Source code

001/*
002 * The Kuali Financial System, a comprehensive financial management system for higher education.
003 * 
004 * Copyright 2005-2014 The Kuali Foundation
005 * 
006 * This program is free software: you can redistribute it and/or modify
007 * it under the terms of the GNU Affero General Public License as
008 * published by the Free Software Foundation, either version 3 of the
009 * License, or (at your option) any later version.
010 * 
011 * This program is distributed in the hope that it will be useful,
012 * but WITHOUT ANY WARRANTY; without even the implied warranty of
013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
014 * GNU Affero General Public License for more details.
015 * 
016 * You should have received a copy of the GNU Affero General Public License
017 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
018 */
019package org.kuali.rice.kim.impl.jaxb;
020
021import java.io.Serializable;
022
023import javax.xml.bind.annotation.XmlAccessType;
024import javax.xml.bind.annotation.XmlAccessorType;
025import javax.xml.bind.annotation.XmlElement;
026import javax.xml.bind.annotation.XmlType;
027
028/**
029 * This class represents a &lt;roleData&gt; element.
030 * 
031 * <p>The expected XML structure is as follows:
032 * 
033 * <br>
034 * <br>&lt;roleData&gt;
035 * <br>&nbsp;&nbsp;&lt;roles&gt;
036 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;role&gt;
037 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
038 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;kimTypeName namespaceCode=""&gt;&lt;/kimTypeName&gt;
039 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;description&gt;&lt;/description&gt;
040 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;active&gt;&lt;/active&gt;
041 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMembers&gt;
042 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
043 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
044 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
045 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
046 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
047 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
048 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
049 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
050 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
051 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
052 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
053 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
054 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
055 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMembers&gt;
056 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermissions&gt;
057 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
058 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
059 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
060 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
061 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermissions&gt;
062 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/role&gt;
063 * <br>&nbsp;&nbsp;&lt;/roles&gt;
064 * <br>&nbsp;&nbsp;&lt;roleMembers&gt;
065 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleMember&gt;
066 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
067 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
068 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalId&gt;&lt;/principalId&gt;
069 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;principalName&gt;&lt;/principalName&gt;
070 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupId&gt;&lt;/groupId&gt;
071 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;groupName namespaceCode=""&gt;&lt;/groupName&gt;
072 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleIdAsMember&gt;&lt;/roleIdAsMember&gt;
073 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleNameAsMember namespaceCode=""&gt;&lt;/roleNameAsMember&gt;
074 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeFromDate&gt;&lt;/activeFromDate&gt;
075 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;activeToDate&gt;&lt;/activeToDate&gt;
076 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualifications&gt;
077 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;qualification key=""&gt;&lt;/qualification&gt;
078 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/qualifications&gt;
079 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/roleMember&gt;
080 * <br>&nbsp;&nbsp;&lt;/roleMembers&gt;
081 * <br>&nbsp;&nbsp;&lt;rolePermissions&gt;
082 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;rolePermission&gt;
083 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleId&gt;&lt;/roleId&gt;
084 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;roleName namespaceCode=""&gt;&lt;/roleName&gt;
085 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionId&gt;&lt;/permissionId&gt;
086 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;permissionName namespaceCode=""&gt;&lt;/permissionName&gt;
087 * <br>&nbsp;&nbsp;&nbsp;&nbsp;&lt;/rolePermission&gt;
088 * <br>&nbsp;&nbsp;&lt;/rolePermissions&gt;
089 * <br>&lt;/roleData&gt;
090 * 
091 * <p>Note the following:
092 * <ul>
093 *   <li>The &lt;roles&gt; element is optional, and can contain zero or more &lt;role&gt; elements.
094 *   <li>The &lt;roleName&gt; element on the &lt;role&gt; element and its "namespaceCode" attribute
095 *   are required, and must be non-blank. The namespace code must map to a valid namespace.
096 *   If the name and namespace combo matches an existing role, then the role in the XML will
097 *   overwrite the existing role.
098 *   <li>The &lt;kimTypeName&gt; and its "namespaceCode" attribute are both required, and the
099 *   name and namespace combo must match an existing KIM type.
100 *   <li>The &lt;description&gt; element is required, and must be non-blank.
101 *   <li>The &lt;active&gt; element is optional, and will be set to true if not specified.
102 *   <li>Both &lt;roleMembers&gt; elements are optional, and can contain zero or more
103 *   &lt;roleMember&gt; elements. If the &lt;roleMembers&gt; element within the &lt;role&gt;
104 *   element is specified, then any role members that are not within that element will be removed
105 *   from the role if the XML is overwriting an existing one. (The &lt;roleMembers&gt; element
106 *   outside of the &lt;role&gt; element can still add or re-add members that are not located
107 *   within the other &lt;roleMembers&gt; element.)
