• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java AuthorizationException类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.kuali.rice.krad.exception.AuthorizationException的典型用法代码示例。如果您正苦于以下问题:Java AuthorizationException类的具体用法?Java AuthorizationException怎么用?Java AuthorizationException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



AuthorizationException类属于org.kuali.rice.krad.exception包,在下文中一共展示了AuthorizationException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: checkAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
    if (!(form instanceof LookupForm)) {
        super.checkAuthorization(form, methodToCall);
    } else {
        try {
            Class businessObjectClass = Class.forName(((LookupForm) form).getBusinessObjectClassName());
            if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(
                    GlobalVariables.getUserSession().getPrincipalId(), KRADConstants.KNS_NAMESPACE,
                    KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS,
                    KRADUtils.getNamespaceAndComponentSimpleName(businessObjectClass),
                    Collections.<String, String>emptyMap())) {
                throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(),
                        KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS,
                        businessObjectClass.getSimpleName());
            }
        }
        catch (ClassNotFoundException e) {
            LOG.warn("Unable to load BusinessObject class: " + ((LookupForm) form).getBusinessObjectClassName(), e);
            super.checkAuthorization(form, methodToCall);
        }
    }
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:24,代码来源:KualiLookupAction.java


示例2: checkViewAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * {@inheritDoc}
 */
@Override
public void checkViewAuthorization(UifFormBase form) throws AuthorizationException {
    // if user session or view not established we cannnot authorize the view request
    View view = form.getView();
    if ((GlobalVariables.getUserSession() == null) || view == null) {
        return;
    }

    Person user = GlobalVariables.getUserSession().getPerson();
    boolean viewAuthorized = view.getAuthorizer().canOpenView(view, form, user);

    if (!viewAuthorized) {
        throw new AuthorizationException(user.getPrincipalName(), "open", view.getId(),
                "User '" + user.getPrincipalName() + "' is not authorized to open view ID: " +
                        view.getId(), null);
    }
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:21,代码来源:ControllerServiceImpl.java


示例3: delete

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
    * @see org.kuali.rice.krad.service.PessimisticLockService#delete(java.lang.String)
    */
   @Override
public void delete(String id) {
       if (StringUtils.isBlank(id)) {
           throw new IllegalArgumentException("An invalid blank id was passed to delete a Pessimistic Lock.");
       }
       PessimisticLock lock = dataObjectService.find(PessimisticLock.class, Long.valueOf(id));
       if ( lock == null ) {
           throw new IllegalArgumentException("Pessimistic Lock with id " + id + " cannot be found in the database.");
       }
       Person user = GlobalVariables.getUserSession().getPerson();
       if ( (!lock.isOwnedByUser(user)) && (!isPessimisticLockAdminUser(user)) ) {
           throw new AuthorizationException(user.getName(),"delete", "Pessimistick Lock (id " + id + ")");
       }
       delete(lock);
   }
 
开发者ID:kuali,项目名称:kc-rice,代码行数:19,代码来源:PessimisticLockServiceImpl.java


示例4: checkAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
    if (!(form instanceof InquiryForm)) {
        super.checkAuthorization(form, methodToCall);
    } else {
        try {
        	if(!KRADConstants.DOWNLOAD_BO_ATTACHMENT_METHOD.equals(methodToCall)){
        		Class businessObjectClass = Class.forName(((InquiryForm) form).getBusinessObjectClassName());
        		if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(
                        GlobalVariables.getUserSession().getPrincipalId(), KRADConstants.KNS_NAMESPACE,
                        KimConstants.PermissionTemplateNames.INQUIRE_INTO_RECORDS,
                        KRADUtils.getNamespaceAndComponentSimpleName(businessObjectClass),
                        Collections.<String, String>emptyMap())) {

        			throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(), 
                		"inquire",
                		businessObjectClass.getSimpleName());
        		}
        	}
        }
        catch (ClassNotFoundException e) {
        	LOG.warn("Unable to load BusinessObject class: " + ((InquiryForm) form).getBusinessObjectClassName(), e);
            super.checkAuthorization(form, methodToCall);
        }
    }
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:27,代码来源:KualiInquiryAction.java


