Search in sources :

Example 1 with AuthorizationException

use of org.kuali.kfs.krad.exception.AuthorizationException in project cu-kfs by CU-CommunityApps.

the class UserProcurementProfileAuthorizer method getDocumentActions.

@Override
public Set<String> getDocumentActions(Document document, Person user, Set<String> documentActions) {
    Set<String> documentActions1 = super.getDocumentActions(document, user, documentActions);
    if (documentActions1.contains(KRADConstants.KUALI_ACTION_CAN_EDIT) && !documentActions1.contains(KRADConstants.KUALI_ACTION_CAN_SAVE)) {
        documentActions1.add(KRADConstants.KUALI_ACTION_CAN_SAVE);
    }
    if (documentActions1.contains(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE)) {
        documentActions1.remove(KRADConstants.KUALI_ACTION_CAN_BLANKET_APPROVE);
    }
    if (documentActions1.contains(KRADConstants.KUALI_ACTION_CAN_EDIT)) {
        MaintenanceDocumentBase maintDoc = (MaintenanceDocumentBase) document;
        if (StringUtils.equals(maintDoc.getNewMaintainableObject().getMaintenanceAction(), KRADConstants.MAINTENANCE_EDIT_ACTION) || StringUtils.equals(maintDoc.getNewMaintainableObject().getMaintenanceAction(), KRADConstants.MAINTENANCE_COPY_ACTION)) {
            boolean hasRole = SpringContext.getBean(UserProcurementProfileValidationService.class).canMaintainUserProcurementProfile();
            UserProcurementProfile userProfile = (UserProcurementProfile) maintDoc.getNewMaintainableObject().getBusinessObject();
            if (!hasRole && (!StringUtils.equals(userProfile.getPrincipalId(), GlobalVariables.getUserSession().getPrincipalId()) || StringUtils.equals(maintDoc.getNewMaintainableObject().getMaintenanceAction(), KRADConstants.MAINTENANCE_COPY_ACTION))) {
                throw new AuthorizationException(user.getName(), maintDoc.getNewMaintainableObject().getMaintenanceAction(), " UserProcurementProfile");
            }
        }
    }
    return documentActions1;
}
Also used : AuthorizationException(org.kuali.kfs.krad.exception.AuthorizationException) MaintenanceDocumentBase(org.kuali.kfs.kns.document.MaintenanceDocumentBase) UserProcurementProfile(edu.cornell.kfs.sys.businessobject.UserProcurementProfile) UserProcurementProfileValidationService(edu.cornell.kfs.sys.service.UserProcurementProfileValidationService)

Example 2 with AuthorizationException

use of org.kuali.kfs.krad.exception.AuthorizationException in project cu-kfs by CU-CommunityApps.

the class FormatAction method execute.

/**
 * @see org.kuali.kfs.kns.web.struts.action.KualiAction#execute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 */
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
    PdpAuthorizationService authorizationService = SpringContext.getBean(PdpAuthorizationService.class);
    Person kualiUser = GlobalVariables.getUserSession().getPerson();
    String methodToCall = findMethodToCall(form, request);
    if (!authorizationService.hasFormatPermission(kualiUser.getPrincipalId())) {
        throw new AuthorizationException(kualiUser.getPrincipalName(), methodToCall, kualiUser.getCampusCode());
    }
    return super.execute(mapping, form, request, response);
}
Also used : AuthorizationException(org.kuali.kfs.krad.exception.AuthorizationException) PdpAuthorizationService(org.kuali.kfs.pdp.service.PdpAuthorizationService) Person(org.kuali.rice.kim.api.identity.Person)

Example 3 with AuthorizationException

use of org.kuali.kfs.krad.exception.AuthorizationException in project cu-kfs by CU-CommunityApps.

the class CuRequisitionAction method createReqFromIWantDoc.

