public class IdentityManagementRoleDocumentRule extends TransactionalDocumentRuleBase implements AddPermissionRule, AddResponsibilityRule, AddMemberRule, AddDelegationRule, AddDelegationMemberRule
Modifier and Type | Field and Description |
---|---|
protected ActiveRoleMemberHelper |
activeRoleMemberHelper |
protected AddDelegationMemberRule |
addDelegationMemberRule |
protected Class<? extends AddDelegationMemberRule> |
addDelegationMemberRuleClass |
protected AddDelegationRule |
addDelegationRule |
protected Class<? extends AddDelegationRule> |
addDelegationRuleClass |
protected AddMemberRule |
addMemberRule |
protected Class<? extends AddMemberRule> |
addMemberRuleClass |
protected AddPermissionRule |
addPermissionRule |
protected Class<? extends AddPermissionRule> |
addPermissionRuleClass |
protected AddResponsibilityRule |
addResponsibilityRule |
protected Class<? extends AddResponsibilityRule> |
addResponsibilityRuleClass |
protected AttributeValidationHelper |
attributeValidationHelper |
protected BusinessObjectService |
businessObjectService |
protected IdentityService |
identityService |
static int |
PRIORITY_NUMBER_MAX_VALUE |
static int |
PRIORITY_NUMBER_MIN_VALUE |
protected ResponsibilityService |
responsibilityService |
Constructor and Description |
---|
IdentityManagementRoleDocumentRule() |
Modifier and Type | Method and Description |
---|---|
protected boolean |
checkForCircularRoleMembership(AddMemberEvent addMemberEvent)
This method checks to see if adding a role to role membership
creates a circular reference.
|
protected Set<String> |
figureOutUniqueQualificationSet(List<KimDocumentRoleMember> memberships,
List<KimAttributeField> attributeDefinitions)
Finds the names of the unique qualification attributes which this role should be checking against
|
protected Set<String> |
figureOutUniqueQualificationSetForDelegation(List<RoleDocumentDelegationMember> memberships,
List<KimAttributeField> attributeDefinitions)
Finds the names of the unique qualification attributes which this role should be checking against
|
AddDelegationMemberRule |
getAddDelegationMemberRule() |
AddDelegationRule |
getAddDelegationRule() |
AddMemberRule |
getAddMemberRule() |
AddPermissionRule |
getAddPermissionRule() |
AddResponsibilityRule |
getAddResponsibilityRule() |
BusinessObjectService |
getBusinessObjectService() |
IdentityService |
getIdentityService() |
ResponsibilityInternalService |
getResponsibilityInternalService() |
ResponsibilityService |
getResponsibilityService() |
protected KimDocumentRoleMember |
getRoleMemberForDelegation(List<KimDocumentRoleMember> roleMembers,
RoleDocumentDelegationMember delegationMember,
List<KimDocumentRoleMember> modifiedRoleMembers) |
protected RoleTypeService |
getRoleTypeService(KimType typeInfo) |
protected org.kuali.rice.kim.document.rule.IdentityManagementRoleDocumentRule.VersionedService<RoleTypeService> |
getVersionedRoleTypeService(KimType typeInfo) |
boolean |
hasPermissionToGrantPermission(Permission kimPermissionInfo,
IdentityManagementRoleDocument document) |
boolean |
hasPermissionToGrantResponsibility(Responsibility kimResponsibilityInfo,
IdentityManagementRoleDocument document) |
boolean |
processAddDelegation(AddDelegationEvent addDelegationEvent) |
boolean |
processAddDelegationMember(AddDelegationMemberEvent addDelegationMemberEvent) |
boolean |
processAddMember(AddMemberEvent addMemberEvent) |
boolean |
processAddPermission(AddPermissionEvent addPermissionEvent) |
boolean |
processAddResponsibility(AddResponsibilityEvent addResponsibilityEvent) |
protected boolean |
processCustomSaveDocumentBusinessRules(Document document)
This method should be overridden by children rule classes as a hook to implement document specific business rule
checks for
the "save document" event.
