Clover Coverage Report - Implementation 2.0.0-SNAPSHOT
Coverage timestamp: Wed Dec 31 1969 19:00:00 EST
Overview   Package   File
    FRAMES   NO FRAMES     
../../../../../../img/srcFileCovDistChart0.png 0% of files have more coverage
617   1,432   214   11.22
232   1,030   0.35   55
55     3.89  
1    
 
  RoleServiceImpl       Line # 70 617 0% 214 904 0% 0.0
 
No Tests
 
1    /*
2    * Copyright 2007 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10    * Unless required by applicable law or agreed to in writing, software
11    * distributed under the License is distributed on an "AS IS" BASIS,
12    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13    * See the License for the specific language governing permissions and
14    * limitations under the License.
15    */
16    package org.kuali.rice.kim.service.impl;
17   
18    import java.sql.Date;
19    import java.sql.Timestamp;
20    import java.util.ArrayList;
21    import java.util.Collection;
22    import java.util.Collections;
23    import java.util.HashMap;
24    import java.util.HashSet;
25    import java.util.List;
26    import java.util.ListIterator;
27    import java.util.Map;
28    import java.util.Set;
29   
30    import javax.jws.WebParam;
31    import javax.jws.WebService;
32   
33    import org.apache.commons.collections.CollectionUtils;
34    import org.apache.commons.lang.StringUtils;
35    import org.apache.log4j.Logger;
36    import org.kuali.rice.core.xml.dto.AttributeSet;
37    import org.kuali.rice.kim.bo.Role;
38    import org.kuali.rice.kim.bo.group.dto.GroupMembershipInfo;
39    import org.kuali.rice.kim.bo.group.impl.GroupMemberImpl;
40    import org.kuali.rice.kim.bo.impl.RoleImpl;
41    import org.kuali.rice.kim.bo.role.dto.DelegateInfo;
42    import org.kuali.rice.kim.bo.role.dto.DelegateMemberCompleteInfo;
43    import org.kuali.rice.kim.bo.role.dto.DelegateTypeInfo;
44    import org.kuali.rice.kim.bo.role.dto.KimRoleInfo;
45    import org.kuali.rice.kim.bo.role.dto.RoleMembershipInfo;
46    import org.kuali.rice.kim.bo.role.dto.RoleResponsibilityInfo;
47    import org.kuali.rice.kim.bo.role.impl.KimDelegationImpl;
48    import org.kuali.rice.kim.bo.role.impl.KimDelegationMemberImpl;
49    import org.kuali.rice.kim.bo.role.impl.RoleMemberImpl;
50    import org.kuali.rice.kim.bo.role.impl.RoleResponsibilityImpl;
51    import org.kuali.rice.kim.bo.types.dto.KimTypeInfo;
52    import org.kuali.rice.kim.service.KIMServiceLocatorInternal;
53    import org.kuali.rice.kim.service.KIMServiceLocatorWeb;
54    import org.kuali.rice.kim.service.RoleService;
55    import org.kuali.rice.kim.service.support.KimDelegationTypeService;
56    import org.kuali.rice.kim.service.support.KimRoleTypeService;
57    import org.kuali.rice.kim.service.support.KimTypeService;
58    import org.kuali.rice.kim.util.KIMPropertyConstants;
59    import org.kuali.rice.kim.util.KIMWebServiceConstants;
60    import org.kuali.rice.kim.util.KimCommonUtilsInternal;
61    import org.kuali.rice.kim.util.KimConstants;
62   
63    /**
64    * This is a description of what this class does - jonathan don't forget to fill this in.
65    *
66    * @author Kuali Rice Team (rice.collab@kuali.org)
67    *
68    */
69    @WebService(endpointInterface = KIMWebServiceConstants.RoleService.INTERFACE_CLASS, serviceName = KIMWebServiceConstants.RoleService.WEB_SERVICE_NAME, portName = KIMWebServiceConstants.RoleService.WEB_SERVICE_PORT, targetNamespace = KIMWebServiceConstants.MODULE_TARGET_NAMESPACE)
 
70    public class RoleServiceImpl extends RoleServiceBase implements RoleService {
71    private static final Logger LOG = Logger.getLogger( RoleServiceImpl.class );
72   
73   
74   
75    // --------------------
76    // Role Data
77    // --------------------
78   
79   
80   
81   
82   
83    /**
84    * @see org.kuali.rice.kim.service.RoleService#getRole(java.lang.String)
85    */
 
86  0 toggle public KimRoleInfo getRole(String roleId) {
87  0 RoleImpl role = getRoleImpl( roleId );
88  0 if ( role == null ) {
89  0 return null;
90    }
91  0 return role.toSimpleInfo();
92    }
93   
94    /**
95    * @see org.kuali.rice.kim.service.RoleService#getRoleIdByName(java.lang.String, java.lang.String)
96    */
 
97  0 toggle public String getRoleIdByName(String namespaceCode, String roleName) {
98  0 RoleImpl role = getRoleImplByName( namespaceCode, roleName );
99  0 if ( role == null ) {
100  0 return null;
101    }
102  0 return role.getRoleId();
103    }
104   
105    /**
106    * @see org.kuali.rice.kim.service.RoleService#getRoleByName(java.lang.String, java.lang.String)
107    */
 
108  0 toggle public KimRoleInfo getRoleByName( String namespaceCode, String roleName ) {
109  0 RoleImpl role = getRoleImplByName( namespaceCode, roleName );
110  0 if ( role != null ) {
111  0 return role.toSimpleInfo();
112    }
113  0 return null;
114    }
115   
116   
117   
 
