/kns/src/main/java/org/kuali/rice/kns/kim/role/RoleTypeServiceBase.java

https://github.com/sbower/kuali-rice-1 · Java · 249 lines · 156 code · 37 blank · 56 comment · 45 complexity · ebdf68df5ae47e677559720a5f98843d MD5 · raw file 

    

  1. /*
    2. 

  2.  * Copyright 2007-2008 The Kuali Foundation
    3. 

  3.  *
    4. 

  4.  * Licensed under the Educational Community License, Version 2.0 (the "License");
    5. 

  5.  * you may not use this file except in compliance with the License.
    6. 

  6.  * You may obtain a copy of the License at
    7. 

  7.  *
    8. 

  8.  * http://www.opensource.org/licenses/ecl2.php
    9. 

  9.  *
    10. 

  10.  * Unless required by applicable law or agreed to in writing, software
    11. 

  11.  * distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.  * See the License for the specific language governing permissions and
    14. 

  14.  * limitations under the License.
    15. 

  15.  */
    16. 

  16. package org.kuali.rice.kns.kim.role;
    17. 

  17. 

  18. import org.apache.commons.lang.StringUtils;
    19. 

  19. import org.kuali.rice.core.api.exception.RiceIllegalArgumentException;
    20. 

  20. import org.kuali.rice.kim.api.role.Role;
    21. 

  21. import org.kuali.rice.kim.api.role.RoleMembership;
    22. 

  22. import org.kuali.rice.kim.framework.common.delegate.DelegationTypeService;
    23. 

  23. import org.kuali.rice.kim.framework.role.RoleTypeService;
    24. 

  24. import org.kuali.rice.kns.kim.type.DataDictionaryTypeServiceBase;
    25. 

  25. 

  26. import java.util.ArrayList;
    27. 

  27. import java.util.Collections;
    28. 

  28. import java.util.HashMap;
    29. 

  29. import java.util.List;
    30. 

  30. import java.util.Map;
    31. 

  31. 

  32. /**
    33. 

  33.  * @deprecated A krad integrated type service base class will be provided in the future.
    34. 

  34.  */
    35. 

  35. @Deprecated
    36. 

  36. public class RoleTypeServiceBase extends DataDictionaryTypeServiceBase implements RoleTypeService, DelegationTypeService {
    37. 

  37. 	
    38. 

  38. 	/**
    39. 

  39. 	 * Performs a simple check that the qualifier on the role matches the qualification.
    40. 

  40. 	 * Extra qualification attributes are ignored.
    41. 

  41. 	 */
    42. 

  42.     @Override
    43. 

  43. 	public boolean doesRoleQualifierMatchQualification(Map<String, String> qualification, Map<String, String> roleQualifier) {
    44. 

  44. 		if (qualification == null) {
    45. 

  45.             throw new RiceIllegalArgumentException("qualification was null or blank");
    46. 

  46.         }
    47. 

  47. 

  48.         if (roleQualifier == null) {
    49. 

  49.             throw new RiceIllegalArgumentException("roleQualifier was null or blank");
    50. 

  50.         }
    51. 

  51. 

  52.         Map<String, String> translatedQualification = translateInputAttributes(qualification);
    53. 

  53. 		validateRequiredAttributesAgainstReceived(translatedQualification);
    54. 

  54. 		return performMatch(translatedQualification, roleQualifier);
    55. 

  55. 	}
    56. 

  56. 	
    57. 

  57.     @Override
    58. 

  58. 	public List<RoleMembership> getMatchingRoleMemberships(Map<String, String> qualification,
    59. 

  59.             List<RoleMembership> roleMemberList) {
    60. 

  60. 		if (qualification == null) {
    61. 

  61.             throw new RiceIllegalArgumentException("qualification was null or blank");
    62. 

  62.         }
    63. 

  63. 

  64.         if (roleMemberList == null) {
    65. 

  65.             throw new RiceIllegalArgumentException("roleMemberList was null or blank");
    66. 

  66.         }
    67. 

  67. 

  68.         Map<String, String> translatedQualification = translateInputAttributes(qualification);
    69. 

  69. 		validateRequiredAttributesAgainstReceived(translatedQualification);
    70. 

  70. 		List<RoleMembership> matchingMemberships = new ArrayList<RoleMembership>();
    71. 

  71. 		for ( RoleMembership roleMembership : roleMemberList ) {
    72. 

  72. 			if ( performMatch( translatedQualification, roleMembership.getQualifier() ) ) {
    73. 

  73. 				matchingMemberships.add( roleMembership );
    74. 

  74. 			}
    75. 

  75. 		}
    76. 

  76. 		return Collections.unmodifiableList(matchingMemberships);
    77. 

  77. 	}
    78. 

  78. 

  79. 	/**
    80. 

