001 /*
002 * Copyright 2008-2009 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.rice.kim.service;
017
018 import java.util.List;
019 import java.util.Map;
020
021 import javax.jws.WebMethod;
022 import javax.jws.WebParam;
023 import javax.jws.WebService;
024 import javax.jws.soap.SOAPBinding;
025 import javax.servlet.http.HttpServletRequest;
026 import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
027
028 import org.kuali.rice.core.jaxb.AttributeSetAdapter;
029 import org.kuali.rice.core.jaxb.MapStringStringAdapter;
030 import org.kuali.rice.kim.bo.entity.dto.KimEntityDefaultInfo;
031 import org.kuali.rice.kim.bo.entity.dto.KimEntityInfo;
032 import org.kuali.rice.kim.bo.entity.dto.KimPrincipalInfo;
033 import org.kuali.rice.kim.bo.group.dto.GroupInfo;
034 import org.kuali.rice.kim.bo.reference.dto.AddressTypeInfo;
035 import org.kuali.rice.kim.bo.reference.dto.AffiliationTypeInfo;
036 import org.kuali.rice.kim.bo.reference.dto.CitizenshipStatusInfo;
037 import org.kuali.rice.kim.bo.reference.dto.EmailTypeInfo;
038 import org.kuali.rice.kim.bo.reference.dto.EmploymentStatusInfo;
039 import org.kuali.rice.kim.bo.reference.dto.EmploymentTypeInfo;
040 import org.kuali.rice.kim.bo.reference.dto.EntityNameTypeInfo;
041 import org.kuali.rice.kim.bo.reference.dto.EntityTypeInfo;
042 import org.kuali.rice.kim.bo.reference.dto.ExternalIdentifierTypeInfo;
043 import org.kuali.rice.kim.bo.reference.dto.PhoneTypeInfo;
044 import org.kuali.rice.kim.bo.role.dto.KimPermissionInfo;
045 import org.kuali.rice.kim.bo.role.dto.KimResponsibilityInfo;
046 import org.kuali.rice.kim.bo.role.dto.PermissionAssigneeInfo;
047 import org.kuali.rice.kim.bo.role.dto.ResponsibilityActionInfo;
048 import org.kuali.rice.kim.bo.types.dto.AttributeSet;
049 import org.kuali.rice.kim.util.KIMWebServiceConstants;
050
051 /**
052 * This is the front end for the KIM module. Clients of KIM should access this service from
053 * their applications. If KIM is not running on the same machine (VM) as the application
054 * (as would be the case with a standalone Rice server), then this service should be implemented
055 * locally within the application and access the core KIM services
056 * (Authentication/Authorization/Identity/Group) via the service bus.
057 *
058 * For efficiency, implementations of this interface should add appropriate caching of
059 * the information retrieved from the core services for load and performance reasons.
060 *
061 * Most of the methods on this interface are straight pass-thrus to methods on the four core services.
062 *
063 * @author Kuali Rice Team (rice.collab@kuali.org)
064 *
065 */
066 @WebService(name = KIMWebServiceConstants.IdentityManagementService.WEB_SERVICE_NAME, targetNamespace = KIMWebServiceConstants.MODULE_TARGET_NAMESPACE)
067 @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
068 public interface IdentityManagementService {
069
070 // *******************************
071 // IdentityService
072 // *******************************
073
074 KimPrincipalInfo getPrincipal(@WebParam(name="principalId") String principalId);
075 KimPrincipalInfo getPrincipalByPrincipalName(@WebParam(name="principalName") String principalName);
076
077 KimPrincipalInfo getPrincipalByPrincipalNameAndPassword(
078 @WebParam(name="principalName") String principalName,
079 @WebParam(name="password") String password
080 );
081
082 KimEntityDefaultInfo getEntityDefaultInfo( @WebParam(name="entityId") String entityId );
083 KimEntityDefaultInfo getEntityDefaultInfoByPrincipalId( @WebParam(name="principalId") String principalId );
084 KimEntityDefaultInfo getEntityDefaultInfoByPrincipalName( @WebParam(name="principalName") String principalName );
085
086 List<? extends KimEntityDefaultInfo> lookupEntityDefaultInfo(
087 @XmlJavaTypeAdapter(value = MapStringStringAdapter.class)
088 @WebParam(name="searchCriteria") Map<String,String> searchCriteria,
089 @WebParam(name="unbounded") boolean unbounded
090 );
091
092 int getMatchingEntityCount( @XmlJavaTypeAdapter(value = MapStringStringAdapter.class)
093 @WebParam(name="searchCriteria") Map<String,String> searchCriteria );
094
095 //KimEntityPrivacyPreferencesInfo getEntityPrivacyPreferences(String entityId);
096
097 KimEntityInfo getEntityInfo( @WebParam(name="entityId") String entityId );
098 KimEntityInfo getEntityInfoByPrincipalId( @WebParam(name="principalId") String principalId );
099 KimEntityInfo getEntityInfoByPrincipalName( @WebParam(name="principalName") String principalName );
100
101 List<KimEntityInfo> lookupEntityInfo(
102 @XmlJavaTypeAdapter(value = MapStringStringAdapter.class)
103 @WebParam(name = "searchCriteria") Map<String,String> searchCriteria,
104 @WebParam(name="unbounded") boolean unbounded
105 );
106
107 AddressTypeInfo getAddressType( @WebParam(name="code") String code );
108 AffiliationTypeInfo getAffiliationType( @WebParam(name="code")String code );
109 CitizenshipStatusInfo getCitizenshipStatus( @WebParam(name="code") String code );
110 EmailTypeInfo getEmailType( @WebParam(name="code") String code );
111 EmploymentStatusInfo getEmploymentStatus( @WebParam(name="code") String code );
112 EmploymentTypeInfo getEmploymentType( @WebParam(name="code") String code );