/**
 * Creates a requisition document based on information from an I Want document.
 *
 * @param mapping
 * @param form
 * @param request
 * @param response
 * @return
 * @throws Exception
 */
@SuppressWarnings("deprecation")
public ActionForward createReqFromIWantDoc(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
    String iWantDocumentNumber = request.getParameter(KRADConstants.PARAMETER_DOC_ID);
    RequisitionForm requisitionForm = (RequisitionForm) form;
    IWantDocument iWantDocument = (IWantDocument) getDocumentService().getByDocumentHeaderId(iWantDocumentNumber);
    if (iWantDocument == null) {
        throw new WorkflowException("Could not find IWantDocument with ID '" + iWantDocumentNumber + "'");
    }
    // Make sure the user is authorized to create the req in this manner.
    TransactionalDocumentPresentationController pControl = (TransactionalDocumentPresentationController) getDocumentHelperService().getDocumentPresentationController(iWantDocument);
    TransactionalDocumentAuthorizer authorizer = (TransactionalDocumentAuthorizer) getDocumentHelperService().getDocumentAuthorizer(iWantDocument);
    Set<String> iwntEditModes = authorizer.getEditModes(iWantDocument, GlobalVariables.getUserSession().getPerson(), pControl.getEditModes(iWantDocument));
    if (!iwntEditModes.contains(CUPurapConstants.IWNT_DOC_CREATE_REQ)) {
        throw new AuthorizationException(GlobalVariables.getUserSession().getPrincipalId(), CUPurapConstants.IWNT_DOC_CREATE_REQ, CuRequisitionDocument.class.getSimpleName(), "user is not authorized to create requisitions from IWantDocument '" + iWantDocumentNumber + "'", Collections.<String, Object>emptyMap());
    }
    // Do not allow the req to be created if the IWNT doc is already associated with another req.
    if (iWantDocument != null && (StringUtils.isNotBlank(iWantDocument.getReqsDocId()) || StringUtils.isNotBlank(iWantDocument.getDvDocId()))) {
        throw new WorkflowException("Cannot create requisition from IWantDocument '" + iWantDocumentNumber + "' because a DV or Requisition has already been created from that document");
    }
    IWantDocumentService iWantDocumentService = SpringContext.getBean(IWantDocumentService.class);
    createDocument(requisitionForm);
    RequisitionDocument requisitionDocument = requisitionForm.getRequisitionDocument();
    iWantDocumentService.setUpRequisitionDetailsFromIWantDoc(iWantDocument, requisitionDocument, requisitionForm);
    // Set the requisition doc ID reference on the IWantDocument.
    iWantDocument.setReqsDocId(requisitionDocument.getDocumentNumber());
    SpringContext.getBean(PurapService.class).saveDocumentNoValidation(iWantDocument);
    return mapping.findForward(RiceConstants.MAPPING_BASIC);
}
Also used : CuRequisitionDocument(edu.cornell.kfs.module.purap.document.CuRequisitionDocument) RequisitionDocument(org.kuali.kfs.module.purap.document.RequisitionDocument) CuRequisitionDocument(edu.cornell.kfs.module.purap.document.CuRequisitionDocument) PurapService(org.kuali.kfs.module.purap.document.service.PurapService) AuthorizationException(org.kuali.kfs.krad.exception.AuthorizationException) WorkflowException(org.kuali.rice.kew.api.exception.WorkflowException) RequisitionForm(org.kuali.kfs.module.purap.document.web.struts.RequisitionForm) TransactionalDocumentPresentationController(org.kuali.kfs.kns.document.authorization.TransactionalDocumentPresentationController) TransactionalDocumentAuthorizer(org.kuali.kfs.kns.document.authorization.TransactionalDocumentAuthorizer) IWantDocument(edu.cornell.kfs.module.purap.document.IWantDocument) IWantDocumentService(edu.cornell.kfs.module.purap.document.service.IWantDocumentService)

Aggregations

AuthorizationException (org.kuali.kfs.krad.exception.AuthorizationException)3 CuRequisitionDocument (edu.cornell.kfs.module.purap.document.CuRequisitionDocument)1 IWantDocument (edu.cornell.kfs.module.purap.document.IWantDocument)1 IWantDocumentService (edu.cornell.kfs.module.purap.document.service.IWantDocumentService)1 UserProcurementProfile (edu.cornell.kfs.sys.businessobject.UserProcurementProfile)1 UserProcurementProfileValidationService (edu.cornell.kfs.sys.service.UserProcurementProfileValidationService)1 MaintenanceDocumentBase (org.kuali.kfs.kns.document.MaintenanceDocumentBase)1 TransactionalDocumentAuthorizer (org.kuali.kfs.kns.document.authorization.TransactionalDocumentAuthorizer)1 TransactionalDocumentPresentationController (org.kuali.kfs.kns.document.authorization.TransactionalDocumentPresentationController)1 RequisitionDocument (org.kuali.kfs.module.purap.document.RequisitionDocument)1 PurapService (org.kuali.kfs.module.purap.document.service.PurapService)1 RequisitionForm (org.kuali.kfs.module.purap.document.web.struts.RequisitionForm)1 PdpAuthorizationService (org.kuali.kfs.pdp.service.PdpAuthorizationService)1 WorkflowException (org.kuali.rice.kew.api.exception.WorkflowException)1 Person (org.kuali.rice.kim.api.identity.Person)1