org.kuali.rice.kim.impl.role
Class RoleServiceImpl

java.lang.Object
  extended by org.kuali.rice.kim.impl.role.RoleServiceImpl
All Implemented Interfaces:
RoleService

public class RoleServiceImpl
extends Object
implements RoleService


Nested Class Summary
protected static class RoleServiceBase.RoleDaoAction
          A helper enumeration for indicating which KimRoleDao method to use when attempting to get role/delegation-related lists that are not in the cache.
 
Field Summary
protected  CriteriaLookupService criteriaLookupService
           
 
Constructor Summary
RoleServiceImpl()
           
 
Method Summary
protected  void addDelegationMemberAttributeData(org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo delegationMember, Map<String,String> qualifier, String kimTypeId)
           
protected  void addMemberAttributeData(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember, Map<String,String> qualifier, String kimTypeId)
           
protected  List<RoleMembership.Builder> applyDelegationsToRoleMembers(List<RoleMembership> roleMemberships, Collection<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> delegations, Map<String,String> qualification)
          Checks each of the result records to determine if there are potentially applicable delegation members for that role membership.
 RoleMember assignGroupToRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the group with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
 void assignPermissionToRole(String permissionId, String roleId)
          Assigns the given permission to the given role
 RoleMember assignPrincipalToRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the principal with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
 RoleMember assignRoleToRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
protected  boolean checkForCircularRoleMembership(String newMemberId, org.kuali.rice.kim.impl.role.RoleBo roleBo)
          This method tests to see if assigning a roleBo to another roleBo will create a circular reference.
protected  List<RoleMembership> convertToRoleMemberships(List<org.kuali.rice.kim.impl.role.RoleMemberBo>... roleMemberLists)
           
 DelegateMember createDelegateMember(DelegateMember delegateMember)
          Creates a new DelegateMember.
 DelegateType createDelegateType(DelegateType delegateType)
          Creates a new DelegateType.
 Role createRole(Role role)
          This will create a Role exactly like the role passed in.
 RoleMember createRoleMember(RoleMember roleMember)
          Creates a new RoleMember.
 RoleResponsibilityAction createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
          Creates a new RoleResponsibilityAction.
 void deleteRoleResponsibilityAction(String roleResponsibilityActionId)
          Deletes the given RoleResponsibilityAction
protected  RoleMember doAnyMemberRecordsMatch(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
protected  List<RoleMember> doAnyMemberRecordsMatchByExactQualifier(RoleEbo role, String memberId, RoleServiceBase.RoleDaoAction daoActionToTake, Map<String,String> qualifier)
           
protected  boolean doesMemberMatch(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
 DelegateMemberQueryResults findDelegateMembers(QueryByCriteria queryByCriteria)
          Gets role members based on the given search criteria.
protected  RoleMember findRoleMember(String roleMemberId)
           
 RoleMemberQueryResults findRoleMembers(QueryByCriteria queryByCriteria)
          Gets role members based on the given search criteria.
 RoleMembershipQueryResults findRoleMemberships(QueryByCriteria queryByCriteria)
          Gets role member information based on the given search criteria.
 RoleQueryResults findRoles(QueryByCriteria queryByCriteria)
          This method gets search results for role lookup
protected  BusinessObjectService getBusinessObjectService()
           
 CriteriaLookupService getCriteriaLookupService()
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getDelegateMemberBo(String delegationMemberId)
          Retrieves a DelegateMemberBo object by its ID.
 DelegateType getDelegateTypeByDelegationId(String delegationId)
          Gets a DelegateType for the given delegation id.
 DelegateType getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId, DelegationType delegationType)
          Gets a DelegateType for the given role id and delegation type.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake, Collection<String> delegationIds, String principalId, List<String> groupIds)
          Retrieves a List of delegation members from the KimRoleDao as appropriate.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoListByMemberAndDelegationId(String memberId, String delegationId)
          Retrieves a DelegateMemberBo List by (principal/group/role) member ID and delegation ID.
 DelegateMember getDelegationMemberByDelegationAndMemberId(String delegationId, String memberId)
          Gets the delegate member for the given delegationId and memberId.
 DelegateMember getDelegationMemberById(String delegationMemberId)
          Gets the delegate member with the given delegation member id.
 List<DelegateMember> getDelegationMembersByDelegationId(String delegationId)
          Gets the delegate members for the given delegation.
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getDelegationOfType(String roleId, DelegationType delegationType)
           
protected  DelegationTypeService getDelegationTypeService(String delegationId)
           
 List<RoleMembership> getFirstLevelRoleMembers(List<String> roleIds)
          Gets all direct members of the roles that have ids within the given list of role ids.
protected  GroupService getGroupService()
           
protected  IdentityService getIdentityService()
           
protected  String getKimAttributeId(String attributeName)
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getKimDelegationImpl(String delegationId)
          Retrieves a KimDelegationImpl object by its ID.
protected  org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getKimDelegationMemberImplByDelegationAndId(String delegationId, String delegationMemberId)
          Retrieves a KimDelegationMemberImpl object by its ID and the ID of the delegation it belongs to.
protected  LookupService getLookupService()
           
protected  Object getMember(String memberTypeCode, String memberId)
           
protected  String getMemberName(Object member)
           
 List<String> getMemberParentRoleIds(String memberType, String memberId)
          Gets a list of Roles that the given member belongs to.
protected  Collection<RoleMembership> getNestedRoleMembers(Map<String,String> qualification, RoleMembership rm, Set<String> foundRoleTypeMembers)
           
 List<Map<String,String>> getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal.
 List<Map<String,String>> getNestedRoleQualifiersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal.
protected  void getNestedRoleTypeMemberIds(String roleId, Set<String> members)
           
protected  org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getPrimaryDelegation(String roleId, List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> roleDelegates)
           
protected  Boolean getPrincipalHasRoleFromCache(String principalId, String roleId, Map<String,String> qualification, boolean checkDelegations)
           
 List<String> getPrincipalIdSubListWithRole(List<String> principalIds, String roleNamespaceCode, String roleName, Map<String,String> qualification)
          Returns the subset of the given principal ID list which has the given role and qualification.
protected  RoleService getProxiedRoleService()
          This gets the proxied version of the role service which will go through Spring's caching mechanism for method calls rather than skipping it when methods are called directly.
protected  List<String> getQualifiersForExactMatch(String kimTypeId, RoleTypeService roleTypeService)
           
protected  ResponsibilityInternalService getResponsibilityInternalService()
           
 Role getRole(String roleId)
          Get the KIM Role object with the given ID.
protected  org.kuali.rice.kim.impl.role.RoleBo getRoleBo(String roleId)
           
protected  org.kuali.rice.kim.impl.role.RoleBo getRoleBoByName(String namespaceCode, String roleName)
           
protected  org.kuali.rice.kim.impl.role.RoleBoLite getRoleBoLite(String roleId)
           
protected  org.kuali.rice.kim.impl.role.RoleBoLite getRoleBoLiteByName(String namespaceCode, String roleName)
           
protected  Map<String,org.kuali.rice.kim.impl.role.RoleBoLite> getRoleBoLiteMap(Collection<String> roleIds)
           