113 EntityNameTypeInfo getEntityNameType( @WebParam(name="code") String code );
114 EntityTypeInfo getEntityType( @WebParam(name="code") String code );
115 ExternalIdentifierTypeInfo getExternalIdentifierType( @WebParam(name="code") String code );
116 PhoneTypeInfo getPhoneType( @WebParam(name="code") String code );
117
118 // *******************************
119 // GroupService
120 // *******************************
121
122 GroupInfo getGroup(@WebParam(name="groupId") String groupId);
123
124 GroupInfo getGroupByName(
125 @WebParam(name="namespaceCode") String namespaceCode,
126 @WebParam(name="groupName") String groupName
127 );
128
129 List<String> getParentGroupIds( @WebParam(name="groupId") String groupId);
130 List<String> getDirectParentGroupIds( @WebParam(name="groupId") String groupId);
131
132 @WebMethod(operationName="getGroupIdsForPrincipal")
133 List<String> getGroupIdsForPrincipal( @WebParam(name="principalId") String principalId);
134
135 @WebMethod(operationName="getGroupIdsForPrincipal2")
136 List<String> getGroupIdsForPrincipal(
137 @WebParam(name="principalId") String principalId,
138 @WebParam(name="namespaceCode") String namespaceCode
139 );
140
141 @WebMethod(operationName="getGroupsForPrincipal")
142 List<? extends GroupInfo> getGroupsForPrincipal( @WebParam(name="principalId") String principalId);
143
144 @WebMethod(operationName="getGroupsForPrincipal2")
145 List<? extends GroupInfo> getGroupsForPrincipal(
146 @WebParam(name="principalId") String principalId,
147 @WebParam(name="namespaceCode") String namespaceCode
148 );
149
150 List<String> getMemberGroupIds( @WebParam(name="groupId") String groupId);
151 List<String> getDirectMemberGroupIds( @WebParam(name="groupId") String groupId);
152
153 @WebMethod(operationName="isMemberOfGroup")
154 boolean isMemberOfGroup(
155 @WebParam(name="principalId") String principalId,
156 @WebParam(name="groupId") String groupId
157 );
158
159 @WebMethod(operationName="isMemberOfGroup2")
160 boolean isMemberOfGroup(
161 @WebParam(name="principalId") String principalId,
162 @WebParam(name="namespaceCode") String namespaceCode,
163 @WebParam(name="groupName") String groupName
164 );
165
166 boolean isGroupMemberOfGroup(
167 @WebParam(name="potentialMemberGroupId") String potentialMemberGroupId,
168 @WebParam(name="potentialParentId") String potentialParentId
169 );
170
171 List<String> getGroupMemberPrincipalIds( @WebParam(name="groupId") String groupId);
172 List<String> getDirectGroupMemberPrincipalIds( @WebParam(name="groupId") String groupId);
173
174 boolean addGroupToGroup(
175 @WebParam(name="childId") String childId,
176 @WebParam(name="parentId") String parentId
177 );
178
179 boolean removeGroupFromGroup(
180 @WebParam(name="childId") String childId,
181 @WebParam(name="parentId") String parentId
182 );
183
184 boolean addPrincipalToGroup(
185 @WebParam(name="principalId") String principalId,
186 @WebParam(name="groupId") String groupId
187 );
188
189 boolean removePrincipalFromGroup(
190 @WebParam(name="principalId") String principalId,
191 @WebParam(name="groupId") String groupId
192 );
193
194 GroupInfo createGroup( @WebParam(name="groupInfo") GroupInfo groupInfo);
195 void removeAllGroupMembers( @WebParam(name="groupId") String groupId);
196
197 GroupInfo updateGroup(
198 @WebParam(name="groupId") String groupId,
199 @WebParam(name="groupInfo") GroupInfo groupInfo
200 );
201
202 // *******************************
203 // AuthenticationService
204 // *******************************
205 @WebMethod(exclude=true)
206 String getAuthenticatedPrincipalName( @WebParam(name="request") HttpServletRequest request);
207
208 // *******************************
209 // AuthorizationService
210 // *******************************
211
212 // --------------------
213 // Authorization Checks
214 // --------------------
215
216 boolean hasPermission(
217 @WebParam(name="principalId") String principalId,
218 @WebParam(name="namespaceCode") String namespaceCode,
219 @WebParam(name="permissionName") String permissionName,
220 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails
221 );
222
223 boolean isAuthorized(
224 @WebParam(name="principalId") String principalId,
225 @WebParam(name="namespaceCode") String namespaceCode,
226 @WebParam(name="permissionName") String permissionName,
227 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
228 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
229 );
230
231 boolean hasPermissionByTemplateName(
232 @WebParam(name="principalId") String principalId,
233 @WebParam(name="namespaceCode") String namespaceCode,
234 @WebParam(name="permissionTemplateName") String permissionTemplateName,
235 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails
236 );
237
238 boolean isAuthorizedByTemplateName(
239 @WebParam(name="principalId") String principalId,
240 @WebParam(name="namespaceCode") String namespaceCode,
241 @WebParam(name="permissionTemplateName") String permissionTemplateName,
242 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
243 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
244 );
245
246 /**
247 * Returns the matching permission objects for a principal.