118  0 toggle protected Map<String,RoleImpl> getRoleImplMap(Collection<String> roleIds) {
119  0 Map<String,RoleImpl> result = null;
120    // check for a non-null result in the cache, return it if found
121  0 if ( roleIds.size() == 1 ) {
122  0 String roleId = roleIds.iterator().next();
123  0 RoleImpl impl = getRoleImpl(roleId);
124  0 if ( impl.isActive() ) {
125  0 result = Collections.singletonMap(roleId, getRoleImpl(roleId));
126    } else {
127  0 result = Collections.emptyMap();
128    }
129    } else {
130  0 result = new HashMap<String,RoleImpl>(roleIds.size());
131  0 for ( String roleId : roleIds ) {
132  0 RoleImpl impl = getRoleImpl(roleId);
133  0 if ( impl.isActive() ) {
134  0 result.put(roleId, impl);
135    }
136    }
137    }
138  0 return result;
139    }
140   
 
141  0 toggle public List<KimRoleInfo> getRoles(List<String> roleIds) {
142  0 Collection<RoleImpl> roles = getRoleImplMap(roleIds).values();
143  0 List<KimRoleInfo> roleInfos = new ArrayList<KimRoleInfo>( roles.size() );
144  0 for ( RoleImpl r : roles ) {
145  0 roleInfos.add( r.toSimpleInfo() );
146    }
147  0 return roleInfos;
148    }
149   
150   
 
151  0 toggle @SuppressWarnings("unchecked")
152    public List<KimRoleInfo> lookupRoles(Map<String, String> searchCriteria) {
153  0 Collection<RoleImpl> results = getBusinessObjectService().findMatching(RoleImpl.class, searchCriteria);
154  0 ArrayList<KimRoleInfo> infoResults = new ArrayList<KimRoleInfo>( results.size() );
155  0 for ( RoleImpl role : results ) {
156  0 infoResults.add( role.toSimpleInfo() );
157    }
158  0 return infoResults;
159    }
160   
 
161  0 toggle public boolean isRoleActive( String roleId ) {
162  0 RoleImpl role = getRoleImpl( roleId );
163  0 return role != null && role.isActive();
164    }
165   
 
166  0 toggle public List<AttributeSet> getRoleQualifiersForPrincipalIncludingNested( String principalId, String namespaceCode, String roleName, AttributeSet qualification ) {
167  0 String roleId = getRoleIdByName(namespaceCode, roleName);
168  0 if ( roleId == null ) {
169  0 return new ArrayList<AttributeSet>(0);
170    }
171  0 return getRoleQualifiersForPrincipalIncludingNested(principalId, Collections.singletonList(roleId), qualification);
172    }
173   
174   
 
175  0 toggle private AttributeSet populateQualifiersForExactMatch(AttributeSet defaultQualification, List<String> attributes) {
176  0 AttributeSet qualifiersForExactMatch = new AttributeSet();
177  0 if(defaultQualification != null && CollectionUtils.isNotEmpty(defaultQualification.keySet())) {
178  0 for(String attributeName : attributes) {
179  0 if(StringUtils.isNotEmpty(defaultQualification.get(attributeName))) {
180  0 qualifiersForExactMatch.put(attributeName, defaultQualification.get(attributeName));
181    }
182    }
183    }
184  0 return qualifiersForExactMatch;
185    }
186   
 
187  0 toggle private List<RoleMemberImpl> getStoredRoleMembersUsingExactMatchOnQualification(String principalId, List<String> groupIds, List<String> roleIds, AttributeSet qualification) {
188  0 List<String> copyRoleIds = new ArrayList<String>(roleIds);
189  0 List<RoleMemberImpl> rms = new ArrayList<RoleMemberImpl>();
190   
191  0 for(String roleId : roleIds) {
192  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
193  0 if(roleTypeService != null) {
194  0 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
195  0 if(CollectionUtils.isNotEmpty(attributesForExactMatch)) {
196  0 copyRoleIds.remove(roleId);
197  0 rms.addAll(getStoredRoleMembersForRoleIdsWithFilters(Collections.singletonList(roleId), principalId, groupIds, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
198    }
199    }
200    }
201  0 if(CollectionUtils.isNotEmpty(copyRoleIds)) {
202  0 rms.addAll(getStoredRoleMembersForRoleIdsWithFilters(copyRoleIds, principalId, groupIds, null));
203    }
204  0 return rms;
205    }
206   
 
207  0 toggle public List<AttributeSet> getRoleQualifiersForPrincipalIncludingNested( String principalId, List<String> roleIds, AttributeSet qualification ) {
208  0 List<AttributeSet> results = new ArrayList<AttributeSet>();
209   
210  0 Map<String,RoleImpl> roles = getRoleImplMap(roleIds);
211   
212    // get the person's groups
213  0 List<String> groupIds = getIdentityManagementService().getGroupIdsForPrincipal(principalId);
214  0 List<RoleMemberImpl> rms = getStoredRoleMembersUsingExactMatchOnQualification(principalId, groupIds, roleIds, qualification);
215   
216  0 Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap = new HashMap<String,List<RoleMembershipInfo>>();
217  0 for ( RoleMemberImpl rm : rms ) {
218  0 KimRoleTypeService roleTypeService = getRoleTypeService( rm.getRoleId() );
219    // gather up the qualifier sets and the service they go with
220  0 if ( rm.getMemberTypeCode().equals( Role.PRINCIPAL_MEMBER_TYPE )
221    || rm.getMemberTypeCode().equals( Role.GROUP_MEMBER_TYPE ) ) {
222  0 if ( roleTypeService != null ) {
223  0 List<RoleMembershipInfo> las = roleIdToMembershipMap.get( rm.getRoleId() );
224  0 if ( las == null ) {
225  0 las = new ArrayList<RoleMembershipInfo>();
226  0 roleIdToMembershipMap.put( rm.getRoleId(), las );
227    }
228  0 RoleMembershipInfo mi = new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier() );
229  0 las.add( mi );
230    } else {
231  0 results.add(rm.getQualifier());
232    }
233  0 } else if ( rm.getMemberTypeCode().equals( Role.ROLE_MEMBER_TYPE ) ) {
234    // find out if the user has the role
235    // need to convert qualification using this role's service
236  0 AttributeSet nestedQualification = qualification;
237  0 if ( roleTypeService != null ) {
238  0 RoleImpl role = roles.get(rm.getRoleId());
239    // pulling from here as the nested role is not necessarily (and likely is not)
240    // in the roles Map created earlier
241  0 RoleImpl nestedRole = getRoleImpl(rm.getMemberId());
242    //it is possible that the the roleTypeService is coming from a remote application
243    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
244  0 try {
245  0 nestedQualification = roleTypeService.convertQualificationForMemberRoles(role.getNamespaceCode(), role.getRoleName(), nestedRole.getNamespaceCode(), nestedRole.getRoleName(), qualification);
246    } catch (Exception ex) {
247  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + role.getRoleId(), ex);
248    }
249    }
250  0 List<String> nestedRoleId = new ArrayList<String>(1);
251  0 nestedRoleId.add( rm.getMemberId() );
252    // if the user has the given role, add the qualifier the *nested role* has with the
253    // originally queries role
254  0 if ( principalHasRole( principalId, nestedRoleId, nestedQualification, false ) ) {
255  0 results.add( rm.getQualifier() );
256    }
257    }
258    }
259  0 for ( String roleId : roleIdToMembershipMap.keySet() ) {
260  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
261    //it is possible that the the roleTypeService is coming from a remote application
262    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
263  0 try {
264  0 List<RoleMembershipInfo> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification( qualification, roleIdToMembershipMap.get( roleId ) );
265  0 for ( RoleMembershipInfo rmi : matchingMembers ) {
266  0 results.add( rmi.getQualifier() );
267    }
268    } catch (Exception ex) {
269  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
270    }
271    }
272  0 return results;
273    }
274   
 