示例5: checkAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * Override this method to provide action-level access controls to the application.
 *
 * @param form
 * @throws AuthorizationException
 */
protected void checkAuthorization( ActionForm form, String methodToCall) throws AuthorizationException 
{
    String principalId = GlobalVariables.getUserSession().getPrincipalId();
    Map<String, String> roleQualifier = new HashMap<String, String>(getRoleQualification(form, methodToCall));
    Map<String, String> permissionDetails = KRADUtils.getNamespaceAndActionClass(this.getClass());
    
    if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId,
            KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails,
            roleQualifier))
    {
        throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(), 
                methodToCall,
                this.getClass().getSimpleName());
    }
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:22,代码来源:KualiAction.java


示例6: viewResults

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
public ActionForward viewResults(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
    LookupForm lookupForm = (LookupForm) form;
    if (lookupForm.isSearchUsingOnlyPrimaryKeyValues()) {
        lookupForm.setPrimaryKeyFieldLabels(lookupForm.getLookupable().getPrimaryKeyFieldLabels());
    }
    // KULRICE-12281- Turn off the ability to export results from  certain lookups
	 if(StringUtils.isNotBlank(request.getParameter(KRADConstants.Lookup.VIEW_RESULTS_EXPORT_OPTION))) {
        String componentName = Class.forName(lookupForm.getBusinessObjectClassName()).getSimpleName();
        String principalId = GlobalVariables.getUserSession().getPrincipalId();
        String principalUserName = GlobalVariables.getUserSession().getPrincipalName();
        Map<String, String> permissionDetails = new HashMap<String,String>();
        permissionDetails.put(KRADConstants.COMPONENT_NAME, componentName);
        boolean isAuthorized = KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(
                principalId,KRADConstants.KNS_NAMESPACE,KimConstants.PermissionTemplateNames.VIEW_RESULTS_EXPORT_ACTION,
                permissionDetails,new HashMap<String,String>());
        if(!isAuthorized){
            throw new AuthorizationException(principalUserName, "Exporting the Lookup Results", componentName);
        }
     }
    request.setAttribute(KRADConstants.SEARCH_LIST_REQUEST_KEY, request.getParameter(KRADConstants.SEARCH_LIST_REQUEST_KEY));
    request.setAttribute("reqSearchResults", GlobalVariables.getUserSession().retrieveObject(request.getParameter(
            KRADConstants.SEARCH_LIST_REQUEST_KEY)));
    request.setAttribute("reqSearchResultsActualSize", request.getParameter("reqSearchResultsActualSize"));
    return mapping.findForward(RiceConstants.MAPPING_BASIC);
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:26,代码来源:KualiLookupAction.java


示例7: checkPermission

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
public void checkPermission() throws AuthorizationException {
    if (ObjectUtils.isNotNull(businessObjectEntry)) {
        String componentName = businessObjectEntry.getBusinessObjectClass().getName();
        String nameSpaceCode = "KR-NS";
        String templateName = "Export Records";
        String principalId = GlobalVariables.getUserSession().getPrincipalId();
        String principalUserName = GlobalVariables.getUserSession().getPrincipalName();
        Map<String, String> permissionDetails = new HashMap<String, String>();
        permissionDetails.put("componentName", componentName);
        boolean isAuthorized = KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId, nameSpaceCode,
                templateName, permissionDetails, new HashMap<String, String>());
        if (!isAuthorized) {
            throw new AuthorizationException(principalUserName, "Exporting the LookUp Results", componentName);
        }
    }
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:17,代码来源:ExportViewHelper.java


