public interface RoleService
A role is where permissions and responsibilities are granted. Roles have a membership consisting of principals, groups or even other roles. By being assigned as members of a role, the associated principals will be granted all permissions and responsibilities that have been granted to the role.
Each membership assignment on the role can have a qualification which defines extra information about that particular member of the role. For example, one may have the role of "Dean" but that can be further qualified by the school they are the dean of, such as "Dean of Computer Science". Authorization checks that are then done in the permission service can pass qualifiers as part of the operation if they want to restrict the subset of the role against which the check is made.
Modifier and Type | Method and Description |
---|---|
RoleMember |
assignGroupToRole(String groupId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Assigns the group with the given id to the role with the specified
namespace code and name with the supplied set of qualifications.
|
void |
assignPermissionToRole(String permissionId,
String roleId)
Assigns the given permission to the given role
|
RoleMember |
assignPrincipalToRole(String principalId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Assigns the principal with the given id to the role with the specified
namespace code and name with the supplied set of qualifications.
|
RoleMember |
assignRoleToRole(String roleId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Assigns the role with the given id to the role with the specified
namespace code and name with the supplied set of qualifications.
|
DelegateMember |
createDelegateMember(DelegateMember delegateMember)
Creates a new DelegateMember.
|
DelegateType |
createDelegateType(DelegateType delegateType)
Creates a new DelegateType.
|
Role |
createRole(Role role)
This will create a
Role exactly like the role passed in. |
RoleMember |
createRoleMember(RoleMember roleMember)
Creates a new RoleMember.
|
RoleResponsibilityAction |
createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
Creates a new RoleResponsibilityAction.
|
void |
deleteRoleResponsibilityAction(String roleResponsibilityActionId)
Deletes the given RoleResponsibilityAction
|
DelegateMemberQueryResults |
findDelegateMembers(QueryByCriteria queryByCriteria)
Gets role members based on the given search criteria.
|
RoleMemberQueryResults |
findRoleMembers(QueryByCriteria queryByCriteria)
Gets role members based on the given search criteria.
|
RoleMembershipQueryResults |
findRoleMemberships(QueryByCriteria queryByCriteria)
Gets role member information based on the given search criteria.
|
RoleQueryResults |
findRoles(QueryByCriteria queryByCriteria)
This method gets search results for role lookup
|
DelegateType |
getDelegateTypeByDelegationId(String delegationId)
Gets a DelegateType for the given delegation id.
|
DelegateType |
getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId,
DelegationType delegateType)
Gets a DelegateType for the given role id and delegation type.
|
DelegateMember |
getDelegationMemberByDelegationAndMemberId(String delegationId,
String memberId)
Gets the delegate member for the given delegationId and memberId.
|
DelegateMember |
getDelegationMemberById(String id)
Gets the delegate member with the given delegation member id.
|
List<DelegateMember> |
getDelegationMembersByDelegationId(String delegateId)
Gets the delegate members for the given delegation.
|
List<RoleMembership> |
getFirstLevelRoleMembers(List<String> roleIds)
Gets all direct members of the roles that have ids within the given list
of role ids.
|
List<String> |
getMemberParentRoleIds(String memberType,
String memberId)
Gets a list of Roles that the given member belongs to.
|
List<Map<String,String>> |
getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
String namespaceCode,
String roleName,
Map<String,String> qualification)
Returns a list of role qualifiers that the given principal.
|
List<Map<String,String>> |
getNestedRoleQualifiersForPrincipalByRoleIds(String principalId,
List<String> roleIds,
Map<String,String> qualification)
Returns a list of role qualifiers that the given principal.
|
List<String> |
getPrincipalIdSubListWithRole(List<String> principalIds,
String roleNamespaceCode,
String roleName,
Map<String,String> qualification)
Returns the subset of the given principal ID list which has the given role and qualification.
|
Role |
getRole(String id)
Get the KIM Role object with the given ID.
|
Role |
getRoleByNamespaceCodeAndName(String namespaceCode,
String name)
Get the KIM Role object with the unique combination of namespace, component,
and role name.
|
String |
getRoleIdByNamespaceCodeAndName(String namespaceCode,
String name)
Return the Role ID for the given unique combination of namespace,
component and role name.
|
Collection<String> |
getRoleMemberPrincipalIds(String namespaceCode,
String roleName,
Map<String,String> qualification)
This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids
|
List<RoleResponsibilityAction> |
getRoleMemberResponsibilityActions(String roleMemberId)
Gets a list of RoleResponsibilityActions for the given role member id.
