentAuthorizer(document); Map<String, String> adHocActionRequestCodes = new HashMap<String, String>(); if (documentAuthorizer.canSendAdHocRequests( document, KewApiConstants.ACTION_REQUEST_FYI_REQ, GlobalVariables.getUserSession().getPerson())) { adHocActionRequestCodes.put( KewApiConstants.ACTION_REQUEST_FYI_REQ, KewApiConstants.ACTION_REQUEST_FYI_REQ_LABEL); } if ((document.getDocumentHeader().getWorkflowDocument().isInitiated() || document.getDocumentHeader().getWorkflowDocument().isSaved() || document.getDocumentHeader().getWorkflowDocument().isEnroute()) && documentAuthorizer.canSendAdHocRequests( document, KewApiConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, GlobalVariables.getUserSession().getPerson())) { adHocActionRequestCodes.put( KewApiConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ, KewApiConstants.ACTION_REQUEST_ACKNOWLEDGE_REQ_LABEL); } formBase.setAdHocActionRequestCodes(adHocActionRequestCodes); }
/** * This method check to see if the user can create the account maintenance document and set the * user session * * @param String principalId * @return boolean */ protected boolean isValidUser(String principalId) { PersonService personService = SpringContext.getBean(PersonService.class); if (principalId == null) { return false; } Person user = personService.getPerson(principalId); if (user == null) { return false; } DocumentAuthorizer documentAuthorizer = new MaintenanceDocumentAuthorizerBase(); if (documentAuthorizer.canInitiate( SpringContext.getBean(MaintenanceDocumentDictionaryService.class) .getDocumentTypeName(Account.class), user)) { // set the user session so that the user name can be displayed in the saved document GlobalVariables.setUserSession(new UserSession(user.getPrincipalName())); return true; } LOG.error( KcUtils.getErrorMessage( KcConstants.AccountCreationService.ERROR_KC_DOCUMENT_INVALID_USER, new String[] {principalId})); return false; }
@Override public boolean allowsNewOrCopyAction(String documentTypeName) { // TODO : to let it rendering 'create new' and 'edit'/'copy' button DocumentAuthorizer documentAuthorizer = getDocumentHelperService().getDocumentAuthorizer(documentTypeName); DocumentPresentationController documentPresentationController = getDocumentHelperService().getDocumentPresentationController(documentTypeName); // make sure this person is authorized to initiate Person currentUser = GlobalVariables.getUserSession().getPerson(); return documentPresentationController.canInitiate(documentTypeName) && documentAuthorizer.canInitiate(documentTypeName, currentUser); }
@SuppressWarnings("unchecked") @Override // Overriding this because KraTransactionalDocumentActionBase assumes the authorizer is of type // KcDocumentAuthorizerBase protected void populateAuthorizationFields(KualiDocumentFormBase formBase) { if (formBase.isFormDocumentInitialized()) { Document document = formBase.getDocument(); Person user = GlobalVariables.getUserSession().getPerson(); DocumentPresentationController documentPresentationController = KNSServiceLocator.getDocumentHelperService().getDocumentPresentationController(document); DocumentAuthorizer documentAuthorizer = getDocumentHelperService().getDocumentAuthorizer(document); Set<String> documentActions = documentPresentationController.getDocumentActions(document); documentActions = documentAuthorizer.getDocumentActions(document, user, documentActions); if (getDataDictionaryService() .getDataDictionary() .getDocumentEntry(document.getClass().getName()) .getUsePessimisticLocking()) { documentActions = getPessimisticLockService().getDocumentActions(document, user, documentActions); } Set<String> editModes = new HashSet<String>(); if (!documentAuthorizer.canOpen(document, user)) { editModes.add(AuthorizationConstants.EditMode.UNVIEWABLE); } else if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT)) { editModes.add(AuthorizationConstants.EditMode.FULL_ENTRY); } else { editModes.add(AuthorizationConstants.EditMode.VIEW_ONLY); } if (hasPermission("KC-IP", "Edit Institutional Proposal")) { editModes.add(MODIFY_IP); } Map editMode = this.convertSetToMap(editModes); if (getDataDictionaryService() .getDataDictionary() .getDocumentEntry(document.getClass().getName()) .getUsePessimisticLocking()) { editMode = getPessimisticLockService().establishLocks(document, editMode, user); } // We don't want to use KNS way to determine can edit document overview // It should be the same as can edit if (editMode.containsKey(AuthorizationConstants.EditMode.FULL_ENTRY)) { if (!documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW)) { documentActions.add(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW); } } else { if (documentActions.contains(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW)) { documentActions.remove(KRADConstants.KUALI_ACTION_CAN_EDIT_DOCUMENT_OVERVIEW); } } if (editMode.containsKey(AuthorizationConstants.EditMode.VIEW_ONLY) && !editMode.containsKey(MODIFY_IP) && documentActions.contains(KRADConstants.KUALI_ACTION_CAN_RELOAD)) { documentActions.remove(KRADConstants.KUALI_ACTION_CAN_RELOAD); } formBase.setDocumentActions(convertSetToMap(documentActions)); formBase.setEditingMode(editMode); } }