Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.kuali.rice.kim.impl.role
Class RoleServiceImpl

java.lang.Object
  extended by org.kuali.rice.kim.impl.role.RoleServiceImpl
All Implemented Interfaces:
RoleService
public class RoleServiceImpl
extends Object
implements RoleService

Nested Class Summary
protected static class RoleServiceBase.RoleDaoAction
          A helper enumeration for indicating which KimRoleDao method to use when attempting to get role/delegation-related lists that are not in the cache.
 
Constructor Summary
RoleServiceImpl()
           
 
Method Summary
protected  void addDelegationMemberAttributeData(org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo delegationMember, Map<String,String> qualifier, String kimTypeId)
           
protected  void addMemberAttributeData(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember, Map<String,String> qualifier, String kimTypeId)
           
protected  List<RoleMembership.Builder> applyDelegationsToRoleMembers(List<RoleMembership> roleMemberships, Collection<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> delegations, Map<String,String> qualification)
          Checks each of the result records to determine if there are potentially applicable delegation members for that role membership.
 void assignGroupToRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the group with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
 void assignPermissionToRole(String permissionId, String roleId)
          Assigns the given permission to the given role
 void assignPrincipalToRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the principal with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
 void assignRoleToRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
protected  boolean checkForCircularRoleMembership(String newMemberId, org.kuali.rice.kim.impl.role.RoleBo roleBo)
          This method tests to see if assigning a roleBo to another roleBo will create a circular reference.
 DelegateType createDelegateType(DelegateType delegateType)
          Assigns the member with the given id as a delegation member to the role with the specified namespace code and name with the supplied set of qualifications.
 Role createRole(Role role)
          This will create a Role exactly like the role passed in.
 RoleMember createRoleMember(RoleMember roleMember)
          Creates a new RoleMember.
 RoleResponsibilityAction createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
           
protected  boolean doAnyMemberRecordsMatch(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
protected  boolean doAnyMemberRecordsMatchByExactQualifier(org.kuali.rice.kim.impl.role.RoleBo role, String memberId, RoleServiceBase.RoleDaoAction daoActionToTake, Map<String,String> qualifier)
           
protected  boolean doesMemberMatch(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
 DelegateMemberQueryResults findDelegateMembers(QueryByCriteria queryByCriteria)
           
protected  RoleMember findRoleMember(String roleMemberId)
           
 RoleMemberQueryResults findRoleMembers(QueryByCriteria queryByCriteria)
           
 RoleMembershipQueryResults findRoleMemberships(QueryByCriteria queryByCriteria)
          Gets role member information based on the given search criteria.
 RoleQueryResults findRoles(QueryByCriteria queryByCriteria)
          This method gets search results for role lookup
protected  BusinessObjectService getBusinessObjectService()
           
 CriteriaLookupService getCriteriaLookupService()
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getDelegateMemberBo(String delegationMemberId)
          Retrieves a DelegateMemberBo object by its ID.
 DelegateType getDelegateTypeByDelegationId(String delegationId)
           
 DelegateType getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId, DelegationType delegationType)
           
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake, Collection<String> delegationIds, String principalId, List<String> groupIds)
          Retrieves a List of delegation members from the KimRoleDao as appropriate.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoListByMemberAndDelegationId(String memberId, String delegationId)
          Retrieves a DelegateMemberBo List by (principal/group/role) member ID and delegation ID.
 DelegateMember getDelegationMemberByDelegationAndMemberId(String delegationId, String memberId)
           
 DelegateMember getDelegationMemberById(String delegationMemberId)
           
 List<DelegateMember> getDelegationMembersByDelegationId(String delegationId)
          Gets delegation member information based on the given search criteria.
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getDelegationOfType(String roleId, DelegationType delegationType)
           
protected  DelegationTypeService getDelegationTypeService(String delegationId)
           
 List<RoleMembership> getFirstLevelRoleMembers(List<String> roleIds)
          Gets all direct members of the roles that have ids within the given list of role ids.
protected  GroupService getGroupService()
           
protected  IdentityService getIdentityService()
           
protected  String getKimAttributeId(String attributeName)
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getKimDelegationImpl(String delegationId)
          Retrieves a KimDelegationImpl object by its ID.
protected  org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getKimDelegationMemberImplByDelegationAndId(String delegationId, String delegationMemberId)
          Retrieves a KimDelegationMemberImpl object by its ID and the ID of the delegation it belongs to.
protected  LookupService getLookupService()
           
protected  Object getMember(String memberTypeCode, String memberId)
           
protected  String getMemberName(Object member)
           