|
protected boolean |
sameDelegationMembership(RoleDocumentDelegationMember membershipA,
RoleDocumentDelegationMember membershipB)
Determines if two memberships represent the same member being added: that is, the two memberships have the same type code and id
|
protected boolean |
sameMembership(KimDocumentRoleMember membershipA,
KimDocumentRoleMember membershipB)
Determines if two memberships represent the same member being added: that is, the two memberships have the same type code and id
|
protected boolean |
sameUniqueDelegationMembershipQualifications(RoleDocumentDelegationMember membershipA,
RoleDocumentDelegationMember membershipB,
Set<String> uniqueAttributeIds)
Given two memberships which represent the same member, do they share qualifications?
|
protected boolean |
sameUniqueMembershipQualifications(KimDocumentRoleMember membershipA,
KimDocumentRoleMember membershipB,
Set<String> uniqueAttributeIds)
Given two memberships which represent the same member, do they share qualifications?
|
protected boolean |
validAssignRole(IdentityManagementRoleDocument document) |
protected boolean |
validateActiveDate(String errorPath,
Timestamp activeFromDate,
Timestamp activeToDate) |
protected boolean |
validateDelegationMemberRoleQualifier(List<KimDocumentRoleMember> modifiedRoleMembers,
List<RoleDocumentDelegationMember> delegationMembers,
KimType kimType,
List<KimDocumentRoleMember> nonModifiedRoleMembers) |
protected boolean |
validateRoleQualifier(List<KimDocumentRoleMember> roleMembers,
KimType kimType) |
protected boolean |
validateRoleResponsibilityAction(String errorPath,
KimDocumentRoleResponsibilityAction roleRspAction) |
protected boolean |
validateUniquePersonRoleQualifiersUniqueForRoleDelegation(RoleDocumentDelegationMember delegationMembershipToCheck,
int membershipToCheckIndex,
List<RoleDocumentDelegationMember> delegationMemberships,
Set<String> uniqueQualifierIds,
List<RemotableAttributeError> validationErrors)
Checks all the qualifiers for the given membership, so that all qualifiers which should be unique are guaranteed to be unique
|
protected boolean |
validateUniquePersonRoleQualifiersUniqueForRoleMembership(KimDocumentRoleMember membershipToCheck,
int membershipToCheckIndex,
List<KimDocumentRoleMember> memberships,
Set<String> uniqueQualifierIds,
List<RemotableAttributeError> validationErrors)
Checks all the qualifiers for the given membership, so that all qualifiers which should be unique are guaranteed to be unique
|
protected boolean |
validDelegationMemberActiveDates(List<RoleDocumentDelegationMember> delegationMembers) |
protected boolean |
validDuplicateRoleName(IdentityManagementRoleDocument roleDoc) |
protected boolean |
validPermissions(IdentityManagementRoleDocument document) |
protected boolean |
validResponsibilities(IdentityManagementRoleDocument document) |
protected boolean |
validRoleMemberActiveDates(List<KimDocumentRoleMember> roleMembers) |
protected boolean |
validRoleMemberPrincipalIDs(List<KimDocumentRoleMember> roleMembers) |
protected boolean |
validRoleMembersResponsibilityActions(List<KimDocumentRoleMember> roleMembers) |
protected boolean |
validRoleResponsibilitiesActions(List<KimDocumentRoleResponsibility> roleResponsibilities) |
getDictionaryValidationService
buildDocumentTypeActionRequestPermissionDetails, buildDocumentTypePermissionDetails, getDataDictionaryService, getDocumentDictionaryService, getGroupService, getKualiConfigurationService, getMaxDictionaryValidationDepth, getPermissionService, getPersonService, hasAdHocRouteCompletion, isAddHocRoutePersonValid, isAddHocRouteWorkgroupValid, isAdHocRouteCompletionToInitiator, isAdHocRouteRecipientsValid, isDocumentAttributesValid, isDocumentOverviewValid, isNoteValid, processAddAdHocRoutePerson, processAddAdHocRouteWorkgroup, processAddNote, processApproveDocument, processCompleteDocument, processCustomAddAdHocRoutePersonBusinessRules, processCustomAddAdHocRouteWorkgroupBusinessRules, processCustomAddNoteBusinessRules, processCustomApproveDocumentBusinessRules, processCustomCompleteDocumentBusinessRules, processCustomRouteDocumentBusinessRules, processCustomSendAdHocRequests, processRouteDocument, processSaveDocument, processSendAdHocRequests, setDocumentDictionaryService, setMaxDictionaryValidationDepth, useKimPermission, validateSensitiveDataValue
