| Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
| PermissionService |
|
| 1.0;1 |
| 1 | /* | |
| 2 | * Copyright 2008 The Kuali Foundation | |
| 3 | * | |
| 4 | * Licensed under the Educational Community License, Version 2.0 (the "License"); | |
| 5 | * you may not use this file except in compliance with the License. | |
| 6 | * You may obtain a copy of the License at | |
| 7 | * | |
| 8 | * http://www.opensource.org/licenses/ecl2.php | |
| 9 | * | |
| 10 | * Unless required by applicable law or agreed to in writing, software | |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 13 | * See the License for the specific language governing permissions and | |
| 14 | * limitations under the License. | |
| 15 | */ | |
| 16 | package org.kuali.rice.kim.api.permission; | |
| 17 | ||
| 18 | import org.kuali.rice.core.api.exception.RiceIllegalArgumentException; | |
| 19 | import org.kuali.rice.core.api.exception.RiceIllegalStateException; | |
| 20 | import org.kuali.rice.core.util.jaxb.MapStringStringAdapter; | |
| 21 | import org.kuali.rice.kim.api.common.assignee.Assignee; | |
| 22 | import org.kuali.rice.kim.api.common.template.Template; | |
| 23 | import org.kuali.rice.kim.util.KimConstants; | |
| 24 | ||
| 25 | import javax.jws.WebMethod; | |
| 26 | import javax.jws.WebParam; | |
| 27 | import javax.jws.WebResult; | |
| 28 | import javax.jws.WebService; | |
| 29 | import javax.jws.soap.SOAPBinding; | |
| 30 | import javax.xml.bind.annotation.XmlElement; | |
| 31 | import javax.xml.bind.annotation.XmlElementWrapper; | |
| 32 | import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; | |
| 33 | import java.util.List; | |
| 34 | import java.util.Map; | |
| 35 | ||
| 36 | /** | |
| 37 | * This service provides operations for evaluating permissions and querying for permission data. | |
| 38 | * | |
| 39 | * <p>A permission is the ability to perform an action. All permissions have a permission template. | |
| 40 | * Both permissions and permission templates are uniquely identified by a namespace code plus a name. | |
| 41 | * The permission template defines the course-grained permission and specifies what additional | |
| 42 | * permission details need to be collected on permissions that use that template. For example, a | |
| 43 | * permission template might have a name of "Initiate Document" which requires a permission detail | |
| 44 | * specifying the document type that can be initiated. A permission created from the "Initiate Document" | |
| 45 | * template would define the name of the specific Document Type that can be initiated as a permission | |
| 46 | * detail. | |
| 47 | * | |
| 48 | * <p>The isAuthorized and isAuthorizedByTemplateName operations | |
| 49 | * on this service are used to execute authorization checks for a principal against a | |
| 50 | * permission. Permissions are always assigned to roles (never directly to a principal or | |
| 51 | * group). A particular principal will be authorized for a given permission if the permission | |
| 52 | * evaluates to true (according to the permission evaluation logic and based on any supplied | |
| 53 | * permission details) and that principal is assigned to a role which has been granted the permission. | |
| 54 | * | |
| 55 | * <p>The actual logic for how permission evaluation logic is defined and executed is dependent upon | |
| 56 | * the permission service implementation. However, it will typically be associated with the permission | |
| 57 | * template used on the permission. | |
| 58 | * | |
| 59 | * <p>This service provides read-only operations. For write operations, see | |
| 60 | * {@link PermissionUpdateService}. | |
| 61 | * | |
| 62 | * @see PermissionUpdateService | |
| 63 | * | |
| 64 | * @author Kuali Rice Team (rice.collab@kuali.org) | |
| 65 | */ | |
| 66 | @WebService(name = "PermissionService", targetNamespace = KimConstants.Namespaces.KIM_NAMESPACE_2_0) | |
| 67 | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) | |
| 68 | public interface PermissionService { | |
| 69 | ||
| 70 | /** | |
| 71 | * This will create a {@link Permission} exactly like the permission passed in. | |
| 72 | * | |
| 73 | * @param permission the permission to create | |
| 74 | * @return the id of the newly created object. will never be null. | |
| 75 | * @throws IllegalArgumentException if the permission is null | |
| 76 | * @throws IllegalStateException if the permission is already existing in the system | |
| 77 | */ | |
| 78 | @WebMethod(operationName="createPermission") | |
| 79 | @WebResult(name = "id") | |
| 80 | String createPermission(@WebParam(name = "permission") Permission permission) | |
| 81 | throws RiceIllegalArgumentException, RiceIllegalStateException; | |
| 82 | ||
| 83 | /** | |
| 84 | * This will update a {@link Permission}. | |
| 85 | * | |
| 86 | * @param permission the permission to update | |
| 87 | * @throws IllegalArgumentException if the permission is null | |