 List<String> getMemberParentRoleIds(String memberType, String memberId)
          Gets a list of Roles that the given member belongs to.
protected  Collection<RoleMembership> getNestedRoleMembers(Map<String,String> qualification, RoleMembership rm, Set<String> foundRoleTypeMembers)
           
 List<Map<String,String>> getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal.
 List<Map<String,String>> getNestedRoleQualifiersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal.
protected  void getNestedRoleTypeMemberIds(String roleId, Set<String> members)
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getPrimaryDelegation(String roleId, List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> roleDelegates)
           
 List<String> getPrincipalIdSubListWithRole(List<String> principalIds, String roleNamespaceCode, String roleName, Map<String,String> qualification)
          Returns the subset of the given principal ID list which has the given role and qualification.
protected  ResponsibilityInternalService getResponsibilityInternalService()
           
 Role getRole(String roleId)
          Get the KIM Role object with the given ID.
protected  org.kuali.rice.kim.impl.role.RoleBo getRoleBo(String roleId)
           
protected  org.kuali.rice.kim.impl.role.RoleBo getRoleBoByName(String namespaceCode, String roleName)
           
protected  Map<String,org.kuali.rice.kim.impl.role.RoleBo> getRoleBoMap(Collection<String> roleIds)
           
 Role getRoleByNameAndNamespaceCode(String namespaceCode, String roleName)
          Get the KIM Role object with the unique combination of namespace, component, and role name.
protected  RoleDao getRoleDao()
           
 String getRoleIdByNameAndNamespaceCode(String namespaceCode, String roleName)
          Return the Role ID for the given unique combination of namespace, component and role name.
protected  boolean getRoleIdToMembershipMap(Map<String,List<RoleMembership>> roleIdToMembershipMap, List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers)
          Helper method used by principalHasRole to build the role ID -> list of members map.
protected  org.kuali.rice.kim.impl.role.RoleMemberBo getRoleMemberBo(String roleMemberId)
          Retrieves a RoleMemberBo object by its ID.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake, Collection<String> roleIds, String principalId, Collection<String> groupIds, String memberTypeCode, Map<String,String> qualification)
          Retrieves a list of RoleMemberBo instances from the KimRoleDao.
 Collection<String> getRoleMemberPrincipalIds(String namespaceCode, String roleName, Map<String,String> qualification)
          This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids
 List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(String roleMemberId)
           
 List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String,String> qualification)
          Get all the role members (groups and principals) associated with the given list of roles where their role membership/assignment matches the given qualification.
protected  List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String,String> qualification, boolean followDelegations, Set<String> foundRoleTypeMembers)
           
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersByExactQualifierMatch(org.kuali.rice.kim.impl.role.RoleBo role, String memberId, RoleServiceBase.RoleDaoAction daoActionToTake, Map<String,String> qualifier)
           
 List<Map<String,String>> getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role.
 List<Map<String,String>> getRoleQualifersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role.
 List<RoleResponsibility> getRoleResponsibilities(String roleId)
           
 List<Role> getRoles(List<String> roleIds)
          Get the KIM Role objects for the role IDs in the given List.
 Set<String> getRoleTypeRoleMemberIds(String roleId)
           
protected  RoleTypeService getRoleTypeService(KimType typeInfo)
           
protected  RoleTypeService getRoleTypeService(String roleId)
          Retrieves the role type service associated with the given role ID
protected  Map<String,org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplMapFromRoleIds(Collection<String> roleIds)
          Calls the KimRoleDao's "getDelegationImplMapFromRoleIds" method and/or retrieves any corresponding delegations from the cache.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplsForRoleIds(Collection<String> roleIds)
          Calls the KimRoleDao's "getDelegationBosForRoleIds" method and/or retrieves any corresponding delegations from the cache.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(Collection<String> delegationIds, String principalId)
          Calls the KimRoleDao's "getDelegationPrincipalsForPrincipalIdAndDelegationIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleGroupsForGroupIdsAndRoleIds(Collection<String> roleIds, Collection<String> groupIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleGroupsForGroupIdsAndRoleIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIds(Collection<String> roleIds, String memberTypeCode, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembersForRoleIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIdsWithFilters(Collection<String> roleIds, String principalId, List<String> groupIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembersForRoleIdsWithFilters" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembershipsForRoleIdsAsMembers(Collection<String> roleIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembershipsForRoleIdsAsMembers" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collection<String> roleIds, String principalId, Map<String,String> qualification)
          Calls the KimRoleDao's "getRolePrincipalsForPrincipalIdAndRoleIds" method and/or retrieves any corresponding members from the cache.
protected  boolean isApplicationRoleType(String roleTypeId, RoleTypeService service)
           