|
List<RoleMembership> |
getRoleMembers(List<String> roleIds,
Map<String,String> qualification)
Get all the role members (groups and principals) associated with the given list of roles
where their role membership/assignment matches the given qualification.
|
List<Map<String,String>> |
getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId,
String namespaceCode,
String roleName,
Map<String,String> qualification)
Returns a list of role qualifiers that the given principal has without taking into consideration
that the principal may be a member via an assigned group or role.
|
List<Map<String,String>> |
getRoleQualifersForPrincipalByRoleIds(String principalId,
List<String> roleIds,
Map<String,String> qualification)
Returns a list of role qualifiers that the given principal has without taking into consideration
that the principal may be a member via an assigned group or role.
|
List<RoleResponsibility> |
getRoleResponsibilities(String roleId)
Gets a list of role reponsibilities for the given role id.
|
List<Role> |
getRoles(List<String> ids)
Get the KIM Role objects for the role IDs in the given List.
|
Set<String> |
getRoleTypeRoleMemberIds(String roleId)
Gets a list of Roles Ids that are a member of the given roleId, including nested membership.
|
boolean |
isDerivedRole(String roleId)
Determines if a role with a provided id is a derived role
|
boolean |
isDynamicRoleMembership(String roleId)
Determines if a role with a provided id is a uses dynamic role memberships
|
boolean |
isRoleActive(String id)
Checks whether the role with the given role ID is active.
|
void |
notifyOnMemberRemoval(RoleMember member) |
boolean |
principalHasRole(String principalId,
List<String> roleIds,
Map<String,String> qualification)
Returns whether the given principal has any of the passed role IDs with the given qualification.
|
boolean |
principalHasRole(String principalId,
List<String> roleIds,
Map<String,String> qualification,
boolean checkDelegations)
Returns whether the given principal has any of the passed role IDs with the given qualification.
|
void |
removeDelegateMembers(List<DelegateMember> delegateMembers)
Removes existing DelegateMembers.
|
void |
removeGroupFromRole(String groupId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Remove the group with the given id and qualifications from the role
with the specified namespace code and role name.
|
void |
removePrincipalFromRole(String principalId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Remove the principal with the given id and qualifications from the role
with the specified namespace code and role name.
|
void |
removeRoleFromRole(String roleId,
String namespaceCode,
String roleName,
Map<String,String> qualifications)
Remove the group with the given id and qualifications from the role
with the specified namespace code and role name.
|
void |
revokePermissionFromRole(String permissionId,
String roleId)
Removes the given permission to the given role
|
DelegateMember |
updateDelegateMember(DelegateMember delegateMember)
Updates the given delegateMember to the values in the passed in delegateMember
|
DelegateType |
updateDelegateType(DelegateType delegateType)
Updates the given DelegateType to the values in the passed in delegateType
|
Role |
updateRole(Role role)
This will update a
Role . |
RoleMember |
updateRoleMember(RoleMember roleMember)
Updates the given roleMember to the values in the passed in roleMember
|
RoleResponsibilityAction |
updateRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction)
Updates the given RoleResponsibilityAction to the values in the passed in roleResponsibilityAction
|
@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) Role createRole(Role role) throws RiceIllegalArgumentException, RiceIllegalStateException
Role
exactly like the role passed in.role
- the role to createRiceIllegalArgumentException
- if the role passed in is nullRiceIllegalStateException
- if the role is already existing in the system@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) Role updateRole(Role role) throws RiceIllegalArgumentException, RiceIllegalStateException
Role
.role
- the role to updateRiceIllegalArgumentException
- if the role is nullRiceIllegalStateException
- if the role does not exist in the system@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'id=\' + #p0") Role getRole(String id) throws RiceIllegalArgumentException
id
- the id of the role.RiceIllegalArgumentException
- if roleId is null or Blank@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'ids=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).key(#p0)") List<Role> getRoles(List<String> ids) throws RiceIllegalArgumentException
ids
- the ids of the roles.RiceIllegalArgumentException
- if ids is null or Blank@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'namespaceCode=\' + #p0 + \'|\' + \'name=\' + #p1") Role getRoleByNamespaceCodeAndName(String namespaceCode, String name) throws RiceIllegalArgumentException
namespaceCode
- the namespace code of the role.name
- the name of the role.RiceIllegalArgumentException
- if namespaceCode or name is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'{getRoleIdByNamespaceCodeAndName}\' + \'namespaceCode=\' + #p0 + \'|\' + \'name=\' + #p1") String getRoleIdByNamespaceCodeAndName(String namespaceCode, String name) throws RiceIllegalArgumentException
