protected boolean hasModifyS2sEnroutePermission(Document document, Person user) {
DocumentRequestAuthorizationCache documentRequestAuthorizationCache =
getDocumentRequestAuthorizationCache(document);
final String cacheKey =
buildPermissionCacheKey(document, user, PermissionConstants.MODIFY_S2S_ENROUTE);
Boolean cachedResult = getCachedPermissionResult(document, cacheKey);
boolean hasS2sPermission;
if (cachedResult != null) {
hasS2sPermission = cachedResult;
} else {
ProposalDevelopmentDocument pdDocument = (ProposalDevelopmentDocument) document;
hasS2sPermission =
getKcAuthorizationService()
.hasPermission(
user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_S2S_ENROUTE);
}
final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document);
final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal();
if (proposal.isChild() && hasS2sPermission) {
final Document parent = proposal.getParent().getDocument();
final String parentResultCacheKey =
buildPermissionCacheKey(parent, user, PermissionConstants.MODIFY_S2S_ENROUTE);
documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey);
hasS2sPermission = isAuthorizedToModifyBudget(parent, user);
}
addCachedPermissionResult(document, cacheKey, hasS2sPermission);
return hasS2sPermission;
}
@Override
public Set<String> getEditModes(Document document, Person user, Set<String> currentEditModes) {
Set<String> editModes = new HashSet<>();
ProposalDevelopmentDocument proposalDoc = (ProposalDevelopmentDocument) document;
DevelopmentProposal developmentProposal = proposalDoc.getDevelopmentProposal();
String proposalNbr = developmentProposal.getProposalNumber();
// The getEditMode() method is invoked when a proposal is accessed for creation and when it
// is accessed for modification. New proposals under creation don't have a proposal number.
// For a new proposal, we have to know if the user has the permission to create a proposal.
// For a current proposal, we have to know if the user the permission to modify or view the
// proposal.
if (proposalNbr == null) {
if (isAuthorizedToCreate(document, user)) {
editModes.add(AuthorizationConstants.EditMode.FULL_ENTRY);
setPermissions(user, proposalDoc, editModes);
} else {
editModes.add(AuthorizationConstants.EditMode.UNVIEWABLE);
}
} else {
if (canEdit(document, user)) {
editModes.add(AuthorizationConstants.EditMode.FULL_ENTRY);
setPermissions(user, proposalDoc, editModes);
} else if (isAuthorizedToView(document, user)) {
editModes.add(AuthorizationConstants.EditMode.VIEW_ONLY);
setPermissions(user, proposalDoc, editModes);
} else {
editModes.add(AuthorizationConstants.EditMode.UNVIEWABLE);
}
}
return editModes;
}
@Transactional
@RequestMapping(
value = "/proposalDevelopment",
params = {"methodToCall=viewUserAttachedFormPDF"})
public ModelAndView viewUserAttachedFormPDF(
ProposalDevelopmentDocumentForm form,
HttpServletResponse response,
@RequestParam("selectedLine") String selectedLine)
throws Exception {
DevelopmentProposal developmentProposal = form.getDevelopmentProposal();
List<S2sUserAttachedForm> s2sAttachedForms = developmentProposal.getS2sUserAttachedForms();
S2sUserAttachedForm selectedForm = s2sAttachedForms.get(Integer.parseInt(selectedLine));
S2sUserAttachedFormFileContract userAttachedFormFile =
getUserAttachedFormService().findUserAttachedFormFile(selectedForm);
if (userAttachedFormFile != null) {
ControllerFileUtils.streamToResponse(
userAttachedFormFile.getFormFile(),
selectedForm.getFormFileName(),
