@Override
public boolean isAuthorized(String username, IacucProtocolTask task) {
ProtocolBase protocol = task.getProtocol();
return !(kraWorkflowService.isInWorkflow(protocol.getProtocolDocument())
&& kraWorkflowService.isCurrentNode(
protocol.getProtocolDocument(), Constants.PROTOCOL_IACUCREVIEW_ROUTE_NODE_NAME)
&& canExecuteAction(protocol, IacucProtocolActionType.ASSIGNED_TO_AGENDA)
&& isAssignedToCommittee(protocol))
&& hasPermission(username, protocol, PermissionConstants.PERFORM_IACUC_ACTIONS_ON_PROTO);
}
@Override
public boolean isAuthorized(String userId, ProtocolTask task) {
ProtocolDocument protocolDocument = (ProtocolDocument) task.getProtocol().getProtocolDocument();
return kraWorkflowService.isUserActionRequested(protocolDocument, userId)
&& (!kraWorkflowService.isDocumentOnNode(
protocolDocument, Constants.PROTOCOL_IRBREVIEW_ROUTE_NODE_NAME)
|| (kraWorkflowService.isUserAdHocRequestRecipient(protocolDocument, userId, null)
&& !kraWorkflowService.isUserRouteRespRequestRecipient(
protocolDocument, userId, null)));
}
public boolean isAuthorized(String userId, Task task) {
AwardBudgetTask budgetTask = (AwardBudgetTask) task;
AwardBudgetDocument budgetDocument = budgetTask.getAwardBudgetDocument();
return !budgetDocument.isViewOnly()
&& !kraWorkflowService.isInWorkflow(budgetDocument)
&& hasUnitPermission(
userId,
budgetDocument.getLeadUnitNumber(),
Constants.MODULE_NAMESPACE_AWARD_BUDGET,
AwardPermissionConstants.MODIFY_AWARD_BUDGET.getAwardPermission());
}
@Override
public boolean isAuthorized(String userId, ProposalTask task) {
boolean hasPermission = true;
ProposalDevelopmentDocument doc = task.getDocument();
String proposalNbr = doc.getDevelopmentProposal().getProposalNumber();
if (proposalNbr == null) {
// We have to consider the case when we are saving the document for the first time.
String unitNumber = doc.getDevelopmentProposal().getOwnedByUnitNumber();
// If the unit number is not specified, we will let the save operation continue because it
// will fail with an error. But if the user tries to save a proposal for a wrong unit, then
// we will indicate that the user does not have permission to do that.
if (unitNumber != null) {
UnitAuthorizationService auth = KcServiceLocator.getService(UnitAuthorizationService.class);
hasPermission =
auth.hasPermission(
userId,
unitNumber,
Constants.MODULE_NAMESPACE_PROPOSAL_DEVELOPMENT,
PermissionConstants.CREATE_PROPOSAL);
}
} else {
/*
* After the initial save, the proposal can have new notes added by users with the modify proposal role.
*/
hasPermission =
hasProposalPermission(userId, doc, PermissionConstants.VIEW_PROPOSAL)
|| kraWorkflowService.hasWorkflowPermission(userId, doc);
}
return hasPermission;
}
public boolean isAuthorized(String userId, ProposalTask task) {
ProposalDevelopmentDocument doc = task.getDocument();
return !kraWorkflowService.isInWorkflow(doc)
&& hasProposalPermission(userId, doc, PermissionConstants.SUBMIT_PROPOSAL)
&& !doc.getDevelopmentProposal().isChild();
}
/**
* After the initial save, the award can only be modified has the required permission.
*
* @param userId
* @param award
* @return
*/
protected boolean canUserModifyAward(String userId, Award award, AwardDocument doc) {
return !award.getAwardDocument().isViewOnly()
&& hasPermission(userId, award, AwardPermissionConstants.MODIFY_AWARD.getAwardPermission())
&& !kraWorkflowService.isInWorkflow(doc);
}