001    /*
002     * Copyright 2011 The Kuali Foundation.
003     * 
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     * 
008     * http://www.opensource.org/licenses/ecl2.php
009     * 
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.kfs.sys.batch.service.impl;
017    
018    import java.io.File;
019    import java.util.List;
020    
021    import org.kuali.kfs.sys.FinancialSystemModuleConfiguration;
022    import org.kuali.kfs.sys.KFSConstants;
023    import org.kuali.kfs.sys.batch.BatchFile;
024    import org.kuali.kfs.sys.batch.BatchFileUtils;
025    import org.kuali.kfs.sys.batch.service.BatchFileAdminAuthorizationService;
026    import org.kuali.kfs.sys.context.SpringContext;
027    import org.kuali.rice.kim.bo.Person;
028    import org.kuali.rice.kim.bo.impl.KimAttributes;
029    import org.kuali.rice.kim.bo.types.dto.AttributeSet;
030    import org.kuali.rice.kim.service.IdentityManagementService;
031    import org.kuali.rice.kim.util.KimConstants;
032    import org.kuali.rice.kns.bo.ModuleConfiguration;
033    import org.kuali.rice.kns.service.KualiModuleService;
034    import org.kuali.rice.kns.service.ModuleService;
035    import org.kuali.rice.kns.util.KNSConstants;
036    
037    public class BatchFileAdminAuthorizationServiceImpl implements BatchFileAdminAuthorizationService {
038    
039        private IdentityManagementService identityManagementService;
040        private KualiModuleService kualiModuleService;
041        
042        public boolean canDownload(BatchFile batchFile, Person user) {
043            return getIdentityManagementService().isAuthorizedByTemplateName(user.getPrincipalId(),
044                    KNSConstants.KNS_NAMESPACE, KFSConstants.PermissionTemplate.VIEW_BATCH_FILES.name,
045                    generateDownloadCheckPermissionDetails(batchFile, user), generateDownloadCheckRoleQualifiers(batchFile, user));
046        }
047    
048        public boolean canDelete(BatchFile batchFile, Person user) {
049            return getIdentityManagementService().isAuthorizedByTemplateName(user.getPrincipalId(),
050                    KNSConstants.KNS_NAMESPACE, KFSConstants.PermissionTemplate.VIEW_BATCH_FILES.name,
051                    generateDownloadCheckPermissionDetails(batchFile, user), generateDownloadCheckRoleQualifiers(batchFile, user));
052        }
053        
054        protected String determineNamespaceCode(BatchFile batchFile) {
055            for (ModuleService moduleService : getKualiModuleService().getInstalledModuleServices()) {
056                ModuleConfiguration moduleConfiguration = moduleService.getModuleConfiguration();
057                if (moduleConfiguration instanceof FinancialSystemModuleConfiguration) {
058                    List<String> batchFileDirectories = ((FinancialSystemModuleConfiguration) moduleConfiguration).getBatchFileDirectories();
059                    for (String batchFileDirectoryName : batchFileDirectories) {
060                        File directory = new File(batchFileDirectoryName).getAbsoluteFile();
061                        if (BatchFileUtils.isSuperDirectoryOf(directory, batchFile.retrieveFile())) {
062                            return moduleConfiguration.getNamespaceCode();
063                        }
064                    }
065                }
066            }
067            return null;
068        }
069    
070        protected AttributeSet generateDownloadCheckPermissionDetails(BatchFile batchFile, Person user) {
071            return generatePermissionDetails(batchFile, user);
072        }
073        
074        protected AttributeSet generateDownloadCheckRoleQualifiers(BatchFile batchFile, Person user) {
075            return generateRoleQualifiers(batchFile, user);
076        }
077    
078        protected AttributeSet generateDeleteCheckPermissionDetails(BatchFile batchFile, Person user) {
079            return generatePermissionDetails(batchFile, user);
080        }
081        
082        protected AttributeSet generateDeleteCheckRoleQualifiers(BatchFile batchFile, Person user) {
083            return generateRoleQualifiers(batchFile, user);
084        }
085    
086        protected AttributeSet generatePermissionDetails(BatchFile batchFile, Person user) {
087            AttributeSet permissionDetails = new AttributeSet();
088            permissionDetails.put(KimAttributes.NAMESPACE_CODE, determineNamespaceCode(batchFile));
089            permissionDetails.put("filePath", batchFile.retrieveFile().getAbsolutePath());
090            return permissionDetails;
091        }
092        
093        protected AttributeSet generateRoleQualifiers(BatchFile batchFile, Person user) {
094            return new AttributeSet();
095        }
096        
097        protected IdentityManagementService getIdentityManagementService() {
098            if (identityManagementService == null) {
099                identityManagementService = SpringContext.getBean(IdentityManagementService.class);
100            }
101            return identityManagementService;
102        }
103    
104        public KualiModuleService getKualiModuleService() {
105            if (kualiModuleService == null) {
106                kualiModuleService = SpringContext.getBean(KualiModuleService.class);
107            }
108            return kualiModuleService;
109        }
110    }