Example 1 with AccessSecurityService
use of org.kuali.kfs.sec.service.AccessSecurityService in project cu-kfs by CU-CommunityApps.
the class SecAccountingLineGroupImpl method initialize.
/**
* Performs access security edit check and sets edit flag on container line to false if access is not allowed or removes
* container if view is not allowed
*
* @see org.kuali.kfs.sys.document.web.DefaultAccountingLineGroupImpl#initialize(org.kuali.kfs.sys.document.datadictionary.AccountingLineGroupDefinition,
* org.kuali.kfs.sys.document.AccountingDocument, java.util.List, java.lang.String, java.lang.String, java.util.Map,
* java.util.Map, java.util.Map, boolean)
*/
@Override
public void initialize(AccountingLineGroupDefinition groupDefinition, AccountingDocument accountingDocument, List<RenderableAccountingLineContainer> containers, String collectionPropertyName, String collectionItemPropertyName, Map<String, Object> displayedErrors, Map<String, Object> displayedWarnings, Map<String, Object> displayedInfo, boolean canEdit) {
AccessSecurityService accessSecurityService = SpringContext.getBean(AccessSecurityService.class);
Person currentUser = GlobalVariables.getUserSession().getPerson();
// check view and edit access
List<RenderableAccountingLineContainer> unviewableContainers = new ArrayList<RenderableAccountingLineContainer>();
for (RenderableAccountingLineContainer container : containers) {
boolean lineHasError = false;
for (Object errorKeyAsObject : GlobalVariables.getMessageMap().getErrorMessages().keySet()) {
if (((String) errorKeyAsObject).startsWith(collectionItemPropertyName)) {
// collectionItemPropertyName is like 'document.item[0].sourceAccountingLine', it does not specify which acctline
if (accountingDocument instanceof PaymentRequestDocument) {
if (((String) errorKeyAsObject).startsWith(container.getAccountingLinePropertyPath())) {
lineHasError = true;
}
} else {
lineHasError = true;
}
}
}
if (lineHasError || container.isNewLine()) {
container.setEditableLine(true);
continue;
}
boolean viewAllowed = accessSecurityService.canViewDocumentAccountingLine(accountingDocument, container.getAccountingLine(), currentUser);
if (!viewAllowed) {
unviewableContainers.add(container);
hasViewRestrictions = true;
} else {
boolean editAllowed = accessSecurityService.canEditDocumentAccountingLine(accountingDocument, container.getAccountingLine(), currentUser);
if (container.isEditableLine() && !editAllowed) {
container.setEditableLine(false);
hasEditRestrictions = true;
}
}
}
// remove containers that are not viewable
for (RenderableAccountingLineContainer container : unviewableContainers) {
containers.remove(container);
}
super.initialize(groupDefinition, accountingDocument, containers, collectionPropertyName, collectionItemPropertyName, displayedErrors, displayedWarnings, displayedInfo, canEdit);
}
Also used :
AccessSecurityService(org.kuali.kfs.sec.service.AccessSecurityService)
ArrayList(java.util.ArrayList)
RenderableAccountingLineContainer(org.kuali.kfs.sys.document.web.RenderableAccountingLineContainer)
PaymentRequestDocument(org.kuali.kfs.module.purap.document.PaymentRequestDocument)
Person(org.kuali.rice.kim.api.identity.Person)
Aggregations
ArrayList (java.util.ArrayList)1
PaymentRequestDocument (org.kuali.kfs.module.purap.document.PaymentRequestDocument)1
AccessSecurityService (org.kuali.kfs.sec.service.AccessSecurityService)1
RenderableAccountingLineContainer (org.kuali.kfs.sys.document.web.RenderableAccountingLineContainer)1
Person (org.kuali.rice.kim.api.identity.Person)1