| 88 | * @throws IllegalStateException if the permission does not exist in the system | |
| 89 | */ | |
| 90 | @WebMethod(operationName="updatePermission") | |
| 91 | void updatePermission(@WebParam(name = "permission") Permission permission) | |
| 92 | throws RiceIllegalArgumentException, RiceIllegalStateException; | |
| 93 | ||
| 94 | // -------------------- | |
| 95 | // Authorization Checks | |
| 96 | // -------------------- | |
| 97 | ||
| 98 | /** | |
| 99 | * Checks whether the principal has been granted a permission matching the given details | |
| 100 | * without taking role qualifiers into account. | |
| 101 | * | |
| 102 | * This method should not be used for true authorization checks since a principal | |
| 103 | * may only have this permission within a given context. It could be used to | |
| 104 | * identify that the user would have some permissions within a certain area. | |
| 105 | * Later checks would identify exactly what permissions were granted. | |
| 106 | * | |
| 107 | * It can also be used when the client application KNOWS that this is a role which | |
| 108 | * is never qualified. | |
| 109 | */ | |
| 110 | @WebMethod(operationName = "hasPermission") | |
| 111 | @WebResult(name = "hasPermission") | |
| 112 | boolean hasPermission( @WebParam(name="principalId") String principalId, | |
| 113 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 114 | @WebParam(name="permissionName") String permissionName, | |
| 115 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 116 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails ); | |
| 117 | ||
| 118 | ||
| 119 | /** | |
| 120 | * Checks whether the given qualified permission is granted to the principal given | |
| 121 | * the passed roleQualification. If no roleQualification is passed (null or empty) | |
| 122 | * then this method behaves the same as {@link #hasPermission(String, String, String, Map<String, String>)}. | |
| 123 | * | |
| 124 | * Each role assigned to the principal is checked for qualifications. If a qualifier | |
| 125 | * exists on the principal's membership in that role, that is checked first through | |
| 126 | * the role's type service. Once it is determined that the principal has the role | |
| 127 | * in the given context (qualification), the permissions are examined. | |
| 128 | * | |
| 129 | * Each permission is checked against the permissionDetails. The PermissionTypeService | |
| 130 | * is called for each permission with the given permissionName to see if the | |
| 131 | * permissionDetails matches its details. | |
| 132 | */ | |
| 133 | @WebMethod(operationName = "isAuthorized") | |
| 134 | @WebResult(name = "isAuthorized") | |
| 135 | boolean isAuthorized( @WebParam(name="principalId") String principalId, | |
| 136 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 137 | @WebParam(name="permissionName") String permissionName, | |
| 138 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 139 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 140 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 141 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 142 | ||
| 143 | /** | |
| 144 | * Checks whether the principal has been granted a permission matching the given details | |
| 145 | * without taking role qualifiers into account. | |
| 146 | * | |
| 147 | * This method should not be used for true authorization checks since a principal | |
| 148 | * may only have this permission within a given context. It could be used to | |
| 149 | * identify that the user would have some permissions within a certain area. | |
| 150 | * Later checks would identify exactly what permissions were granted. | |
| 151 | * | |
| 152 | * It can also be used when the client application KNOWS that this is a role which | |
| 153 | * is never qualified. | |
| 154 | */ | |
| 155 | @WebMethod(operationName = "hasPermissionByTemplateName") | |
| 156 | @WebResult(name = "hasPermission") | |
| 157 | boolean hasPermissionByTemplateName( @WebParam(name="principalId") String principalId, | |
| 158 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 159 | @WebParam(name="permissionTemplateName") String permissionTemplateName, | |
| 160 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 161 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails ); | |
| 162 | ||
| 163 | /** | |
| 164 | * Checks whether the given qualified permission is granted to the principal given | |
| 165 | * the passed roleQualification. If no roleQualification is passed (null or empty) | |
| 166 | * then this method behaves the same as {@link #hasPermission(String, String, String, Map<String, String>)}. | |
| 167 | * | |
| 168 | * Each role assigned to the principal is checked for qualifications. If a qualifier | |
| 169 | * exists on the principal's membership in that role, that is checked first through | |
| 170 | * the role's type service. Once it is determined that the principal has the role | |