protected  boolean isDelegationPrimary(DelegationType delegationType)
           
protected  boolean isDelegationSecondary(DelegationType delegationType)
           
 boolean isRoleActive(String roleId)
          Checks whether the role with the given role ID is active.
protected  void linkDelegateToRoleMembership(org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo delegation, DelegateMember.Builder delegateMemberBuilder, RoleMembership.Builder roleMembershipBuilder)
           
protected  boolean matchesOnDelegation(Set<String> allRoleIds, String principalId, List<String> principalGroupIds, Map<String,String> qualification)
          Support method for principalHasRole.
protected  org.kuali.rice.kim.impl.role.RoleMemberBo matchingMemberRecord(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
protected  Map<String,String> populateQualifiersForExactMatch(Map<String,String> defaultQualification, List<String> attributes)
           
 boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns whether the given principal has any of the passed role IDs with the given qualification.
protected  boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification, boolean checkDelegations)
           
 void removeGroupFromRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
 void removePrincipalFromRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the principal with the given id and qualifications from the role with the specified namespace code and role name.
 void removeRoleFromRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
protected  void resolveDelegationMemberRoles(List<RoleMembership.Builder> membershipBuilders, Map<String,String> qualification, Set<String> foundRoleTypeMembers)
          Once the delegations for a RoleMembershipInfo object have been determined, any "role" member types need to be resolved into groups and principals so that further KIM requests are not needed.
 void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)
           
 void setRoleDao(RoleDao roleDao)
           
 DelegateType updateDelegateType(DelegateType delegateType)
          Updates a delegation type, including attached members
 Role updateRole(Role role)
          This will update a Role.
 RoleMember updateRoleMember(RoleMember roleMember)
          Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RoleServiceImpl

public RoleServiceImpl()
Method Detail

createRole

public Role createRole(Role role)
                throws RiceIllegalArgumentException,
                       RiceIllegalStateException
Description copied from interface: RoleService
This will create a Role exactly like the role passed in.

Specified by:
createRole in interface RoleService
Parameters:
role - the role to create
Returns:
the newly created object. will never be null.
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

updateRole

public Role updateRole(Role role)
                throws RiceIllegalArgumentException,
                       RiceIllegalStateException
Description copied from interface: RoleService
This will update a Role.

Specified by:
updateRole in interface RoleService
Parameters:
role - the role to update
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

checkForCircularRoleMembership

protected boolean checkForCircularRoleMembership(String newMemberId,
                                                 org.kuali.rice.kim.impl.role.RoleBo roleBo)
This method tests to see if assigning a roleBo to another roleBo will create a circular reference. The Role is checked to see if it is a member (direct or nested) of the roleBo to be assigned as a member.

Parameters:
newMemberId -
roleBo -
Returns:
true - assignment is allowed, no circular reference will be created. false - illegal assignment, it will create a circular membership

findRoleMember

protected RoleMember findRoleMember(String roleMemberId)

findRoleMembers

public RoleMemberQueryResults findRoleMembers(QueryByCriteria queryByCriteria)
                                       throws RiceIllegalStateException
Specified by:
findRoleMembers in interface RoleService
Throws:
RiceIllegalStateException

getRoleTypeRoleMemberIds

public Set<String> getRoleTypeRoleMemberIds(String roleId)
                                     throws RiceIllegalStateException
Specified by:
getRoleTypeRoleMemberIds in interface RoleService
Throws:
RiceIllegalStateException

getMemberParentRoleIds

public List<String> getMemberParentRoleIds(String memberType,
                                           String memberId)
                                    throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a list of Roles that the given member belongs to.

Specified by:
getMemberParentRoleIds in interface RoleService
Throws:
RiceIllegalStateException

getRoleMemberResponsibilityActions

public List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(String roleMemberId)
                                                                  throws RiceIllegalStateException
Specified by:
getRoleMemberResponsibilityActions in interface RoleService
Throws:
RiceIllegalStateException

findDelegateMembers

public DelegateMemberQueryResults findDelegateMembers(QueryByCriteria queryByCriteria)
                                               throws RiceIllegalStateException
Specified by:
findDelegateMembers in interface RoleService
Throws:
RiceIllegalStateException

getRole

public Role getRole(String roleId)
             throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role object with the given ID.

Specified by:
getRole in interface RoleService
Throws:
RiceIllegalStateException

getRoleBoMap

protected Map<String,org.kuali.rice.kim.impl.role.RoleBo> getRoleBoMap(Collection<String> roleIds)

getRoles

public List<Role> getRoles(List<String> roleIds)
                    throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role objects for the role IDs in the given List.