CONTENT_TYPE_PDF,
response);
} else {
return getModelAndViewService().getModelAndView(form);
}
return null;
}
@Override
protected void prepareData(ProposalDevelopmentDocument document) throws Exception {
DevelopmentProposal developmentProposal = document.getDevelopmentProposal();
ProposalType type = new ProposalType();
type.setCode("5");
developmentProposal.setProposalType(type);
ProposalYnq proposalYnq = new ProposalYnq();
proposalYnq.setAnswer("Y");
proposalYnq.setQuestionId("21");
Ynq ynq = new Ynq();
ynq.setQuestionId("21");
ynq.setGroupName("groupName");
ynq.setDescription("description");
ynq.setEffectiveDate(new Date(1));
ynq.setNoOfAnswers(1);
ynq.setQuestionType("A");
ynq.setStatus("A");
proposalYnq.setYnq(ynq);
saveBO(ynq);
ProposalYnq proposalYnq1 = new ProposalYnq();
proposalYnq1.setAnswer("Y");
proposalYnq1.setQuestionId("FG");
Ynq ynq1 = new Ynq();
ynq1.setQuestionId("FG");
ynq1.setGroupName("groupName1");
ynq1.setDescription("description1");
ynq1.setEffectiveDate(new Date(1));
ynq1.setNoOfAnswers(1);
ynq1.setQuestionType("B");
ynq1.setStatus("B");
proposalYnq1.setYnq(ynq1);
saveBO(ynq1);
List<ProposalYnq> ynqList = new ArrayList<ProposalYnq>();
ynqList.add(proposalYnq);
ynqList.add(proposalYnq1);
proposalYnq.setProposalNumber(document.getDevelopmentProposal().getProposalNumber());
proposalYnq1.setProposalNumber(document.getDevelopmentProposal().getProposalNumber());
developmentProposal.setProposalYnqs(ynqList);
ProposalAbstract propsAbstract = new ProposalAbstract();
propsAbstract.setAbstractTypeCode("15");
propsAbstract.setAbstractDetails("details details");
propsAbstract.setProposalNumber(document.getDevelopmentProposal().getProposalNumber());
ProposalAbstract propsAbstract1 = new ProposalAbstract();
propsAbstract1.setAbstractTypeCode("12");
propsAbstract1.setAbstractDetails("details details1");
propsAbstract1.setProposalNumber(document.getDevelopmentProposal().getProposalNumber());
List<ProposalAbstract> proList = new ArrayList<ProposalAbstract>();
proList.add(propsAbstract);
proList.add(propsAbstract1);
developmentProposal.setProposalAbstracts(proList);
document.setDevelopmentProposal(developmentProposal);
}
/** Create the mock services and insert them into the protocol auth service. */
@Before
public void setUp() throws Exception {
fundingSponsorSourceType = new FundingSourceType();
fundingSponsorSourceType.setFundingSourceTypeCode(FundingSourceType.SPONSOR);
fundingSponsorSourceType.setFundingSourceTypeFlag(true);
fundingSponsorSourceType.setDescription("Sponsor");
fundingUnitSourceType = new FundingSourceType();
fundingUnitSourceType.setFundingSourceTypeCode(FundingSourceType.UNIT);
fundingUnitSourceType.setFundingSourceTypeFlag(true);
fundingUnitSourceType.setDescription("Unit");
fundingOtherSourceType = new FundingSourceType();
fundingOtherSourceType.setFundingSourceTypeCode(FundingSourceType.OTHER);
fundingOtherSourceType.setFundingSourceTypeFlag(true);
fundingOtherSourceType.setDescription("Other");
fundingDevProposalSourceType = new FundingSourceType();
fundingDevProposalSourceType.setFundingSourceTypeCode(FundingSourceType.PROPOSAL_DEVELOPMENT);
fundingDevProposalSourceType.setFundingSourceTypeFlag(true);
fundingDevProposalSourceType.setDescription("Proposal Development");
fundingInstProposalSourceType = new FundingSourceType();
fundingInstProposalSourceType.setFundingSourceTypeCode(
FundingSourceType.INSTITUTIONAL_PROPOSAL);
fundingInstProposalSourceType.setFundingSourceTypeFlag(true);
