001    /**
002     * Copyright 2005-2013 The Kuali Foundation
003     *
004     * Licensed under the Educational Community License, Version 2.0 (the "License");
005     * you may not use this file except in compliance with the License.
006     * You may obtain a copy of the License at
007     *
008     * http://www.opensource.org/licenses/ecl2.php
009     *
010     * Unless required by applicable law or agreed to in writing, software
011     * distributed under the License is distributed on an "AS IS" BASIS,
012     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013     * See the License for the specific language governing permissions and
014     * limitations under the License.
015     */
016    package org.kuali.rice.kns.kim.role;
017    
018    
019    import org.apache.commons.lang.StringUtils;
020    import org.kuali.rice.core.api.exception.RiceIllegalArgumentException;
021    import org.kuali.rice.core.api.membership.MemberType;
022    import org.kuali.rice.kim.api.KimConstants;
023    import org.kuali.rice.kim.api.identity.IdentityService;
024    import org.kuali.rice.kim.api.identity.entity.EntityDefault;
025    import org.kuali.rice.kim.api.identity.principal.Principal;
026    import org.kuali.rice.kim.api.role.Role;
027    import org.kuali.rice.kim.api.role.RoleMembership;
028    import org.kuali.rice.kim.api.services.KimApiServiceLocator;
029    import org.kuali.rice.kns.kim.role.DerivedRoleTypeServiceBase;
030    
031    import java.util.ArrayList;
032    import java.util.Collections;
033    import java.util.List;
034    import java.util.Map;
035    
036    /**
037     * This is a description of what this class does - kellerj don't forget to fill this in. 
038     * 
039     * @author Kuali Rice Team (rice.collab@kuali.org)
040     *
041     * @deprecated A krad integrated type service base class will be provided in the future.
042     */
043    @Deprecated
044    public class PrincipalDerivedRoleTypeServiceImpl extends DerivedRoleTypeServiceBase {
045            
046            private IdentityService identityService;
047    
048        @Override
049        protected List<String> getRequiredAttributes() {
050            final List<String> attrs = new ArrayList<String>(super.getRequiredAttributes());
051            attrs.add(KimConstants.AttributeConstants.PRINCIPAL_ID);
052            return Collections.unmodifiableList(attrs);
053        }
054    
055        @Override
056        protected boolean isCheckRequiredAttributes() {
057            return false;
058        }
059    
060            @Override
061            public boolean performMatch(Map<String, String> inputAttributes, Map<String, String> storedAttributes) {
062                    if (inputAttributes == null) {
063                throw new RiceIllegalArgumentException("inputAttributes was null");
064            }
065    
066                    if (storedAttributes == null) {
067                throw new RiceIllegalArgumentException("storedAttributes was null");
068            }
069    
070            return true;
071            }
072    
073            /**
074             * Since this is potentially the entire set of users, just check the qualification for the user we are interested in and return it.
075             */
076            @Override
077        public List<RoleMembership> getRoleMembersFromDerivedRole(String namespaceCode, String roleName, Map<String, String> qualification) {
078                    if (StringUtils.isBlank(namespaceCode)) {
079                throw new RiceIllegalArgumentException("namespaceCode was null or blank");
080            }
081    
082            if (roleName == null) {
083                throw new RiceIllegalArgumentException("roleName was null");
084            }
085    
086                    if ( qualification == null || qualification.isEmpty() ) {
087                            return Collections.emptyList();
088                    }
089            ArrayList<RoleMembership> tempIdList = new ArrayList<RoleMembership>();
090                    qualification = translateInputAttributes(qualification);
091                    // check that the principal ID is not null
092                    String principalId = qualification.get( KimConstants.AttributeConstants.PRINCIPAL_ID );
093                    if ( hasDerivedRole(principalId, null, namespaceCode, roleName, qualification)) {
094                    tempIdList.add( RoleMembership.Builder.create(null/*roleId*/, null, principalId, MemberType.PRINCIPAL, null).build());
095                    }
096                    return tempIdList;
097            }
098            
099            @Override
100            public boolean hasDerivedRole(String principalId, List<String> groupIds, String namespaceCode, String roleName, Map<String, String> qualification) {
101            if (StringUtils.isBlank(principalId)) {
102                throw new RiceIllegalArgumentException("principalId was null or blank");
103            }
104    
105            if (groupIds == null) {
106                throw new RiceIllegalArgumentException("groupIds was null or blank");
107            }
108    
109            if (StringUtils.isBlank(namespaceCode)) {
110                throw new RiceIllegalArgumentException("namespaceCode was null or blank");
111            }
112    
113            if (StringUtils.isBlank(roleName)) {
114                throw new RiceIllegalArgumentException("roleName was null or blank");
115            }
116    
117            if (qualification == null) {
118                throw new RiceIllegalArgumentException("qualification was null");
119            }
120    
121            // check that the principal exists and is active
122            Principal principal = getIdentityService().getPrincipal( principalId );
123            if ( principal == null || !principal.isActive() ) {
124                return false;
125            }
126            // check that the identity is active
127            EntityDefault entity = getIdentityService().getEntityDefault( principal.getEntityId() );
128            return entity != null && entity.isActive();
129            }
130            
131            protected IdentityService getIdentityService() {
132                    if ( identityService == null ) {
133                            identityService = KimApiServiceLocator.getIdentityService();
134                    }
135                    return identityService;
136            }
137    }