275  0 toggle public List<AttributeSet> getRoleQualifiersForPrincipal( String principalId, List<String> roleIds, AttributeSet qualification ) {
276  0 List<AttributeSet> results = new ArrayList<AttributeSet>();
277   
278    // TODO: ? get groups for principal and get those as well?
279    // this implementation may be incomplete, as groups and sub-roles are not considered
280  0 List<RoleMemberImpl> rms = getStoredRoleMembersUsingExactMatchOnQualification(principalId, null, roleIds, qualification);
281   
282  0 Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap = new HashMap<String,List<RoleMembershipInfo>>();
283  0 for ( RoleMemberImpl rm : rms ) {
284    // gather up the qualifier sets and the service they go with
285  0 if ( rm.getMemberTypeCode().equals( Role.PRINCIPAL_MEMBER_TYPE )) {
286  0 KimRoleTypeService roleTypeService = getRoleTypeService( rm.getRoleId() );
287  0 if ( roleTypeService != null ) {
288  0 List<RoleMembershipInfo> las = roleIdToMembershipMap.get( rm.getRoleId() );
289  0 if ( las == null ) {
290  0 las = new ArrayList<RoleMembershipInfo>();
291  0 roleIdToMembershipMap.put( rm.getRoleId(), las );
292    }
293  0 RoleMembershipInfo mi = new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier() );
294  0 las.add( mi );
295    } else {
296  0 results.add(rm.getQualifier());
297    }
298    }
299    }
300  0 for ( String roleId : roleIdToMembershipMap.keySet() ) {
301  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
302    //it is possible that the the roleTypeService is coming from a remote application
303    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
304  0 try {
305  0 List<RoleMembershipInfo> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification( qualification, roleIdToMembershipMap.get( roleId ) );
306  0 for ( RoleMembershipInfo rmi : matchingMembers ) {
307  0 results.add( rmi.getQualifier() );
308    }
309    } catch (Exception ex) {
310  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
311    }
312    }
313  0 return results;
314    }
315   
 
316  0 toggle public List<AttributeSet> getRoleQualifiersForPrincipal( String principalId, String namespaceCode, String roleName, AttributeSet qualification ) {
317  0 return getRoleQualifiersForPrincipal(
318    principalId,
319    Collections.singletonList(getRoleIdByName(namespaceCode, roleName)),
320    qualification);
321    }
322   
323   
324    // --------------------
325    // Role Membership Methods
326    // --------------------
327   
328    /**
329    * @see org.kuali.rice.kim.service.RoleService#getRoleMembers(java.util.List, org.kuali.rice.core.xml.dto.AttributeSet)
330    */
 
331  0 toggle public List<RoleMembershipInfo> getRoleMembers(List<String> roleIds, AttributeSet qualification) {
332  0 Set<String> foundRoleTypeMembers = new HashSet<String>();
333  0 return getRoleMembers(roleIds, qualification, true, foundRoleTypeMembers);
334    }
335   
336   
337   
 
338  0 toggle public Collection<String> getRoleMemberPrincipalIds(String namespaceCode, String roleName, AttributeSet qualification) {
339  0 Set<String> principalIds = new HashSet<String>();
340  0 Set<String> foundRoleTypeMembers = new HashSet<String>();
341  0 List<String> roleIds = Collections.singletonList(getRoleIdByName(namespaceCode, roleName));
342  0 for (RoleMembershipInfo roleMembershipInfo : getRoleMembers(roleIds, qualification, false, foundRoleTypeMembers)) {
343  0 if (Role.GROUP_MEMBER_TYPE.equals(roleMembershipInfo.getMemberTypeCode())) {
344  0 principalIds.addAll(getIdentityManagementService().getGroupMemberPrincipalIds(roleMembershipInfo.getMemberId()));
345    }
346    else {
347  0 principalIds.add(roleMembershipInfo.getMemberId());
348    }
349    }
350  0 return principalIds;
351    }
352   
 