fundingInstProposalSourceType.setDescription("Institutional Proposal");
fundingAwardSourceType = new FundingSourceType();
fundingAwardSourceType.setFundingSourceTypeCode(FundingSourceType.AWARD);
fundingAwardSourceType.setFundingSourceTypeFlag(true);
fundingAwardSourceType.setDescription("Award");
// sponsorGood = new Sponsor();
// sponsorGood.setSponsorName(sponsorNameAirForce);
// sponsorGood.setSponsorCode(SPONSOR_NUMBER_AIR_FORCE);
sponsorGood =
KcServiceLocator.getService(SponsorService.class).getSponsor(SPONSOR_NUMBER_AIR_FORCE);
sponsorNameAirForce = sponsorGood.getSponsorName();
devProposalGood = new DevelopmentProposal();
devProposalGood.setTitle(DEV_PROPOSAL_TITLE_GOOD);
devProposalGood.setSponsorCode(sponsorGood.getSponsorCode());
instProposalGood = new InstitutionalProposal();
instProposalGood.setTitle(INST_PROPOSAL_TITLE_GOOD);
instProposalGood.setSponsorCode(sponsorGood.getSponsorCode());
awardGood = new Award();
awardGood.setTitle(AWARD_TITLE_GOOD);
awardGood.setSponsorCode(sponsorGood.getSponsorCode());
}
protected boolean hasPermissionByOwnedByUnit(Document document, Person user) {
final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document);
final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal();
String unitNumber = proposal.getOwnedByUnitNumber();
// If the unit number is not specified, we will let the save operation continue because it
// will fail with an error. But if the user tries to save a proposal for a wrong unit, then
// we will indicate that the user does not have permission to do that.
return (unitNumber != null
&& getUnitAuthorizationService()
.hasPermission(
user.getPrincipalId(),
unitNumber,
Constants.MODULE_NAMESPACE_PROPOSAL_DEVELOPMENT,
PermissionConstants.CREATE_PROPOSAL)
|| unitNumber == null);
}
protected boolean canSaveCertification(ProposalDevelopmentDocument document, Person user) {
final DevelopmentProposal proposal = document.getDevelopmentProposal();
DocumentRequestAuthorizationCache documentRequestAuthorizationCache =
getDocumentRequestAuthorizationCache(document);
boolean hasSaveCertificationPermission;
final String saveCertificationCacheKey =
buildPermissionCacheKey(document, user, SAVE_CERTIFICATION);
if (documentRequestAuthorizationCache.hasPermissionResult(saveCertificationCacheKey)) {
hasSaveCertificationPermission =
documentRequestAuthorizationCache.getPermissionResult(saveCertificationCacheKey);
} else {
hasSaveCertificationPermission =
isProposalStateEditableForCertification(document.getDevelopmentProposal())
&& document
.getDevelopmentProposal()
.getProposalPersons()
.stream()
.filter(
person ->
getProposalDevelopmentPermissionsService()
.hasCertificationPermissions(document, user, person))
.anyMatch(person -> true);
}
if (proposal.isChild() && hasSaveCertificationPermission) {
final Document parent = proposal.getParent().getDocument();
final String parentResultCacheKey = buildPermissionCacheKey(parent, user, SAVE_CERTIFICATION);
documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey);
hasSaveCertificationPermission =
canSaveCertification((ProposalDevelopmentDocument) parent, user);
}
documentRequestAuthorizationCache.addPermissionResult(
saveCertificationCacheKey, hasSaveCertificationPermission);
return hasSaveCertificationPermission;
}
protected void populateRequiredFields(
Protocol protocol, ProposalDevelopmentDocument proposalDocument) throws Exception {
DevelopmentProposal developmentProposal = proposalDocument.getDevelopmentProposal();