示例8: retrieveSelectedResultBOs

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * Figures out which support strategy to defer to and uses that service to retrieve the results; if the bo class doesn't qualify with any support strategy, an exception is thrown.  A nasty one, too.
 *
 * @see org.kuali.rice.krad.lookup.LookupResultsService#retrieveSelectedResultBOs(java.lang.String, java.lang.Class, java.lang.String)
 */
@Override
public <T extends BusinessObject> Collection<T> retrieveSelectedResultBOs(String lookupResultsSequenceNumber, Class<T> boClass, String personId) throws Exception {
	final LookupResultsSupportStrategyService supportService = getQualifingSupportStrategy(boClass);
	if (supportService == null) {
		throw new RuntimeException("BusinessObject class "+boClass.getName()+" cannot be used within a multiple value lookup; it either needs to be a PersistableBusinessObject or have both its primary keys and a lookupable defined in its data dictionary entry");
	}

	SelectedObjectIds selectedObjectIds = retrieveSelectedObjectIds(lookupResultsSequenceNumber);

    if (!isAuthorizedToAccessSelectedObjectIds(selectedObjectIds, personId)) {
        // TODO: use the other identifier
        throw new AuthorizationException(personId, "retrieve lookup results", "lookup sequence number " + lookupResultsSequenceNumber);
    }

    Set<String> setOfSelectedObjIds = LookupUtils
            .convertStringOfObjectIdsToSet(selectedObjectIds.getSelectedObjectIds());

    if (setOfSelectedObjIds.isEmpty()) {
        // OJB throws exception if querying on empty set
        return new ArrayList<T>();
    }

	return supportService.retrieveSelectedResultBOs(boClass, setOfSelectedObjIds);
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:30,代码来源:LookupResultsServiceImpl.java


示例9: checkAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkAuthorization( ActionForm form, String methodToCall) throws AuthorizationException
   {
   	String principalId = GlobalVariables.getUserSession().getPrincipalId();
   	Map<String, String> roleQualifier = new HashMap<String, String>();
   	Map<String, String> permissionDetails = KRADUtils.getNamespaceAndActionClass(this.getClass());

       if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(principalId,
               KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.USE_SCREEN, permissionDetails,
               roleQualifier))
       {
           throw new AuthorizationException(GlobalVariables.getUserSession().getPrincipalName(),
           		methodToCall,
           		this.getClass().getSimpleName());
       }
   }
 
开发者ID:kuali,项目名称:kc-rice,代码行数:17,代码来源:IngesterAction.java


示例10: performAction

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * @see org.kuali.ole.sys.service.ElectronicFundTransferActionHelper#performAction(org.kuali.rice.kns.web.struts.form.KualiForm, org.apache.struts.action.ActionMapping)
 */
public ActionForward performAction(ElectronicFundTransferForm form, ActionMapping mapping, Map params, String basePath) {
    // is the current user able to claim electronic funds?
    Person currentUser = GlobalVariables.getUserSession().getPerson();
    if (!form.hasAvailableClaimingDocumentStrategies()) {
        throw new AuthorizationException(currentUser.getPrincipalName(), ElectronicFundTransferRefreshActionHelper.ACTION_NAME, ddService.getDataDictionary().getBusinessObjectEntry(ElectronicPaymentClaim.class.getName()).getObjectLabel());
    }
    // does the current user have claimed funds waiting for them?
    String lookupResultsSequenceNumber = null;
    if (params.get("lookupResultsSequenceNumber") != null) {
        lookupResultsSequenceNumber = ((String[])params.get("lookupResultsSequenceNumber"))[0];
    }
    if (StringUtils.isBlank(lookupResultsSequenceNumber)) {
        return mapping.findForward(PORTAL_FORWARD);
    }
    List<ElectronicPaymentClaim> claims = getClaimedPayments(currentUser, lookupResultsSequenceNumber);
    if (claims.size() == 0) {
        return mapping.findForward(PORTAL_FORWARD);
    }
    // if so, load their currently claimed electronic funds to the form
    form.setClaims(claims);
    // and redirect
    return mapping.findForward(BASIC_FORWARD);
}
 