248 */
249 List<? extends KimPermissionInfo> getAuthorizedPermissions(
250 @WebParam(name="principalId") String principalId,
251 @WebParam(name="namespaceCode") String namespaceCode,
252 @WebParam(name="permissionName") String permissionName,
253 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
254 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
255 );
256
257 List<? extends KimPermissionInfo> getAuthorizedPermissionsByTemplateName(
258 @WebParam(name="principalId") String principalId,
259 @WebParam(name="namespaceCode") String namespaceCode,
260 @WebParam(name="permissionTemplateName") String permissionTemplateName,
261 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
262 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
263 );
264
265 List<PermissionAssigneeInfo> getPermissionAssignees(
266 @WebParam(name="namespaceCode") String namespaceCode,
267 @WebParam(name="permissionName") String permissionName,
268 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
269 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
270 );
271
272 List<PermissionAssigneeInfo> getPermissionAssigneesForTemplateName(
273 @WebParam(name="namespaceCode") String namespaceCode,
274 @WebParam(name="permissionTemplateName") String permissionTemplateName,
275 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails,
276 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification
277 );
278
279 // ----------------------
280 // Responsibility Methods
281 // ----------------------
282
283 /**
284 * Get the responsibility object with the given ID.
285 */
286 KimResponsibilityInfo getResponsibility( @WebParam(name="responsibilityId") String responsibilityId);
287
288 /**
289 * Return the responsibility object for the given unique combination of namespace,
290 * component and responsibility name.
291 */
292 List<? extends KimResponsibilityInfo> getResponsibilitiesByName(
293 @WebParam(name="namespaceCode") String namespaceCode,
294 @WebParam(name="responsibilityName") String responsibilityName
295 );
296
297 /**
298 * Check whether the principal has the given responsibility within the passed qualifier.
299 */
300 boolean hasResponsibility(
301 @WebParam(name="principalId") String principalId,
302 @WebParam(name="namespaceCode") String namespaceCode,
303 @WebParam(name="responsibilityName") String responsibilityName,
304 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification,
305 @WebParam(name="responsibilityDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet responsibilityDetails
306 );
307
308 /**
309 * Check whether the principal has the given responsibility within the passed qualifier.
310 */
311 boolean hasResponsibilityByTemplateName(
312 @WebParam(name="principalId") String principalId,
313 @WebParam(name="namespaceCode") String namespaceCode,
314 @WebParam(name="responsibilityTemplateName") String responsibilityTemplateName,
315 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification,
316 @WebParam(name="responsibilityDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet responsibilityDetails
317 );
318
319 List<ResponsibilityActionInfo> getResponsibilityActions(
320 @WebParam(name="namespaceCode") String namespaceCode,
321 @WebParam(name="responsibilityName") String responsibilityName,
322 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification,
323 @WebParam(name="responsibilityDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet responsibilityDetails
324 );
325
326 List<ResponsibilityActionInfo> getResponsibilityActionsByTemplateName(
327 @WebParam(name="namespaceCode") String namespaceCode,
328 @WebParam(name="responsibilityTemplateName") String responsibilityTemplateName,
329 @WebParam(name="qualification") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet qualification,
330 @WebParam(name="responsibilityDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet responsibilityDetails
331 );
332
333 /**
334 * Returns true if there are any assigned permissions with the given template.
335 */
336 boolean isPermissionDefinedForTemplateName(
337 @WebParam(name="namespaceCode") String namespaceCode,
338 @WebParam(name="permissionTemplateName") String permissionTemplateName,
339 @WebParam(name="permissionDetails") @XmlJavaTypeAdapter(value = AttributeSetAdapter.class) AttributeSet permissionDetails
340 );
341
342
343 // ----------------------
344 // Cache Flush Methods
345 // ----------------------
346
347 void flushAllCaches();
348 void flushEntityPrincipalCaches();
349 void flushGroupCaches();
350 void flushPermissionCaches();
351 void flushResponsibilityCaches();
352
353 }