developmentProposal.setTitle(protocol.getTitle());
developmentProposal.setOwnedByUnit(protocol.getLeadUnit().getUnit());
developmentProposal.setOwnedByUnitNumber(protocol.getLeadUnitNumber());
developmentProposal.setRequestedStartDateInitial(new Date(System.currentTimeMillis()));
ParameterService parameterService = KcServiceLocator.getService(ParameterService.class);
String projectEndDateParameter =
parameterService.getParameterValueAsString(
ProtocolDocument.class,
ProtocolProposalDevelopmentDocumentService.PROJECT_END_DATE_NUMBER_OF_YEARS);
int numberOfYears = Integer.parseInt(projectEndDateParameter);
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.YEAR, numberOfYears);
calendar.add(Calendar.DATE, -1);
Date projectEndDate = new Date(calendar.getTimeInMillis());
developmentProposal.setRequestedEndDateInitial(projectEndDate);
String activityTypeCode =
ProposalDevelopmentUtils.getProposalDevelopmentDocumentParameter(
ProposalDevelopmentUtils.ACTIVITY_TYPE_CODE_RESEARCH_PARM);
String proposalTypeCode =
ProposalDevelopmentUtils.getProposalDevelopmentDocumentParameter(
ProposalDevelopmentUtils.PROPOSAL_TYPE_CODE_NEW_PARM);
developmentProposal.setActivityTypeCode(activityTypeCode);
developmentProposal.setProposalTypeCode(proposalTypeCode);
// find sponsor from funding source
List<ProtocolFundingSourceBase> protocolFundingSources = protocol.getProtocolFundingSources();
ProtocolFundingSource sponsorProtocolFundingSource = null;
for (ProtocolFundingSourceBase protocolFundingSource : protocolFundingSources) {
if (protocolFundingSource.isSponsorFunding()) {
sponsorProtocolFundingSource = (ProtocolFundingSource) protocolFundingSource;
break;
}
}
if (sponsorProtocolFundingSource != null) {
developmentProposal.setSponsorCode(sponsorProtocolFundingSource.getFundingSourceNumber());
}
}
protected boolean isAuthorizedToModifyBudget(Document document, Person user) {
final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document);
final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal();
DocumentRequestAuthorizationCache documentRequestAuthorizationCache =
getDocumentRequestAuthorizationCache(pdDocument);
boolean hasModifyBudgetPermission;
final String modifyBudgetCacheKey = buildPermissionCacheKey(pdDocument, user, MODIFY_BUDGET);
if (documentRequestAuthorizationCache.hasPermissionResult(modifyBudgetCacheKey)) {
hasModifyBudgetPermission =
documentRequestAuthorizationCache.getPermissionResult(modifyBudgetCacheKey);
} else {
hasModifyBudgetPermission =
getKcAuthorizationService()
.hasPermission(user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_BUDGET);
}
boolean rejectedDocument =
getKcDocumentRejectionService()
.isDocumentOnInitialNode(pdDocument.getDocumentHeader().getWorkflowDocument());
hasModifyBudgetPermission =
((!getKcWorkflowService().isInWorkflow(pdDocument) || rejectedDocument)
&& hasModifyBudgetPermission);
if (proposal.isChild() && hasModifyBudgetPermission) {
final Document parent = proposal.getParent().getDocument();
final String parentResultCacheKey = buildPermissionCacheKey(parent, user, MODIFY_BUDGET);
documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey);
hasModifyBudgetPermission = isAuthorizedToModifyBudget(parent, user);
}
documentRequestAuthorizationCache.addPermissionResult(
modifyBudgetCacheKey, hasModifyBudgetPermission);
return hasModifyBudgetPermission;
}
/**
* Constructs a ProposalPersonModuleQuestionnaireBean.java.