Specified by:
getRoles in interface RoleService
Throws:
RiceIllegalStateException

getRoleByNameAndNamespaceCode

public Role getRoleByNameAndNamespaceCode(String namespaceCode,
                                          String roleName)
                                   throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role object with the unique combination of namespace, component, and role name.

Specified by:
getRoleByNameAndNamespaceCode in interface RoleService
Throws:
RiceIllegalStateException

getRoleIdByNameAndNamespaceCode

public String getRoleIdByNameAndNamespaceCode(String namespaceCode,
                                              String roleName)
                                       throws RiceIllegalStateException
Description copied from interface: RoleService
Return the Role ID for the given unique combination of namespace, component and role name.

Specified by:
getRoleIdByNameAndNamespaceCode in interface RoleService
Throws:
RiceIllegalStateException

isRoleActive

public boolean isRoleActive(String roleId)
                     throws RiceIllegalStateException
Description copied from interface: RoleService
Checks whether the role with the given role ID is active.

Specified by:
isRoleActive in interface RoleService
Returns:
Throws:
RiceIllegalStateException

getRoleQualifersForPrincipalByRoleIds

public List<Map<String,String>> getRoleQualifersForPrincipalByRoleIds(String principalId,
                                                                      List<String> roleIds,
                                                                      Map<String,String> qualification)
                                                               throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.

Specified by:
getRoleQualifersForPrincipalByRoleIds in interface RoleService
Throws:
RiceIllegalStateException

getRoleQualifersForPrincipalByNamespaceAndRolename

public List<Map<String,String>> getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
                                                                                   String namespaceCode,
                                                                                   String roleName,
                                                                                   Map<String,String> qualification)
                                                                            throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.

Specified by:
getRoleQualifersForPrincipalByNamespaceAndRolename in interface RoleService
Throws:
RiceIllegalStateException

getNestedRoleQualifersForPrincipalByNamespaceAndRolename

public List<Map<String,String>> getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
                                                                                         String namespaceCode,
                                                                                         String roleName,
                                                                                         Map<String,String> qualification)
                                                                                  throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.

Specified by:
getNestedRoleQualifersForPrincipalByNamespaceAndRolename in interface RoleService
Throws:
RiceIllegalStateException

getNestedRoleQualifiersForPrincipalByRoleIds

public List<Map<String,String>> getNestedRoleQualifiersForPrincipalByRoleIds(String principalId,
                                                                             List<String> roleIds,
                                                                             Map<String,String> qualification)
                                                                      throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.

Specified by:
getNestedRoleQualifiersForPrincipalByRoleIds in interface RoleService
Throws:
RiceIllegalStateException

getRoleMembers

public List<RoleMembership> getRoleMembers(List<String> roleIds,
                                           Map<String,String> qualification)
                                    throws RiceIllegalStateException
Description copied from interface: RoleService
Get all the role members (groups and principals) associated with the given list of roles where their role membership/assignment matches the given qualification. The list of RoleMemberships returned will only contain group and principal members. Any nested role members will be resolved and flattened into the principals and groups that are members of that nested role (assuming qualifications match). The return object will have each membership relationship along with the delegations

Specified by:
getRoleMembers in interface RoleService
Throws:
RiceIllegalStateException

getRoleMemberPrincipalIds

public Collection<String> getRoleMemberPrincipalIds(String namespaceCode,
                                                    String roleName,
                                                    Map<String,String> qualification)
                                             throws RiceIllegalStateException
Description copied from interface: RoleService
This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids

Specified by:
getRoleMemberPrincipalIds in interface RoleService
Returns:
list of member principal ids
Throws:
RiceIllegalStateException

principalHasRole

public boolean principalHasRole(String principalId,
                                List<String> roleIds,
                                Map<String,String> qualification)
                         throws RiceIllegalStateException
Description copied from interface: RoleService
Returns whether the given principal has any of the passed role IDs with the given qualification.

Specified by:
principalHasRole in interface RoleService
Throws:
RiceIllegalStateException

getPrincipalIdSubListWithRole

public List<String> getPrincipalIdSubListWithRole(List<String> principalIds,
                                                  String roleNamespaceCode,
                                                  String roleName,
                                                  Map<String,String> qualification)
                                           throws RiceIllegalStateException
Description copied from interface: RoleService
Returns the subset of the given principal ID list which has the given role and qualification. This is designed to be used by lookups of people by their roles.