353  0 toggle protected Collection<RoleMembershipInfo> getNestedRoleMembers( AttributeSet qualification, RoleMembershipInfo rm, Set<String> foundRoleTypeMembers ) {
354    // If this role has already been traversed, skip it
355  0 if (foundRoleTypeMembers.contains(rm.getMemberId())){
356  0 return new ArrayList<RoleMembershipInfo>(); // return an empty list
357    }
358  0 foundRoleTypeMembers.add(rm.getMemberId());
359   
360  0 ArrayList<String> roleIdList = new ArrayList<String>( 1 );
361  0 roleIdList.add( rm.getMemberId() );
362   
363    // get the list of members from the nested role - ignore delegations on those sub-roles
364  0 Collection<RoleMembershipInfo> nestedRoleMembers = getRoleMembers( roleIdList, qualification, false, foundRoleTypeMembers );
365    // add the roles whose members matched to the list for delegation checks later
366  0 for ( RoleMembershipInfo rmi : nestedRoleMembers ) {
367    // use the member ID of the parent role (needed for responsibility joining)
368  0 rmi.setRoleMemberId( rm.getRoleMemberId() );
369    // store the role ID, so we know where this member actually came from
370  0 rmi.setRoleId( rm.getRoleId() );
371  0 rmi.setEmbeddedRoleId( rm.getMemberId() );
372    }
373  0 return nestedRoleMembers;
374    }
375   
376    /**
377    * @see org.kuali.rice.kim.service.RoleService#getRoleMembers(java.util.List, org.kuali.rice.core.xml.dto.AttributeSet)
378    */
 