| 171 | * in the given context (qualification), the permissions are examined. | |
| 172 | * | |
| 173 | * Each permission is checked against the permissionDetails. The PermissionTypeService | |
| 174 | * is called for each permission with the given permissionName to see if the | |
| 175 | * permissionDetails matches its details. | |
| 176 | */ | |
| 177 | @WebMethod(operationName = "isAuthorizedByTemplateName") | |
| 178 | @WebResult(name = "isAuthorized") | |
| 179 | boolean isAuthorizedByTemplateName( @WebParam(name="principalId") String principalId, | |
| 180 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 181 | @WebParam(name="permissionTemplateName") String permissionTemplateName, | |
| 182 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 183 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 184 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 185 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 186 | ||
| 187 | ||
| 188 | /** | |
| 189 | * Get the list of principals/groups who have a given permission. This also returns delegates | |
| 190 | * for the given principals/groups who also have this permission given the context in the | |
| 191 | * qualification parameter. | |
| 192 | * | |
| 193 | * Each role assigned to the principal is checked for qualifications. If a qualifier | |
| 194 | * exists on the principal's membership in that role, that is checked first through | |
| 195 | * the role's type service. Once it is determined that the principal has the role | |
| 196 | * in the given context (qualification), the permissions are examined. | |
| 197 | * | |
| 198 | */ | |
| 199 | @WebMethod(operationName = "getPermissionAssignees") | |
| 200 | @XmlElementWrapper(name = "assignees", required = true) | |
| 201 | @XmlElement(name = "assignee", required = false) | |
| 202 | @WebResult(name = "assignees") | |
| 203 | List<Assignee> getPermissionAssignees( @WebParam(name="namespaceCode") String namespaceCode, | |
| 204 | @WebParam(name="permissionName") String permissionName, | |
| 205 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 206 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 207 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 208 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 209 | ||
| 210 | /** | |
| 211 | * Get the list of principals/groups who have a given permission that match the given | |
| 212 | * permission template and permission details. This also returns delegates | |
| 213 | * for the given principals/groups who also have this permission given the context in the | |
| 214 | * qualification parameter. | |
| 215 | * | |
| 216 | * Each role assigned to the principal is checked for qualifications. If a qualifier | |
| 217 | * exists on the principal's membership in that role, that is checked first through | |
| 218 | * the role's type service. Once it is determined that the principal has the role | |
| 219 | * in the given context (qualification), the permissions are examined. | |
| 220 | * | |
| 221 | */ | |
| 222 | @WebMethod(operationName = "getPermissionAssigneesForTemplateName") | |
| 223 | @XmlElementWrapper(name = "assignees", required = true) | |
| 224 | @XmlElement(name = "assignee", required = false) | |
| 225 | @WebResult(name = "assignees") | |
| 226 | List<Assignee> getPermissionAssigneesForTemplateName( @WebParam(name="namespaceCode") String namespaceCode, | |
| 227 | @WebParam(name="permissionTemplateName") String permissionTemplateName, | |
| 228 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 229 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 230 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 231 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 232 | ||
| 233 | /** | |
| 234 | * Returns true if the given permission is defined on any Roles. | |
| 235 | */ | |
| 236 | @WebMethod(operationName = "isPermissionDefined") | |
| 237 | @WebResult(name = "isPermissionDefined") | |
| 238 | boolean isPermissionDefined( @WebParam(name="namespaceCode") String namespaceCode, | |
| 239 | @WebParam(name="permissionName") String permissionName, | |
| 240 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 241 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails ); | |
| 242 | ||
| 243 | /** | |
| 244 | * Returns true if the given permission template is defined on any Roles. | |
| 245 | */ | |
| 246 | @WebMethod(operationName = "isPermissionDefinedForTemplateName") | |
| 247 | @WebResult(name = "isPermissionDefinedForTemplateName") | |
| 248 | boolean isPermissionDefinedForTemplateName( @WebParam(name="namespaceCode") String namespaceCode, | |
| 249 | @WebParam(name="permissionTemplateName") String permissionTemplateName, | |
| 250 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 251 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails ); | |
| 252 | ||
| 253 | /** | |
