protected boolean processBusinessRules(Document document) {
    boolean isValid = true;

    ElectronicInvoiceRejectDocument eirDocument = (ElectronicInvoiceRejectDocument) document;

    // check to see if the document is being researched
    if (eirDocument.isInvoiceResearchIndicator()) {
      GlobalVariables.getMessageMap()
          .putError(
              KFSConstants.DOCUMENT_ERRORS, PurapConstants.REJECT_DOCUMENT_RESEARCH_INCOMPETE);
      isValid = false;
    }

    if (!eirDocument.isDocumentCreationInProgress()) {
      isValid =
          isValid
              && SpringContext.getBean(ElectronicInvoiceHelperService.class)
                  .doMatchingProcess(eirDocument);
      if (isValid) {
        SpringContext.getBean(ElectronicInvoiceHelperService.class)
            .createPaymentRequest(eirDocument);
      }
    }

    return isValid;
  }
  /**
   * @see
   *     org.kuali.kfs.sys.document.service.impl.AccountingLineRuleHelperServiceImpl#isValidAccount(org.kuali.kfs.coa.businessobject.Account,
   *     org.kuali.rice.kns.datadictionary.DataDictionary, java.lang.String)
   */
  @Override
  public boolean isValidAccount(
      Account account, DataDictionary dataDictionary, String errorPropertyName) {
    String label = getAccountLabel();

    // make sure it exists
    if (ObjectUtils.isNull(account)) {
      GlobalVariables.getMessageMap()
          .putError(errorPropertyName, KFSKeyConstants.ERROR_EXISTENCE, label);
      return false;
    }

    return true;
  }
  /**
   * If user has permission to view notes/attachments then does further checks to verify there are
   * no access security restriction setup that prevents the user from viewing the notes/attachments
   *
   * @see
   *     org.kuali.rice.kns.document.authorization.DocumentAuthorizer#canViewNoteAttachment(org.kuali.rice.kns.document.Document,
   *     java.lang.String, org.kuali.rice.kim.bo.Person)
   */
  public boolean canViewNoteAttachment(Document document, String attachmentTypeCode, Person user) {
    AccessSecurityService securityService = SpringContext.getBean(AccessSecurityService.class);

    boolean canView = documentAuthorizer.canViewNoteAttachment(document, attachmentTypeCode, user);
    if (canView) {
      canView =
          securityService.canViewDocumentNotesAttachments((AccountingDocument) document, user);

      if (!canView) {
        GlobalVariables.getMessageMap()
            .putInfo(
                KFSConstants.GLOBAL_ERRORS,
                SecKeyConstants.MESSAGE_DOCUMENT_NOTES_RESTRICTED,
                (String) null);
      }
    }

    return canView;
  }
  /**
   * Validates before the document routes
   *
   * @see org.kuali.kfs.validation.Validation#validate(java.lang.Object[])
   */
  public boolean validate(AttributedDocumentEvent event) {
    boolean result = true;

    Document documentForValidation = getDocumentForValidation();

    LaborExpenseTransferDocumentBase expenseTransferDocument =
        (LaborExpenseTransferDocumentBase) documentForValidation;

    List sourceLines = expenseTransferDocument.getSourceAccountingLines();
    List targetLines = expenseTransferDocument.getTargetAccountingLines();

    // check to ensure totals of accounting lines in source and target sections match
    if (!isAccountingLineTotalsMatchByPayFYAndPayPeriod(sourceLines, targetLines)) {
      GlobalVariables.getMessageMap()
          .putError(
              KFSPropertyConstants.SOURCE_ACCOUNTING_LINES,
              LaborKeyConstants.ACCOUNTING_LINE_TOTALS_BY_PAYFY_PAYPERIOD_MISMATCH_ERROR);
      return false;
    }

    return result;
  }
  /**
   * If there are line restrictions and the initiator override flag is turned on, we need to disable
   * the copy and error correct buttons since those would result in documents displaying the
   * restricted lines
   *
   * @see
   *     org.kuali.rice.kns.document.authorization.DocumentAuthorizer#getDocumentActions(org.kuali.rice.kns.document.Document,
   *     org.kuali.rice.kim.bo.Person, java.util.Set)
   */
  public Set<String> getDocumentActions(
      Document document, Person user, Set<String> documentActions) {
    Set<String> documentActionsToReturn =
        documentAuthorizer.getDocumentActions(document, user, documentActions);

    AccessSecurityService securityService = SpringContext.getBean(AccessSecurityService.class);

    boolean alwaysAllowInitiatorAccess =
        SpringContext.getBean(ParameterService.class)
            .getIndicatorParameter(
                SecConstants.ACCESS_SECURITY_NAMESPACE_CODE,
                SecConstants.ALL_PARAMETER_DETAIL_COMPONENT,
                SecConstants.SecurityParameterNames.ALWAYS_ALLOW_INITIATOR_LINE_ACCESS_IND);
    if (alwaysAllowInitiatorAccess) {
      // determine if any lines are view restricted
      boolean hasViewRestrictions = false;