namespaceCode
- the namespace code of the role.name
- the name of the role.RiceIllegalArgumentException
- if namespaceCode or name is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'{isRoleActive}\' + \'id=\' + #p0") boolean isRoleActive(String id) throws RiceIllegalArgumentException
id
- the unique id of a role.RiceIllegalArgumentException
- if id is null or blank.List<Map<String,String>> getRoleQualifersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification) throws RiceIllegalArgumentException
principalId
- the principalId toroleIds
- the namespace code of the role.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if principalId is null or blank or roleIds is null.List<Map<String,String>> getRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
principalId
- the principalId tonamespaceCode
- the namespace code of the role.roleName
- the name of the role.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if principalId, namespaceCode, or roleName is null or blank.List<Map<String,String>> getNestedRoleQualifersForPrincipalByNamespaceAndRolename(String principalId, String namespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
principalId
- the principalId tonamespaceCode
- the namespace code of the role.roleName
- the name of the role.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if principalId, namespaceCode, or roleName is null or blank.List<Map<String,String>> getNestedRoleQualifiersForPrincipalByRoleIds(String principalId, List<String> roleIds, Map<String,String> qualification) throws RiceIllegalArgumentException
principalId
- the principalId toroleIds
- the namespace code of the role.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if principalId, namespaceCode, or roleName is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMemberType", key="\'roleIds=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).key(#p0) + \'|\' + \'qualification=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).mapKey(#p1)", condition="!T(org.kuali.rice.kim.api.cache.KimCacheUtils).isDynamicRoleMembership(#p0)") List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String,String> qualification) throws RiceIllegalArgumentException
roleIds
- a list of role Ids.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if roleIds is null.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMemberType", key="\'namespaceCode=\' + #p0 + \'|\' + \'roleName=\' + #p1 + \'|\' + \'qualification=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).mapKey(#p2)", condition="!T(org.kuali.rice.kim.api.cache.KimCacheUtils).isDynamicMembshipRoleByNamespaceAndName(#p0, #p1)") Collection<String> getRoleMemberPrincipalIds(String namespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
namespaceCode
- the namespace code of the role.roleName
- the name of the rolequalification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if namespaceCode, or roleName is null or blank.boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification) throws RiceIllegalArgumentException
principalId
- the principal Id to check.roleIds
- the list of role ids.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if roleIds is null or principalId is null or blank.boolean principalHasRole(String principalId, List<String> roleIds, Map<String,String> qualification, boolean checkDelegations) throws RiceIllegalArgumentException
principalId
- the principal Id to check.roleIds
- the list of role ids.qualification
- the qualifications for the roleIds.checkDelegations
- whether delegations should be checked or notRiceIllegalArgumentException
- if roleIds is null or principalId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMemberType", key="\'getPrincipalIdSubListWithRole\' + \'principalIds=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).key(#p0) + \'|\' + \'roleNamespaceCode=\' + #p1 + \'|\' + \'roleName=\' + #p2 + \'|\' + \'qualification=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).mapKey(#p3)", condition="!T(org.kuali.rice.kim.api.cache.KimCacheUtils).isDynamicMembshipRoleByNamespaceAndName(#p1, #p2)") List<String> getPrincipalIdSubListWithRole(List<String> principalIds, String roleNamespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
principalIds
- the principal Ids to check.roleNamespaceCode
- the namespaceCode of the role.roleName
- the name of the role.qualification
- the qualifications for the roleIds.RiceIllegalArgumentException
- if principalIds is null or the roleNamespaceCode or roleName is null or blank.RoleQueryResults findRoles(QueryByCriteria queryByCriteria) throws RiceIllegalArgumentException
queryByCriteria
- the qualifications for the roleIds.RiceIllegalArgumentException
- if queryByCriteria is null.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMembershipType", key="\'roleIds=\' + T(org.kuali.rice.core.api.cache.CacheKeyUtils).key(#p0)") List<RoleMembership> getFirstLevelRoleMembers(List<String> roleIds) throws RiceIllegalArgumentException
The resulting List of role membership will contain membership for all the roles with the specified ids. The list is not guaranteed to be in any particular order and may have membership info for the different roles interleaved with each other.