开发者ID:VU-libtech,项目名称:OLE-INST,代码行数:27,代码来源:ElectronicFundTransferRefreshActionHelper.java


示例11: getRequestedClaimingHelper

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * Using user entered form values, determines which of the available ElectronicPaymentClaimingDocumentGenerationStrategy implementations to use. 
 * @param chosenDoc the document type code for the doc that the user selected
 * @param availableClaimingDocs a List of ElectronicPaymentClaimingDocumentGenerationStrategy implementations that can be used by the given user
 * @param currentUser the currently logged in user
 * @throws AuthorizationException thrown if the user entered an invalid or unusable ElectronicPaymentClaimingDocumentGenerationStrategy code
 * @return an ElectronicPaymentClaimingDocumentGenerationStrategy helper to use to create the document
 */
protected ElectronicPaymentClaimingDocumentGenerationStrategy getRequestedClaimingHelper(String chosenDoc, List<ElectronicPaymentClaimingDocumentGenerationStrategy> availableClaimingDocs, Person currentUser) {
    ElectronicPaymentClaimingDocumentGenerationStrategy chosenDocHelper = null;
    int count = 0;
    while (count < availableClaimingDocs.size() && chosenDocHelper == null) {
        ElectronicPaymentClaimingDocumentGenerationStrategy claimingDoc = availableClaimingDocs.get(count);
        if (StringUtils.equals(claimingDoc.getClaimingDocumentWorkflowDocumentType(), chosenDoc)) {
            chosenDocHelper = claimingDoc;
        }
        count += 1;
    }
    if (chosenDocHelper == null || !chosenDocHelper.userMayUseToClaim(currentUser)) {
        throw new AuthorizationException(currentUser.getPrincipalName(), ElectronicFundTransferClaimActionHelper.ACTION_NAME, ddService.getDataDictionary().getBusinessObjectEntry(ElectronicPaymentClaim.class.getName()).getObjectLabel());
    }
    return chosenDocHelper;
}
 
开发者ID:VU-libtech,项目名称:OLE-INST,代码行数:24,代码来源:ElectronicFundTransferClaimActionHelper.java


示例12: listBatchTypeFilesForUser

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * Fetches workgroup for batch type from system parameter and verifies user is a member. Then a list of all files for the batch
 * type are retrieved. For each file, the file and user is sent through the checkAuthorization method of the batch input type
 * implementation for finer grained security. If the method returns true, the filename is added to the user's list.
 *
 * @see org.kuali.ole.sys.batch.service.BatchInputFileService#listBatchTypeFilesForUser(org.kuali.ole.sys.batch.BatchInputFileType,
 *      org.kuali.rice.kim.api.identity.Person)
 */
@Override
public List<String> listBatchTypeFilesForUser(BatchInputFileType batchInputFileType, Person user) throws AuthorizationException {
    if (batchInputFileType == null || user == null) {
        LOG.error("an invalid(null) argument was given");
        throw new IllegalArgumentException("an invalid(null) argument was given");
    }

    File[] filesInBatchDirectory = listFilesInBatchTypeDirectory(batchInputFileType);

    List<String> userFileNamesList = new ArrayList<String>();
    List<File> userFileList = listBatchTypeFilesForUserAsFiles(batchInputFileType, user);

    for (File userFile : userFileList) {
        userFileNamesList.add(userFile.getAbsolutePath());
    }

    return userFileNamesList;
}
 
开发者ID:VU-libtech,项目名称:OLE-INST,代码行数:27,代码来源:BatchInputFileServiceImpl.java


示例13: listBatchTypeFilesForUserAsFiles

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
protected List<File> listBatchTypeFilesForUserAsFiles(BatchInputFileType batchInputFileType, Person user) throws AuthorizationException {
    File[] filesInBatchDirectory = listFilesInBatchTypeDirectory(batchInputFileType);