379  0 toggle protected List<RoleMembershipInfo> getRoleMembers(List<String> roleIds, AttributeSet qualification, boolean followDelegations, Set<String> foundRoleTypeMembers ) {
380  0 List<RoleMembershipInfo> results = new ArrayList<RoleMembershipInfo>();
381  0 Set<String> allRoleIds = new HashSet<String>();
382  0 for ( String roleId : roleIds ) {
383  0 if ( isRoleActive(roleId) ) {
384  0 allRoleIds.add(roleId);
385    }
386    }
387    // short-circuit if no roles match
388  0 if ( allRoleIds.isEmpty() ) {
389  0 return results;
390    }
391  0 Set<String> matchingRoleIds = new HashSet<String>( allRoleIds.size() );
392    // for efficiency, retrieve all roles and store in a map
393  0 Map<String,RoleImpl> roles = getRoleImplMap(allRoleIds);
394   
395  0 List<String> copyRoleIds = new ArrayList<String>(allRoleIds);
396  0 List<RoleMemberImpl> rms = new ArrayList<RoleMemberImpl>();
397   
398  0 for(String roleId : allRoleIds) {
399  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
400  0 if(roleTypeService != null) {
401  0 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
402  0 if(CollectionUtils.isNotEmpty(attributesForExactMatch)) {
403  0 copyRoleIds.remove(roleId);
404  0 rms.addAll(getStoredRoleMembersForRoleIds(Collections.singletonList(roleId), null, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
405    }
406    }
407    }
408  0 if(CollectionUtils.isNotEmpty(copyRoleIds)) {
409  0 rms.addAll(getStoredRoleMembersForRoleIds(copyRoleIds, null, null));
410    }
411   
412    // build a map of role ID to membership information
413    // this will be used for later qualification checks
414  0 Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap = new HashMap<String,List<RoleMembershipInfo>>();
415  0 for ( RoleMemberImpl rm : rms ) {
416  0 RoleMembershipInfo mi = new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier() );
417    // if the qualification check does not need to be made, just add the result
418  0 if ( (qualification == null || qualification.isEmpty()) || getRoleTypeService( rm.getRoleId() ) == null ) {
419  0 if ( rm.getMemberTypeCode().equals( Role.ROLE_MEMBER_TYPE ) ) {
420    // if a role member type, do a non-recursive role member check
421    // to obtain the group and principal members of that role
422    // given the qualification
423  0 AttributeSet nestedRoleQualification = qualification;
424  0 if ( getRoleTypeService( rm.getRoleId() ) != null ) {
425    // get the member role object
426  0 RoleImpl memberRole = getRoleImpl( mi.getMemberId() );
427  0 nestedRoleQualification = getRoleTypeService( rm.getRoleId() )
428    .convertQualificationForMemberRoles(
429    roles.get(rm.getRoleId()).getNamespaceCode(),
430    roles.get(rm.getRoleId()).getRoleName(),
431    memberRole.getNamespaceCode(),
432    memberRole.getRoleName(),
433    qualification );
434    }
435  0 if ( isRoleActive( rm.getRoleId() ) ) {
436  0 Collection<RoleMembershipInfo> nestedRoleMembers = getNestedRoleMembers( nestedRoleQualification, mi, foundRoleTypeMembers );
437  0 if ( !nestedRoleMembers.isEmpty() ) {
438  0 results.addAll( nestedRoleMembers );
439  0 matchingRoleIds.add( rm.getRoleId() );
440    }
441    }
442    } else { // not a role member type
443  0 results.add( mi );
444  0 matchingRoleIds.add( rm.getRoleId() );
445    }
446  0 matchingRoleIds.add( rm.getRoleId() );
447    } else {
448  0 List<RoleMembershipInfo> lrmi = roleIdToMembershipMap.get( mi.getRoleId() );
449  0 if ( lrmi == null ) {
450  0 lrmi = new ArrayList<RoleMembershipInfo>();
451  0 roleIdToMembershipMap.put( mi.getRoleId(), lrmi );
452    }
453  0 lrmi.add( mi );
454    }
455    }
456    // if there is anything in the role to membership map, we need to check the role type services
457    // for those entries
458  0 if ( !roleIdToMembershipMap.isEmpty() ) {
459    // for each role, send in all the qualifiers for that role to the type service
460    // for evaluation, the service will return those which match
461  0 for ( String roleId : roleIdToMembershipMap.keySet() ) {
462    //it is possible that the the roleTypeService is coming from a remote application
463    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
464  0 try {
465  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
466  0 List<RoleMembershipInfo> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification( qualification, roleIdToMembershipMap.get( roleId ) );
467    // loop over the matching entries, adding them to the results
468  0 for ( RoleMembershipInfo mi : matchingMembers ) {
469  0 if ( mi.getMemberTypeCode().equals( Role.ROLE_MEMBER_TYPE ) ) {
470    // if a role member type, do a non-recursive role member check
471    // to obtain the group and principal members of that role
472    // given the qualification
473    // get the member role object
474  0 RoleImpl memberRole = getRoleImpl( mi.getMemberId() );
475  0 if ( memberRole.isActive() ) {
476  0 AttributeSet nestedRoleQualification = roleTypeService.convertQualificationForMemberRoles(
477    roles.get(mi.getRoleId()).getNamespaceCode(),
478    roles.get(mi.getRoleId()).getRoleName(),
479    memberRole.getNamespaceCode(),
480    memberRole.getRoleName(),
481    qualification );
482  0 Collection<RoleMembershipInfo> nestedRoleMembers = getNestedRoleMembers( nestedRoleQualification, mi, foundRoleTypeMembers );
483  0 if ( !nestedRoleMembers.isEmpty() ) {
484  0 results.addAll( nestedRoleMembers );
485  0 matchingRoleIds.add( mi.getRoleId() );
486    }
487    }
488    } else { // not a role member
489  0 results.add( mi );
490  0 matchingRoleIds.add( mi.getRoleId() );
491    }
492    }
493    } catch (Exception ex) {
494  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
495    }
496    }
497    }
498   
499    // handle application roles
500  0 for ( String roleId : allRoleIds ) {
501  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
502  0 RoleImpl role = roles.get( roleId );
503    // check if an application role
504  0 try {
505  0 if ( isApplicationRoleType(role.getKimTypeId(), roleTypeService) ) {
506    // for each application role, get the list of principals and groups which are in that role given the qualification (per the role type service)
507  0 List<RoleMembershipInfo> roleMembers = roleTypeService.getRoleMembersFromApplicationRole(role.getNamespaceCode(), role.getRoleName(), qualification);
508  0 if ( !roleMembers.isEmpty() ) {
509  0 matchingRoleIds.add( roleId );
510    }
511  0 for ( RoleMembershipInfo rm : roleMembers ) {
512  0 rm.setRoleId(roleId);
513  0 rm.setRoleMemberId("*");
514    }
515  0 results.addAll(roleMembers);
516    }
517    } catch (Exception ex) {
518  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
519    }
520    }
521   
522  0 if ( followDelegations && !matchingRoleIds.isEmpty() ) {
523    // we have a list of RoleMembershipInfo objects
524    // need to get delegations for distinct list of roles in that list
525  0 Map<String,KimDelegationImpl> delegations = getStoredDelegationImplMapFromRoleIds(matchingRoleIds);
526   
527  0 matchDelegationsToRoleMembers( results, delegations.values() );
528  0 resolveDelegationMembers( results, qualification, foundRoleTypeMembers );
529    }
530   
531    // sort the results if a single role type service can be identified for
532    // all the matching role members
533  0 if ( results.size() > 1 ) {
534    // if a single role: easy case
535  0 if ( matchingRoleIds.size() == 1 ) {
536  0 String roleId = matchingRoleIds.iterator().next();
537  0 KimRoleTypeService kimRoleTypeService = getRoleTypeService( roleId );
538    //it is possible that the the roleTypeService is coming from a remote application
539    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
540  0 try {
541  0 if ( kimRoleTypeService != null ) {
542  0 results = kimRoleTypeService.sortRoleMembers( results );
543    }
544    } catch (Exception ex) {
545  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
546    }
547  0 } else if ( matchingRoleIds.size() > 1 ) {
548    // if more than one, check if there is only a single role type service
549  0 String prevServiceName = null;
550  0 boolean multipleServices = false;
551  0 for ( String roleId : matchingRoleIds ) {
552  0 String serviceName = getRoleImpl( roleId ).getKimRoleType().getKimTypeServiceName();
553  0 if ( prevServiceName != null && !StringUtils.equals( prevServiceName, serviceName ) ) {
554  0 multipleServices = true;
555  0 break;
556    }
557  0 prevServiceName = serviceName;
558    }
559  0 if ( !multipleServices ) {
560  0 String roleId = matchingRoleIds.iterator().next();
561    //it is possible that the the roleTypeService is coming from a remote application
562    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
563  0 try {
564  0 KimRoleTypeService kimRoleTypeService = getRoleTypeService( roleId );
565  0 if ( kimRoleTypeService != null ) {
566  0 results = kimRoleTypeService.sortRoleMembers( results );
567    }
568    } catch (Exception ex) {
569  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
570    }
571    } else {
572  0 LOG.warn( "Did not sort role members - multiple role type services found. Role Ids: " + matchingRoleIds );
573    }
574    }
575    }
576   
577  0 return results;
578    }
579   
 
580  0 toggle protected boolean isApplicationRoleType( String roleTypeId, KimRoleTypeService service ) {
581  0 Boolean result = getApplicationRoleTypeCache().get( roleTypeId );
582  0 if ( result == null ) {
583  0 if ( service != null ) {
584  0 result = service.isApplicationRoleType();
585    } else {
586  0 result = Boolean.FALSE;
587    }
588    }
589  0 return result;
590    }
591   
592    /**
593    * Retrieves the role type service associated with the given role ID
594    *
595    * @param roleId the role ID to get the role type service for
596    * @return the Role Type Service
597    */
 
598  0 toggle protected KimRoleTypeService getRoleTypeService( String roleId ) {
599  0 KimRoleTypeService service = getRoleTypeServiceCache().get( roleId );
600  0 if ( service == null && !getRoleTypeServiceCache().containsKey( roleId ) ) {
601  0 RoleImpl role = getRoleImpl( roleId );
602  0 KimTypeInfo roleType = role.getKimRoleType();
603  0 if ( roleType != null ) {
604  0 service = getRoleTypeService(roleType);
605    }
606  0 getRoleTypeServiceCache().put(roleId, service);
607    }
608  0 return service;
609    }
610   
 