  80. 	 * Return an empty list since this method should not be called by the role service for this service type.
    81. 

  81. 	 * Subclasses which are application role types should override this method.
    82. 

  82. 	 *
    83. 

  83. 	 */
    84. 

  84. 	protected List<RoleMembership> getRoleMembersFromApplicationRole(String namespaceCode, String roleName, Map<String, String> qualification) {
    85. 

  85. 

  86.         if (StringUtils.isBlank(namespaceCode)) {
    87. 

  87.             throw new RiceIllegalArgumentException("namespaceCode was null or blank");
    88. 

  88.         }
    89. 

  89. 

  90.         if (StringUtils.isBlank(roleName)) {
    91. 

  91.             throw new RiceIllegalArgumentException("roleName was null or blank");
    92. 

  92.         }
    93. 

  93. 

  94.         if (qualification == null) {
    95. 

  95.             throw new RiceIllegalArgumentException("qualification was null or blank");
    96. 

  96.         }
    97. 

  97. 

  98.         validateRequiredAttributesAgainstReceived(qualification);
    99. 

  99. 		if ( !isApplicationRoleType() ) {
    100. 

  100. 			throw new UnsupportedOperationException( this.getClass().getName() + " is not an application role." );
    101. 

  101. 		} else {
    102. 

  102. 			throw new UnsupportedOperationException( this.getClass().getName() + " is an application role type but has not overridden this method." );
    103. 

  103. 		}
    104. 

  104. 	}
    105. 

  105. 

  106. 	/**
    107. 

  107. 	 * This simple initial implementation just calls  
    108. 

  108. 	 * {@link #getRoleMembersFromApplicationRole(String, String, Map<String, String>)} and checks the results.
    109. 

  109. 	 *
    110. 

  110. 	 */
    111. 

  111.     @Override
    112. 

  112. 	public boolean hasApplicationRole(String principalId, List<String> groupIds, String namespaceCode, String roleName, Map<String, String> qualification) {
    113. 

  113. 	    if (StringUtils.isBlank(principalId)) {
    114. 

  114.             throw new RiceIllegalArgumentException("principalId was null or blank");
    115. 

  115.         }
    116. 

  116. 

  117.         if (groupIds == null) {
    118. 

  118.             throw new RiceIllegalArgumentException("groupIds was null or blank");
    119. 

  119.         }
    120. 

  120. 

  121.         if (StringUtils.isBlank(namespaceCode)) {
    122. 

  122.             throw new RiceIllegalArgumentException("namespaceCode was null or blank");
    123. 

  123.         }
    124. 

  124. 

  125.         if (StringUtils.isBlank(roleName)) {
    126. 

  126.             throw new RiceIllegalArgumentException("roleName was null or blank");
    127. 

  127.         }
    128. 

  128. 

  129.         if (qualification == null) {
    130. 

  130.             throw new RiceIllegalArgumentException("qualification was null or blank");
    131. 

  131.         }
    132. 

  132. 

  133.         if ( !isApplicationRoleType() ) {
    134. 

  134. 			throw new UnsupportedOperationException( this.getClass().getName() + " is not an application role." );
    135. 

  135. 		}
    136. 

  136. 		// if principal ID given, check if it is in the list generated from the getPrincipalIdsFromApplicationRole method
    137. 

  137. 		if ( StringUtils.isNotBlank( principalId ) ) {
    138. 

  138. 		    List<RoleMembership> members = getRoleMembersFromApplicationRole(namespaceCode, roleName, qualification);
    139. 

  139. 		    for ( RoleMembership rm : members ) {
    140. 

  140. 		    	if ( StringUtils.isBlank( rm.getRoleMemberId() ) ) {
    141. 

  141. 		    		continue;
    142. 

  142. 		    	}
    143. 

  143. 		        if ( rm.getMemberTypeCode().equals( Role.PRINCIPAL_MEMBER_TYPE ) ) {
    144. 

  144. 		            if ( rm.getMemberId().equals( principalId ) ) {
    145. 

  145. 		                return true;
    146. 

  146. 		            }
    147. 

  147. 		        } else { // groups
    148. 

  148. 		            if ( groupIds != null 
    149. 

  149. 		                    && groupIds.contains(rm.getMemberId())) {
    150. 

  150. 		                return true;
    151. 

  151. 		            }
    152. 

  152. 		        }
    153. 

  153. 			}
    154. 

  154. 		}
    155. 

  155. 		return false;
    156. 

  156. 	}
    157. 

  157. 	
    158. 

  158. 	/**
    159. 

  159. 	 * Default to not being an application role type.  Always returns false.
    160. 

  160. 	 * 
    161. 

  161. 	 * @see org.kuali.rice.kim.framework.role.RoleTypeService#isApplicationRoleType()
    162. 

