Coverage Report

Coverage Report - org.kuali.rice.kim.api.services.IdentityManagementService

Classes in this File

 /*
  * Copyright 2008-2009 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.kim.api.services;
 
 import org.kuali.rice.core.api.criteria.QueryByCriteria;
 import org.kuali.rice.core.api.mo.common.Attributes;
 import org.kuali.rice.core.util.AttributeSet;
 import org.kuali.rice.kim.api.group.Group;
 import org.kuali.rice.kim.api.identity.Type;
 import org.kuali.rice.kim.api.identity.affiliation.EntityAffiliationType;
 import org.kuali.rice.kim.api.identity.entity.Entity;
 import org.kuali.rice.kim.api.identity.entity.EntityDefault;
 import org.kuali.rice.kim.api.identity.entity.EntityDefaultQueryResults;
 import org.kuali.rice.kim.api.identity.entity.EntityQueryResults;
 import org.kuali.rice.kim.api.identity.external.EntityExternalIdentifierType;
 import org.kuali.rice.kim.api.identity.principal.Principal;
 import org.kuali.rice.kim.api.permission.Permission;
 import org.kuali.rice.kim.api.responsibility.Responsibility;
 import org.kuali.rice.kim.api.responsibility.ResponsibilityAction;
 import org.kuali.rice.kim.bo.role.dto.PermissionAssigneeInfo;
 
 import javax.jws.WebParam;
 import java.util.List;
 
 /**
  * This is the front end for the KIM module.  Clients of KIM should access this service from
  * their applications.  If KIM is not running on the same machine (VM) as the application
  * (as would be the case with a standalone Rice server), then this service should be implemented
  * locally within the application and access the core KIM services
  * (Authentication/Authorization/Identity/Group) via the service bus.
  *
  *  For efficiency, implementations of this interface should add appropriate caching of
  *  the information retrieved from the core services for load and performance reasons.
  *
  *  Most of the methods on this interface are straight pass-thrus to methods on the four core services.
  *
  * @author Kuali Rice Team (rice.collab@kuali.org)
  *
  */
 public interface IdentityManagementService {
 
         // *******************************
         // IdentityService
         // *******************************
 
         Principal getPrincipal( String principalId);
         Principal getPrincipalByPrincipalName( String principalName);
 
         Principal getPrincipalByPrincipalNameAndPassword(
              String principalName,
              String password
     );
 
         EntityDefault getEntityDefaultInfo( String entityId);
         EntityDefault getEntityDefaultInfoByPrincipalId( String principalId);
         EntityDefault getEntityDefaultInfoByPrincipalName( String principalName);
 
     EntityDefaultQueryResults findEntityDefaults(@WebParam(name = "query") QueryByCriteria queryByCriteria);
 
         //KimEntityPrivacyPreferencesInfo getEntityPrivacyPreferences(String entityId);
 
         Entity getEntity( String entityId);
         Entity getEntityByPrincipalId( String principalId);
         Entity getEntityByPrincipalName( String principalName);
 
         EntityQueryResults findEntities(@WebParam(name = "query") QueryByCriteria queryByCriteria);
 
         Type getAddressType( String code);
         EntityAffiliationType getAffiliationType( String code);
         Type getCitizenshipStatus( String code);
         Type getEmailType( String code);
         Type getEmploymentStatus( String code);
         Type getEmploymentType( String code);
         Type getEntityNameType( String code);
         Type getEntityType( String code);
         EntityExternalIdentifierType getExternalIdentifierType( String code);
         Type getPhoneType( String code);
 
         // *******************************
         // GroupService
         // *******************************
 
         Group getGroup( String groupId);
 
     Group getGroupByName(
              String namespaceCode,
              String groupName
     );
 
     List<String> getParentGroupIds( String groupId);
     List<String> getDirectParentGroupIds( String groupId);
 
     
     List<String> getGroupIdsForPrincipal( String principalId);
 
     
     List<String> getGroupIdsForPrincipal(
              String principalId,
              String namespaceCode
     );
 
     
     List<? extends Group> getGroupsForPrincipal( String principalId);
 
     
     List<? extends Group> getGroupsForPrincipal(
              String principalId,
              String namespaceCode
     );
 
     List<String> getMemberGroupIds( String groupId);
     List<String> getDirectMemberGroupIds( String groupId);
 
     
         boolean isMemberOfGroup(
              String principalId,
              String groupId
     );
 
     
         boolean isMemberOfGroup(
              String principalId,
              String namespaceCode,
              String groupName
     );
 
         boolean isGroupMemberOfGroup(
              String potentialMemberGroupId,
              String potentialParentId
     );
 
