View Javadoc

1   /**
2    * Copyright 2005-2013 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.kim.impl.jaxb;
17  
18  import java.io.Serializable;
19  
20  import javax.xml.bind.annotation.XmlAccessType;
21  import javax.xml.bind.annotation.XmlAccessorType;
22  import javax.xml.bind.annotation.XmlElement;
23  import javax.xml.bind.annotation.XmlType;
24  
25  /**
26   * This class represents a <roleData> element.
27   * 
28   * <p>The expected XML structure is as follows:
29   * 
30   * <br>
31   * <br>&lt;roleData&gt;
32   * <br>&nbsp;&nbsp;&lt;roles&gt;
33   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;role&gt;
34   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
35   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;kimTypeName namespaceCode=""&gt;&lt;/kimTypeName&gt;
36   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;description&gt;&lt;/description&gt;
37   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;active&gt;&lt;/active&gt;
38   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMembers&gt;
39   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
40   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
41   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
42   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
43   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
44   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
45   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
46   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
47   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
48   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
49   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
50   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
51   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
52   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMembers&gt;
53   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermissions&gt;
54   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
55   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
56   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
57   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
58   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermissions&gt;
59   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/role&gt;
60   * <br>&nbsp;&nbsp;&lt;/roles&gt;
61   * <br>&nbsp;&nbsp;&lt;roleMembers&gt;
62   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
63   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
64   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
65   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
66   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
67   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
68   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
69   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
70   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
71   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
72   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
73   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
74   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
75   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
76   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
77   * <br>&nbsp;&nbsp;&lt;/roleMembers&gt;
78   * <br>&nbsp;&nbsp;&lt;rolePermissions&gt;
79   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
80   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
81   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
82   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
83   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
84   * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
85   * <br>&nbsp;&nbsp;&lt;/rolePermissions&gt;
86   * <br>&lt;/roleData&gt;
87   * 
88   * <p>Note the following:
89   * <ul>
90   *   <li>The &lt;roles&gt; element is optional, and can contain zero or more &lt;role&gt; elements.
91   *   <li>The &lt;roleName&gt; element on the &lt;role&gt; element and its "namespaceCode" attribute
92   *   are required, and must be non-blank. The namespace code must map to a valid namespace.
93   *   If the name and namespace combo matches an existing role, then the role in the XML will
94   *   overwrite the existing role.
95   *   <li>The &lt;kimTypeName&gt; and its "namespaceCode" attribute are both required, and the
96   *   name and namespace combo must match an existing KIM type.
97   *   <li>The &lt;description&gt; element is required, and must be non-blank.
98   *   <li>The &lt;active&gt; element is optional, and will be set to true if not specified.
99   *   <li>Both &lt;roleMembers&gt; elements are optional, and can contain zero or more
100  *   &lt;roleMember&gt; elements. If the &lt;roleMembers&gt; element within the &lt;role&gt;
101  *   element is specified, then any role members that are not within that element will be removed
102  *   from the role if the XML is overwriting an existing one. (The &lt;roleMembers&gt; element
103  *   outside of the &lt;role&gt; element can still add or re-add members that are not located
104  *   within the other &lt;roleMembers&gt; element.)
105  *   <li>For both &lt;roleMember&gt; elements:
106  *     <ul>
107  *       <li>Exactly one of these sets of member identification must be specified:
108  *         <ol>
109  *           <li>A &lt;principalId&gt; and/or &lt;principalName&gt; element, where the former
110  *           must contain a valid principal ID and the latter must contain a valid principal name.
111  *           <li>A &lt;groupId&gt; and/or &lt;groupName&gt; element, where the former must contain
112  *           a valid group ID and the latter must contain a valid group name and namespace.
113  *           <li>A &lt;roleIdAsMember&gt; and/or &lt;roleNameAsMember&gt; element, where the former
114  *           must contain a valid role ID and the latter must contain a valid role name and namespace.
115  *         </ol>
116  *       <li>The &lt;activeFromDate&gt; element is optional, and its content must be a date String
117  *       that can be parsed by the DateTimeService.