  162. 	 */
    163. 

  163.     @Override
    164. 

  164. 	public boolean isApplicationRoleType() {
    165. 

  165. 		return false;
    166. 

  166. 	}
    167. 

  167. 		
    168. 

  168. 	/**
    169. 

  169. 	 * This base implementation simply returns the passed in Attributes.
    170. 

  170. 	 * 
    171. 

  171. 	 * @see org.kuali.rice.kim.framework.role.RoleTypeService#convertQualificationForMemberRoles(String, String, String, String, Map<String, String>)
    172. 

  172. 	 */
    173. 

  173.     @Override
    174. 

  174. 	public Map<String, String> convertQualificationForMemberRoles(String namespaceCode, String roleName, String memberRoleNamespaceCode, String memberRoleName, Map<String, String> qualification) {
    175. 

  175. 

  176.         if (StringUtils.isBlank(namespaceCode)) {
    177. 

  177.             throw new RiceIllegalArgumentException("namespaceCode was null or blank");
    178. 

  178.         }
    179. 

  179. 

  180.         if (StringUtils.isBlank(roleName)) {
    181. 

  181.             throw new RiceIllegalArgumentException("roleName was null or blank");
    182. 

  182.         }
    183. 

  183. 

  184.         if (StringUtils.isBlank(memberRoleNamespaceCode)) {
    185. 

  185.             throw new RiceIllegalArgumentException("memberRoleNamespaceCode was null or blank");
    186. 

  186.         }
    187. 

  187. 

  188.         if (StringUtils.isBlank(memberRoleName)) {
    189. 

  189.             throw new RiceIllegalArgumentException("memberRoleName was null or blank");
    190. 

  190.         }
    191. 

  191. 

  192.         if (qualification == null) {
    193. 

  193.             throw new RiceIllegalArgumentException("qualification was null or blank");
    194. 

  194.         }
    195. 

  195. 

  196.         return Collections.unmodifiableMap(new HashMap<String, String>(qualification));
    197. 

  197. 	}
    198. 

  198. 	
    199. 

  199. 	/**
    200. 

  200. 	 * Base implementation: no sorting.  Just returns the input list.
    201. 

  201. 	 */
    202. 

  202. 	protected List<RoleMembership> sortRoleMembers(List<RoleMembership> roleMembers) {
    203. 

  203. 		return Collections.unmodifiableList(new ArrayList<RoleMembership>(roleMembers));
    204. 

  204. 	}
    205. 

  205. 	
    206. 

  206. 	/**
    207. 

  207. 	 * Performs a simple check that the qualifier on the delegation matches the qualification.
    208. 

  208. 	 * Extra qualification attributes are ignored.
    209. 

  209. 	 *
    210. 

  210. 	 */
    211. 

  211.     @Override
    212. 

  212. 	public boolean doesDelegationQualifierMatchQualification(Map<String, String> qualification, Map<String, String> roleQualifier) {
    213. 

  213. 		if (qualification == null) {
    214. 

  214.             throw new RiceIllegalArgumentException("qualification was null or blank");
    215. 

  215.         }
    216. 

  216. 

  217.         if (roleQualifier == null) {
    218. 

  218.             throw new RiceIllegalArgumentException("roleQualifier was null or blank");
    219. 

  219.         }
    220. 

  220. 

  221.         Map<String, String> translatedQualification = translateInputAttributes(qualification);
    222. 

  222. 		validateRequiredAttributesAgainstReceived(translatedQualification);
    223. 

  223. 		return performMatch(translatedQualification, roleQualifier);
    224. 

  224. 	}
    225. 

  225. 

  226. 	/**
    227. 

  227. 	 * Returns true as a default
    228. 

  228. 	 * 
    229. 

  229. 	 * @see org.kuali.rice.kim.framework.role.RoleTypeService#dynamicRoleMembership(java.lang.String, java.lang.String)
    230. 

  230. 	 */
    231. 

  231.     @Override
    232. 

  232. 	public boolean dynamicRoleMembership(String namespaceCode, String roleName) {
    233. 

  233. 		if (StringUtils.isBlank(namespaceCode)) {
    234. 

  234.             throw new RiceIllegalArgumentException("namespaceCode was null or blank");
    235. 

  235.         }
    236. 

  236. 

  237.         if (StringUtils.isBlank(roleName)) {
    238. 

  238.             throw new RiceIllegalArgumentException("roleName was null or blank");
    239. 

  239.         }
    240. 

  240. 

  241.         return true;
    242. 

  242. 	}
    243. 

  243. 

  244.     @Override
    245. 

  245. 	public List<String> getQualifiersForExactMatch() {    
    246. 

  246. 		return Collections.emptyList();
    247. 

  247. 	}
    248. 

  248. 	
    249. 

  249. }
    250.