611  0 toggle protected KimRoleTypeService getRoleTypeService( KimTypeInfo typeInfo ) {
612  0 String serviceName = typeInfo.getKimTypeServiceName();
613  0 if ( serviceName != null ) {
614  0 try {
615  0 KimTypeService service = (KimTypeService) KIMServiceLocatorInternal.getService(serviceName);
616  0 if ( service != null && service instanceof KimRoleTypeService) {
617  0 return (KimRoleTypeService)service;
618    }
619  0 return (KimRoleTypeService) KIMServiceLocatorInternal.getService("kimNoMembersRoleTypeService");
620    } catch ( Exception ex ) {
621  0 LOG.error( "Unable to find role type service with name: " + serviceName );
622  0 LOG.error( ex.getClass().getName() + " : " + ex.getMessage() );
623  0 return (KimRoleTypeService) KIMServiceLocatorInternal.getService("kimNoMembersRoleTypeService");
624    }
625    }
626  0 return null;
627    }
628   
 
629  0 toggle protected KimDelegationTypeService getDelegationTypeService( String delegationId ) {
630  0 KimDelegationTypeService service = getDelegationTypeServiceCache().get( delegationId );
631  0 if ( service == null && !getDelegationTypeServiceCache().containsKey( delegationId ) ) {
632  0 KimDelegationImpl delegation = getKimDelegationImpl(delegationId);
633  0 KimTypeInfo delegationType = delegation.getKimType();
634  0 if ( delegationType != null ) {
635  0 KimTypeService tempService = KIMServiceLocatorWeb.getKimTypeService(delegationType);
636  0 if ( tempService != null && tempService instanceof KimDelegationTypeService ) {
637  0 service = (KimDelegationTypeService)tempService;
638    } else {
639  0 LOG.error( "Service returned for type " + delegationType + "("+delegationType.getKimTypeServiceName()+") was not a KimDelegationTypeService. Was a " + tempService.getClass() );
640    }
641    } else { // delegation has no type - default to role type if possible
642  0 KimRoleTypeService roleTypeService = getRoleTypeService( delegation.getRoleId() );
643  0 if ( roleTypeService != null && roleTypeService instanceof KimDelegationTypeService ) {
644  0 service = (KimDelegationTypeService)roleTypeService;
645    }
646    }
647  0 getDelegationTypeServiceCache().put(delegationId, service);
648    }
649  0 return service;
650    }
651   
652    /**
653    * Checks each of the result records to determine if there are potentially applicable
654    * delegation members for that role membership. If so, it adds to the delegates
655    * list on that RoleMembershipInfo object.
656    *
657    * The final determination of whether that delegation member matches the qualification happens in
658    * a later step ( {@link #resolveDelegationMembers(List, Map, AttributeSet)} )
659    */
 
660  0 toggle protected void matchDelegationsToRoleMembers( List<RoleMembershipInfo> results,
661    Collection<KimDelegationImpl> delegations ) {
662    // check each delegation's qualifier to see if they are applicable - matching
663    // against the qualifiers used for that role
664    // so - for each role,
665  0 for ( RoleMembershipInfo mi : results ) {
666    // get the delegations specific to the role on this line
667  0 for ( KimDelegationImpl delegation : delegations ) {
668    // only check at the moment if the role IDs match
669  0 if ( StringUtils.equals( delegation.getRoleId(), mi.getRoleId() ) ) {
670  0 KimRoleTypeService roleTypeService = getRoleTypeService( delegation.getRoleId() );
671  0 for ( KimDelegationMemberImpl delegationMember : delegation.getMembers() ) {
672    // Make sure that the delgation member is active.
673    // we don't want to add the member to the list if not.
674  0 if (delegationMember.isActive()) {
675    // first, check the delegation to see if it has a role member ID set
676    // if so, then this is a personal delegation rather than a qualifier delegation
677    // in this case, the qualifiers must also match, allowing a person to
678    // delegate only part of their authority.
679  0 if ( StringUtils.isBlank( delegationMember.getRoleMemberId() )
680    || StringUtils.equals( delegationMember.getRoleMemberId(), mi.getRoleMemberId() ) ) {
681    // this check is against the qualifier from the role relationship
682    // that resulted in this record
683    // This is to determine that the delegation
684    // but - don't need to check the role qualifiers against delegation qualifiers
685    // if the delegation is linked directly to the role member
686  0 if ( (StringUtils.isNotBlank( delegationMember.getRoleMemberId() )
687    && StringUtils.equals( delegationMember.getRoleMemberId(), mi.getRoleMemberId() )
688    )
689    || roleTypeService == null
690    || roleTypeService.doesRoleQualifierMatchQualification( mi.getQualifier(), delegationMember.getQualifier() ) ) {
691    // add the delegate member to the role member information list
692    // these will be checked by a later method against the request
693    // qualifications
694  0 mi.getDelegates().add(
695    new DelegateInfo(
696    delegation.getDelegationId(),
697    delegation.getDelegationTypeCode(),
698    delegationMember.getMemberId(),
699    delegationMember.getMemberTypeCode(),
700    delegationMember.getRoleMemberId(),
701    delegationMember.getQualifier() ) );
702    }
703    }
704    }
705    }
706    }
707    }
708    }
709   
710    }
711   
712    /**
713    * Once the delegations for a RoleMembershipInfo object have been determined,
714    * any "role" member types need to be resolved into groups and principals so that
715    * further KIM requests are not needed.
716    */
 