    List<File> userFileList = new ArrayList<File>();
    if (filesInBatchDirectory != null) {
        for (int i = 0; i < filesInBatchDirectory.length; i++) {
            File batchFile = filesInBatchDirectory[i];
            String fileExtension = StringUtils.substringAfterLast(batchFile.getName(), ".");
            if (StringUtils.isBlank(batchInputFileType.getFileExtension()) || batchInputFileType.getFileExtension().equals(fileExtension)) {
                if (user.getPrincipalName().equals(batchInputFileType.getAuthorPrincipalName(batchFile))) {
                    userFileList.add(batchFile);
                }
            }
        }
    }
    return userFileList;
}
 
开发者ID:VU-libtech,项目名称:OLE-INST,代码行数:18,代码来源:BatchInputFileServiceImpl.java


示例14: performAction

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * @see org.kuali.kfs.sys.service.ElectronicFundTransferActionHelper#performAction(org.kuali.rice.kns.web.struts.form.KualiForm, org.apache.struts.action.ActionMapping)
 */
public ActionForward performAction(ElectronicFundTransferForm form, ActionMapping mapping, Map params, String basePath) {
    // is the current user able to claim electronic funds?
    Person currentUser = GlobalVariables.getUserSession().getPerson();
    if (!form.hasAvailableClaimingDocumentStrategies()) {
        throw new AuthorizationException(currentUser.getPrincipalName(), ElectronicFundTransferRefreshActionHelper.ACTION_NAME, ddService.getDataDictionary().getBusinessObjectEntry(ElectronicPaymentClaim.class.getName()).getObjectLabel());
    }
    // does the current user have claimed funds waiting for them?
    String lookupResultsSequenceNumber = null;
    if (params.get("lookupResultsSequenceNumber") != null) {
        lookupResultsSequenceNumber = ((String[])params.get("lookupResultsSequenceNumber"))[0];
    }
    if (StringUtils.isBlank(lookupResultsSequenceNumber)) {
        return mapping.findForward(PORTAL_FORWARD);
    }
    List<ElectronicPaymentClaim> claims = getClaimedPayments(currentUser, lookupResultsSequenceNumber);
    if (claims.size() == 0) {
        return mapping.findForward(PORTAL_FORWARD);
    }
    // if so, load their currently claimed electronic funds to the form
    form.setClaims(claims);
    // and redirect
    return mapping.findForward(BASIC_FORWARD);
}
 
开发者ID:kuali,项目名称:kfs,代码行数:27,代码来源:ElectronicFundTransferRefreshActionHelper.java


示例15: listBatchTypeFilesForUser

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
/**
 * Fetches workgroup for batch type from system parameter and verifies user is a member. Then a list of all files for the batch
 * type are retrieved. For each file, the file and user is sent through the checkAuthorization method of the batch input type
 * implementation for finer grained security. If the method returns true, the filename is added to the user's list.
 *
 * @see org.kuali.kfs.sys.batch.service.BatchInputFileService#listBatchTypeFilesForUser(org.kuali.kfs.sys.batch.BatchInputFileType,
 *      org.kuali.rice.kim.api.identity.Person)
 */
@Override
public List<String> listBatchTypeFilesForUser(BatchInputFileType batchInputFileType, Person user) throws AuthorizationException {
    if (batchInputFileType == null || user == null) {
        LOG.error("an invalid(null) argument was given");
        throw new IllegalArgumentException("an invalid(null) argument was given");
    }

    File[] filesInBatchDirectory = listFilesInBatchTypeDirectory(batchInputFileType);