roleIds
- a list of role Ids.RiceIllegalArgumentException
- if roleIds is null.RoleMembershipQueryResults findRoleMemberships(QueryByCriteria queryByCriteria) throws RiceIllegalArgumentException
queryByCriteria
- the qualifications for the roleIds.RiceIllegalArgumentException
- if queryByCriteria is null.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMembershipType", key="\'memberType=\' + #p0 + \'|\' + \'memberId=\' + #p1") List<String> getMemberParentRoleIds(String memberType, String memberId) throws RiceIllegalArgumentException
memberType
- the role member type.memberId
- the role member id (principalId, roleId, groupId).RiceIllegalArgumentException
- if memberType or memberId is null or blank.RoleMemberQueryResults findRoleMembers(QueryByCriteria queryByCriteria) throws RiceIllegalArgumentException
queryByCriteria
- the qualifications for the roleIds.RiceIllegalArgumentException
- if queryByCriteria is null.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleMemberType", key="\'{getRoleTypeRoleMemberIds}\' + \'roleId=\' + #p0") Set<String> getRoleTypeRoleMemberIds(String roleId) throws RiceIllegalArgumentException
roleId
- the role id.RiceIllegalArgumentException
- if roleId is null or blank.DelegateMemberQueryResults findDelegateMembers(QueryByCriteria queryByCriteria) throws RiceIllegalArgumentException
queryByCriteria
- the qualifications for the roleIds.RiceIllegalArgumentException
- if queryByCriteria is null.@Cacheable(value="http://rice.kuali.org/kim/v2_0/DelegateMemberType", key="\'delegateId=\' + #p0") List<DelegateMember> getDelegationMembersByDelegationId(String delegateId) throws RiceIllegalArgumentException
delegateId
- the delegate id.RiceIllegalArgumentException
- if delegationId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/DelegateMemberType", key="\'delegationId=\' + #p0 + \'|\' + \'memberId=\' + #p1") DelegateMember getDelegationMemberByDelegationAndMemberId(String delegationId, String memberId) throws RiceIllegalArgumentException
delegationId
- the delegate id.memberId
- the member id matching the DelegateMemberRiceIllegalArgumentException
- if delegationId or memberId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/DelegateMemberType", key="\'id=\' + #p0") DelegateMember getDelegationMemberById(String id) throws RiceIllegalArgumentException
id
- the member id matching the DelegateMemberRiceIllegalArgumentException
- if delegationId or memberId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleResponsibilityType", key="\'roleId=\' + #p0") List<RoleResponsibility> getRoleResponsibilities(String roleId) throws RiceIllegalArgumentException
roleId
- the role Id.RiceIllegalArgumentException
- if roleId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleResponsibilityType", key="\'roleMemberId=\' + #p0") List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(String roleMemberId) throws RiceIllegalArgumentException
roleMemberId
- the role member Id.RiceIllegalArgumentException
- if roleMemberId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/DelegateTypeType", key="\'roleId=\' + #p0 + \'|\' + \'delegateType=\' + #p1") DelegateType getDelegateTypeByRoleIdAndDelegateTypeCode(String roleId, DelegationType delegateType) throws RiceIllegalArgumentException
roleId
- the role Id.delegateType
- type of delegationRiceIllegalArgumentException
- if roleId or delegationType is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/DelegateTypeType", key="\'delegationId=\' + #p0") DelegateType getDelegateTypeByDelegationId(String delegationId) throws RiceIllegalArgumentException
delegationId
- the id of delegationRiceIllegalArgumentException
- if delegationId is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleMember assignPrincipalToRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
principalId
- the principalIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if princialId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleMember assignGroupToRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
groupId
- the groupIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if groupId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleMember assignRoleToRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
roleId
- the roleIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if princiapId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleMember createRoleMember(RoleMember roleMember) throws RiceIllegalArgumentException, RiceIllegalStateException
roleMember
- the new RoleMember to save.RiceIllegalArgumentException
- if roleMember is null.RiceIllegalStateException
- if roleMember already exists.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleMember updateRoleMember(RoleMember roleMember) throws RiceIllegalArgumentException, RiceIllegalStateException
roleMember
- the new RoleMember to save.RiceIllegalArgumentException
- if roleMember is null.RiceIllegalStateException
- if roleMember does not yet exist.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) DelegateMember updateDelegateMember(DelegateMember delegateMember) throws RiceIllegalArgumentException, RiceIllegalStateException