717  0 toggle protected void resolveDelegationMembers( List<RoleMembershipInfo> results,
718    AttributeSet qualification, Set<String> foundRoleTypeMembers ) {
719   
720    // check delegations assigned to this role
721  0 for ( RoleMembershipInfo mi : results ) {
722    // the applicable delegation IDs will already be set in the RoleMembershipInfo object
723    // this code examines those delegations and obtains the member groups and principals
724  0 ListIterator<DelegateInfo> i = mi.getDelegates().listIterator();
725  0 while ( i.hasNext() ) {
726  0 DelegateInfo di = i.next();
727  0 KimDelegationTypeService delegationTypeService = getDelegationTypeService( di.getDelegationId() );
728    // get the principals and groups for this delegation
729    // purge any entries that do not match per the type service
730  0 if ( delegationTypeService == null || delegationTypeService.doesDelegationQualifierMatchQualification( qualification, di.getQualifier() )) {
731    // check if a role type which needs to be resolved
732  0 if ( di.getMemberTypeCode().equals( Role.ROLE_MEMBER_TYPE ) ) {
733  0 i.remove();
734    // loop over delegation roles and extract the role IDs where the qualifications match
735  0 ArrayList<String> roleIdTempList = new ArrayList<String>( 1 );
736  0 roleIdTempList.add( di.getMemberId() );
737   
738    // get the members of this role
739  0 Collection<RoleMembershipInfo> delegateMembers = getRoleMembers(roleIdTempList, qualification, false, foundRoleTypeMembers);
740    // loop over the role members and create the needed DelegationInfo objects
741  0 for ( RoleMembershipInfo rmi : delegateMembers ) {
742  0 i.add(
743    new DelegateInfo(
744    di.getDelegationId(),
745    di.getDelegationTypeCode(),
746    rmi.getMemberId(),
747    rmi.getMemberTypeCode(),
748    di.getRoleMemberId(),
749    di.getQualifier() ) );
750    } // delegate member loop
751    } // if is role member type
752    } else { // delegation does not match - remove from list
753  0 i.remove();
754    }
755    }
756    }
757    }
758   
759    /**
760    * @see org.kuali.rice.kim.service.RoleService#principalHasRole(java.lang.String, java.util.List, org.kuali.rice.core.xml.dto.AttributeSet)
761    */
 
762  0 toggle public boolean principalHasRole(String principalId, List<String> roleIds, AttributeSet qualification) {
763  0 return principalHasRole( principalId, roleIds, qualification, true );
764    }
765   
766    /**
767    * @see org.kuali.rice.kim.service.RoleService#getPrincipalIdSubListWithRole(java.util.List, java.lang.String, java.lang.String, org.kuali.rice.core.xml.dto.AttributeSet)
768    */
 
769  0 toggle public List<String> getPrincipalIdSubListWithRole( List<String> principalIds, String roleNamespaceCode, String roleName, AttributeSet qualification ) {
770  0 List<String> subList = new ArrayList<String>();
771  0 RoleImpl role = getRoleImplByName( roleNamespaceCode, roleName );
772  0 for ( String principalId : principalIds ) {
773  0 if ( principalHasRole( principalId, Collections.singletonList( role.getRoleId() ), qualification ) ) {
774  0 subList.add( principalId );
775    }
776    }
777  0 return subList;
778    }
779   
780    // protected Map<String,List<RoleMembershipInfo>> getRoleIdToMembershipMap( List<RoleMemberImpl> roleMembers, AttributeSet qualifications, Map<String,KimRoleTypeService> roleTypeServices, List<RoleMembershipInfo> finalResults, List<String> matchingRoleIds, boolean includeNullServiceMembers, boolean failFast ) {
781    // Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap = new HashMap<String,List<RoleMembershipInfo>>();
782    // for ( RoleMemberImpl rm : roleMembers ) {
783    // RoleMembershipInfo mi = new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier() );
784    // List<RoleMembershipInfo> lrmi = roleIdToMembershipMap.get( mi.getRoleId() );
785    // if ( lrmi == null ) {
786    // lrmi = new ArrayList<RoleMembershipInfo>();
787    // roleIdToMembershipMap.put( mi.getRoleId(), lrmi );
788    // }
789    // lrmi.add( mi );
790    // // if the role type service is null, assume that all qualifiers match
791    // if ( roleTypeServices.get( rm.getRoleId() ) == null ) {
792    // if ( failFast ) {
793    // return roleIdToMembershipMap;
794    // }
795    // } else {
796    // }
797    // }
798    // return roleIdToMembershipMap;
799    // }
800   
801    /**
802    * Helper method used by principalHasRole to build the role ID -> list of members map.
803    *
804    * @return <b>true</b> if no further checks are needed because no role service is defined
805    */
 
806  0 toggle protected boolean getRoleIdToMembershipMap( Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap, List<RoleMemberImpl> roleMembers ) {
807  0 for ( RoleMemberImpl rm : roleMembers ) {
808  0 RoleMembershipInfo mi = new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier() );
809    // if the role type service is null, assume that all qualifiers match
810  0 if ( getRoleTypeService( rm.getRoleId() ) == null ) {
811  0 return true;
812    }
813  0 List<RoleMembershipInfo> lrmi = roleIdToMembershipMap.get( mi.getRoleId() );
814  0 if ( lrmi == null ) {
815  0 lrmi = new ArrayList<RoleMembershipInfo>();
816  0 roleIdToMembershipMap.put( mi.getRoleId(), lrmi );
817    }
818  0 lrmi.add( mi );
819    }
820  0 return false;
821    }
822   
 
