RoleService

• createRole
• updateRole
• getRole
• getRoles
• getRoleByNamespaceCodeAndName
• getRoleIdByNamespaceCodeAndName
• isRoleActive
• getRoleQualifersForPrincipalByRoleIds
• getRoleQualifersForPrincipalByNamespaceAndRolename
• getNestedRoleQualifersForPrincipalByNamespaceAndRolename
• getNestedRoleQualifiersForPrincipalByRoleIds
• getRoleMembers
• getRoleMemberPrincipalIds
• principalHasRole
• principalHasRole
• getPrincipalIdSubListWithRole
• findRoles
• getFirstLevelRoleMembers
• findRoleMemberships
• getMemberParentRoleIds
• findRoleMembers
• getRoleTypeRoleMemberIds
• findDelegateMembers
• getDelegationMembersByDelegationId
• getDelegationMemberByDelegationAndMemberId
• getDelegationMemberById
• getRoleResponsibilities
• getRoleMemberResponsibilityActions
• getDelegateTypeByRoleIdAndDelegateTypeCode
• getDelegateTypeByDelegationId
• assignPrincipalToRole
• assignGroupToRole
• assignRoleToRole
• createRoleMember
• updateRoleMember
• updateDelegateMember
• createDelegateMember
• removeDelegateMembers
• createRoleResponsibilityAction
• createDelegateType
• updateDelegateType
• removePrincipalFromRole
• removeGroupFromRole
• removeRoleFromRole
• assignPermissionToRole
• revokePermissionFromRole
• isDerivedRole
• isDynamicRoleMembership

• Role
• RoleMembership
• RoleQueryResults
• QueryByCriteria
• RoleMembershipQueryResults
• RoleMemberQueryResults
• DelegateMemberQueryResults
• DelegateMember
• RoleResponsibility
• RoleResponsibilityAction
• DelegateType
• RoleMember
• void

Method	createRole
Description	This will create a {@link org.kuali.rice.kim.api.role.Role} exactly like the role passed in.
Parameters	Role	role	the role to create
Return	Role		the newly created object. will never be null.
Errors	RiceIllegalArgumentException		if the role passed in is null
	RiceIllegalStateException		if the role is already existing in the system

Back to Operations

Method	updateRole
Description	This will update a {@link Role}.
Parameters	Role	role	the role to update
Return	Role		???
Errors	RiceIllegalArgumentException		if the role is null
	RiceIllegalStateException		if the role does not exist in the system

Back to Operations

Method	getRole
Description	Get the KIM Role object with the given ID.
Parameters	String	id	the id of the role.
Return	Role		the role with the given id or null if role doesn't exist.
Errors	RiceIllegalArgumentException		if roleId is null or Blank

Back to Operations

Method	getRoles
Description	Get the KIM Role objects for the role IDs in the given List.
Parameters	StringList	ids	the ids of the roles.
Return	RoleList		a list of roles with the given ids or null if no roles are found.
Errors	RiceIllegalArgumentException		if ids is null or Blank

Back to Operations

Method	getRoleByNamespaceCodeAndName
Description	Get the KIM Role object with the unique combination of namespace, component, and role name.
Parameters	String	namespaceCode	the namespace code of the role.
	String	name	the name of the role.
Return	Role		a role with the given namespace code and name or null if role does not exist.
Errors	RiceIllegalArgumentException		if namespaceCode or name is null or blank.

Back to Operations

Method	getRoleIdByNamespaceCodeAndName
Description	Return the Role ID for the given unique combination of namespace, component and role name.
Parameters	String	namespaceCode	the namespace code of the role.
	String	name	the name of the role.
Return	String		a role id for a role with the given namespace code and name or null if role does not exist.
Errors	RiceIllegalArgumentException		if namespaceCode or name is null or blank.

Back to Operations

Method	isRoleActive
Description	Checks whether the role with the given role ID is active.
Parameters	String	id	the unique id of a role.
Return	boolean		true if the role with the given id is active.
Errors	RiceIllegalArgumentException		if id is null or blank.