*
* @param developmentProposal
* @param person
*/
public ProposalPersonModuleQuestionnaireBean(
DevelopmentProposal developmentProposal, ProposalPerson person) {
super(
CoeusModule.PROPOSAL_DEVELOPMENT_MODULE_CODE,
person.getUniqueId(),
getSubModuleItemCode(person.getProposalPersonRoleId()),
person.getPersonId() != null ? person.getPersonId() : "0",
developmentProposal
.getProposalDocument()
.getDocumentHeader()
.getWorkflowDocument()
.isApproved());
setDevelopmentProposal(developmentProposal);
}
@Override
public List<? extends AbstractUnitAdministrator> getUnitAdministrators(
Map<String, String> qualifiers) {
String proposalNumber = qualifiers.get(KcKimAttributes.PROPOSAL);
List<UnitAdministrator> result = new ArrayList<UnitAdministrator>();
if (proposalNumber != null) {
DevelopmentProposal proposal =
getDataObjectService().find(DevelopmentProposal.class, proposalNumber);
HashSet<String> units = new HashSet<String>();
for (ProposalPerson person : proposal.getProposalPersons()) {
for (ProposalPersonUnit unit : person.getUnits()) {
units.add(unit.getUnitNumber());
}
}
for (String unit : units) {
if (StringUtils.isNotBlank(unit)) {
result.addAll(unitService.retrieveUnitAdministratorsByUnitNumber(unit));
}
}
}
return result;
}
protected boolean isAuthorizedToMaintainProposalHierarchy(Document document, Person user) {
final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document);
final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal();
DocumentRequestAuthorizationCache documentRequestAuthorizationCache =
getDocumentRequestAuthorizationCache(pdDocument);
boolean hasMaintainProposalHierarchyPermission;
final String cacheKey =
buildPermissionCacheKey(pdDocument, user, PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY);
if (documentRequestAuthorizationCache.hasPermissionResult(cacheKey)) {
hasMaintainProposalHierarchyPermission =
documentRequestAuthorizationCache.getPermissionResult(cacheKey);
} else {
hasMaintainProposalHierarchyPermission =
getKcAuthorizationService()
.hasPermission(
user.getPrincipalId(),
pdDocument,
PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY);
}
if (proposal.isChild() && hasMaintainProposalHierarchyPermission) {
final Document parent = proposal.getParent().getDocument();
final String parentResultCacheKey =
buildPermissionCacheKey(parent, user, PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY);
documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey);
hasMaintainProposalHierarchyPermission = isAuthorizedToModifyBudget(parent, user);
}
documentRequestAuthorizationCache.addPermissionResult(
cacheKey, hasMaintainProposalHierarchyPermission);
return hasMaintainProposalHierarchyPermission;
}
protected boolean isAuthorizedToModify(Document document, Person user) {
DocumentRequestAuthorizationCache documentRequestAuthorizationCache =
getDocumentRequestAuthorizationCache(document);
final String resultCacheKey = buildPermissionCacheKey(document, user, IS_AUTHORIZED_TO_MODIFY);
if (documentRequestAuthorizationCache.hasPermissionResult(resultCacheKey)) {
return documentRequestAuthorizationCache.getPermissionResult(resultCacheKey);
}
final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document);
final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal();
if (!isEditableState(proposal.getProposalStateTypeCode())) {
return false;
}
final String proposalNbr = proposal.getProposalNumber();
boolean hasPermission;
if (proposalNbr == null) {
hasPermission = hasPermissionByOwnedByUnit(document, user);
} else {
/*
* After the initial save, the proposal can only be modified if it is not in workflow
* and the user has the require permission.