delegateMember
- the new DelegateMember to save.RiceIllegalArgumentException
- if delegateMember is null.RiceIllegalStateException
- if delegateMember does not yet exist.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) DelegateMember createDelegateMember(DelegateMember delegateMember) throws RiceIllegalArgumentException, RiceIllegalStateException
delegateMember
- the new DelegateMember to save.RiceIllegalArgumentException
- if delegateMember is null.RiceIllegalStateException
- if delegateMember already exists.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void removeDelegateMembers(List<DelegateMember> delegateMembers) throws RiceIllegalArgumentException, RiceIllegalStateException
DelegateMembers
- to remove.RiceIllegalArgumentException
- if delegateMember is null.RiceIllegalStateException
@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleResponsibilityAction createRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction) throws RiceIllegalArgumentException
roleResponsibilityAction
- the new RoleResponsibilityAction to save.RiceIllegalArgumentException
- if roleResponsibilityAction is null.RiceIllegalStateException
- if roleResponsibilityAction already exists.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) RoleResponsibilityAction updateRoleResponsibilityAction(RoleResponsibilityAction roleResponsibilityAction) throws RiceIllegalArgumentException
roleResponsibilityAction
- the new RoleResponsibilityAction to save.RiceIllegalArgumentException
- if roleResponsibilityAction is null.RiceIllegalStateException
- if roleResponsibilityAction does not exist.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void deleteRoleResponsibilityAction(String roleResponsibilityActionId) throws RiceIllegalArgumentException
roleResponsibilityActionId
- id of the RoleResponsibilityAction to delete.RiceIllegalArgumentException
- if roleResponsibilityActionId is null.RiceIllegalStateException
- if roleResponsibilityAction does not exist.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) DelegateType createDelegateType(DelegateType delegateType) throws RiceIllegalArgumentException, RiceIllegalStateException
delegateType
- the new DelegateType to save.RiceIllegalArgumentException
- if delegateType is null.RiceIllegalStateException
- if delegateType already exists.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) DelegateType updateDelegateType(DelegateType delegateType) throws RiceIllegalArgumentException, RiceIllegalStateException
delegateType
- the new DelegateType to save.RiceIllegalArgumentException
- if delegateType is null.RiceIllegalStateException
- if delegateType does not yet exist.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void removePrincipalFromRole(String principalId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
principalId
- the principalIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if principalId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void removeGroupFromRole(String groupId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
groupId
- the groupIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if groupId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void removeRoleFromRole(String roleId, String namespaceCode, String roleName, Map<String,String> qualifications) throws RiceIllegalArgumentException
roleId
- the roleIdnamespaceCode
- the namespaceCode of the RoleroleName
- the name of the rolequalifications
- the qualifications for the principalId to be assigned to the roleRiceIllegalArgumentException
- if roleId, namespaceCode or roleName is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void assignPermissionToRole(String permissionId, String roleId) throws RiceIllegalArgumentException
permissionId
- the permissionIdroleId
- the roleIdRiceIllegalArgumentException
- if permissionId or roleId is null or blank.@CacheEvict(value={"http://rice.kuali.org/kim/v2_0/RoleType","http://rice.kuali.org/kim/v2_0/PermissionType","http://rice.kuali.org/kim/v2_0/ResponsibilityType","http://rice.kuali.org/kim/v2_0/RoleMembershipType","http://rice.kuali.org/kim/v2_0/RoleMemberType","http://rice.kuali.org/kim/v2_0/DelegateMemberType","http://rice.kuali.org/kim/v2_0/RoleResponsibilityType","http://rice.kuali.org/kim/v2_0/DelegateTypeType"}, allEntries=true) void revokePermissionFromRole(String permissionId, String roleId) throws RiceIllegalArgumentException
permissionId
- the permissionIdroleId
- the roleIdRiceIllegalArgumentException
- if permissionId or roleId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'{isDerivedRole}\' + \'roleId=\' + #p0") boolean isDerivedRole(String roleId) throws RiceIllegalArgumentException
roleId
- the roleIdRiceIllegalArgumentException
- if roleId is null or blank.@Cacheable(value="http://rice.kuali.org/kim/v2_0/RoleType", key="\'{isDynamicRoleMembership}\' + \'roleId=\' + #p0") boolean isDynamicRoleMembership(String roleId) throws RiceIllegalArgumentException
roleId
- the roleIdRiceIllegalArgumentException
- if roleId is null or blank.void notifyOnMemberRemoval(RoleMember member)
Copyright © 2005–2016 The Kuali Foundation. All rights reserved.