Back to Operations

Method	getRoleQualifersForPrincipalByRoleIds
Description	Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.
Parameters	String	principalId	the principalId to
	StringList	roleIds	the namespace code of the role.
	Map	qualification	the qualifications for the roleIds.
Return	MapList		a map of role qualifiers for the given principalId, roleIds and qualifications or an empty map if none found.
Errors	RiceIllegalArgumentException		if principalId is null or blank or roleIds is null.

Back to Operations

Method	getRoleQualifersForPrincipalByNamespaceAndRolename
Description	Returns a list of role qualifiers that the given principal has without taking into consideration that the principal may be a member via an assigned group or role. Use in situations where you are only interested in the qualifiers that are directly assigned to the principal.
Parameters	String	principalId	the principalId to
	String	namespaceCode	the namespace code of the role.
	String	roleName	the name of the role.
	Map	qualification	the qualifications for the roleIds.
Return	MapList		a map of role qualifiers for the given parameters or an empty map if none found.
Errors	RiceIllegalArgumentException		if principalId, namespaceCode, or roleName is null or blank.

Back to Operations

Method	getNestedRoleQualifersForPrincipalByNamespaceAndRolename
Description	Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.
Parameters	String	principalId	the principalId to
	String	namespaceCode	the namespace code of the role.
	String	roleName	the name of the role.
	Map	qualification	the qualifications for the roleIds.
Return	MapList		a map of nested role qualifiers for the given parameters or an empty map if none found.
Errors	RiceIllegalArgumentException		if principalId, namespaceCode, or roleName is null or blank.

Back to Operations

Method	getNestedRoleQualifiersForPrincipalByRoleIds
Description	Returns a list of role qualifiers that the given principal. If the principal's membership is via a group or role, that group or role's qualifier on the given role is returned.
Parameters	String	principalId	the principalId to
	StringList	roleIds	the namespace code of the role.
	Map	qualification	the qualifications for the roleIds.
Return	MapList		a map of role qualifiers for the given roleIds and qualifications or an empty map if none found.
Errors	RiceIllegalArgumentException		if principalId, namespaceCode, or roleName is null or blank.

Back to Operations

Method	getRoleMembers
Description	Get all the role members (groups and principals) associated with the given list of roles where their role membership/assignment matches the given qualification. The list of RoleMemberships returned will only contain group and principal members. Any nested role members will be resolved and flattened into the principals and groups that are members of that nested role (assuming qualifications match). The return object will have each membership relationship along with the delegations
Parameters	StringList	roleIds	a list of role Ids.
	Map	qualification	the qualifications for the roleIds.
Return	RoleMembershipList		a list of role members for the given roleIds and qualifications or an empty list if none found.
Errors	RiceIllegalArgumentException		if roleIds is null.

Back to Operations

Method	getRoleMemberPrincipalIds
Description	This method gets all the members, then traverses down into members of type role and group to obtain the nested principal ids
Parameters	String	namespaceCode	the namespace code of the role.
	String	roleName	the name of the role
	Map	qualification	the qualifications for the roleIds.
Return	StringList		a list of role member principalIds for the given roleIds and qualifications, or an empty list if none found.
Errors	RiceIllegalArgumentException		if namespaceCode, or roleName is null or blank.

Back to Operations

Method	principalHasRole
Description	Returns whether the given principal has any of the passed role IDs with the given qualification.
Parameters	String	principalId	the principal Id to check.
	StringList	roleIds	the list of role ids.
	Map	qualification	the qualifications for the roleIds.
Return	boolean		true if the principal is assigned the one of the given roleIds with the passed in qualifications.
Errors	RiceIllegalArgumentException		if roleIds is null or principalId is null or blank.