118  *       <li>The &lt;activeToDate&gt; element is optional, and its content must be a date String
119  *       that can be parsed by the DateTimeService.
120  *       <li>The &lt;qualifications&gt; element is optional, and can contain zero or more
121  *       &lt;qualification&gt; elements.
122  *       <li>The &lt;qualification&gt; element's "key" attribute is required, and must be non-blank.
123  *       Duplicate keys within a &lt;qualifications&gt; element are not permitted.
124  *     </ul>
125  *   <li>For both &lt;rolePermission&gt; elements:
126  *     <ul>
127  *       <li>A &lt;permissionId&gt; and/or &lt;permissionName&gt; element must be specified, where the
128  *       former must contain a valid permission ID and the latter must contain a valid permission
129  *       name and namespace.
130  *     </ul>
131  *   <li>For the &lt;roleMember&gt; and &lt;rolePermission&gt; elements not inside a &lt;role&gt; element:
132  *     <ul>
133  *       <li>A &lt;roleId&gt; and/or &lt;roleName&gt; element must be specified, where the former must
134  *       contain a valid role ID and the latter must contain a valid role name and namespace.
135  *     </ul>
136  *   <li>The ingestion process is currently order-dependent, which should be kept in mind when adding
137  *   roles as members of another role or assigning permissions to roles. (The permission XML always
138  *   gets ingested prior to the role XML.)
139  *   <li>The assignments of permissions to roles can only be added, not removed or deactivated.
140  *   (TODO: Improve the role/permission-updating API to allow for updates and removals.)
141  *   <li>The same roles, role members, and role permissions can be ingested within the same file,
142  *   where subsequent ones will overwrite previous ones. (TODO: Is this acceptable?)
143  *   <li>The IDs of principals, groups, roles, and permissions are not included when exporting the XML.
144  *   <li>Delegations and responsibility actions are currently not supported by the ingestion process.
145  * </ul>
146  * 
147  * TODO: Verify that the above behavior is correct.
148  * 
149  * @author Kuali Rice Team (rice.collab@kuali.org)
150  */
151 @XmlAccessorType(XmlAccessType.FIELD)
152 @XmlType(name="RoleDataType", propOrder={"roles", "roleMembers", "rolePermissions"})
153 public class RoleDataXmlDTO implements Serializable {
154 
155     private static final long serialVersionUID = 1L;
156 
157     @XmlElement(name="roles")
158     private RolesXmlDTO roles;
159     
160     @XmlElement(name="roleMembers")
161     private RoleMembersXmlDTO.OutsideOfRole roleMembers;
162 
163     @XmlElement(name="rolePermissions")
164     private RolePermissionsXmlDTO.OutsideOfRole rolePermissions;
165     
166     public RoleDataXmlDTO() {}
167     
168     public RoleDataXmlDTO(RolesXmlDTO roles) {
169         this.roles = roles;
170     }
171 
172     /**
173      * @return the roles
174      */
175     public RolesXmlDTO getRoles() {
176         return this.roles;
177     }
178 
179     /**
180      * @param roles the roles to set
181      */
182     public void setRoles(RolesXmlDTO roles) {
183         this.roles = roles;
184     }
185 
186     /**
187      * @return the roleMembers
188      */
189     public RoleMembersXmlDTO.OutsideOfRole getRoleMembers() {
190         return this.roleMembers;
191     }
192 
193     /**
194      * @param roleMembers the roleMembers to set
195      */
196     public void setRoleMembers(RoleMembersXmlDTO.OutsideOfRole roleMembers) {
197         this.roleMembers = roleMembers;
198     }
199 
200     /**
201      * @return the rolePermissions
202      */
203     public RolePermissionsXmlDTO.OutsideOfRole getRolePermissions() {
204         return this.rolePermissions;
205     }
206 
207     /**
208      * @param rolePermissions the rolePermissions to set
209      */
210     public void setRolePermissions(RolePermissionsXmlDTO.OutsideOfRole rolePermissions) {
211         this.rolePermissions = rolePermissions;
212     }
213         
214 }