| 254 | * Returns permissions (with their details) that are granted to the principal given | |
| 255 | * the passed qualification. If no qualification is passed (null or empty) | |
| 256 | * then this method does not check any qualifications on the roles. | |
| 257 | * | |
| 258 | * All permissions with the given name are checked against the permissionDetails. | |
| 259 | * The PermissionTypeService is called for each permission to see if the | |
| 260 | * permissionDetails matches its details. | |
| 261 | * | |
| 262 | * An asterisk (*) as a value in any permissionDetails key-value pair will match any value. | |
| 263 | * This forms a way to provide a wildcard to obtain multiple permissions in one call. | |
| 264 | * | |
| 265 | * After the permissions are determined, the roles that hold those permissions are determined. | |
| 266 | * Each role that matches between the principal and the permission objects is checked for | |
| 267 | * qualifications. If a qualifier | |
| 268 | * exists on the principal's membership in that role, that is checked through | |
| 269 | * the role's type service. | |
| 270 | * | |
| 271 | */ | |
| 272 | @WebMethod(operationName = "getAuthorizedPermissions") | |
| 273 | @XmlElementWrapper(name = "permissions", required = true) | |
| 274 | @XmlElement(name = "permission", required = false) | |
| 275 | @WebResult(name = "permissions") | |
| 276 | List<Permission> getAuthorizedPermissions( @WebParam(name="principalId") String principalId, | |
| 277 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 278 | @WebParam(name="permissionName") String permissionName, | |
| 279 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 280 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 281 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 282 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 283 | ||
| 284 | /** | |
| 285 | * Returns permissions (with their details) that are granted to the principal given | |
| 286 | * the passed qualification. If no qualification is passed (null or empty) | |
| 287 | * then this method does not check any qualifications on the roles. | |
| 288 | * | |
| 289 | * All permissions with the given name are checked against the permissionDetails. | |
| 290 | * The PermissionTypeService is called for each permission to see if the | |
| 291 | * permissionDetails matches its details. | |
| 292 | * | |
| 293 | * An asterisk (*) as a value in any permissionDetails key-value pair will match any value. | |
| 294 | * This forms a way to provide a wildcard to obtain multiple permissions in one call. | |
| 295 | * | |
| 296 | * After the permissions are determined, the roles that hold those permissions are determined. | |
| 297 | * Each role that matches between the principal and the permission objects is checked for | |
| 298 | * qualifications. If a qualifier | |
| 299 | * exists on the principal's membership in that role, that is checked through | |
| 300 | * the role's type service. | |
| 301 | * | |
| 302 | */ | |
| 303 | @WebMethod(operationName = "getAuthorizedPermissionsByTemplateName") | |
| 304 | @XmlElementWrapper(name = "permissions", required = true) | |
| 305 | @XmlElement(name = "permission", required = false) | |
| 306 | @WebResult(name = "permissions") | |
| 307 | List<Permission> getAuthorizedPermissionsByTemplateName( @WebParam(name="principalId") String principalId, | |
| 308 | @WebParam(name="namespaceCode") String namespaceCode, | |
| 309 | @WebParam(name="permissionTemplateName") String permissionTemplateName, | |
| 310 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 311 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails, | |
| 312 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 313 | @WebParam(name="qualification") Map<String, String> qualification ); | |
| 314 | ||
| 315 | // -------------------- | |
| 316 | // Permission Data | |
| 317 | // -------------------- | |
| 318 | ||
| 319 | /** | |
| 320 | * Get the permission object with the given ID. | |
| 321 | */ | |
| 322 | @WebMethod(operationName = "getPermission") | |
| 323 | @WebResult(name = "permission") | |
| 324 | Permission getPermission( @WebParam(name="permissionId") String permissionId ); | |
| 325 | ||
| 326 | /** | |
| 327 | * Return the permission object for the given unique combination of namespace, | |
| 328 | * component and permission template name. | |
| 329 | */ | |
| 330 | @WebMethod(operationName = "getPermissionsByTemplateName") | |
| 331 | @WebResult(name = "permission") | |
| 332 | Permission getPermissionsByTemplateName( @WebParam(name="namespaceCode") String namespaceCode, | |
| 333 | @WebParam(name="permissionTemplateName") String permissionTemplateName ); | |
| 334 | ||
| 335 | /** | |
| 336 | * Return the permission object for the given unique combination of namespace, | |
| 337 | * component and permission name. | |
| 338 | */ | |
| 339 | @WebMethod(operationName = "getPermissionsByName") | |
| 340 | @WebResult(name = "permissions") | |