 Role getRoleByNamespaceCodeAndName(String namespaceCode, String roleName)
          Get the KIM Role object with the unique combination of namespace, component, and role name.
protected  RoleDao getRoleDao()
           
protected  Role getRoleFromCache(String id)
           
protected  Role getRoleFromCache(String namespaceCode, String name)
           
 String getRoleIdByNamespaceCodeAndName(String namespaceCode, String roleName)
          Return the Role ID for the given unique combination of namespace, component and role name.
protected  boolean getRoleIdToMembershipMap(Map<String,List<RoleMembership>> roleIdToMembershipMap, List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers)
          Helper method used by principalHasRole to build the role ID -> list of members map.
protected  org.kuali.rice.kim.impl.role.RoleMemberBo getRoleMemberBo(String roleMemberId)
          Retrieves a RoleMemberBo object by its ID.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake, Collection<String> roleIds, String principalId, Collection<String> groupIds, String memberTypeCode, Map<String,String> qualification)
          Retrieves a list of RoleMemberBo instances from the KimRoleDao.
 Collection<String> getRoleMemberPrincipalIds(String namespaceCode, String roleName, Map<String,String> qualification)
          This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids
 List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(String roleMemberId)
          Gets a list of RoleResponsibilityActions for the given role member id.
 List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String,String> qualification)
          Get all the role members (groups and principals) associated with the given list of roles where their role membership/assignment matches the given qualification.
protected  List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String,String> qualification, boolean followDelegations, Set<String> foundRoleTypeMembers)
           
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersByExactQualifierMatch(RoleEbo role, String memberId, RoleServiceBase.RoleDaoAction daoActionToTake, Map<String,String> qualifier)
           
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersForGroupIds(String roleId, List<String> groupIds)
           
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersForPrincipalId(String roleId, String principalId)
           
 List<Map<String,String>> getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role.
 List<Map<String,String>> getRoleQualifersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role.
 List<RoleResponsibility> getRoleResponsibilities(String roleId)
          Gets a list of role reponsibilities for the given role id.
protected  org.kuali.rice.kim.impl.role.RoleResponsibilityActionBo getRoleResponsibilityActionBo(String roleResponsibilityActionId)
          Retrieves a RoleResponsibilityActionBo object by its ID.
 List<Role> getRoles(List<String> roleIds)
          Get the KIM Role objects for the role IDs in the given List.
 Set<String> getRoleTypeRoleMemberIds(String roleId)
          Gets a list of Roles Ids that are a member of the given roleId, including nested membership.
protected  RoleTypeService getRoleTypeService(KimType typeInfo)
           
protected  RoleTypeService getRoleTypeService(String roleId)
          Retrieves the role type service associated with the given role ID
protected  RoleTypeService getRoleTypeServiceByName(String serviceName)
          Retrieves the role type service for the given service name.
protected  Map<String,org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplMapFromRoleIds(Collection<String> roleIds)
          Calls the KimRoleDao's "getDelegationImplMapFromRoleIds" method and/or retrieves any corresponding delegations from the cache.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplsForRoleIds(Collection<String> roleIds)
          Calls the KimRoleDao's "getDelegationBosForRoleIds" method and/or retrieves any corresponding delegations from the cache.
protected  List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(Collection<String> delegationIds, String principalId)
          Calls the KimRoleDao's "getDelegationPrincipalsForPrincipalIdAndDelegationIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleGroupsForGroupIdsAndRoleIds(Collection<String> roleIds, Collection<String> groupIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleGroupsForGroupIdsAndRoleIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIds(Collection<String> roleIds, String memberTypeCode, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembersForRoleIds" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIdsWithFilters(Collection<String> roleIds, String principalId, List<String> groupIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembersForRoleIdsWithFilters" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembershipsForRoleIdsAsMembers(Collection<String> roleIds, Map<String,String> qualification)
          Calls the KimRoleDao's "getRoleMembershipsForRoleIdsAsMembers" method and/or retrieves any corresponding members from the cache.
protected  List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collection<String> roleIds, String principalId, Map<String,String> qualification)
          Calls the KimRoleDao's "getRolePrincipalsForPrincipalIdAndRoleIds" method and/or retrieves any corresponding members from the cache.
protected  boolean isDelegationPrimary(DelegationType delegationType)
           
protected  boolean isDelegationSecondary(DelegationType delegationType)
           
 boolean isDerivedRole(String roleId)
          Determines if a role with a provided id is a derived role
 boolean isDerivedRoleType(RoleTypeService service)
           
 boolean isDynamicRoleMembership(String roleId)
          Determines if a role with a provided id is a uses dynamic role memberships
 boolean isRoleActive(String roleId)
          Checks whether the role with the given role ID is active.
protected  void linkDelegateToRoleMembership(org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo delegation, DelegateMember.Builder delegateMemberBuilder, RoleMembership.Builder roleMembershipBuilder)
           
protected  Role loadRole(String roleId)
          Loads the role with the given id, leveraging the cache where possible and querying the database if role not already in the cache.
protected  Role loadRoleByName(String namespaceCode, String roleName)
          Loads the role with the given name, leveraging the cache where possible and querying the database if role not already in the cache.
protected  List<Role> loadRoles(List<String> roleIds)
          Loads the roles with the given ids, leveraging the cache where possible and querying the database for role ids not already in the cache.
protected  void logPrincipalHasRoleCheck(String principalId, List<String> roleIds, Map<String,String> roleQualifiers)
           
protected  boolean matchesOnDelegation(Set<String> allRoleIds, String principalId, List<String> principalGroupIds, Map<String,String> qualification, org.kuali.rice.kim.impl.role.RoleServiceImpl.Context context)
          Support method for principalHasRole.
protected  org.kuali.rice.kim.impl.role.RoleMemberBo matchingMemberRecord(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers, String memberId, String memberTypeCode, Map<String,String> qualifier)
           
protected  Map<String,String> populateQualifiersForExactMatch(Map<String,String> defaultQualification, List<String> attributes)
           
protected  boolean principalHasRole(org.kuali.rice.kim.impl.role.RoleServiceImpl.Context context, String principalId, List<String> roleIds, Map<String,String> qualification, boolean checkDelegations)
           
 boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification)
          Returns whether the given principal has any of the passed role IDs with the given qualification.
 boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification, boolean checkDelegations)
          Returns whether the given principal has any of the passed role IDs with the given qualification.
protected  boolean putPrincipalHasRoleInCache(boolean principalHasRole, String principalId, String roleId, Map<String,String> qualification, boolean checkDelegations)
           
protected  void putRoleInCache(Role role)
           
 void removeDelegateMembers(List<DelegateMember> delegateMembers)
          Removes existing DelegateMembers.
 void removeGroupFromRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
 void removePrincipalFromRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the principal with the given id and qualifications from the role with the specified namespace code and role name.
 void removeRoleFromRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifier)
          Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
protected  void resolveDelegationMemberRoles(List<RoleMembership.Builder> membershipBuilders, Map<String,String> qualification, Set<String> foundRoleTypeMembers)
          Once the delegations for a RoleMembershipInfo object have been determined, any "role" member types need to be resolved into groups and principals so that further KIM requests are not needed.
 void revokePermissionFromRole(String permissionId, String roleId)
          Removes the given permission to the given role
 void setCacheManager(org.springframework.cache.CacheManager cacheManager)
          Sets the cache manager which this service implementation can for internal caching.
 void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)
           