Back to Operations

Method	principalHasRole
Description	Returns whether the given principal has any of the passed role IDs with the given qualification.
Parameters	String	principalId	the principal Id to check.
	StringList	roleIds	the list of role ids.
	Map	qualification	the qualifications for the roleIds.
	boolean	checkDelegations	whether delegations should be checked or not
Return	boolean		true if the principal is assigned the one of the given roleIds with the passed in qualifications.
Errors	RiceIllegalArgumentException		if roleIds is null or principalId is null or blank.

Back to Operations

Method	getPrincipalIdSubListWithRole
Description	Returns the subset of the given principal ID list which has the given role and qualification. This is designed to be used by lookups of people by their roles.
Parameters	StringList	principalIds	the principal Ids to check.
	String	roleNamespaceCode	the namespaceCode of the role.
	String	roleName	the name of the role.
	Map	qualification	the qualifications for the roleIds.
Return	StringList		list of principalIds that is the subset of list passed in with the given role and qualifications or an empty list.
Errors	RiceIllegalArgumentException		if principalIds is null or the roleNamespaceCode or roleName is null or blank.

Back to Operations

Method	findRoles
Description	This method gets search results for role lookup
Parameters	QueryByCriteria	queryByCriteria	the qualifications for the roleIds.
Return	RoleQueryResults		query results. will never return null.
Errors	RiceIllegalArgumentException		if queryByCriteria is null.

Back to Operations

Method	getFirstLevelRoleMembers
Description	Gets all direct members of the roles that have ids within the given list of role ids. This method does not recurse into any nested roles. The resulting List of role membership will contain membership for all the roles with the specified ids. The list is not guaranteed to be in any particular order and may have membership info for the different roles interleaved with each other.
Parameters	StringList	roleIds	a list of role Ids.
Return	RoleMembershipList		list of RoleMembership that contains membership for the specified roleIds or empty list if none found.
Errors	RiceIllegalArgumentException		if roleIds is null.

Back to Operations

Method	findRoleMemberships
Description	Gets role member information based on the given search criteria.
Parameters	QueryByCriteria	queryByCriteria	the qualifications for the roleIds.
Return	RoleMembershipQueryResults		query results. will never return null.
Errors	RiceIllegalArgumentException		if queryByCriteria is null.

Back to Operations

Method	getMemberParentRoleIds
Description	Gets a list of Roles that the given member belongs to.
Parameters	String	memberType	the role member type.
	String	memberId	the role member id (principalId, roleId, groupId).
Return	StringList		list of RoleMembership that contains membership for the specified roleIds or an empty list if none found.
Errors	RiceIllegalArgumentException		if memberType or memberId is null or blank.

Back to Operations

Method	findRoleMembers
Description	Gets role members based on the given search criteria.
Parameters	QueryByCriteria	queryByCriteria	the qualifications for the roleIds.
Return	RoleMemberQueryResults		query results. will never return null.
Errors	RiceIllegalArgumentException		if queryByCriteria is null.

Back to Operations

Method	getRoleTypeRoleMemberIds
Description	Gets a list of Roles Ids that are a member of the given roleId, including nested membership.
Parameters	String	roleId	the role id.
Return	StringList		list of RoleIds that are members of the given role or and empty list if none found.
Errors	RiceIllegalArgumentException		if roleId is null or blank.

Back to Operations

Method	findDelegateMembers
Description	Gets role members based on the given search criteria.
Parameters	QueryByCriteria	queryByCriteria	the qualifications for the roleIds.
Return	DelegateMemberQueryResults		query results. will never return null.
Errors	RiceIllegalArgumentException		if queryByCriteria is null.

Back to Operations

Method	getDelegationMembersByDelegationId
Description	Gets the delegate members for the given delegation.
Parameters	String	delegateId	the delegate id.
Return	DelegateMemberList		list of delegate members that are members of the given delegation or an empty list if none found.
Errors	RiceIllegalArgumentException		if delegationId is null or blank.