      AccountingDocument accountingDocument = (AccountingDocument) document;
      for (Iterator iterator = accountingDocument.getSourceAccountingLines().iterator();
          iterator.hasNext(); ) {
        AccountingLine line = (AccountingLine) iterator.next();
        if (!securityService.canViewDocumentAccountingLine(accountingDocument, line, user)) {
          hasViewRestrictions = true;
          break;
        }
      }

      if (!hasViewRestrictions) {
        for (Iterator iterator = accountingDocument.getTargetAccountingLines().iterator();
            iterator.hasNext(); ) {
          AccountingLine line = (AccountingLine) iterator.next();
          if (!securityService.canViewDocumentAccountingLine(accountingDocument, line, user)) {
            hasViewRestrictions = true;
            break;
          }
        }
      }

      // if we have restrictions then disable copy and error correction
      if (hasViewRestrictions) {
        if (documentActionsToReturn.contains(KNSConstants.KUALI_ACTION_CAN_COPY)) {
          documentActionsToReturn.remove(KNSConstants.KUALI_ACTION_CAN_COPY);
          GlobalVariables.getMessageMap()
              .putInfo(
                  KFSConstants.GLOBAL_ERRORS,
                  SecKeyConstants.MESSAGE_DOCUMENT_COPY_RESTRICTED,
                  (String) null);
        }

        if (documentActionsToReturn.contains(KFSConstants.KFS_ACTION_CAN_ERROR_CORRECT)) {
          documentActionsToReturn.remove(KFSConstants.KFS_ACTION_CAN_ERROR_CORRECT);
          GlobalVariables.getMessageMap()
              .putInfo(
                  KFSConstants.GLOBAL_ERRORS,
                  SecKeyConstants.MESSAGE_DOCUMENT_ERROR_CORRECT_RESTRICTED,
                  (String) null);
        }
      }
    }

    return documentActionsToReturn;
  }
예제 #6
0
  /**
   * @see
   *     org.kuali.ext.mm.service.ProfileService#isValidNewCustomerProfile(org.kuali.ext.mm.businessobject.Profile)
   */
  public boolean isValidNewCustomerProfile(Profile profile) {
    boolean isValid = true;
    FinancialDataService finDataService = SpringContext.getBean(FinancialDataService.class);

    if (!getAddressService().isPhoneNumberFormatValid(profile.getProfilePhoneNumber())) {
      GlobalVariables.getMessageMap()
          .putError(
              ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                  + "."
                  + MMConstants.Profile.PROFILE_PHONE_NUMBER,
              ShopCartKeyConstants.ERROR_PROFILE_PHONE_NUMBER);
      isValid = false;
    }