         List<String> getGroupMemberPrincipalIds( String groupId);
         List<String> getDirectGroupMemberPrincipalIds( String groupId);
 
     boolean addGroupToGroup(
              String childId,
              String parentId
     );
 
     boolean removeGroupFromGroup(
              String childId,
              String parentId
     );
 
     boolean addPrincipalToGroup(
              String principalId,
              String groupId
     );
 
     boolean removePrincipalFromGroup(
              String principalId,
              String groupId
     );
 
     Group createGroup( Group group);
     void removeAllMembers( String groupId);
 
     Group updateGroup(
              String groupId,
              Group group
     );
 
         // *******************************
         // AuthenticationService
         // *******************************
     //@WebMethod(exclude=true)
         //String getAuthenticatedPrincipalName( @WebParam(name="request") HttpServletRequest request);
 
         // *******************************
         // AuthorizationService
         // *******************************
 
     // --------------------
     // Authorization Checks
     // --------------------
 
     boolean hasPermission(
              String principalId,
              String namespaceCode,
              String permissionName,
               AttributeSet permissionDetails
     );
 
     boolean isAuthorized(
              String principalId,
              String namespaceCode,
              String permissionName,
               AttributeSet permissionDetails,
               AttributeSet qualification
     );
 
     boolean hasPermissionByTemplateName(
              String principalId,
              String namespaceCode,
              String permissionTemplateName,
               AttributeSet permissionDetails
     );
 
     boolean isAuthorizedByTemplateName(
              String principalId,
              String namespaceCode,
              String permissionTemplateName,
              Attributes permissionDetails,
              Attributes qualification
     );
 
     /**
      * Returns the matching permission objects for a principal.
      */
     List<Permission> getAuthorizedPermissions(
              String principalId,
              String namespaceCode,
              String permissionName,
               AttributeSet permissionDetails,
               AttributeSet qualification
     );
 
     List<Permission> getAuthorizedPermissionsByTemplateName(
              String principalId,
              String namespaceCode,
              String permissionTemplateName,
               AttributeSet permissionDetails,
               AttributeSet qualification
     );
 
     List<PermissionAssigneeInfo> getPermissionAssignees(
              String namespaceCode,
              String permissionName,
               AttributeSet permissionDetails,
               AttributeSet qualification
     );
 
     List<PermissionAssigneeInfo> getPermissionAssigneesForTemplateName(
              String namespaceCode,
              String permissionTemplateName,
              Attributes permissionDetails,
              Attributes qualification
     );
 
     // ----------------------
     // Responsibility Methods
     // ----------------------
 
     /**
      * Get the responsibility object with the given ID.
      */
     Responsibility getResponsibility( String responsibilityId);
 
          /**
           * Return the responsibility object for the given unique combination of namespace,
           * component and responsibility name.
           */
     Responsibility getResponsibilityByName(
              String namespaceCode,
              String responsibilityName
     );
 
     /**
      * Check whether the principal has the given responsibility within the passed qualifier.
      */
     boolean hasResponsibility(
              String principalId,
              String namespaceCode,
              String responsibilityName,
               AttributeSet qualification,
               AttributeSet responsibilityDetails
     );
 
     /**
      * Check whether the principal has the given responsibility within the passed qualifier.
      */
     boolean hasResponsibilityByTemplateName(
              String principalId,
              String namespaceCode,
              String responsibilityTemplateName,
               AttributeSet qualification,
               AttributeSet responsibilityDetails
     );
 
     List<ResponsibilityAction> getResponsibilityActions(
              String namespaceCode,
              String responsibilityName,
               AttributeSet qualification,
               AttributeSet responsibilityDetails
     );
 
     List<ResponsibilityAction> getResponsibilityActionsByTemplateName(
              String namespaceCode,
              String responsibilityTemplateName,
               AttributeSet qualification,
               AttributeSet responsibilityDetails
     );
 
     /**
      * Returns true if there are any assigned permissions with the given template.
      */
     boolean isPermissionDefinedForTemplateName(
              String namespaceCode,
              String permissionTemplateName,
               AttributeSet permissionDetails
     );
 
 
     // ----------------------
     // Cache Flush Methods
     // ----------------------
 
     void flushAllCaches();
     void flushEntityPrincipalCaches();
         void flushGroupCaches();
         void flushPermissionCaches();
         void flushResponsibilityCaches();
 
