Examples with AccountingLineAuthorizer org.kuali.kfs.sys.document.authorization.AccountingLineAuthorizer used on opensource projects

Example 1 with AccountingLineAuthorizer

use of org.kuali.kfs.sys.document.authorization.AccountingLineAuthorizer in project cu-kfs by CU-CommunityApps.

the class AccountingLineAccessibleValidation method validate.

/**
 * Validates that the given accounting line is accessible for editing by the current user.
 * <strong>This method expects a document as the first parameter and an accounting line as the second</strong>
 *
 * @see org.kuali.kfs.sys.document.validation.Validation#validate(java.lang.Object[])
 */
@Override
public boolean validate(AttributedDocumentEvent event) {
    final Person currentUser = GlobalVariables.getUserSession().getPerson();
    if (accountingDocumentForValidation instanceof Correctable) {
        final String errorDocumentNumber = ((FinancialSystemDocumentHeader) accountingDocumentForValidation.getDocumentHeader()).getFinancialDocumentInErrorNumber();
        if (StringUtils.isNotBlank(errorDocumentNumber)) {
            return true;
        }
    }
    final AccountingLineAuthorizer accountingLineAuthorizer = lookupAccountingLineAuthorizer();
    final Set<String> currentNodes = accountingDocumentForValidation.getDocumentHeader().getWorkflowDocument().getCurrentNodeNames();
    final boolean lineIsAccessible = accountingLineAuthorizer.hasEditPermissionOnAccountingLine(accountingDocumentForValidation, accountingLineForValidation, getAccountingLineCollectionProperty(), currentUser, true, currentNodes);
    final boolean isAccessible = accountingLineAuthorizer.hasEditPermissionOnField(accountingDocumentForValidation, accountingLineForValidation, getAccountingLineCollectionProperty(), KFSPropertyConstants.ACCOUNT_NUMBER, lineIsAccessible, true, currentUser, currentNodes);
    boolean valid = true;
    boolean isExceptionNode = isExceptionNode(event.getDocument());
    if (!isAccessible) {
        // if only object code changed and the user has edit permissions on object code, that's ok
        if (event instanceof UpdateAccountingLineEvent) {
            final boolean isObjectCodeAccessible = accountingLineAuthorizer.hasEditPermissionOnField(accountingDocumentForValidation, accountingLineForValidation, getAccountingLineCollectionProperty(), KFSPropertyConstants.FINANCIAL_OBJECT_CODE, lineIsAccessible, true, currentUser, currentNodes);
            final boolean onlyObjectCodeChanged = onlyObjectCodeChanged(((UpdateAccountingLineEvent) event).getAccountingLine(), ((UpdateAccountingLineEvent) event).getUpdatedAccountingLine());
            if (isObjectCodeAccessible && onlyObjectCodeChanged) {
                return true;
            }
        }
        if (isPreqDiscountRecreate(event)) {
            return true;
        }
        // KFSPTS-2253
        if (!isExceptionNode) {
            final String principalName = currentUser.getPrincipalName();
            final String[] chartErrorParams = new String[] { getDataDictionaryService().getAttributeLabel(accountingLineForValidation.getClass(), KFSPropertyConstants.CHART_OF_ACCOUNTS_CODE), accountingLineForValidation.getChartOfAccountsCode(), principalName };
            // KFSPTS-1273 : fixing an exisiting issue.  Limit to REQ and POA.  Broader solution need more work.
            if (event instanceof UpdateAccountingLineEvent) {
                // if (CollectionUtils.isEmpty(GlobalVariables.getMessageMap().getErrorPath()) && event instanceof UpdateAccountingLineEvent) {
                GlobalVariables.getMessageMap().putErrorWithoutFullErrorPath(event.getErrorPathPrefix() + "." + KFSPropertyConstants.CHART_OF_ACCOUNTS_CODE, convertEventToMessage(event), chartErrorParams);
            } else {
                GlobalVariables.getMessageMap().putError(KFSPropertyConstants.CHART_OF_ACCOUNTS_CODE, convertEventToMessage(event), chartErrorParams);
            }
            final String[] accountErrorParams = new String[] { getDataDictionaryService().getAttributeLabel(accountingLineForValidation.getClass(), KFSPropertyConstants.ACCOUNT_NUMBER), accountingLineForValidation.getAccountNumber(), principalName };
            // KFSPTS-1273 : fixing an exisiting issue.  Limit to REQ and POA.  Broader solution need more work.
            if (event instanceof UpdateAccountingLineEvent) {
                GlobalVariables.getMessageMap().putErrorWithoutFullErrorPath(event.getErrorPathPrefix() + "." + KFSPropertyConstants.ACCOUNT_NUMBER, convertEventToMessage(event), accountErrorParams);
            } else {
                GlobalVariables.getMessageMap().putError(KFSPropertyConstants.ACCOUNT_NUMBER, convertEventToMessage(event), accountErrorParams);
            }
        }
    // end KFSPTS-2253
    } else if (event instanceof AddAccountingLineEvent && isAccountNode(event.getDocument()) && !isAccountingLineFo(event.getDocument()) && !isDiscountTradeInAccount()) {
        final String principalName = currentUser.getPrincipalName();
        final String[] chartErrorParams = new String[] { getDataDictionaryService().getAttributeLabel(accountingLineForValidation.getClass(), KFSPropertyConstants.CHART_OF_ACCOUNTS_CODE), accountingLineForValidation.getChartOfAccountsCode(), principalName };
        GlobalVariables.getMessageMap().putError(KFSPropertyConstants.CHART_OF_ACCOUNTS_CODE, convertEventToMessage(event), chartErrorParams);
        final String[] accountErrorParams = new String[] { getDataDictionaryService().getAttributeLabel(accountingLineForValidation.getClass(), KFSPropertyConstants.ACCOUNT_NUMBER), accountingLineForValidation.getAccountNumber(), principalName };
        GlobalVariables.getMessageMap().putError(KFSPropertyConstants.ACCOUNT_NUMBER, convertEventToMessage(event), accountErrorParams);
        valid = false;
    }
    return (isAccessible || isExceptionNode) && valid;
}