public static final int PRIORITY_NUMBER_MIN_VALUE
public static final int PRIORITY_NUMBER_MAX_VALUE
protected AddResponsibilityRule addResponsibilityRule
protected AddPermissionRule addPermissionRule
protected AddMemberRule addMemberRule
protected AddDelegationRule addDelegationRule
protected AddDelegationMemberRule addDelegationMemberRule
protected BusinessObjectService businessObjectService
protected ResponsibilityService responsibilityService
protected Class<? extends AddResponsibilityRule> addResponsibilityRuleClass
protected Class<? extends AddPermissionRule> addPermissionRuleClass
protected Class<? extends AddMemberRule> addMemberRuleClass
protected Class<? extends AddDelegationRule> addDelegationRuleClass
protected Class<? extends AddDelegationMemberRule> addDelegationMemberRuleClass
protected IdentityService identityService
protected AttributeValidationHelper attributeValidationHelper
protected ActiveRoleMemberHelper activeRoleMemberHelper
public IdentityManagementRoleDocumentRule()
public IdentityService getIdentityService()
protected boolean processCustomSaveDocumentBusinessRules(Document document)
DocumentRuleBase
processCustomSaveDocumentBusinessRules
in class DocumentRuleBase
protected boolean validAssignRole(IdentityManagementRoleDocument document)
protected boolean validRoleMemberPrincipalIDs(List<KimDocumentRoleMember> roleMembers)
protected boolean validDuplicateRoleName(IdentityManagementRoleDocument roleDoc)
protected boolean validRoleMemberActiveDates(List<KimDocumentRoleMember> roleMembers)
protected boolean validDelegationMemberActiveDates(List<RoleDocumentDelegationMember> delegationMembers)
protected boolean validPermissions(IdentityManagementRoleDocument document)
protected boolean validResponsibilities(IdentityManagementRoleDocument document)
protected boolean validRoleResponsibilitiesActions(List<KimDocumentRoleResponsibility> roleResponsibilities)
protected boolean validRoleMembersResponsibilityActions(List<KimDocumentRoleMember> roleMembers)
protected boolean validateRoleResponsibilityAction(String errorPath, KimDocumentRoleResponsibilityAction roleRspAction)
protected boolean validateRoleQualifier(List<KimDocumentRoleMember> roleMembers, KimType kimType)
protected Set<String> figureOutUniqueQualificationSet(List<KimDocumentRoleMember> memberships, List<KimAttributeField> attributeDefinitions)
memberships
- the memberships (we take the qualification from the first)attributeDefinitions
- information about the attributeDefinitionsprotected boolean validateUniquePersonRoleQualifiersUniqueForRoleMembership(KimDocumentRoleMember membershipToCheck, int membershipToCheckIndex, List<KimDocumentRoleMember> memberships, Set<String> uniqueQualifierIds, List<RemotableAttributeError> validationErrors)
membershipToCheck
- the membership to checkmembershipToCheckIndex
- the index of the person's membership in the role (for error reporting purposes)validationErrors
- Mapprotected boolean sameMembership(KimDocumentRoleMember membershipA, KimDocumentRoleMember membershipB)
membershipA
- the first membership to checkmembershipB
- the second membership to checkprotected boolean sameUniqueMembershipQualifications(KimDocumentRoleMember membershipA, KimDocumentRoleMember membershipB, Set<String> uniqueAttributeIds)
membershipA
- the first membership to checkmembershipB