Specified by:
getPrincipalIdSubListWithRole in interface RoleService
Throws:
RiceIllegalStateException

findRoles

public RoleQueryResults findRoles(QueryByCriteria queryByCriteria)
                           throws RiceIllegalStateException
Description copied from interface: RoleService
This method gets search results for role lookup

Specified by:
findRoles in interface RoleService
Throws:
RiceIllegalStateException

getFirstLevelRoleMembers

public List<RoleMembership> getFirstLevelRoleMembers(List<String> roleIds)
                                              throws RiceIllegalStateException
Description copied from interface: RoleService
Gets all direct members of the roles that have ids within the given list of role ids. This method does not recurse into any nested roles.

The resulting List of role membership will contain membership for all the roles with the specified ids. The list is not guaranteed to be in any particular order and may have membership info for the different roles interleaved with each other.

Specified by:
getFirstLevelRoleMembers in interface RoleService
Throws:
RiceIllegalStateException

findRoleMemberships

public RoleMembershipQueryResults findRoleMemberships(QueryByCriteria queryByCriteria)
                                               throws RiceIllegalStateException
Description copied from interface: RoleService
Gets role member information based on the given search criteria. The map of criteria contains attributes of RoleMembership as it's key and the values to search on as the value.

Specified by:
findRoleMemberships in interface RoleService
Throws:
RiceIllegalStateException

getDelegationMembersByDelegationId

public List<DelegateMember> getDelegationMembersByDelegationId(String delegationId)
                                                        throws RiceIllegalStateException
Description copied from interface: RoleService
Gets delegation member information based on the given search criteria. The map of criteria contains attributes of Delegate as it's key and the values to search on as the value.

Specified by:
getDelegationMembersByDelegationId in interface RoleService
Throws:
RiceIllegalStateException

getDelegationMemberByDelegationAndMemberId

public DelegateMember getDelegationMemberByDelegationAndMemberId(String delegationId,
                                                                 String memberId)
                                                          throws RiceIllegalStateException
Specified by:
getDelegationMemberByDelegationAndMemberId in interface RoleService
Throws:
RiceIllegalStateException

getDelegationMemberById

public DelegateMember getDelegationMemberById(String delegationMemberId)
                                       throws RiceIllegalStateException
Specified by:
getDelegationMemberById in interface RoleService
Throws:
RiceIllegalStateException

getRoleResponsibilities

public List<RoleResponsibility> getRoleResponsibilities(String roleId)
                                                 throws RiceIllegalStateException
Specified by:
getRoleResponsibilities in interface RoleService
Throws:
RiceIllegalStateException

getDelegateTypeByRoleIdAndDelegateTypeCode

public DelegateType getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId,
                                                               DelegationType delegationType)
                                                        throws RiceIllegalStateException
Specified by:
getDelegateTypeByRoleIdAndDelegateTypeCode in interface RoleService
Throws:
RiceIllegalStateException

getDelegateTypeByDelegationId

public DelegateType getDelegateTypeByDelegationId(String delegationId)
                                           throws RiceIllegalStateException
Specified by:
getDelegateTypeByDelegationId in interface RoleService
Throws:
RiceIllegalStateException

getRoleMembers

protected List<RoleMembership> getRoleMembers(List<String> roleIds,
                                              Map<String,String> qualification,
                                              boolean followDelegations,
                                              Set<String> foundRoleTypeMembers)

applyDelegationsToRoleMembers

protected List<RoleMembership.Builder> applyDelegationsToRoleMembers(List<RoleMembership> roleMemberships,
                                                                     Collection<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> delegations,
                                                                     Map<String,String> qualification)
Checks each of the result records to determine if there are potentially applicable delegation members for that role membership. If there are, applicable delegations and members will be linked to the RoleMemberships in the given list. An updated list will be returned from this method which includes the appropriate linked delegations.

linkDelegateToRoleMembership

protected void linkDelegateToRoleMembership(org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo delegation,
                                            DelegateMember.Builder delegateMemberBuilder,
                                            RoleMembership.Builder roleMembershipBuilder)

resolveDelegationMemberRoles

protected void resolveDelegationMemberRoles(List<RoleMembership.Builder> membershipBuilders,
                                            Map<String,String> qualification,
                                            Set<String> foundRoleTypeMembers)
Once the delegations for a RoleMembershipInfo object have been determined, any "role" member types need to be resolved into groups and principals so that further KIM requests are not needed.

principalHasRole

protected boolean principalHasRole(String principalId,
                                   List<String> roleIds,
                                   Map<String,String> qualification,
                                   boolean checkDelegations)

isApplicationRoleType

protected boolean isApplicationRoleType(String roleTypeId,
                                        RoleTypeService service)

matchesOnDelegation

protected boolean matchesOnDelegation(Set<String> allRoleIds,
                                      String principalId,
                                      List<String> principalGroupIds,
                                      Map<String,String> qualification)
Support method for principalHasRole. Checks delegations on the passed in roles for the given principal and groups. (It's assumed that the principal belongs to the given groups.)

