org.kuali.rice.kim.impl.jaxb
Class RoleDataXmlDTO
java.lang.Object
org.kuali.rice.kim.impl.jaxb.RoleDataXmlDTO
- All Implemented Interfaces:
- Serializable
public class RoleDataXmlDTO
- extends Object
- implements Serializable
This class represents a <roleData> element.
The expected XML structure is as follows:
<roleData>
<roles>
<role>
<roleName namespaceCode=""></roleName>
<kimTypeName namespaceCode=""></kimTypeName>
<description></description>
<active></active>
<roleMembers>
<roleMember>
<principalId></principalId>
<principalName></principalName>
<groupId></groupId>
<groupName namespaceCode=""></groupName>
<roleIdAsMember></roleIdAsMember>
<roleNameAsMember namespaceCode=""></roleNameAsMember>
<activeFromDate></activeFromDate>
<activeToDate></activeToDate>
<qualifications>
<qualification key=""></qualification>
</qualifications>
</roleMember>
</roleMembers>
<rolePermissions>
<rolePermission>
<permissionId></permissionId>
<permissionName namespaceCode=""></permissionName>
</rolePermission>
</rolePermissions>
</role>
</roles>
<roleMembers>
<roleMember>
<roleId></roleId>
<roleName namespaceCode=""></roleName>
<principalId></principalId>
<principalName></principalName>
<groupId></groupId>
<groupName namespaceCode=""></groupName>
<roleIdAsMember></roleIdAsMember>
<roleNameAsMember namespaceCode=""></roleNameAsMember>
<activeFromDate></activeFromDate>
<activeToDate></activeToDate>
<qualifications>
<qualification key=""></qualification>
</qualifications>
</roleMember>
</roleMembers>
<rolePermissions>
<rolePermission>
<roleId></roleId>
<roleName namespaceCode=""></roleName>
<permissionId></permissionId>
<permissionName namespaceCode=""></permissionName>
</rolePermission>
</rolePermissions>
</roleData>
Note the following:
- The <roles> element is optional, and can contain zero or more <role> elements.
- The <roleName> element on the <role> element and its "namespaceCode" attribute
are required, and must be non-blank. The namespace code must map to a valid namespace.
If the name and namespace combo matches an existing role, then the role in the XML will
overwrite the existing role.
- The <kimTypeName> and its "namespaceCode" attribute are both required, and the
name and namespace combo must match an existing KIM type.
- The <description> element is required, and must be non-blank.
- The <active> element is optional, and will be set to true if not specified.
- Both <roleMembers> elements are optional, and can contain zero or more
<roleMember> elements. If the <roleMembers> element within the <role>
element is specified, then any role members that are not within that element will be removed
from the role if the XML is overwriting an existing one. (The <roleMembers> element
outside of the <role> element can still add or re-add members that are not located
within the other <roleMembers> element.)
- For both <roleMember> elements:
- Exactly one of these sets of member identification must be specified:
- A <principalId> and/or <principalName> element, where the former
must contain a valid principal ID and the latter must contain a valid principal name.
- A <groupId> and/or <groupName> element, where the former must contain
a valid group ID and the latter must contain a valid group name and namespace.
- A <roleIdAsMember> and/or <roleNameAsMember> element, where the former
must contain a valid role ID and the latter must contain a valid role name and namespace.
- The <activeFromDate> element is optional, and its content must be a date String
that can be parsed by the DateTimeService.
- The <activeToDate> element is optional, and its content must be a date String
that can be parsed by the DateTimeService.
- The <qualifications> element is optional, and can contain zero or more
<qualification> elements.
- The <qualification> element's "key" attribute is required, and must be non-blank.
Duplicate keys within a <qualifications> element are not permitted.
- For both <rolePermission> elements:
- A <permissionId> and/or <permissionName> element must be specified, where the
former must contain a valid permission ID and the latter must contain a valid permission
name and namespace.
- For the <roleMember> and <rolePermission> elements not inside a <role> element:
- A <roleId> and/or <roleName> element must be specified, where the former must
contain a valid role ID and the latter must contain a valid role name and namespace.
- The ingestion process is currently order-dependent, which should be kept in mind when adding
roles as members of another role or assigning permissions to roles. (The permission XML always
gets ingested prior to the role XML.)
- The assignments of permissions to roles can only be added, not removed or deactivated.
(TODO: Improve the role/permission-updating API to allow for updates and removals.)
- The same roles, role members, and role permissions can be ingested within the same file,
where subsequent ones will overwrite previous ones. (TODO: Is this acceptable?)
- The IDs of principals, groups, roles, and permissions are not included when exporting the XML.
- Delegations and responsibility actions are currently not supported by the ingestion process.
TODO: Verify that the above behavior is correct.
- Author:
- Kuali Rice Team (rice.collab@kuali.org)
- See Also:
- Serialized Form
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
RoleDataXmlDTO
public RoleDataXmlDTO()
RoleDataXmlDTO
public RoleDataXmlDTO(RolesXmlDTO roles)
getRoles
public RolesXmlDTO getRoles()
- Returns:
- the roles
setRoles
public void setRoles(RolesXmlDTO roles)
- Parameters:
roles - the roles to set
getRoleMembers
public RoleMembersXmlDTO.OutsideOfRole getRoleMembers()
- Returns:
- the roleMembers
setRoleMembers
public void setRoleMembers(RoleMembersXmlDTO.OutsideOfRole roleMembers)
- Parameters:
roleMembers - the roleMembers to set
getRolePermissions
public RolePermissionsXmlDTO.OutsideOfRole getRolePermissions()
- Returns:
- the rolePermissions
setRolePermissions
public void setRolePermissions(RolePermissionsXmlDTO.OutsideOfRole rolePermissions)
- Parameters:
rolePermissions - the rolePermissions to set
Copyright © 2005-2011 The Kuali Foundation. All Rights Reserved.