 void setRoleDao(RoleDao roleDao)
           
protected  void updateActionRequestsForRoleResponsibilityActionChange(org.kuali.rice.kim.impl.role.RoleResponsibilityActionBo bo)
          Queues ActionRequest refresh/regeneration for RoleResponsbilityAction change
 DelegateMember updateDelegateMember(DelegateMember delegateMember)
          Updates the given delegateMember to the values in the passed in delegateMember
 DelegateType updateDelegateType(DelegateType delegateType)
          Updates the given DelegateType to the values in the passed in delegateType
 Role updateRole(Role role)
          This will update a Role.
 RoleMember updateRoleMember(RoleMember roleMember)
          Updates the given roleMember to the values in the passed in roleMember
 RoleResponsibilityAction updateRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
          Updates the given RoleResponsibilityAction to the values in the passed in roleResponsibilityAction
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

criteriaLookupService

protected CriteriaLookupService criteriaLookupService
Constructor Detail

RoleServiceImpl

public RoleServiceImpl()
Method Detail

createRole

public Role createRole(Role role)
                throws RiceIllegalArgumentException,
                       RiceIllegalStateException
Description copied from interface: RoleService
This will create a Role exactly like the role passed in.

Specified by:
createRole in interface RoleService
Parameters:
role - the role to create
Returns:
the newly created object. will never be null.
Throws:
RiceIllegalArgumentException - if the role passed in is null
RiceIllegalStateException - if the role is already existing in the system

updateRole

public Role updateRole(Role role)
                throws RiceIllegalArgumentException,
                       RiceIllegalStateException
Description copied from interface: RoleService
This will update a Role.

Specified by:
updateRole in interface RoleService
Parameters:
role - the role to update
Throws:
RiceIllegalArgumentException - if the role is null
RiceIllegalStateException - if the role does not exist in the system

checkForCircularRoleMembership

protected boolean checkForCircularRoleMembership(String newMemberId,
                                                 org.kuali.rice.kim.impl.role.RoleBo roleBo)
This method tests to see if assigning a roleBo to another roleBo will create a circular reference. The Role is checked to see if it is a member (direct or nested) of the roleBo to be assigned as a member.

Parameters:
newMemberId -
roleBo -
Returns:
true - assignment is allowed, no circular reference will be created. false - illegal assignment, it will create a circular membership

findRoleMember

protected RoleMember findRoleMember(String roleMemberId)

findRoleMembers

public RoleMemberQueryResults findRoleMembers(QueryByCriteria queryByCriteria)
                                       throws RiceIllegalStateException
Description copied from interface: RoleService
Gets role members based on the given search criteria.

Specified by:
findRoleMembers in interface RoleService
Parameters:
queryByCriteria - the qualifications for the roleIds.
Returns:
query results. will never return null.
Throws:
RiceIllegalStateException

getRoleTypeRoleMemberIds

public Set<String> getRoleTypeRoleMemberIds(String roleId)
                                     throws RiceIllegalArgumentException
Description copied from interface: RoleService
Gets a list of Roles Ids that are a member of the given roleId, including nested membership.

Specified by:
getRoleTypeRoleMemberIds in interface RoleService
Parameters:
roleId - the role id.
Returns:
list of RoleIds that are members of the given role or and empty list if none found.
Throws:
RiceIllegalArgumentException - if roleId is null or blank.

getMemberParentRoleIds

public List<String> getMemberParentRoleIds(String memberType,
                                           String memberId)
                                    throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a list of Roles that the given member belongs to.

Specified by:
getMemberParentRoleIds in interface RoleService
Parameters:
memberType - the role member type.
memberId - the role member id (principalId, roleId, groupId).
Returns:
list of RoleMembership that contains membership for the specified roleIds or an empty list if none found.
Throws:
RiceIllegalStateException

getRoleMemberResponsibilityActions

public List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(String roleMemberId)
                                                                  throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a list of RoleResponsibilityActions for the given role member id.

Specified by:
getRoleMemberResponsibilityActions in interface RoleService
Parameters:
roleMemberId - the role member Id.
Returns:
a list of RoleResponsibilityActions for the given role member Id, or an empty list if none found.
Throws:
RiceIllegalStateException

findDelegateMembers

public DelegateMemberQueryResults findDelegateMembers(QueryByCriteria queryByCriteria)
                                               throws RiceIllegalStateException
Description copied from interface: RoleService
Gets role members based on the given search criteria.

Specified by:
findDelegateMembers in interface RoleService
Parameters:
queryByCriteria - the qualifications for the roleIds.
Returns:
query results. will never return null.
Throws:
RiceIllegalStateException

getRole

public Role getRole(String roleId)
             throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role object with the given ID.

Specified by:
getRole in interface RoleService
Parameters:
roleId - the id of the role.
Returns:
the role with the given id or null if role doesn't exist.
Throws:
RiceIllegalStateException

loadRole

protected Role loadRole(String roleId)
Loads the role with the given id, leveraging the cache where possible and querying the database if role not already in the cache. If the role is not in the cache, then it will be placed in the cache once it is loaded.


getRoleFromCache

protected Role getRoleFromCache(String id)

getRoleFromCache

protected Role getRoleFromCache(String namespaceCode,
                                String name)

putRoleInCache

protected void putRoleInCache(Role role)

getRoleBoLiteMap

protected Map<String,org.kuali.rice.kim.impl.role.RoleBoLite> getRoleBoLiteMap(Collection<String> roleIds)

getRoles

public List<Role> getRoles(List<String> roleIds)
                    throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role objects for the role IDs in the given List.

Specified by:
getRoles in interface RoleService
Parameters:
roleIds - the ids of the roles.
Returns:
a list of roles with the given ids or null if no roles are found.
Throws:
RiceIllegalStateException

loadRoles

protected List<Role> loadRoles(List<String> roleIds)
Loads the roles with the given ids, leveraging the cache where possible and querying the database for role ids not already in the cache. If the role is not in the cache, then it will be placed in the cache once it is loaded.


getRoleByNamespaceCodeAndName

public Role getRoleByNamespaceCodeAndName(String namespaceCode,
                                          String roleName)
                                   throws RiceIllegalStateException
Description copied from interface: RoleService
Get the KIM Role object with the unique combination of namespace, component, and role name.

Specified by:
getRoleByNamespaceCodeAndName in interface RoleService
Parameters:
namespaceCode - the namespace code of the role.
roleName - the name of the role.
Returns:
a role with the given namespace code and name or null if role does not exist.
Throws:
RiceIllegalStateException

loadRoleByName

protected Role loadRoleByName(String namespaceCode,
                              String roleName)
Loads the role with the given name, leveraging the cache where possible and querying the database if role not already in the cache. If the role is not in the cache, then it will be placed in the cache once it is loaded.


getRoleIdByNamespaceCodeAndName

public String getRoleIdByNamespaceCodeAndName(String namespaceCode,
                                              String roleName)
                                       throws RiceIllegalStateException
Description copied from interface: RoleService
Return the Role ID for the given unique combination of namespace, component and role name.