Back to Operations

Method	getDelegationMemberByDelegationAndMemberId
Description	Gets the delegate member for the given delegationId and memberId.
Parameters	String	delegationId	the delegate id.
	String	memberId	the member id matching the DelegateMember
Return	DelegateMember		the delegate member with the given parameters or null if not found.
Errors	RiceIllegalArgumentException		if delegationId or memberId is null or blank.

Back to Operations

Method	getDelegationMemberById
Description	Gets the delegate member with the given delegation member id.
Parameters	String	id	the member id matching the DelegateMember
Return	DelegateMember		the delegate member with the given parameters or null if not found.
Errors	RiceIllegalArgumentException		if delegationId or memberId is null or blank.

Back to Operations

Method	getRoleResponsibilities
Description	Gets a list of role reponsibilities for the given role id.
Parameters	String	roleId	the role Id.
Return	RoleResponsibilityList		a list of RoleResponsibilities for the given role Id, or an empty list if none found.
Errors	RiceIllegalArgumentException		if roleId is null or blank.

Back to Operations

Method	getRoleMemberResponsibilityActions
Description	Gets a list of RoleResponsibilityActions for the given role member id.
Parameters	String	roleMemberId	the role member Id.
Return	RoleResponsibilityActionList		a list of RoleResponsibilityActions for the given role member Id, or an empty list if none found.
Errors	RiceIllegalArgumentException		if roleMemberId is null or blank.

Back to Operations

Method	getDelegateTypeByRoleIdAndDelegateTypeCode
Description	Gets a DelegateType for the given role id and delegation type.
Parameters	String	roleId	the role Id.
	DelegationType	delegateType	type of delegation
Return	DelegateType		the DelegateType for the given role Id and delegationType, or null if none found.
Errors	RiceIllegalArgumentException		if roleId or delegationType is null or blank.

Back to Operations

Method	getDelegateTypeByDelegationId
Description	Gets a DelegateType for the given delegation id.
Parameters	String	delegationId	the id of delegation
Return	DelegateType		the DelegateType for the given delegation Id, or null if none found.
Errors	RiceIllegalArgumentException		if delegationId is null or blank.

Back to Operations

Method	assignPrincipalToRole
Description	Assigns the principal with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
Parameters	String	principalId	the principalId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	RoleMember		newly created/assigned RoleMember.
Errors	RiceIllegalArgumentException		if princialId, namespaceCode or roleName is null or blank.

Back to Operations

Method	assignGroupToRole
Description	Assigns the group with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
Parameters	String	groupId	the groupId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	RoleMember		newly created/assigned RoleMember.
Errors	RiceIllegalArgumentException		if groupId, namespaceCode or roleName is null or blank.

Back to Operations

Method	assignRoleToRole
Description	Assigns the role with the given id to the role with the specified namespace code and name with the supplied set of qualifications.
Parameters	String	roleId	the roleId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	RoleMember		newly created/assigned RoleMember.
Errors	RiceIllegalArgumentException		if princiapId, namespaceCode or roleName is null or blank.

Back to Operations

Method	createRoleMember
Description	Creates a new RoleMember. Needs to be passed a valid RoleMember object that does not currently exist.
Parameters	RoleMember	roleMember	the new RoleMember to save.
Return	RoleMember		RoleMember as created.
Errors	RiceIllegalArgumentException		if roleMember is null.
	RiceIllegalStateException		if roleMember already exists.

Back to Operations

Method	updateRoleMember
Description	Updates the given roleMember to the values in the passed in roleMember
Parameters	RoleMember	roleMember	the new RoleMember to save.
Return	RoleMember		RoleMember as updated.
Errors	RiceIllegalArgumentException		if roleMember is null.
	RiceIllegalStateException		if roleMember does not yet exist.

Back to Operations

Method	updateDelegateMember
Description	Updates the given delegateMember to the values in the passed in delegateMember
Parameters	DelegateMember	delegateMember	the new DelegateMember to save.
Return	DelegateMember		DelegateMember as updated.
Errors	RiceIllegalArgumentException		if delegateMember is null.
	RiceIllegalStateException		if delegateMember does not yet exist.