    if (!profile.isPersonalUseIndicator()) {
      if (StringUtils.isBlank(profile.getFinacialChartOfAccountsCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.FIN_COA_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_COA_CODE);
        isValid = false;
      } else {
        if (!finDataService.validateChart(profile.getFinacialChartOfAccountsCode())) {
          GlobalVariables.getMessageMap()
              .putError(
                  ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                      + "."
                      + MMConstants.Profile.FIN_COA_CODE,
                  ShopCartKeyConstants.ERROR_PROFILE_COA_CODE);
          isValid = false;
        }
      }
      if (StringUtils.isBlank(profile.getOrganizationCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.ORGANIZATION_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_ORG_CODE_BLANK,
                profile.getOrganizationCode());
        isValid = false;
      } else {
        if (!finDataService.validateOrg(
            profile.getFinacialChartOfAccountsCode(), profile.getOrganizationCode())) {
          GlobalVariables.getMessageMap()
              .putError(
                  ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                      + "."
                      + MMConstants.Profile.ORGANIZATION_CODE,
                  ShopCartKeyConstants.ERROR_PROFILE_ORG_CODE,
                  profile.getOrganizationCode(),
                  profile.getFinacialChartOfAccountsCode());
          isValid = false;
        }
      }
      if (StringUtils.isBlank(profile.getAccountNumber())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.ACCOUNT_NBR,
                ShopCartKeyConstants.ERROR_PROFILE_ACCOUNT_NUMBER);
        isValid = false;
      } else {
        if (!finDataService.validateAccount(
            profile.getFinacialChartOfAccountsCode(), profile.getAccountNumber())) {
          GlobalVariables.getMessageMap()
              .putError(
                  ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                      + "."
                      + MMConstants.Profile.ACCOUNT_NBR,
                  ShopCartKeyConstants.ERROR_PROFILE_ACCOUNT_NUMBER);
          isValid = false;
        } else {
          if (StringUtils.isNotBlank(profile.getSubAccountNumber())) {
            if (!finDataService.validateSubAccount(
                profile.getFinacialChartOfAccountsCode(),
                profile.getAccountNumber(),
                profile.getSubAccountNumber())) {
              GlobalVariables.getMessageMap()
                  .putError(
                      ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                          + "."
                          + MMConstants.Profile.SUB_ACCOUNT_NUMBER,
                      ShopCartKeyConstants.ERROR_PROFILE_SUB_ACCOUNT,
                      profile.getSubAccountNumber());
              isValid = false;
            }
          }
        }
      }
      if (StringUtils.isNotBlank(profile.getProjectCode())
          && !finDataService.validateProject(profile.getProjectCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.PROJECT_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_PROJECT_CODE,
                profile.getProjectCode());
        isValid = false;
      }
      if (StringUtils.isBlank(profile.getCampusCode()) || !isValidCampus(profile.getCampusCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.CAMPUS_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_CAMPUS_CODE);
        isValid = false;
      }
      if (StringUtils.isBlank(profile.getDeliveryBuildingCode())
          || !finDataService.validateBuilding(
              profile.getCampusCode(), profile.getDeliveryBuildingCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.DELIVERY_BUILDING_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_DELIVERY_BUILDING);
        isValid = false;
      }
      if (StringUtils.isBlank(profile.getDeliveryBuildingRoomNumber())
          || !finDataService.validateBuildingRoom(
              profile.getCampusCode(),
              profile.getDeliveryBuildingCode(),
              profile.getDeliveryBuildingRoomNumber())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.DELIVERY_BUILDING_ROOM,
                ShopCartKeyConstants.ERROR_PROFILE_DELIVERY_BUILDING_ROOM);
        isValid = false;
      }
      if (StringUtils.isBlank(profile.getBillingBuildingCode())
          || !finDataService.validateBuilding(
              profile.getCampusCode(), profile.getBillingBuildingCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                ShopCartConstants.ProfileForm.PROFILE_TO_EDIT
                    + "."
                    + MMConstants.Profile.BILLING_BUILDING_CODE,
                ShopCartKeyConstants.ERROR_PROFILE_BILLING_BUILDING);
        isValid = false;
      }
    }
    return isValid;
  }
  /**
   * Validates a definition assignment to the principal
   *
   * @param principalDefinition SecurityPrincipalDefinition to validate
   * @param errorKeyPrefix String errorPrefix to use if any errors are found
   * @return boolean true if validation was successful, false if there are errors
   */
  protected boolean validatePrincipalDefinition(
      SecurityPrincipalDefinition principalDefinition, String errorKeyPrefix) {
    boolean isValid = true;

    principalDefinition.refreshNonUpdateableReferences();

    if (ObjectUtils.isNull(principalDefinition.getSecurityDefinition())) {
      return false;
    }

    String attributeName =
        principalDefinition.getSecurityDefinition().getSecurityAttribute().getName();
    String attributeValue = principalDefinition.getAttributeValue();

    // if value is blank (which is allowed) no need to validate
    if (StringUtils.isBlank(attributeValue)) {
      return true;
    }

    // descend attributes do not allow multiple values or wildcards, and operator must be equal
    if (SecConstants.SecurityAttributeNames.CHART_DESCEND_HIERARCHY.equals(attributeName)
        || SecConstants.SecurityAttributeNames.ORGANIZATION_DESCEND_HIERARCHY.equals(
            attributeName)) {
      if (StringUtils.contains(
          attributeValue,
          SecConstants.SecurityValueSpecialCharacters.MULTI_VALUE_SEPERATION_CHARACTER)) {
        GlobalVariables.getMessageMap()
            .putError(
                errorKeyPrefix + SecPropertyConstants.ATTRIBUTE_VALUE,
                SecKeyConstants.ERROR_MODEL_DEFINITION_MULTI_ATTR_VALUE,
                attributeName);
        isValid = false;
      }

      if (StringUtils.contains(
          attributeValue, SecConstants.SecurityValueSpecialCharacters.WILDCARD_CHARACTER)) {
        GlobalVariables.getMessageMap()
            .putError(
                errorKeyPrefix + SecPropertyConstants.ATTRIBUTE_VALUE,
                SecKeyConstants.ERROR_MODEL_DEFINITION_WILDCARD_ATTR_VALUE,
                attributeName);
        isValid = false;
      }

      if (!SecConstants.SecurityDefinitionOperatorCodes.EQUAL.equals(
          principalDefinition.getOperatorCode())) {
        GlobalVariables.getMessageMap()
            .putError(
                errorKeyPrefix + SecPropertyConstants.OPERATOR_CODE,
                SecKeyConstants.ERROR_MODEL_DEFINITION_OPERATOR_CODE_NOT_EQUAL,
                attributeName);
        isValid = false;
      }
    }

    // validate attribute value for existence
    isValid =
        isValid
            && SecurityValidationUtil.validateAttributeValue(
                attributeName, attributeValue, errorKeyPrefix);

    return isValid;
  }