108 *   <li>For both &lt;roleMember&gt; elements:
109 *     <ul>
110 *       <li>Exactly one of these sets of member identification must be specified:
111 *         <ol>
112 *           <li>A &lt;principalId&gt; and/or &lt;principalName&gt; element, where the former
113 *           must contain a valid principal ID and the latter must contain a valid principal name.
114 *           <li>A &lt;groupId&gt; and/or &lt;groupName&gt; element, where the former must contain
115 *           a valid group ID and the latter must contain a valid group name and namespace.
116 *           <li>A &lt;roleIdAsMember&gt; and/or &lt;roleNameAsMember&gt; element, where the former
117 *           must contain a valid role ID and the latter must contain a valid role name and namespace.
118 *         </ol>
119 *       <li>The &lt;activeFromDate&gt; element is optional, and its content must be a date String
120 *       that can be parsed by the DateTimeService.
121 *       <li>The &lt;activeToDate&gt; element is optional, and its content must be a date String
122 *       that can be parsed by the DateTimeService.
123 *       <li>The &lt;qualifications&gt; element is optional, and can contain zero or more
124 *       &lt;qualification&gt; elements.
125 *       <li>The &lt;qualification&gt; element's "key" attribute is required, and must be non-blank.
126 *       Duplicate keys within a &lt;qualifications&gt; element are not permitted.
127 *     </ul>
128 *   <li>For both &lt;rolePermission&gt; elements:
129 *     <ul>
130 *       <li>A &lt;permissionId&gt; and/or &lt;permissionName&gt; element must be specified, where the
131 *       former must contain a valid permission ID and the latter must contain a valid permission
132 *       name and namespace.
133 *     </ul>
134 *   <li>For the &lt;roleMember&gt; and &lt;rolePermission&gt; elements not inside a &lt;role&gt; element:
135 *     <ul>
136 *       <li>A &lt;roleId&gt; and/or &lt;roleName&gt; element must be specified, where the former must
137 *       contain a valid role ID and the latter must contain a valid role name and namespace.
138 *     </ul>
139 *   <li>The ingestion process is currently order-dependent, which should be kept in mind when adding
140 *   roles as members of another role or assigning permissions to roles. (The permission XML always
141 *   gets ingested prior to the role XML.)
142 *   <li>The assignments of permissions to roles can only be added, not removed or deactivated.
143 *   (TODO: Improve the role/permission-updating API to allow for updates and removals.)
144 *   <li>The same roles, role members, and role permissions can be ingested within the same file,
145 *   where subsequent ones will overwrite previous ones. (TODO: Is this acceptable?)
146 *   <li>The IDs of principals, groups, roles, and permissions are not included when exporting the XML.
147 *   <li>Delegations and responsibility actions are currently not supported by the ingestion process.
148 * </ul>
149 * 
150 * TODO: Verify that the above behavior is correct.
151 * 
152 * @author Kuali Rice Team (rice.collab@kuali.org)
153 */
154@XmlAccessorType(XmlAccessType.FIELD)
155@XmlType(name="RoleDataType", propOrder={"roles", "roleMembers", "rolePermissions"})
156public class RoleDataXmlDTO implements Serializable {
157
158    private static final long serialVersionUID = 1L;
159
160    @XmlElement(name="roles")
161    private RolesXmlDTO roles;
162    
163    @XmlElement(name="roleMembers")
164    private RoleMembersXmlDTO.OutsideOfRole roleMembers;
165
166    @XmlElement(name="rolePermissions")
167    private RolePermissionsXmlDTO.OutsideOfRole rolePermissions;
168    
169    public RoleDataXmlDTO() {}
170    
171    public RoleDataXmlDTO(RolesXmlDTO roles) {
172        this.roles = roles;
173    }
174
175    /**
176     * @return the roles
177     */
178    public RolesXmlDTO getRoles() {
179        return this.roles;
180    }
181
182    /**
183     * @param roles the roles to set
184     */
185    public void setRoles(RolesXmlDTO roles) {
186        this.roles = roles;
187    }
188
189    /**
190     * @return the roleMembers
191     */
192    public RoleMembersXmlDTO.OutsideOfRole getRoleMembers() {
193        return this.roleMembers;
194    }
195
196    /**
197     * @param roleMembers the roleMembers to set
198     */
199    public void setRoleMembers(RoleMembersXmlDTO.OutsideOfRole roleMembers) {
200        this.roleMembers = roleMembers;
201    }
202
203    /**
204     * @return the rolePermissions
205     */
206    public RolePermissionsXmlDTO.OutsideOfRole getRolePermissions() {
207        return this.rolePermissions;
208    }
209
210    /**
211     * @param rolePermissions the rolePermissions to set
212     */
213    public void setRolePermissions(RolePermissionsXmlDTO.OutsideOfRole rolePermissions) {
214        this.rolePermissions = rolePermissions;
215    }
216        
217}