 }

1		/*
2		* Copyright 2008-2009 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.kim.api.services;
17
18		import org.kuali.rice.core.api.criteria.QueryByCriteria;
19		import org.kuali.rice.core.api.mo.common.Attributes;
20		import org.kuali.rice.core.util.AttributeSet;
21		import org.kuali.rice.kim.api.group.Group;
22		import org.kuali.rice.kim.api.identity.Type;
23		import org.kuali.rice.kim.api.identity.affiliation.EntityAffiliationType;
24		import org.kuali.rice.kim.api.identity.entity.Entity;
25		import org.kuali.rice.kim.api.identity.entity.EntityDefault;
26		import org.kuali.rice.kim.api.identity.entity.EntityDefaultQueryResults;
27		import org.kuali.rice.kim.api.identity.entity.EntityQueryResults;
28		import org.kuali.rice.kim.api.identity.external.EntityExternalIdentifierType;
29		import org.kuali.rice.kim.api.identity.principal.Principal;
30		import org.kuali.rice.kim.api.permission.Permission;
31		import org.kuali.rice.kim.api.responsibility.Responsibility;
32		import org.kuali.rice.kim.api.responsibility.ResponsibilityAction;
33		import org.kuali.rice.kim.bo.role.dto.PermissionAssigneeInfo;
34
35		import javax.jws.WebParam;
36		import java.util.List;
37
38		/**
39		* This is the front end for the KIM module. Clients of KIM should access this service from
40		* their applications. If KIM is not running on the same machine (VM) as the application
41		* (as would be the case with a standalone Rice server), then this service should be implemented
42		* locally within the application and access the core KIM services
43		* (Authentication/Authorization/Identity/Group) via the service bus.
44		*
45		* For efficiency, implementations of this interface should add appropriate caching of
46		* the information retrieved from the core services for load and performance reasons.
47		*
48		* Most of the methods on this interface are straight pass-thrus to methods on the four core services.
49		*
50		* @author Kuali Rice Team (rice.collab@kuali.org)
51		*
52		*/
53		public interface IdentityManagementService {
54
55		// *******************************
56		// IdentityService
57		// *******************************
58
59		Principal getPrincipal( String principalId);
60		Principal getPrincipalByPrincipalName( String principalName);
61
62		Principal getPrincipalByPrincipalNameAndPassword(
63		String principalName,
64		String password
65		);
66
67		EntityDefault getEntityDefaultInfo( String entityId);
68		EntityDefault getEntityDefaultInfoByPrincipalId( String principalId);
69		EntityDefault getEntityDefaultInfoByPrincipalName( String principalName);
70
71		EntityDefaultQueryResults findEntityDefaults(@WebParam(name = "query") QueryByCriteria queryByCriteria);
72
73		//KimEntityPrivacyPreferencesInfo getEntityPrivacyPreferences(String entityId);
74
75		Entity getEntity( String entityId);
76		Entity getEntityByPrincipalId( String principalId);
77		Entity getEntityByPrincipalName( String principalName);
78
79		EntityQueryResults findEntities(@WebParam(name = "query") QueryByCriteria queryByCriteria);
80
81		Type getAddressType( String code);
82		EntityAffiliationType getAffiliationType( String code);
83		Type getCitizenshipStatus( String code);
84		Type getEmailType( String code);
85		Type getEmploymentStatus( String code);
86		Type getEmploymentType( String code);
87		Type getEntityNameType( String code);
88		Type getEntityType( String code);
89		EntityExternalIdentifierType getExternalIdentifierType( String code);
90		Type getPhoneType( String code);
91
92		// *******************************
93		// GroupService
94		// *******************************
95
96		Group getGroup( String groupId);
97
98		Group getGroupByName(
99		String namespaceCode,
100		String groupName
101		);
102
103		List<String> getParentGroupIds( String groupId);
104		List<String> getDirectParentGroupIds( String groupId);
105
106
107		List<String> getGroupIdsForPrincipal( String principalId);
108
109
110		List<String> getGroupIdsForPrincipal(
111		String principalId,
112		String namespaceCode
113		);
114
115
116		List<? extends Group> getGroupsForPrincipal( String principalId);
117
118
119		List<? extends Group> getGroupsForPrincipal(
120		String principalId,
121		String namespaceCode
122		);
123
124		List<String> getMemberGroupIds( String groupId);
125		List<String> getDirectMemberGroupIds( String groupId);
126
127
128		boolean isMemberOfGroup(
129		String principalId,
130		String groupId
131		);
132
133
134		boolean isMemberOfGroup(
135		String principalId,
136		String namespaceCode,
137		String groupName
138		);
139
140		boolean isGroupMemberOfGroup(
141		String potentialMemberGroupId,
142		String potentialParentId
143		);
144
145		List<String> getGroupMemberPrincipalIds( String groupId);