    List<String> userFileNamesList = new ArrayList<String>();
    List<File> userFileList = listBatchTypeFilesForUserAsFiles(batchInputFileType, user);

    for (File userFile : userFileList) {
        userFileNamesList.add(userFile.getAbsolutePath());
    }

    return userFileNamesList;
}
 
开发者ID:kuali,项目名称:kfs,代码行数:27,代码来源:BatchInputFileServiceImpl.java


示例16: execute

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
    org.kuali.rice.kns.datadictionary.BusinessObjectEntry boe = (org.kuali.rice.kns.datadictionary.BusinessObjectEntry) dataDictionaryService.getDataDictionary().getBusinessObjectEntry(((LookupForm) form).getBusinessObjectClassName());

    Map<String, String> permissionDetails = KRADUtils.getNamespaceAndComponentSimpleName(boe.getDataObjectClass());
    if (!KimApiServiceLocator.getPermissionService().isAuthorizedByTemplate(GlobalVariables.getUserSession().getPrincipalId(),
            KRADConstants.KNS_NAMESPACE, KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS, permissionDetails,
            new HashMap<String,String>()))
    {
        throw new AuthorizationException(GlobalVariables.getUserSession().getPerson().getPrincipalName(),
                KimConstants.PermissionTemplateNames.LOOK_UP_RECORDS,
                boe.getDataObjectClass().getSimpleName());
    }

    request.setAttribute(KRADConstants.PARAM_MAINTENANCE_VIEW_MODE, KRADConstants.PARAM_MAINTENANCE_VIEW_MODE_LOOKUP);

    int numCols = boe.getLookupDefinition().getNumOfColumns();
    if (numCols <= 0) {
        numCols = KRADConstants.DEFAULT_NUM_OF_COLUMNS; // by default, always show one column.
    }
    ((LookupForm) form).setNumColumns(numCols);
    return super.execute(mapping, form, request, response);
}
 
开发者ID:kuali,项目名称:kfs,代码行数:24,代码来源:BalanceInquiryAction.java


示例17: initAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
protected void initAuthorization(SalarySettingBaseForm salarySettingForm) {
    Person user = GlobalVariables.getUserSession().getPerson();

    boolean isAuthorized = SpringContext.getBean(IdentityManagementService.class).isAuthorized(user.getPrincipalId(), BCConstants.BUDGET_CONSTRUCTION_NAMESPACE, BCConstants.KimApiConstants.USE_ORG_SALARY_SETTING_PERMISSION_NAME, null);
    if (isAuthorized) {
        salarySettingForm.getDocumentActions().put(KRADConstants.KUALI_ACTION_CAN_EDIT, KRADConstants.KUALI_DEFAULT_TRUE_VALUE);
    }
    else {
        throw new AuthorizationException(user.getName(), "view", salarySettingForm.getAccountNumber() + ", " + salarySettingForm.getSubAccountNumber());
    }

    if (!SpringContext.getBean(FiscalYearFunctionControlService.class).isBudgetUpdateAllowed(salarySettingForm.getUniversityFiscalYear())) {
        salarySettingForm.getEditingMode().put(BCConstants.EditModes.SYSTEM_VIEW_ONLY, KRADConstants.KUALI_DEFAULT_TRUE_VALUE);
    }

    BudgetConstructionAuthorizationStatus editStatus = new BudgetConstructionAuthorizationStatus();
    editStatus.setDocumentActions(salarySettingForm.getDocumentActions());
    editStatus.setEditingMode(salarySettingForm.getEditingMode());

    GlobalVariables.getUserSession().addObject(BCConstants.BC_DOC_AUTHORIZATION_STATUS_SESSIONKEY, editStatus);
}
 