Delegation checks are mostly the same as role checks except that the delegateBo itself is qualified against the original role (like a RolePrincipal or RoleGroup.) And then, the members of that delegateBo may have additional qualifiers which are not part of the original role qualifiers.

For example:

A role could be qualified by organization. So, there is a person in the organization with primary authority for that org. But, then they delegate authority for that organization (not their authority - the delegateBo is attached to the org.) So, in this case the delegateBo has a qualifier of the organization when it is attached to the role.

The principals then attached to that delegateBo (which is specific to the organization), may have additional qualifiers. For Example: dollar amount range, effective dates, document types. As a subsequent step, those qualifiers are checked against the qualification passed in from the client.

getRoleIdToMembershipMap

protected boolean getRoleIdToMembershipMap(Map<String,List<RoleMembership>> roleIdToMembershipMap,
                                           List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers)
Helper method used by principalHasRole to build the role ID -> list of members map.

Returns:
true if no further checks are needed because no role service is defined

getKimDelegationImpl

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getKimDelegationImpl(String delegationId)
Retrieves a KimDelegationImpl object by its ID. If the delegateBo already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.

getDelegationTypeService

protected DelegationTypeService getDelegationTypeService(String delegationId)

getNestedRoleMembers

protected Collection<RoleMembership> getNestedRoleMembers(Map<String,String> qualification,
                                                          RoleMembership rm,
                                                          Set<String> foundRoleTypeMembers)

getKimDelegationMemberImplByDelegationAndId

protected org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getKimDelegationMemberImplByDelegationAndId(String delegationId,
                                                                                                               String delegationMemberId)
Retrieves a KimDelegationMemberImpl object by its ID and the ID of the delegation it belongs to. If the delegation member exists in the cache, this method will return the cached one; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.

assignPrincipalToRole

public void assignPrincipalToRole(String principalId,
                                  String namespaceCode,
                                  String roleName,
                                  Map<String,String> qualifier)
                           throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the principal with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignPrincipalToRole in interface RoleService
Throws:
RiceIllegalStateException

assignGroupToRole

public void assignGroupToRole(String groupId,
                              String namespaceCode,
                              String roleName,
                              Map<String,String> qualifier)
                       throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the group with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignGroupToRole in interface RoleService
Throws:
RiceIllegalStateException

assignRoleToRole

public void assignRoleToRole(String roleId,
                             String namespaceCode,
                             String roleName,
                             Map<String,String> qualifier)
                      throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignRoleToRole in interface RoleService
Throws:
RiceIllegalStateException

createRoleMember

public RoleMember createRoleMember(RoleMember roleMember)
                            throws RiceIllegalStateException
Description copied from interface: RoleService
Creates a new RoleMember. Needs to be passed a valid RoleMember object that does not currently exist.

Specified by:
createRoleMember in interface RoleService
Throws:
RiceIllegalStateException

updateRoleMember

public RoleMember updateRoleMember(RoleMember roleMember)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: RoleService
Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
updateRoleMember in interface RoleService
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

createRoleResponsibilityAction

public RoleResponsibilityAction createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
                                                        throws RiceIllegalArgumentException,
                                                               RiceIllegalStateException
Specified by:
createRoleResponsibilityAction in interface RoleService
Throws:
RiceIllegalArgumentException
RiceIllegalStateException

createDelegateType

public DelegateType createDelegateType(DelegateType delegateType)
                                throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the member with the given id as a delegation member to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
createDelegateType in interface RoleService
Throws:
RiceIllegalStateException

updateDelegateType

public DelegateType updateDelegateType(DelegateType delegateType)
                                throws RiceIllegalStateException
Description copied from interface: RoleService
Updates a delegation type, including attached members