- the second membership to checkuniqueAttributeIds
- the Set of attribute definition ids which should be uniqueprotected KimDocumentRoleMember getRoleMemberForDelegation(List<KimDocumentRoleMember> roleMembers, RoleDocumentDelegationMember delegationMember, List<KimDocumentRoleMember> modifiedRoleMembers)
protected boolean validateDelegationMemberRoleQualifier(List<KimDocumentRoleMember> modifiedRoleMembers, List<RoleDocumentDelegationMember> delegationMembers, KimType kimType, List<KimDocumentRoleMember> nonModifiedRoleMembers)
protected Set<String> figureOutUniqueQualificationSetForDelegation(List<RoleDocumentDelegationMember> memberships, List<KimAttributeField> attributeDefinitions)
memberships
- the memberships (we take the qualification from the first)attributeDefinitions
- information about the attributeDefinitionsprotected boolean validateUniquePersonRoleQualifiersUniqueForRoleDelegation(RoleDocumentDelegationMember delegationMembershipToCheck, int membershipToCheckIndex, List<RoleDocumentDelegationMember> delegationMemberships, Set<String> uniqueQualifierIds, List<RemotableAttributeError> validationErrors)
delegationMembershipToCheck
- the membership to checkmembershipToCheckIndex
- the index of the person's membership in the role (for error reporting purposes)validationErrors
- Mapprotected boolean sameDelegationMembership(RoleDocumentDelegationMember membershipA, RoleDocumentDelegationMember membershipB)
membershipA
- the first membership to checkmembershipB
- the second membership to checkprotected boolean sameUniqueDelegationMembershipQualifications(RoleDocumentDelegationMember membershipA, RoleDocumentDelegationMember membershipB, Set<String> uniqueAttributeIds)
membershipA
- the first membership to checkmembershipB
- the second membership to checkuniqueAttributeIds
- the Set of attribute definition ids which should be uniqueprotected boolean validateActiveDate(String errorPath, Timestamp activeFromDate, Timestamp activeToDate)
protected boolean checkForCircularRoleMembership(AddMemberEvent addMemberEvent)
addMemberEvent
- public AddResponsibilityRule getAddResponsibilityRule()
public AddPermissionRule getAddPermissionRule()
public AddMemberRule getAddMemberRule()
public AddDelegationRule getAddDelegationRule()
public AddDelegationMemberRule getAddDelegationMemberRule()
public boolean processAddPermission(AddPermissionEvent addPermissionEvent)
processAddPermission
in interface AddPermissionRule
public boolean hasPermissionToGrantPermission(Permission kimPermissionInfo, IdentityManagementRoleDocument document)
hasPermissionToGrantPermission
in interface AddPermissionRule
public boolean processAddResponsibility(AddResponsibilityEvent addResponsibilityEvent)
processAddResponsibility
in interface AddResponsibilityRule
public boolean hasPermissionToGrantResponsibility(Responsibility kimResponsibilityInfo, IdentityManagementRoleDocument document)
hasPermissionToGrantResponsibility
in interface AddResponsibilityRule
public boolean processAddMember(AddMemberEvent addMemberEvent)
processAddMember
in interface AddMemberRule
public boolean processAddDelegation(AddDelegationEvent addDelegationEvent)
processAddDelegation
in interface AddDelegationRule
public boolean processAddDelegationMember(AddDelegationMemberEvent addDelegationMemberEvent)
processAddDelegationMember
in interface AddDelegationMemberRule
public ResponsibilityService getResponsibilityService()
public ResponsibilityInternalService getResponsibilityInternalService()
public BusinessObjectService getBusinessObjectService()
protected RoleTypeService getRoleTypeService(KimType typeInfo)
protected org.kuali.rice.kim.document.rule.IdentityManagementRoleDocumentRule.VersionedService<RoleTypeService> getVersionedRoleTypeService(KimType typeInfo)
Copyright © 2005–2016 The Kuali Foundation. All rights reserved.