146		List<String> getDirectGroupMemberPrincipalIds( String groupId);
147
148		boolean addGroupToGroup(
149		String childId,
150		String parentId
151		);
152
153		boolean removeGroupFromGroup(
154		String childId,
155		String parentId
156		);
157
158		boolean addPrincipalToGroup(
159		String principalId,
160		String groupId
161		);
162
163		boolean removePrincipalFromGroup(
164		String principalId,
165		String groupId
166		);
167
168		Group createGroup( Group group);
169		void removeAllMembers( String groupId);
170
171		Group updateGroup(
172		String groupId,
173		Group group
174		);
175
176		// *******************************
177		// AuthenticationService
178		// *******************************
179		//@WebMethod(exclude=true)
180		//String getAuthenticatedPrincipalName( @WebParam(name="request") HttpServletRequest request);
181
182		// *******************************
183		// AuthorizationService
184		// *******************************
185
186		// --------------------
187		// Authorization Checks
188		// --------------------
189
190		boolean hasPermission(
191		String principalId,
192		String namespaceCode,
193		String permissionName,
194		AttributeSet permissionDetails
195		);
196
197		boolean isAuthorized(
198		String principalId,
199		String namespaceCode,
200		String permissionName,
201		AttributeSet permissionDetails,
202		AttributeSet qualification
203		);
204
205		boolean hasPermissionByTemplateName(
206		String principalId,
207		String namespaceCode,
208		String permissionTemplateName,
209		AttributeSet permissionDetails
210		);
211
212		boolean isAuthorizedByTemplateName(
213		String principalId,
214		String namespaceCode,
215		String permissionTemplateName,
216		Attributes permissionDetails,
217		Attributes qualification
218		);
219
220		/**
221		* Returns the matching permission objects for a principal.
222		*/
223		List<Permission> getAuthorizedPermissions(
224		String principalId,
225		String namespaceCode,
226		String permissionName,
227		AttributeSet permissionDetails,
228		AttributeSet qualification
229		);
230
231		List<Permission> getAuthorizedPermissionsByTemplateName(
232		String principalId,
233		String namespaceCode,
234		String permissionTemplateName,
235		AttributeSet permissionDetails,
236		AttributeSet qualification
237		);
238
239		List<PermissionAssigneeInfo> getPermissionAssignees(
240		String namespaceCode,
241		String permissionName,
242		AttributeSet permissionDetails,
243		AttributeSet qualification
244		);
245
246		List<PermissionAssigneeInfo> getPermissionAssigneesForTemplateName(
247		String namespaceCode,
248		String permissionTemplateName,
249		Attributes permissionDetails,
250		Attributes qualification
251		);
252
253		// ----------------------
254		// Responsibility Methods
255		// ----------------------
256
257		/**
258		* Get the responsibility object with the given ID.
259		*/
260		Responsibility getResponsibility( String responsibilityId);
261
262		/**
263		* Return the responsibility object for the given unique combination of namespace,
264		* component and responsibility name.
265		*/
266		Responsibility getResponsibilityByName(
267		String namespaceCode,
268		String responsibilityName
269		);
270
271		/**
272		* Check whether the principal has the given responsibility within the passed qualifier.
273		*/
274		boolean hasResponsibility(
275		String principalId,
276		String namespaceCode,
277		String responsibilityName,
278		AttributeSet qualification,
279		AttributeSet responsibilityDetails
280		);
281
282		/**
283		* Check whether the principal has the given responsibility within the passed qualifier.
284		*/
285		boolean hasResponsibilityByTemplateName(
286		String principalId,
287		String namespaceCode,
288		String responsibilityTemplateName,
289		AttributeSet qualification,
290		AttributeSet responsibilityDetails
291		);
292
293		List<ResponsibilityAction> getResponsibilityActions(
294		String namespaceCode,
295		String responsibilityName,
296		AttributeSet qualification,
297		AttributeSet responsibilityDetails
298		);
299
300		List<ResponsibilityAction> getResponsibilityActionsByTemplateName(
301		String namespaceCode,
302		String responsibilityTemplateName,
303		AttributeSet qualification,
304		AttributeSet responsibilityDetails
305		);
306
307		/**
308		* Returns true if there are any assigned permissions with the given template.
309		*/
310		boolean isPermissionDefinedForTemplateName(
311		String namespaceCode,
312		String permissionTemplateName,
313		AttributeSet permissionDetails
314		);
315
316
317		// ----------------------
318		// Cache Flush Methods
319		// ----------------------
320
321		void flushAllCaches();
322		void flushEntityPrincipalCaches();
323		void flushGroupCaches();
324		void flushPermissionCaches();
325		void flushResponsibilityCaches();
326
327		}