Specified by:
updateDelegateType in interface RoleService
Throws:
RiceIllegalStateException

removePrincipalFromRole

public void removePrincipalFromRole(String principalId,
                                    String namespaceCode,
                                    String roleName,
                                    Map<String,String> qualifier)
                             throws RiceIllegalStateException
Description copied from interface: RoleService
Remove the principal with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removePrincipalFromRole in interface RoleService
Throws:
RiceIllegalStateException

removeGroupFromRole

public void removeGroupFromRole(String groupId,
                                String namespaceCode,
                                String roleName,
                                Map<String,String> qualifier)
                         throws RiceIllegalStateException
Description copied from interface: RoleService
Remove the group with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removeGroupFromRole in interface RoleService
Throws:
RiceIllegalStateException

removeRoleFromRole

public void removeRoleFromRole(String roleId,
                               String namespaceCode,
                               String roleName,
                               Map<String,String> qualifier)
                        throws RiceIllegalStateException
Description copied from interface: RoleService
Remove the group with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removeRoleFromRole in interface RoleService
Throws:
RiceIllegalStateException

assignPermissionToRole

public void assignPermissionToRole(String permissionId,
                                   String roleId)
                            throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the given permission to the given role

Specified by:
assignPermissionToRole in interface RoleService
Throws:
RiceIllegalStateException

addMemberAttributeData

protected void addMemberAttributeData(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember,
                                      Map<String,String> qualifier,
                                      String kimTypeId)

addDelegationMemberAttributeData

protected void addDelegationMemberAttributeData(org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo delegationMember,
                                                Map<String,String> qualifier,
                                                String kimTypeId)

getNestedRoleTypeMemberIds

protected void getNestedRoleTypeMemberIds(String roleId,
                                          Set<String> members)

getRoleMemberBoList

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                              Collection<String> roleIds,
                                                                              String principalId,
                                                                              Collection<String> groupIds,
                                                                              String memberTypeCode,
                                                                              Map<String,String> qualification)
Retrieves a list of RoleMemberBo instances from the KimRoleDao.

Parameters:
daoActionToTake - An indicator for which KimRoleDao method should be used to get the results if the desired RoleMemberBos are not cached.
roleIds - The role IDs to filter by; may get used as the IDs for members that are also roles, depending on the daoActionToTake value.
principalId - The principal ID to filter by; may get ignored depending on the daoActionToTake value.
groupIds - The group IDs to filter by; may get ignored depending on the daoActionToTake value.
memberTypeCode - The member type code to filter by; may get overridden depending on the daoActionToTake value.
qualification - The original role qualification attribute set
Returns:
A list of RoleMemberBo instances based on the provided parameters.
Throws:
IllegalArgumentException - if daoActionToTake refers to an enumeration constant that is not role-member-related.

getStoredRolePrincipalsForPrincipalIdAndRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collection<String> roleIds,
                                                                                                          String principalId,
                                                                                                          Map<String,String> qualification)
Calls the KimRoleDao's "getRolePrincipalsForPrincipalIdAndRoleIds" method and/or retrieves any corresponding members from the cache.

getStoredRoleGroupsForGroupIdsAndRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleGroupsForGroupIdsAndRoleIds(Collection<String> roleIds,
                                                                                                   Collection<String> groupIds,
                                                                                                   Map<String,String> qualification)
Calls the KimRoleDao's "getRoleGroupsForGroupIdsAndRoleIds" method and/or retrieves any corresponding members from the cache.

getStoredRoleMembersForRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIds(Collection<String> roleIds,
                                                                                         String memberTypeCode,
                                                                                         Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembersForRoleIds" method and/or retrieves any corresponding members from the cache.

getStoredRoleMembershipsForRoleIdsAsMembers

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembershipsForRoleIdsAsMembers(Collection<String> roleIds,
                                                                                                      Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembershipsForRoleIdsAsMembers" method and/or retrieves any corresponding members from the cache.

getStoredRoleMembersForRoleIdsWithFilters

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIdsWithFilters(Collection<String> roleIds,
                                                                                                    String principalId,
                                                                                                    List<String> groupIds,
                                                                                                    Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembersForRoleIdsWithFilters" method and/or retrieves any corresponding members from the cache.

getRoleMemberBo

protected org.kuali.rice.kim.impl.role.RoleMemberBo getRoleMemberBo(String roleMemberId)
Retrieves a RoleMemberBo object by its ID. If the role member already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it (if it belongs to a role that allows its members to be cached) before returning it.

getStoredDelegationImplMapFromRoleIds

protected Map<String,org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplMapFromRoleIds(Collection<String> roleIds)
Calls the KimRoleDao's "getDelegationImplMapFromRoleIds" method and/or retrieves any corresponding delegations from the cache.

getStoredDelegationImplsForRoleIds

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplsForRoleIds(Collection<String> roleIds)
Calls the KimRoleDao's "getDelegationBosForRoleIds" method and/or retrieves any corresponding delegations from the cache.

getDelegationMemberBoList

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                                                   Collection<String> delegationIds,
                                                                                                   String principalId,
                                                                                                   List<String> groupIds)
Retrieves a List of delegation members from the KimRoleDao as appropriate.