*/
final boolean hasBeenRejected =
ProposalState.REVISIONS_REQUESTED.equals(proposal.getProposalStateTypeCode());
hasPermission =
!pdDocument.isViewOnly()
&& getKcAuthorizationService()
.hasPermission(
user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_PROPOSAL)
&& (!getKcWorkflowService().isInWorkflow(document) || hasBeenRejected)
&& !proposal.getSubmitFlag();
}
if (proposal.isChild() && hasPermission) {
final Document parent = proposal.getParent().getDocument();
final String parentResultCacheKey =
buildPermissionCacheKey(parent, user, IS_AUTHORIZED_TO_MODIFY);
documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey);
hasPermission = isAuthorizedToModify(parent, user);
}
documentRequestAuthorizationCache.addPermissionResult(resultCacheKey, hasPermission);
return hasPermission;
}
protected boolean isProposalStateEditableForCertification(
DevelopmentProposal developmentProposal) {
return getProposalStatesEditableForCertification()
.contains(developmentProposal.getProposalStateTypeCode());
}
@Transactional
@RequestMapping(
value = "/proposalDevelopment",
params = {"methodToCall=refresh", "refreshCaller=S2sOpportunity-LookupView"})
public ModelAndView refresh(
@ModelAttribute("KualiForm") ProposalDevelopmentDocumentForm form,
BindingResult result,
HttpServletRequest request,
HttpServletResponse response)
throws Exception {
ProposalDevelopmentDocument document = form.getProposalDevelopmentDocument();
DevelopmentProposal proposal = document.getDevelopmentProposal();
if (form.getNewS2sOpportunity() != null
&& StringUtils.isNotEmpty(form.getNewS2sOpportunity().getOpportunityId())) {
proposal.setS2sOpportunity(form.getNewS2sOpportunity());
proposal.getS2sOpportunity().setDevelopmentProposal(proposal);
// Set default S2S Submission Type
if (StringUtils.isBlank(form.getNewS2sOpportunity().getS2sSubmissionTypeCode())) {
String defaultS2sSubmissionTypeCode =
getProposalTypeService().getDefaultSubmissionTypeCode(proposal.getProposalTypeCode());
proposal.getS2sOpportunity().setS2sSubmissionTypeCode(defaultS2sSubmissionTypeCode);
getDataObjectService()
.wrap(proposal.getS2sOpportunity())
.fetchRelationship("s2sSubmissionType");
}
final String opportunityTitle = form.getNewS2sOpportunity().getOpportunityTitle();
String trimmedTitle =
StringUtils.substring(
opportunityTitle, 0, ProposalDevelopmentConstants.S2sConstants.OPP_TITLE_MAX_LENGTH);
// Set Opportunity Title and Opportunity ID in the Sponsor & Program Information section
proposal.setProgramAnnouncementTitle(trimmedTitle);
proposal.setCfdaNumber(form.getNewS2sOpportunity().getCfdaNumber());
proposal.setProgramAnnouncementNumber(form.getNewS2sOpportunity().getOpportunityId());
form.setNewS2sOpportunity(new S2sOpportunity());
}
S2sOpportunity s2sOpportunity = proposal.getS2sOpportunity();
try {
if (s2sOpportunity != null && s2sOpportunity.getSchemaUrl() != null) {
List<String> missingMandatoryForms =
s2sSubmissionService.setMandatoryForms(proposal, s2sOpportunity);
if (!CollectionUtils.isEmpty(missingMandatoryForms)) {
globalVariableService
.getMessageMap()
.putError(
Constants.NO_FIELD,
KeyConstants.ERROR_IF_OPPORTUNITY_ID_IS_INVALID,
s2sOpportunity.getOpportunityId(),
StringUtils.join(missingMandatoryForms, ","));
proposal.setS2sOpportunity(null);
}
}
} catch (S2sCommunicationException ex) {
if (ex.getErrorKey().equals(KeyConstants.ERROR_GRANTSGOV_NO_FORM_ELEMENT)) {
ex.setMessage(s2sOpportunity.getOpportunityId());
}
globalVariableService
.getMessageMap()
.putError(Constants.NO_FIELD, ex.getErrorKey(), ex.getMessageWithParams());
proposal.setS2sOpportunity(new S2sOpportunity());
}
super.save(form, result, request, response);
return getRefreshControllerService().refresh(form);
}