Specified by:
getRoleIdByNamespaceCodeAndName in interface RoleService
Parameters:
namespaceCode - the namespace code of the role.
roleName - the name of the role.
Returns:
a role id for a role with the given namespace code and name or null if role does not exist.
Throws:
RiceIllegalStateException

isRoleActive

public boolean isRoleActive(String roleId)
                     throws RiceIllegalStateException
Description copied from interface: RoleService
Checks whether the role with the given role ID is active.

Specified by:
isRoleActive in interface RoleService
Parameters:
roleId - the unique id of a role.
Returns:
true if the role with the given id is active.
Throws:
RiceIllegalStateException

getRoleQualifersForPrincipalByRoleIds

public List<Map<String,String>> getRoleQualifersForPrincipalByRoleIds(String principalId,
                                                                      List<String> roleIds,
                                                                      Map<String,String> qualification)
                                                               throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.

Specified by:
getRoleQualifersForPrincipalByRoleIds in interface RoleService
Parameters:
principalId - the principalId to
roleIds - the namespace code of the role.
qualification - the qualifications for the roleIds.
Returns:
a map of role qualifiers for the given principalId, roleIds and qualifications or an empty map if none found.
Throws:
RiceIllegalStateException

getRoleQualifersForPrincipalByNamespaceAndRolename

public List<Map<String,String>> getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
                                                                                   String namespaceCode,
                                                                                   String roleName,
                                                                                   Map<String,String> qualification)
                                                                            throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.

Specified by:
getRoleQualifersForPrincipalByNamespaceAndRolename in interface RoleService
Parameters:
principalId - the principalId to
namespaceCode - the namespace code of the role.
roleName - the name of the role.
qualification - the qualifications for the roleIds.
Returns:
a map of role qualifiers for the given parameters or an empty map if none found.
Throws:
RiceIllegalStateException

getNestedRoleQualifersForPrincipalByNamespaceAndRolename

public List<Map<String,String>> getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
                                                                                         String namespaceCode,
                                                                                         String roleName,
                                                                                         Map<String,String> qualification)
                                                                                  throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.

Specified by:
getNestedRoleQualifersForPrincipalByNamespaceAndRolename in interface RoleService
Parameters:
principalId - the principalId to
namespaceCode - the namespace code of the role.
roleName - the name of the role.
qualification - the qualifications for the roleIds.
Returns:
a map of nested role qualifiers for the given parameters or an empty map if none found.
Throws:
RiceIllegalStateException

getNestedRoleQualifiersForPrincipalByRoleIds

public List<Map<String,String>> getNestedRoleQualifiersForPrincipalByRoleIds(String principalId,
                                                                             List<String> roleIds,
                                                                             Map<String,String> qualification)
                                                                      throws RiceIllegalStateException
Description copied from interface: RoleService
Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.

Specified by:
getNestedRoleQualifiersForPrincipalByRoleIds in interface RoleService
Parameters:
principalId - the principalId to
roleIds - the namespace code of the role.
qualification - the qualifications for the roleIds.
Returns:
a map of role qualifiers for the given roleIds and qualifications or an empty map if none found.
Throws:
RiceIllegalStateException

getRoleMembers

public List<RoleMembership> getRoleMembers(List<String> roleIds,
                                           Map<String,String> qualification)
                                    throws RiceIllegalStateException
Description copied from interface: RoleService
Get all the role members (groups and principals) associated with the given list of roles where their role membership/assignment matches the given qualification. The list of RoleMemberships returned will only contain group and principal members. Any nested role members will be resolved and flattened into the principals and groups that are members of that nested role (assuming qualifications match). The return object will have each membership relationship along with the delegations

Specified by:
getRoleMembers in interface RoleService
Parameters:
roleIds - a list of role Ids.
qualification - the qualifications for the roleIds.
Returns:
a list of role members for the given roleIds and qualifications or an empty list if none found.
Throws:
RiceIllegalStateException

getRoleMemberPrincipalIds

public Collection<String> getRoleMemberPrincipalIds(String namespaceCode,
                                                    String roleName,
                                                    Map<String,String> qualification)
                                             throws RiceIllegalStateException
Description copied from interface: RoleService
This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids

Specified by:
getRoleMemberPrincipalIds in interface RoleService
Parameters:
namespaceCode - the namespace code of the role.
roleName - the name of the role
qualification - the qualifications for the roleIds.
Returns:
a list of role member principalIds for the given roleIds and qualifications, or an empty list if none found.
Throws:
RiceIllegalStateException

principalHasRole

public boolean principalHasRole(String principalId,
                                List<String> roleIds,
                                Map<String,String> qualification)
                         throws RiceIllegalStateException
Description copied from interface: RoleService
Returns whether the given principal has any of the passed role IDs with the given qualification.

Specified by:
principalHasRole in interface RoleService
Parameters:
principalId - the principal Id to check.
roleIds - the list of role ids.
qualification - the qualifications for the roleIds.
Returns:
true if the principal is assigned the one of the given roleIds with the passed in qualifications.
Throws:
RiceIllegalStateException

getPrincipalIdSubListWithRole

public List<String> getPrincipalIdSubListWithRole(List<String> principalIds,
                                                  String roleNamespaceCode,
                                                  String roleName,
                                                  Map<String,String> qualification)
                                           throws RiceIllegalStateException
Description copied from interface: RoleService
Returns the subset of the given principal ID list which has the given role and qualification. This is designed to be used by lookups of people by their roles.

Specified by:
getPrincipalIdSubListWithRole in interface RoleService
Parameters:
principalIds - the principal Ids to check.
roleNamespaceCode - the namespaceCode of the role.
roleName - the name of the role.
qualification - the qualifications for the roleIds.
Returns:
list of principalIds that is the subset of list passed in with the given role and qualifications or an empty list.
Throws:
RiceIllegalStateException

findRoles

public RoleQueryResults findRoles(QueryByCriteria queryByCriteria)
                           throws RiceIllegalStateException
Description copied from interface: RoleService
This method gets search results for role lookup

Specified by:
findRoles in interface RoleService
Parameters:
queryByCriteria - the qualifications for the roleIds.
Returns:
query results. will never return null.
Throws:
RiceIllegalStateException

getFirstLevelRoleMembers

public List<RoleMembership> getFirstLevelRoleMembers(List<String> roleIds)
                                              throws RiceIllegalStateException
Description copied from interface: RoleService
Gets all direct members of the roles that have ids within the given list of role ids. This method does not recurse into any nested roles.

The resulting List of role membership will contain membership for all the roles with the specified ids. The list is not guaranteed to be in any particular order and may have membership info for the different roles interleaved with each other.

Specified by:
getFirstLevelRoleMembers in interface RoleService
Parameters:
roleIds - a list of role Ids.
Returns:
list of RoleMembership that contains membership for the specified roleIds or empty list if none found.
Throws:
RiceIllegalStateException

findRoleMemberships

public RoleMembershipQueryResults findRoleMemberships(QueryByCriteria queryByCriteria)
                                               throws RiceIllegalStateException
Description copied from interface: RoleService
Gets role member information based on the given search criteria.

Specified by:
findRoleMemberships in interface RoleService
Parameters:
queryByCriteria - the qualifications for the roleIds.
Returns:
query results. will never return null.
Throws:
RiceIllegalStateException

getDelegationMembersByDelegationId

public List<DelegateMember> getDelegationMembersByDelegationId(String delegationId)
                                                        throws RiceIllegalStateException
Description copied from interface: RoleService
Gets the delegate members for the given delegation.

Specified by:
getDelegationMembersByDelegationId in interface RoleService
Parameters:
delegationId - the delegate id.
Returns:
list of delegate members that are members of the given delegation or an empty list if none found.
Throws:
RiceIllegalStateException

getDelegationMemberByDelegationAndMemberId

public DelegateMember getDelegationMemberByDelegationAndMemberId(String delegationId,
                                                                 String memberId)
                                                          throws RiceIllegalStateException
Description copied from interface: RoleService
Gets the delegate member for the given delegationId and memberId.

Specified by:
getDelegationMemberByDelegationAndMemberId in interface RoleService
Parameters:
delegationId - the delegate id.
memberId - the member id matching the DelegateMember
Returns:
the delegate member with the given parameters or null if not found.
Throws:
RiceIllegalStateException

getDelegationMemberById

public DelegateMember getDelegationMemberById(String delegationMemberId)
                                       throws RiceIllegalStateException
Description copied from interface: RoleService
Gets the delegate member with the given delegation member id.

Specified by:
getDelegationMemberById in interface RoleService
Parameters:
delegationMemberId - the member id matching the DelegateMember
Returns:
the delegate member with the given parameters or null if not found.
Throws:
RiceIllegalStateException

getRoleResponsibilities

public List<RoleResponsibility> getRoleResponsibilities(String roleId)
                                                 throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a list of role reponsibilities for the given role id.

Specified by:
getRoleResponsibilities in interface RoleService
Parameters:
roleId - the role Id.
Returns:
a list of RoleResponsibilities for the given role Id, or an empty list if none found.
Throws:
RiceIllegalStateException

getDelegateTypeByRoleIdAndDelegateTypeCode

public DelegateType getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId,
                                                               DelegationType delegationType)
                                                        throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a DelegateType for the given role id and delegation type.

Specified by:
getDelegateTypeByRoleIdAndDelegateTypeCode in interface RoleService
Parameters:
roleId - the role Id.
delegationType - type of delegation
Returns:
the DelegateType for the given role Id and delegationType, or null if none found.
Throws:
RiceIllegalStateException

getDelegateTypeByDelegationId

public DelegateType getDelegateTypeByDelegationId(String delegationId)
                                           throws RiceIllegalStateException
Description copied from interface: RoleService
Gets a DelegateType for the given delegation id.

Specified by:
getDelegateTypeByDelegationId in interface RoleService
Parameters:
delegationId - the id of delegation
Returns:
the DelegateType for the given delegation Id, or null if none found.
Throws:
RiceIllegalStateException

getRoleMembers

protected List<RoleMembership> getRoleMembers(List<String> roleIds,
                                              Map<String,String> qualification,
                                              boolean followDelegations,
                                              Set<String> foundRoleTypeMembers)

applyDelegationsToRoleMembers

protected List<RoleMembership.Builder> applyDelegationsToRoleMembers(List<RoleMembership> roleMemberships,
                                                                     Collection<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> delegations,
                                                                     Map<String,String> qualification)
Checks each of the result records to determine if there are potentially applicable delegation members for that role membership. If there are, applicable delegations and members will be linked to the RoleMemberships in the given list. An updated list will be returned from this method which includes the appropriate linked delegations.


linkDelegateToRoleMembership

protected void linkDelegateToRoleMembership(org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo delegation,
                                            DelegateMember.Builder delegateMemberBuilder,
                                            RoleMembership.Builder roleMembershipBuilder)

resolveDelegationMemberRoles

protected void resolveDelegationMemberRoles(List<RoleMembership.Builder> membershipBuilders,
                                            Map<String,String> qualification,
                                            Set<String> foundRoleTypeMembers)
Once the delegations for a RoleMembershipInfo object have been determined, any "role" member types need to be resolved into groups and principals so that further KIM requests are not needed.


principalHasRole

public boolean principalHasRole(String principalId,
                                List<String> roleIds,
                                Map<String,String> qualification,
                                boolean checkDelegations)
Description copied from interface: RoleService
Returns whether the given principal has any of the passed role IDs with the given qualification.

Specified by:
principalHasRole in interface RoleService
Parameters:
principalId - the principal Id to check.
roleIds - the list of role ids.
qualification - the qualifications for the roleIds.
checkDelegations - whether delegations should be checked or not
Returns:
true if the principal is assigned the one of the given roleIds with the passed in qualifications.

principalHasRole

protected boolean principalHasRole(org.kuali.rice.kim.impl.role.RoleServiceImpl.Context context,
                                   String principalId,
                                   List<String> roleIds,
                                   Map<String,String> qualification,
                                   boolean checkDelegations)

getPrincipalHasRoleFromCache

protected Boolean getPrincipalHasRoleFromCache(String principalId,
                                               String roleId,
                                               Map<String,String> qualification,
                                               boolean checkDelegations)

putPrincipalHasRoleInCache

protected boolean putPrincipalHasRoleInCache(boolean principalHasRole,
                                             String principalId,
                                             String roleId,
                                             Map<String,String> qualification,
                                             boolean checkDelegations)

getQualifiersForExactMatch

protected List<String> getQualifiersForExactMatch(String kimTypeId,
                                                  RoleTypeService roleTypeService)

isDerivedRoleType

public boolean isDerivedRoleType(RoleTypeService service)

isDerivedRole

public boolean isDerivedRole(String roleId)
Description copied from interface: RoleService
Determines if a role with a provided id is a derived role

Specified by:
isDerivedRole in interface RoleService
Parameters:
roleId - the roleId
Returns:
true if role is a derived role

isDynamicRoleMembership

public boolean isDynamicRoleMembership(String roleId)
Description copied from interface: RoleService
Determines if a role with a provided id is a uses dynamic role memberships

Specified by:
isDynamicRoleMembership in interface RoleService
Parameters:
roleId - the roleId
Returns:
true if role uses dynamic memberships

matchesOnDelegation

protected boolean matchesOnDelegation(Set<String> allRoleIds,
                                      String principalId,
                                      List<String> principalGroupIds,
                                      Map<String,String> qualification,
                                      org.kuali.rice.kim.impl.role.RoleServiceImpl.Context context)
Support method for principalHasRole. Checks delegations on the passed in roles for the given principal and groups. (It's assumed that the principal belongs to the given groups.)

Delegation checks are mostly the same as role checks except that the delegateBo itself is qualified against the original role (like a RolePrincipal or RoleGroup.) And then, the members of that delegateBo may have additional qualifiers which are not part of the original role qualifiers.

For example:

A role could be qualified by organization. So, there is a person in the organization with primary authority for that org. But, then they delegate authority for that organization (not their authority - the delegateBo is attached to the org.) So, in this case the delegateBo has a qualifier of the organization when it is attached to the role.

The principals then attached to that delegateBo (which is specific to the organization), may have additional qualifiers. For Example: dollar amount range, effective dates, document types. As a subsequent step, those qualifiers are checked against the qualification passed in from the client.


convertToRoleMemberships

protected List<RoleMembership> convertToRoleMemberships(List<org.kuali.rice.kim.impl.role.RoleMemberBo>... roleMemberLists)

getRoleIdToMembershipMap

protected boolean getRoleIdToMembershipMap(Map<String,List<RoleMembership>> roleIdToMembershipMap,
                                           List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers)
Helper method used by principalHasRole to build the role ID -> list of members map.

Returns:
true if no further checks are needed because no role service is defined

getKimDelegationImpl

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getKimDelegationImpl(String delegationId)
Retrieves a KimDelegationImpl object by its ID. If the delegateBo already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.


getDelegationTypeService

protected DelegationTypeService getDelegationTypeService(String delegationId)

getNestedRoleMembers

protected Collection<RoleMembership> getNestedRoleMembers(Map<String,String> qualification,
                                                          RoleMembership rm,
                                                          Set<String> foundRoleTypeMembers)

getKimDelegationMemberImplByDelegationAndId

protected org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getKimDelegationMemberImplByDelegationAndId(String delegationId,
                                                                                                               String delegationMemberId)
Retrieves a KimDelegationMemberImpl object by its ID and the ID of the delegation it belongs to. If the delegation member exists in the cache, this method will return the cached one; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.


assignPrincipalToRole

public RoleMember assignPrincipalToRole(String principalId,
                                        String namespaceCode,
                                        String roleName,
                                        Map<String,String> qualifier)
                                 throws RiceIllegalArgumentException
Description copied from interface: RoleService
Assigns the principal with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignPrincipalToRole in interface RoleService
Parameters:
principalId - the principalId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Returns:
newly created/assigned RoleMember.
Throws:
RiceIllegalArgumentException - if princialId, namespaceCode or roleName is null or blank.

assignGroupToRole

public RoleMember assignGroupToRole(String groupId,
                                    String namespaceCode,
                                    String roleName,
                                    Map<String,String> qualifier)
                             throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the group with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignGroupToRole in interface RoleService
Parameters:
groupId - the groupId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Returns:
newly created/assigned RoleMember.
Throws:
RiceIllegalStateException

assignRoleToRole

public RoleMember assignRoleToRole(String roleId,
                                   String namespaceCode,
                                   String roleName,
                                   Map<String,String> qualifier)
                            throws RiceIllegalStateException
Description copied from interface: RoleService
Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.

Specified by:
assignRoleToRole in interface RoleService
Parameters:
roleId - the roleId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Returns:
newly created/assigned RoleMember.
Throws:
RiceIllegalStateException

createRoleMember

public RoleMember createRoleMember(RoleMember roleMember)
                            throws RiceIllegalStateException
Description copied from interface: RoleService
Creates a new RoleMember. Needs to be passed a valid RoleMember object that does not currently exist.

Specified by:
createRoleMember in interface RoleService
Parameters:
roleMember - the new RoleMember to save.
Returns:
RoleMember as created.
Throws:
RiceIllegalStateException - if roleMember already exists.

updateRoleMember

public RoleMember updateRoleMember(RoleMember roleMember)
                            throws RiceIllegalArgumentException,
                                   RiceIllegalStateException
Description copied from interface: RoleService
Updates the given roleMember to the values in the passed in roleMember

Specified by:
updateRoleMember in interface RoleService
Parameters:
roleMember - the new RoleMember to save.
Returns:
RoleMember as updated.
Throws:
RiceIllegalArgumentException - if roleMember is null.
RiceIllegalStateException - if roleMember does not yet exist.

updateDelegateMember

public DelegateMember updateDelegateMember(DelegateMember delegateMember)
                                    throws RiceIllegalArgumentException,
                                           RiceIllegalStateException
Description copied from interface: RoleService
Updates the given delegateMember to the values in the passed in delegateMember

Specified by:
updateDelegateMember in interface RoleService
Parameters:
delegateMember - the new DelegateMember to save.
Returns:
DelegateMember as updated.
Throws:
RiceIllegalArgumentException - if delegateMember is null.
RiceIllegalStateException - if delegateMember does not yet exist.

createDelegateMember

public DelegateMember createDelegateMember(DelegateMember delegateMember)
                                    throws RiceIllegalArgumentException,
                                           RiceIllegalStateException
Description copied from interface: RoleService
Creates a new DelegateMember. Needs to be passed a valid DelegateMember object that does not currently exist.

Specified by:
createDelegateMember in interface RoleService
Parameters:
delegateMember - the new DelegateMember to save.
Returns:
DelegateMember as created.
Throws:
RiceIllegalArgumentException - if delegateMember is null.
RiceIllegalStateException - if delegateMember already exists.

removeDelegateMembers

public void removeDelegateMembers(List<DelegateMember> delegateMembers)
                           throws RiceIllegalArgumentException,
                                  RiceIllegalStateException
Description copied from interface: RoleService
Removes existing DelegateMembers. Needs to be passed DelegateMember objects.

Specified by:
removeDelegateMembers in interface RoleService
Throws:
RiceIllegalArgumentException - if delegateMember is null.
RiceIllegalStateException

createRoleResponsibilityAction

public RoleResponsibilityAction createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
                                                        throws RiceIllegalArgumentException,
                                                               RiceIllegalStateException
Description copied from interface: RoleService
Creates a new RoleResponsibilityAction. Needs to be passed a valid RoleResponsibilityAction object that does not currently exist.

Specified by:
createRoleResponsibilityAction in interface RoleService
Parameters:
roleResponsibilityAction - the new RoleResponsibilityAction to save.
Returns:
RoleResponsibilityAction as created.
Throws:
RiceIllegalArgumentException - if roleResponsibilityAction is null.
RiceIllegalStateException - if roleResponsibilityAction already exists.

updateActionRequestsForRoleResponsibilityActionChange

protected void updateActionRequestsForRoleResponsibilityActionChange(org.kuali.rice.kim.impl.role.RoleResponsibilityActionBo bo)
Queues ActionRequest refresh/regeneration for RoleResponsbilityAction change

Parameters:
bo - the changed or deleted RoleResponsibilityActionBo

updateRoleResponsibilityAction

public RoleResponsibilityAction updateRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
                                                        throws RiceIllegalArgumentException,
                                                               RiceIllegalStateException
Description copied from interface: RoleService
Updates the given RoleResponsibilityAction to the values in the passed in roleResponsibilityAction

Specified by:
updateRoleResponsibilityAction in interface RoleService
Parameters:
roleResponsibilityAction - the new RoleResponsibilityAction to save.
Returns:
RoleResponsibilityAction as updated.
Throws:
RiceIllegalArgumentException - if roleResponsibilityAction is null.
RiceIllegalStateException - if roleResponsibilityAction does not exist.

deleteRoleResponsibilityAction

public void deleteRoleResponsibilityAction(String roleResponsibilityActionId)
                                    throws RiceIllegalArgumentException,
                                           RiceIllegalStateException
Description copied from interface: RoleService
Deletes the given RoleResponsibilityAction

Specified by:
deleteRoleResponsibilityAction in interface RoleService
Parameters:
roleResponsibilityActionId - id of the RoleResponsibilityAction to delete.
Throws:
RiceIllegalArgumentException - if roleResponsibilityActionId is null.
RiceIllegalStateException - if roleResponsibilityAction does not exist.

createDelegateType

public DelegateType createDelegateType(DelegateType delegateType)
                                throws RiceIllegalArgumentException,
                                       RiceIllegalStateException
Description copied from interface: RoleService
Creates a new DelegateType. Needs to be passed a valid DelegateType object that does not currently exist.

Specified by:
createDelegateType in interface RoleService
Parameters:
delegateType - the new DelegateType to save.
Returns:
DelegateType as created.
Throws:
RiceIllegalArgumentException - if delegateType is null.
RiceIllegalStateException - if delegateType already exists.

updateDelegateType

public DelegateType updateDelegateType(DelegateType delegateType)
                                throws RiceIllegalArgumentException,
                                       RiceIllegalStateException
Description copied from interface: RoleService
Updates the given DelegateType to the values in the passed in delegateType

Specified by:
updateDelegateType in interface RoleService
Parameters:
delegateType - the new DelegateType to save.
Returns:
DelegateType as updated.
Throws:
RiceIllegalArgumentException - if delegateType is null.
RiceIllegalStateException - if delegateType does not yet exist.

removePrincipalFromRole

public void removePrincipalFromRole(String principalId,
                                    String namespaceCode,
                                    String roleName,
                                    Map<String,String> qualifier)
                             throws RiceIllegalArgumentException
Description copied from interface: RoleService
Remove the principal with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removePrincipalFromRole in interface RoleService
Parameters:
principalId - the principalId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Throws:
RiceIllegalArgumentException - if principalId, namespaceCode or roleName is null or blank.

removeGroupFromRole

public void removeGroupFromRole(String groupId,
                                String namespaceCode,
                                String roleName,
                                Map<String,String> qualifier)
                         throws RiceIllegalArgumentException
Description copied from interface: RoleService
Remove the group with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removeGroupFromRole in interface RoleService
Parameters:
groupId - the groupId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Throws:
RiceIllegalArgumentException - if groupId, namespaceCode or roleName is null or blank.

removeRoleFromRole

public void removeRoleFromRole(String roleId,
                               String namespaceCode,
                               String roleName,
                               Map<String,String> qualifier)
                        throws RiceIllegalArgumentException
Description copied from interface: RoleService
Remove the group with the given id and qualifications from the role with the specified namespace code and role name.

Specified by:
removeRoleFromRole in interface RoleService
Parameters:
roleId - the roleId
namespaceCode - the namespaceCode of the Role
roleName - the name of the role
qualifier - the qualifications for the principalId to be assigned to the role
Throws:
RiceIllegalArgumentException - if roleId, namespaceCode or roleName is null or blank.

assignPermissionToRole

public void assignPermissionToRole(String permissionId,
                                   String roleId)
                            throws RiceIllegalArgumentException
Description copied from interface: RoleService
Assigns the given permission to the given role

Specified by:
assignPermissionToRole in interface RoleService
Parameters:
permissionId - the permissionId
roleId - the roleId
Throws:
RiceIllegalArgumentException - if permissionId or roleId is null or blank.

revokePermissionFromRole

public void revokePermissionFromRole(String permissionId,
                                     String roleId)
                              throws RiceIllegalArgumentException
Description copied from interface: RoleService
Removes the given permission to the given role

Specified by:
revokePermissionFromRole in interface RoleService
Parameters:
permissionId - the permissionId
roleId - the roleId
Throws:
RiceIllegalArgumentException - if permissionId or roleId is null or blank.

addMemberAttributeData

protected void addMemberAttributeData(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember,
                                      Map<String,String> qualifier,
                                      String kimTypeId)

addDelegationMemberAttributeData

protected void addDelegationMemberAttributeData(org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo delegationMember,
                                                Map<String,String> qualifier,
                                                String kimTypeId)

logPrincipalHasRoleCheck

protected void logPrincipalHasRoleCheck(String principalId,
                                        List<String> roleIds,
                                        Map<String,String> roleQualifiers)

getProxiedRoleService

protected RoleService getProxiedRoleService()
This gets the proxied version of the role service which will go through Spring's caching mechanism for method calls rather than skipping it when methods are called directly.

Returns:
The proxied role service

setCacheManager

public void setCacheManager(org.springframework.cache.CacheManager cacheManager)
Sets the cache manager which this service implementation can for internal caching. Calling this setter is optional, though the value passed to it must not be null.

Parameters:
cacheManager - the cache manager to use for internal caching, must not be null
Throws:
IllegalArgumentException - if a null cache manager is passed

getNestedRoleTypeMemberIds

protected void getNestedRoleTypeMemberIds(String roleId,
                                          Set<String> members)

getRoleMembersForPrincipalId

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersForPrincipalId(String roleId,
                                                                                       String principalId)

getRoleMembersForGroupIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersForGroupIds(String roleId,
                                                                                    List<String> groupIds)

getRoleMemberBoList

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                              Collection<String> roleIds,
                                                                              String principalId,
                                                                              Collection<String> groupIds,
                                                                              String memberTypeCode,
                                                                              Map<String,String> qualification)
Retrieves a list of RoleMemberBo instances from the KimRoleDao.

Parameters:
daoActionToTake - An indicator for which KimRoleDao method should be used to get the results if the desired RoleMemberBos are not cached.
roleIds - The role IDs to filter by; may get used as the IDs for members that are also roles, depending on the daoActionToTake value.
principalId - The principal ID to filter by; may get ignored depending on the daoActionToTake value.
groupIds - The group IDs to filter by; may get ignored depending on the daoActionToTake value.
memberTypeCode - The member type code to filter by; may get overridden depending on the daoActionToTake value.
qualification - The original role qualification attribute set
Returns:
A list of RoleMemberBo instances based on the provided parameters.
Throws:
IllegalArgumentException - if daoActionToTake refers to an enumeration constant that is not role-member-related.

getStoredRolePrincipalsForPrincipalIdAndRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collection<String> roleIds,
                                                                                                          String principalId,
                                                                                                          Map<String,String> qualification)
Calls the KimRoleDao's "getRolePrincipalsForPrincipalIdAndRoleIds" method and/or retrieves any corresponding members from the cache.


getStoredRoleGroupsForGroupIdsAndRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleGroupsForGroupIdsAndRoleIds(Collection<String> roleIds,
                                                                                                   Collection<String> groupIds,
                                                                                                   Map<String,String> qualification)
Calls the KimRoleDao's "getRoleGroupsForGroupIdsAndRoleIds" method and/or retrieves any corresponding members from the cache.


getStoredRoleMembersForRoleIds

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIds(Collection<String> roleIds,
                                                                                         String memberTypeCode,
                                                                                         Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembersForRoleIds" method and/or retrieves any corresponding members from the cache.