Parameters:
daoActionToTake - An indicator for which KimRoleDao method to use for retrieving results.
delegationIds - The IDs of the delegations that the members belong to.
principalId - The principal ID of the principal delegation members; may get ignored depending on the RoleDaoAction value.
groupIds - The group IDs of the group delegation members; may get ignored depending on the RoleDaoAction value.
Returns:
A List of DelegateMemberBo objects based on the provided parameters.
Throws:
IllegalArgumentException - if daoActionToTake does not represent a delegation-member-list-related enumeration value.

getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(Collection<String> delegationIds,
                                                                                                                                     String principalId)
Calls the KimRoleDao's "getDelegationPrincipalsForPrincipalIdAndDelegationIds" method and/or retrieves any corresponding members from the cache.

getDelegateMemberBo

protected org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getDelegateMemberBo(String delegationMemberId)
Retrieves a DelegateMemberBo object by its ID. If the delegation member already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.

getDelegationMemberBoListByMemberAndDelegationId

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoListByMemberAndDelegationId(String memberId,
                                                                                                                          String delegationId)
Retrieves a DelegateMemberBo List by (principal/group/role) member ID and delegation ID. If the List already exists in the cache, this method will return the cached one; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.

getMember

protected Object getMember(String memberTypeCode,
                           String memberId)

getMemberName

protected String getMemberName(Object member)

getRoleBo

protected org.kuali.rice.kim.impl.role.RoleBo getRoleBo(String roleId)

getDelegationOfType

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getDelegationOfType(String roleId,
                                                                                     DelegationType delegationType)

getPrimaryDelegation

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getPrimaryDelegation(String roleId,
                                                                                      List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> roleDelegates)

matchingMemberRecord

protected org.kuali.rice.kim.impl.role.RoleMemberBo matchingMemberRecord(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers,
                                                                         String memberId,
                                                                         String memberTypeCode,
                                                                         Map<String,String> qualifier)

isDelegationPrimary

protected boolean isDelegationPrimary(DelegationType delegationType)

isDelegationSecondary

protected boolean isDelegationSecondary(DelegationType delegationType)

getRoleBoByName

protected org.kuali.rice.kim.impl.role.RoleBo getRoleBoByName(String namespaceCode,
                                                              String roleName)

doAnyMemberRecordsMatchByExactQualifier

protected boolean doAnyMemberRecordsMatchByExactQualifier(org.kuali.rice.kim.impl.role.RoleBo role,
                                                          String memberId,
                                                          RoleServiceBase.RoleDaoAction daoActionToTake,
                                                          Map<String,String> qualifier)

getRoleMembersByExactQualifierMatch

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersByExactQualifierMatch(org.kuali.rice.kim.impl.role.RoleBo role,
                                                                                              String memberId,
                                                                                              RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                                              Map<String,String> qualifier)

doAnyMemberRecordsMatch

protected boolean doAnyMemberRecordsMatch(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers,
                                          String memberId,
                                          String memberTypeCode,
                                          Map<String,String> qualifier)

doesMemberMatch

protected boolean doesMemberMatch(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember,
                                  String memberId,
                                  String memberTypeCode,
                                  Map<String,String> qualifier)

getRoleTypeService

protected RoleTypeService getRoleTypeService(String roleId)
Retrieves the role type service associated with the given role ID

Parameters:
roleId - the role ID to get the role type service for
Returns:
the Role Type Service

getRoleTypeService

protected RoleTypeService getRoleTypeService(KimType typeInfo)

populateQualifiersForExactMatch

protected Map<String,String> populateQualifiersForExactMatch(Map<String,String> defaultQualification,
                                                             List<String> attributes)

getKimAttributeId

protected String getKimAttributeId(String attributeName)

getBusinessObjectService

protected BusinessObjectService getBusinessObjectService()

getLookupService

protected LookupService getLookupService()
Returns:
the lookupService

getIdentityService

protected IdentityService getIdentityService()

getGroupService

protected GroupService getGroupService()

getResponsibilityInternalService

protected ResponsibilityInternalService getResponsibilityInternalService()

getRoleDao

protected RoleDao getRoleDao()
Returns:
the roleDao

setRoleDao

public void setRoleDao(RoleDao roleDao)
Parameters:
roleDao - the roleDao to set

setCriteriaLookupService

public void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)

getCriteriaLookupService

public CriteriaLookupService getCriteriaLookupService()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2005-2011 The Kuali Foundation. All Rights Reserved.