开发者ID:kuali,项目名称:kfs,代码行数:22,代码来源:SalarySettingBaseAction.java


示例18: checkTKAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
    KPMEForm kPMEForm = (KPMEForm) form;

    if (StringUtils.equals(methodToCall, "targetEmployee") || StringUtils.equals(methodToCall, "changeEmployee") || StringUtils.equals(methodToCall, "clearBackdoor") || StringUtils.equals(methodToCall, "clearChangeUser")) {
        // Handle security validation in targetEmployee action, we may need
        // to check the document for validity, since the user may not
        // necessarily be a system administrator.
    } else {
    	String principalId = GlobalVariables.getUserSession().getPrincipalId();
    	TimesheetDocument tdoc = TkServiceLocator.getTimesheetService().getTimesheetDocument(kPMEForm.getDocumentId());
        if (!HrContext.isSystemAdmin()
    			&& !TkContext.isLocationAdmin()
    			&& !TkContext.isDepartmentAdmin()
    			&& !HrContext.isGlobalViewOnly()
    			&& !TkContext.isDepartmentViewOnly()
    			&& (kPMEForm.getDocumentId() != null && !HrServiceLocator.getHRPermissionService().canApproveCalendarDocument(principalId, tdoc))
    			&& (kPMEForm.getDocumentId() != null && !HrServiceLocator.getHRPermissionService().canViewCalendarDocument(principalId, tdoc)))  {
            throw new AuthorizationException("", "TimeAction", "");
        }
    }
}
 
开发者ID:kuali-mirror,项目名称:kpme,代码行数:23,代码来源:TimeAction.java


示例19: checkTKAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
    super.checkTKAuthorization(form, methodToCall); // Checks for read access first.

    ClockActionForm clockActionForm = (ClockActionForm) form;

    String principalId = GlobalVariables.getUserSession().getPrincipalId();
	CalendarDocument timesheetDocument = TkServiceLocator.getTimesheetService().getTimesheetDocument(clockActionForm.getDocumentId());
    // Check for write access to Timeblock.
    if (StringUtils.equals(methodToCall, "clockAction") ||
            StringUtils.equals(methodToCall, "addTimeBlock") ||
            StringUtils.equals(methodToCall, "editTimeBlock") ||
            StringUtils.equals(methodToCall, "distributeTimeBlocks") ||
            StringUtils.equals(methodToCall, "saveNewTimeBlocks") ||
            StringUtils.equals(methodToCall, "deleteTimeBlock")) {
        if (!HrServiceLocator.getHRPermissionService().canEditCalendarDocument(principalId, timesheetDocument)) {
            throw new AuthorizationException(GlobalVariables.getUserSession().getPrincipalId(), "ClockAction", "");
        }
    }
}
 
开发者ID:kuali-mirror,项目名称:kpme,代码行数:21,代码来源:ClockAction.java


示例20: checkTKAuthorization

import org.kuali.rice.krad.exception.AuthorizationException; //导入依赖的package包/类
@Override
protected void checkTKAuthorization(ActionForm form, String methodToCall) throws AuthorizationException {
    super.checkTKAuthorization(form, methodToCall);
    
    TimeDetailActionForm timeDetailActionForm = (TimeDetailActionForm) form;

    String principalId = GlobalVariables.getUserSession().getPrincipalId();
	TimesheetDocument timesheetDocument = TkServiceLocator.getTimesheetService().getTimesheetDocument(timeDetailActionForm.getDocumentId());
    if (StringUtils.equals(methodToCall, "addTimeBlock") 
    		|| StringUtils.equals(methodToCall, "deleteTimeBlock") 
    		|| StringUtils.equals(methodToCall, "updateTimeBlock")) {
        if (!HrServiceLocator.getHRPermissionService().canEditCalendarDocument(principalId, timesheetDocument)) {
            throw new AuthorizationException(principalId, "TimeDetailAction", "");
        }
    }
}
 
开发者ID:kuali-mirror,项目名称:kpme,代码行数:17,代码来源:TimeDetailAction.java



注:本文中的org.kuali.rice.krad.exception.AuthorizationException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java DerivedRoleTypeServiceBase类代码示例发布时间:2022-05-22
下一篇:
Java METADATA类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap