001/**
002 * Copyright 2005-2015 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016package org.kuali.rice.kim.impl.jaxb;
017
018import java.io.Serializable;
019
020import javax.xml.bind.annotation.XmlAccessType;
021import javax.xml.bind.annotation.XmlAccessorType;
022import javax.xml.bind.annotation.XmlElement;
023import javax.xml.bind.annotation.XmlType;
024
025/**
026 * This class represents a <roleData> element.
027 * 
028 * <p>The expected XML structure is as follows:
029 * 
030 * <br>
031 * <br>&lt;roleData&gt;
032 * <br>&nbsp;&nbsp;&lt;roles&gt;
033 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;role&gt;
034 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
035 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;kimTypeName namespaceCode=""&gt;&lt;/kimTypeName&gt;
036 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;description&gt;&lt;/description&gt;
037 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;active&gt;&lt;/active&gt;
038 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMembers&gt;
039 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
040 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
041 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
042 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
043 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
044 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
045 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
046 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
047 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
048 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
049 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
050 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
051 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
052 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMembers&gt;
053 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermissions&gt;
054 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
055 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
056 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
057 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
058 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermissions&gt;
059 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/role&gt;
060 * <br>&nbsp;&nbsp;&lt;/roles&gt;
061 * <br>&nbsp;&nbsp;&lt;roleMembers&gt;
062 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
063 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
064 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
065 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
066 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
067 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
068 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
069 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
070 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
071 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
072 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
073 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
074 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
075 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
076 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
077 * <br>&nbsp;&nbsp;&lt;/roleMembers&gt;
078 * <br>&nbsp;&nbsp;&lt;rolePermissions&gt;
079 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
080 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
081 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
082 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
083 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
084 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
085 * <br>&nbsp;&nbsp;&lt;/rolePermissions&gt;
086 * <br>&lt;/roleData&gt;
087 * 
088 * <p>Note the following:
089 * <ul>
090 *   <li>The &lt;roles&gt; element is optional, and can contain zero or more &lt;role&gt; elements.
091 *   <li>The &lt;roleName&gt; element on the &lt;role&gt; element and its "namespaceCode" attribute
092 *   are required, and must be non-blank. The namespace code must map to a valid namespace.
093 *   If the name and namespace combo matches an existing role, then the role in the XML will
094 *   overwrite the existing role.
095 *   <li>The &lt;kimTypeName&gt; and its "namespaceCode" attribute are both required, and the
096 *   name and namespace combo must match an existing KIM type.
097 *   <li>The &lt;description&gt; element is required, and must be non-blank.
098 *   <li>The &lt;active&gt; element is optional, and will be set to true if not specified.
099 *   <li>Both &lt;roleMembers&gt; elements are optional, and can contain zero or more
100 *   &lt;roleMember&gt; elements. If the &lt;roleMembers&gt; element within the &lt;role&gt;
101 *   element is specified, then any role members that are not within that element will be removed
102 *   from the role if the XML is overwriting an existing one. (The &lt;roleMembers&gt; element
103 *   outside of the &lt;role&gt; element can still add or re-add members that are not located
104 *   within the other &lt;roleMembers&gt; element.)
105 *   <li>For both &lt;roleMember&gt; elements:
106 *     <ul>
107 *       <li>Exactly one of these sets of member identification must be specified:
108 *         <ol>
109 *           <li>A &lt;principalId&gt; and/or &lt;principalName&gt; element, where the former
110 *           must contain a valid principal ID and the latter must contain a valid principal name.
111 *           <li>A &lt;groupId&gt; and/or &lt;groupName&gt; element, where the former must contain
112 *           a valid group ID and the latter must contain a valid group name and namespace.
113 *           <li>A &lt;roleIdAsMember&gt; and/or &lt;roleNameAsMember&gt; element, where the former
114 *           must contain a valid role ID and the latter must contain a valid role name and namespace.
115 *         </ol>
116 *       <li>The &lt;activeFromDate&gt; element is optional, and its content must be a date String
117 *       that can be parsed by the DateTimeService.
118 *       <li>The &lt;activeToDate&gt; element is optional, and its content must be a date String
119 *       that can be parsed by the DateTimeService.
120 *       <li>The &lt;qualifications&gt; element is optional, and can contain zero or more
121 *       &lt;qualification&gt; elements.
122 *       <li>The &lt;qualification&gt; element's "key" attribute is required, and must be non-blank.
123 *       Duplicate keys within a &lt;qualifications&gt; element are not permitted.
124 *     </ul>
125 *   <li>For both &lt;rolePermission&gt; elements:
126 *     <ul>
127 *       <li>A &lt;permissionId&gt; and/or &lt;permissionName&gt; element must be specified, where the
128 *       former must contain a valid permission ID and the latter must contain a valid permission
129 *       name and namespace.
130 *     </ul>
131 *   <li>For the &lt;roleMember&gt; and &lt;rolePermission&gt; elements not inside a &lt;role&gt; element:
132 *     <ul>
133 *       <li>A &lt;roleId&gt; and/or &lt;roleName&gt; element must be specified, where the former must
134 *       contain a valid role ID and the latter must contain a valid role name and namespace.
135 *     </ul>
136 *   <li>The ingestion process is currently order-dependent, which should be kept in mind when adding
137 *   roles as members of another role or assigning permissions to roles. (The permission XML always
138 *   gets ingested prior to the role XML.)
139 *   <li>The assignments of permissions to roles can only be added, not removed or deactivated.
140 *   (TODO: Improve the role/permission-updating API to allow for updates and removals.)
141 *   <li>The same roles, role members, and role permissions can be ingested within the same file,
142 *   where subsequent ones will overwrite previous ones. (TODO: Is this acceptable?)
143 *   <li>The IDs of principals, groups, roles, and permissions are not included when exporting the XML.
144 *   <li>Delegations and responsibility actions are currently not supported by the ingestion process.
145 * </ul>
146 * 
147 * TODO: Verify that the above behavior is correct.
148 * 
149 * @author Kuali Rice Team (rice.collab@kuali.org)
150 */
151@XmlAccessorType(XmlAccessType.FIELD)
152@XmlType(name="RoleDataType", propOrder={"roles", "roleMembers", "rolePermissions"})
153public class RoleDataXmlDTO implements Serializable {
154
155    private static final long serialVersionUID = 1L;
156
157    @XmlElement(name="roles")
158    private RolesXmlDTO roles;
159    
160    @XmlElement(name="roleMembers")
161    private RoleMembersXmlDTO.OutsideOfRole roleMembers;
162
163    @XmlElement(name="rolePermissions")
164    private RolePermissionsXmlDTO.OutsideOfRole rolePermissions;
165    
166    public RoleDataXmlDTO() {}
167    
168    public RoleDataXmlDTO(RolesXmlDTO roles) {
169        this.roles = roles;
170    }
171
172    /**
173     * @return the roles
174     */
175    public RolesXmlDTO getRoles() {
176        return this.roles;
177    }
178
179    /**
180     * @param roles the roles to set
181     */
182    public void setRoles(RolesXmlDTO roles) {
183        this.roles = roles;
184    }
185
186    /**
187     * @return the roleMembers
188     */
189    public RoleMembersXmlDTO.OutsideOfRole getRoleMembers() {
190        return this.roleMembers;
191    }
192
193    /**
194     * @param roleMembers the roleMembers to set
195     */
196    public void setRoleMembers(RoleMembersXmlDTO.OutsideOfRole roleMembers) {
197        this.roleMembers = roleMembers;
198    }
199
200    /**
201     * @return the rolePermissions
202     */
203    public RolePermissionsXmlDTO.OutsideOfRole getRolePermissions() {
204        return this.rolePermissions;
205    }
206
207    /**
208     * @param rolePermissions the rolePermissions to set
209     */
210    public void setRolePermissions(RolePermissionsXmlDTO.OutsideOfRole rolePermissions) {
211        this.rolePermissions = rolePermissions;
212    }
213        
214}