Back to Operations

Method	createDelegateMember
Description	Creates a new DelegateMember. Needs to be passed a valid DelegateMember object that does not currently exist.
Parameters	DelegateMember	delegateMember	the new DelegateMember to save.
Return	DelegateMember		DelegateMember as created.
Errors	RiceIllegalArgumentException		if delegateMember is null.
	RiceIllegalStateException		if delegateMember already exists.

Back to Operations

Method	removeDelegateMembers
Description	Removes existing DelegateMembers. Needs to be passed DelegateMember objects.
Parameters	DelegateMemberList	delegateMembers	???
Return	void		???
Errors	RiceIllegalArgumentException		if delegateMember is null.
	RiceIllegalStateException		???

Back to Operations

Method	createRoleResponsibilityAction
Description	Creates a new RoleResponsibilityAction. Needs to be passed a valid RoleResponsibilityAction object that does not currently exist.
Parameters	RoleResponsibilityAction	roleResponsibilityAction	the new RoleResponsibilityAction to save.
Return	RoleResponsibilityAction		RoleResponsibilityAction as created.
Errors	RiceIllegalArgumentException		if roleResponsibilityAction is null.

Back to Operations

Method	createDelegateType
Description	Creates a new DelegateType. Needs to be passed a valid DelegateType object that does not currently exist.
Parameters	DelegateType	delegateType	the new DelegateType to save.
Return	DelegateType		DelegateType as created.
Errors	RiceIllegalArgumentException		if delegateType is null.
	RiceIllegalStateException		if delegateType already exists.

Back to Operations

Method	updateDelegateType
Description	Updates the given DelegateType to the values in the passed in delegateType
Parameters	DelegateType	delegateType	the new DelegateType to save.
Return	DelegateType		DelegateType as updated.
Errors	RiceIllegalArgumentException		if delegateType is null.
	RiceIllegalStateException		if delegateType does not yet exist.

Back to Operations

Method	removePrincipalFromRole
Description	Remove the principal with the given id and qualifications from the role with the specified namespace code and role name.
Parameters	String	principalId	the principalId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	void		void.
Errors	RiceIllegalArgumentException		if principalId, namespaceCode or roleName is null or blank.

Back to Operations

Method	removeGroupFromRole
Description	Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
Parameters	String	groupId	the groupId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	void		void.
Errors	RiceIllegalArgumentException		if groupId, namespaceCode or roleName is null or blank.

Back to Operations

Method	removeRoleFromRole
Description	Remove the group with the given id and qualifications from the role with the specified namespace code and role name.
Parameters	String	roleId	the roleId
	String	namespaceCode	the namespaceCode of the Role
	String	roleName	the name of the role
	Map	qualifications	the qualifications for the principalId to be assigned to the role
Return	void		void.
Errors	RiceIllegalArgumentException		if roleId, namespaceCode or roleName is null or blank.

Back to Operations

Method	assignPermissionToRole
Description	Assigns the given permission to the given role
Parameters	String	permissionId	the permissionId
	String	roleId	the roleId
Return	void		void.
Errors	RiceIllegalArgumentException		if permissionId or roleId is null or blank.

Back to Operations

Method	revokePermissionFromRole
Description	Removes the given permission to the given role
Parameters	String	permissionId	the permissionId
	String	roleId	the roleId
Return	void		void.
Errors	RiceIllegalArgumentException		if permissionId or roleId is null or blank.

Back to Operations

Method	isDerivedRole
Description	Determines if a role with a provided id is a derived role
Parameters	String	roleId	the roleId
Return	boolean		true if role is a derived role
Errors	RiceIllegalArgumentException		if roleId is null or blank.

Back to Operations

Method	isDynamicRoleMembership
Description	Determines if a role with a provided id is a uses dynamic role memberships
Parameters	String	roleId	the roleId
Return	boolean		true if role uses dynamic memberships
Errors	RiceIllegalArgumentException		if roleId is null or blank.

Back to Operations