| 341 | Permission getPermissionsByName( @WebParam(name="namespaceCode") String namespaceCode, | |
| 342 | @WebParam(name="permissionName") String permissionName ); | |
| 343 | ||
| 344 | /** | |
| 345 | * | |
| 346 | * Return the Permission Template given the Template ID. | |
| 347 | * | |
| 348 | * @param permissionTemplateId | |
| 349 | * @return PermissionTemplate | |
| 350 | */ | |
| 351 | @WebMethod(operationName = "getPermissionTemplate") | |
| 352 | @WebResult(name = "permissionTemplate") | |
| 353 | Template getPermissionTemplate( @WebParam(name="permissionTemplateId") String permissionTemplateId ); | |
| 354 | ||
| 355 | /** | |
| 356 | * | |
| 357 | * Return the Permission Template given the Template Name and Namespace Code. | |
| 358 | * | |
| 359 | * @param namespaceCode, permissionTemplateName | |
| 360 | * @return PermissionTemplate | |
| 361 | */ | |
| 362 | @WebMethod(operationName = "getPermissionTemplateByName") | |
| 363 | @WebResult(name = "permissionTemplate") | |
| 364 | Template getPermissionTemplateByName( @WebParam(name="namespaceCode") String namespaceCode, | |
| 365 | @WebParam(name="permissionTemplateName") String permissionTemplateName ); | |
| 366 | ||
| 367 | /** | |
| 368 | * | |
| 369 | * Return all Permission Templates. | |
| 370 | * | |
| 371 | * @param namespaceCode, permissionTemplateName | |
| 372 | * @return PermissionTemplate | |
| 373 | */ | |
| 374 | @WebMethod(operationName = "getAllTemplates") | |
| 375 | @XmlElementWrapper(name = "templates", required = true) | |
| 376 | @XmlElement(name = "template", required = false) | |
| 377 | @WebResult(name = "templates") | |
| 378 | List<Template> getAllTemplates(); | |
| 379 | ||
| 380 | /** | |
| 381 | * Search for permissions using arbitrary search criteria. JavaBeans property syntax | |
| 382 | * should be used to reference the properties. | |
| 383 | * | |
| 384 | * If the searchCriteria parameter is null or empty, an empty list will be returned. | |
| 385 | */ | |
| 386 | @WebMethod(operationName = "lookupPermissions") | |
| 387 | @XmlElementWrapper(name = "permissions", required = true) | |
| 388 | @XmlElement(name = "permission", required = false) | |
| 389 | @WebResult(name = "permissions") | |
| 390 | List<Permission> lookupPermissions( @WebParam(name="searchCriteria") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String,String> searchCriteria, | |
| 391 | @WebParam(name="unbounded") boolean unbounded); | |
| 392 | ||
| 393 | /** | |
| 394 | * Get the role IDs for the given permission. | |
| 395 | */ | |
| 396 | @WebMethod(operationName = "getRoleIdsForPermission") | |
| 397 | @XmlElementWrapper(name = "roleIds", required = true) | |
| 398 | @XmlElement(name = "roleId", required = false) | |
| 399 | @WebResult(name = "roleIds") | |
| 400 | List<String> getRoleIdsForPermission( @WebParam(name="namespaceCode") String namespaceCode, | |
| 401 | @WebParam(name="permissionName") String permissionName, | |
| 402 | @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) | |
| 403 | @WebParam(name="permissionDetails") Map<String, String> permissionDetails); | |
| 404 | ||
| 405 | /** | |
| 406 | * Get the role IDs for the given list of permissions. | |
| 407 | */ | |
| 408 | @WebMethod(operationName = "getRoleIdsForPermissions") | |
| 409 | @XmlElementWrapper(name = "roleIds", required = true) | |
| 410 | @XmlElement(name = "roleId", required = false) | |
| 411 | @WebResult(name = "roleIds") | |
| 412 | List<String> getRoleIdsForPermissions( @WebParam(name="permissions") List<Permission> permissions ); | |
| 413 | ||
| 414 | /** | |
| 415 | * Returns the label of the permission detail for the given permissionId, kimType and attributeName. | |
| 416 | */ | |
| 417 | @WebMethod(operationName = "getPermissionDetailLabel") | |
| 418 | @WebResult(name = "permissionDetailLabel") | |
| 419 | String getPermissionDetailLabel( String permissionId, String kimTypeId, String attributeName); | |
| 420 | ||
| 421 | /** | |
| 422 | * Get the role IDs for the given permission. | |
| 423 | */ | |
| 424 | @WebMethod(operationName = "getRoleIdsForPermissionId") | |
| 425 | @XmlElementWrapper(name = "roleIds", required = true) | |
| 426 | @XmlElement(name = "roleId", required = false) | |
| 427 | @WebResult(name = "roleIds") | |
| 428 | List<String> getRoleIdsForPermissionId(@WebParam(name = "permissionId") String permissionId); | |
| 429 | ||
| 430 | /** | |
| 431 | * Return the permission object for the given unique combination of namespace, component and permission name. Inactive | |
| 432 | * permissions are also returned | |
| 433 | */ | |
| 434 | @WebMethod(operationName = "getPermissionsByNameIncludingInactive") | |
| 435 | @WebResult(name = "permissionsIncludingInactive") | |
| 436 | Permission getPermissionsByNameIncludingInactive(@WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "permissionName") String permissionName); | |
| 437 | } |