getStoredRoleMembershipsForRoleIdsAsMembers

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembershipsForRoleIdsAsMembers(Collection<String> roleIds,
                                                                                                      Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembershipsForRoleIdsAsMembers" method and/or retrieves any corresponding members from the cache.


getStoredRoleMembersForRoleIdsWithFilters

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getStoredRoleMembersForRoleIdsWithFilters(Collection<String> roleIds,
                                                                                                    String principalId,
                                                                                                    List<String> groupIds,
                                                                                                    Map<String,String> qualification)
Calls the KimRoleDao's "getRoleMembersForRoleIdsWithFilters" method and/or retrieves any corresponding members from the cache.


getRoleMemberBo

protected org.kuali.rice.kim.impl.role.RoleMemberBo getRoleMemberBo(String roleMemberId)
Retrieves a RoleMemberBo object by its ID. If the role member already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it (if it belongs to a role that allows its members to be cached) before returning it.


getRoleResponsibilityActionBo

protected org.kuali.rice.kim.impl.role.RoleResponsibilityActionBo getRoleResponsibilityActionBo(String roleResponsibilityActionId)
Retrieves a RoleResponsibilityActionBo object by its ID.


getStoredDelegationImplMapFromRoleIds

protected Map<String,org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplMapFromRoleIds(Collection<String> roleIds)
Calls the KimRoleDao's "getDelegationImplMapFromRoleIds" method and/or retrieves any corresponding delegations from the cache.


getStoredDelegationImplsForRoleIds

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> getStoredDelegationImplsForRoleIds(Collection<String> roleIds)
Calls the KimRoleDao's "getDelegationBosForRoleIds" method and/or retrieves any corresponding delegations from the cache.


getDelegationMemberBoList

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoList(RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                                                   Collection<String> delegationIds,
                                                                                                   String principalId,
                                                                                                   List<String> groupIds)
Retrieves a List of delegation members from the KimRoleDao as appropriate.

Parameters:
daoActionToTake - An indicator for which KimRoleDao method to use for retrieving results.
delegationIds - The IDs of the delegations that the members belong to.
principalId - The principal ID of the principal delegation members; may get ignored depending on the RoleDaoAction value.
groupIds - The group IDs of the group delegation members; may get ignored depending on the RoleDaoAction value.
Returns:
A List of DelegateMemberBo objects based on the provided parameters.
Throws:
IllegalArgumentException - if daoActionToTake does not represent a delegation-member-list-related enumeration value.

getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(Collection<String> delegationIds,
                                                                                                                                     String principalId)
Calls the KimRoleDao's "getDelegationPrincipalsForPrincipalIdAndDelegationIds" method and/or retrieves any corresponding members from the cache.


getDelegateMemberBo

protected org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo getDelegateMemberBo(String delegationMemberId)
Retrieves a DelegateMemberBo object by its ID. If the delegation member already exists in the cache, this method will return the cached version; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.


getDelegationMemberBoListByMemberAndDelegationId

protected List<org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo> getDelegationMemberBoListByMemberAndDelegationId(String memberId,
                                                                                                                          String delegationId)
Retrieves a DelegateMemberBo List by (principal/group/role) member ID and delegation ID. If the List already exists in the cache, this method will return the cached one; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.


getMember

protected Object getMember(String memberTypeCode,
                           String memberId)

getMemberName

protected String getMemberName(Object member)

getRoleBo

protected org.kuali.rice.kim.impl.role.RoleBo getRoleBo(String roleId)

getRoleBoLite

protected org.kuali.rice.kim.impl.role.RoleBoLite getRoleBoLite(String roleId)

getDelegationOfType

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getDelegationOfType(String roleId,
                                                                                     DelegationType delegationType)

getPrimaryDelegation

protected org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo getPrimaryDelegation(String roleId,
                                                                                      List<org.kuali.rice.kim.impl.common.delegate.DelegateTypeBo> roleDelegates)

matchingMemberRecord

protected org.kuali.rice.kim.impl.role.RoleMemberBo matchingMemberRecord(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers,
                                                                         String memberId,
                                                                         String memberTypeCode,
                                                                         Map<String,String> qualifier)

isDelegationPrimary

protected boolean isDelegationPrimary(DelegationType delegationType)

isDelegationSecondary

protected boolean isDelegationSecondary(DelegationType delegationType)

getRoleBoByName

protected org.kuali.rice.kim.impl.role.RoleBo getRoleBoByName(String namespaceCode,
                                                              String roleName)

getRoleBoLiteByName

protected org.kuali.rice.kim.impl.role.RoleBoLite getRoleBoLiteByName(String namespaceCode,
                                                                      String roleName)

doAnyMemberRecordsMatchByExactQualifier

protected List<RoleMember> doAnyMemberRecordsMatchByExactQualifier(RoleEbo role,
                                                                   String memberId,
                                                                   RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                   Map<String,String> qualifier)

getRoleMembersByExactQualifierMatch

protected List<org.kuali.rice.kim.impl.role.RoleMemberBo> getRoleMembersByExactQualifierMatch(RoleEbo role,
                                                                                              String memberId,
                                                                                              RoleServiceBase.RoleDaoAction daoActionToTake,
                                                                                              Map<String,String> qualifier)

doAnyMemberRecordsMatch

protected RoleMember doAnyMemberRecordsMatch(List<org.kuali.rice.kim.impl.role.RoleMemberBo> roleMembers,
                                             String memberId,
                                             String memberTypeCode,
                                             Map<String,String> qualifier)

doesMemberMatch

protected boolean doesMemberMatch(org.kuali.rice.kim.impl.role.RoleMemberBo roleMember,
                                  String memberId,
                                  String memberTypeCode,
                                  Map<String,String> qualifier)

getRoleTypeService

protected RoleTypeService getRoleTypeService(String roleId)
Retrieves the role type service associated with the given role ID

Parameters:
roleId - the role ID to get the role type service for
Returns:
the Role Type Service

getRoleTypeServiceByName

protected RoleTypeService getRoleTypeServiceByName(String serviceName)
Retrieves the role type service for the given service name.

Parameters:
serviceName - the name of the service to retrieve
Returns:
the Role Type Service

getRoleTypeService

protected RoleTypeService getRoleTypeService(KimType typeInfo)

populateQualifiersForExactMatch

protected Map<String,String> populateQualifiersForExactMatch(Map<String,String> defaultQualification,
                                                             List<String> attributes)

getKimAttributeId

protected String getKimAttributeId(String attributeName)

getBusinessObjectService

protected BusinessObjectService getBusinessObjectService()

getLookupService

protected LookupService getLookupService()
Returns:
the lookupService

getIdentityService

protected IdentityService getIdentityService()

getGroupService

protected GroupService getGroupService()

getResponsibilityInternalService

protected ResponsibilityInternalService getResponsibilityInternalService()

getRoleDao

protected RoleDao getRoleDao()
Returns:
the roleDao

setRoleDao

public void setRoleDao(RoleDao roleDao)
Parameters:
roleDao - the roleDao to set

setCriteriaLookupService

public void setCriteriaLookupService(CriteriaLookupService criteriaLookupService)

getCriteriaLookupService

public CriteriaLookupService getCriteriaLookupService()


Copyright © 2005-2014 The Kuali Foundation. All Rights Reserved.