823  0 toggle private List<RoleMemberImpl> getStoredRoleGroupsUsingExactMatchOnQualification(List<String> groupIds, Set<String> roleIds, AttributeSet qualification) {
824  0 List<String> copyRoleIds = new ArrayList<String>(roleIds);
825  0 List<RoleMemberImpl> rms = new ArrayList<RoleMemberImpl>();
826   
827  0 for(String roleId : roleIds) {
828  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
829  0 if(roleTypeService != null) {
830  0 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
831  0 if(CollectionUtils.isNotEmpty(attributesForExactMatch)) {
832  0 copyRoleIds.remove(roleId);
833  0 rms.addAll(getStoredRoleGroupsForGroupIdsAndRoleIds(Collections.singletonList(roleId), groupIds, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
834    }
835    }
836    }
837  0 if(CollectionUtils.isNotEmpty(copyRoleIds)) {
838  0 rms.addAll(getStoredRoleGroupsForGroupIdsAndRoleIds(copyRoleIds, groupIds, null));
839    }
840  0 return rms;
841    }
842   
 
843  0 toggle protected boolean principalHasRole(String principalId, List<String> roleIds, AttributeSet qualification, boolean checkDelegations ) {
844  0 if ( StringUtils.isBlank( principalId ) ) {
845  0 return false;
846    }
847  0 Set<String> allRoleIds = new HashSet<String>();
848    // remove inactive roles
849  0 for ( String roleId : roleIds ) {
850  0 if ( isRoleActive(roleId) ) {
851  0 allRoleIds.add(roleId);
852    }
853    }
854    // short-circuit if no roles match
855  0 if ( allRoleIds.isEmpty() ) {
856  0 return false;
857    }
858    // for efficiency, retrieve all roles and store in a map
859  0 Map<String,RoleImpl> roles = getRoleImplMap(allRoleIds);
860    // get all roles to which the principal is assigned
861  0 List<String> copyRoleIds = new ArrayList<String>(allRoleIds);
862  0 List<RoleMemberImpl> rps = new ArrayList<RoleMemberImpl>();
863   
864  0 for(String roleId : allRoleIds) {
865  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
866  0 if(roleTypeService != null) {
867  0 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
868  0 if(CollectionUtils.isNotEmpty(attributesForExactMatch)) {
869  0 copyRoleIds.remove(roleId);
870  0 rps.addAll(getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collections.singletonList(roleId), principalId, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
871    }
872    }
873    }
874  0 if(CollectionUtils.isNotEmpty(copyRoleIds)) {
875  0 rps.addAll(getStoredRolePrincipalsForPrincipalIdAndRoleIds(copyRoleIds, principalId, null));
876    }
877   
878    // if the qualification is null and the role list is not, then any role in the list will match
879    // so since the role ID list is not blank, we can return true at this point
880  0 if ( (qualification == null || qualification.isEmpty()) && !rps.isEmpty() ) {
881  0 return true;
882    }
883   
884    // check each membership to see if the principal matches
885   
886    // build a map of role ID to membership information
887    // this will be used for later qualification checks
888  0 Map<String,List<RoleMembershipInfo>> roleIdToMembershipMap = new HashMap<String,List<RoleMembershipInfo>>();
889  0 if ( getRoleIdToMembershipMap( roleIdToMembershipMap, rps ) ) {
890  0 return true;
891    }
892   
893    // perform the checks against the role type services
894  0 for ( String roleId : roleIdToMembershipMap.keySet() ) {
895  0 try {
896  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
897  0 if ( !roleTypeService.doRoleQualifiersMatchQualification( qualification, roleIdToMembershipMap.get( roleId ) ).isEmpty() ) {
898  0 return true;
899    }
900    } catch ( Exception ex ) {
901  0 LOG.warn( "Unable to find role type service with id: " + roleId );
902    }
903    }
904   
905    // find the groups that the principal belongs to
906  0 List<String> principalGroupIds = getIdentityManagementService().getGroupIdsForPrincipal(principalId);
907    // find the role/group associations
908  0 if ( !principalGroupIds.isEmpty() ) {
909  0 List<RoleMemberImpl> rgs = getStoredRoleGroupsUsingExactMatchOnQualification(principalGroupIds, allRoleIds, qualification);
910  0 roleIdToMembershipMap.clear(); // clear the role/member map for further use
911  0 if ( getRoleIdToMembershipMap( roleIdToMembershipMap, rgs ) ) {
912  0 return true;
913    }
914   
915    // perform the checks against the role type services
916  0 for ( String roleId : roleIdToMembershipMap.keySet() ) {
917  0 try {
918  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
919  0 if ( !roleTypeService.doRoleQualifiersMatchQualification( qualification, roleIdToMembershipMap.get( roleId ) ).isEmpty() ) {
920  0 return true;
921    }
922    } catch ( Exception ex ) {
923  0 LOG.warn( "Unable to find role type service with id: " + roleId );
924    }
925    }
926    }
927   
928    // check member roles
929    // first, check that the qualifiers on the role membership match
930    // then, perform a principalHasRole on the embedded role
931  0 List<RoleMemberImpl> rrs = getStoredRoleMembersForRoleIds( roleIds, Role.ROLE_MEMBER_TYPE, null );
932  0 for ( RoleMemberImpl rr : rrs ) {
933  0 KimRoleTypeService roleTypeService = getRoleTypeService( rr.getRoleId() );
934  0 if ( roleTypeService != null ) {
935    //it is possible that the the roleTypeService is coming from a remote application
936    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
937  0 try {
938  0 if ( roleTypeService.doesRoleQualifierMatchQualification( qualification, rr.getQualifier() ) ) {
939  0 RoleImpl memberRole = getRoleImpl( rr.getMemberId() );
940  0 AttributeSet nestedRoleQualification = roleTypeService.convertQualificationForMemberRoles(
941    roles.get(rr.getRoleId()).getNamespaceCode(),
942    roles.get(rr.getRoleId()).getRoleName(),
943    memberRole.getNamespaceCode(),
944    memberRole.getRoleName(),
945    qualification );
946  0 ArrayList<String> roleIdTempList = new ArrayList<String>( 1 );
947  0 roleIdTempList.add( rr.getMemberId() );
948  0 if ( principalHasRole( principalId, roleIdTempList, nestedRoleQualification, true ) ) {
949  0 return true;
950    }
951    }
952    } catch (Exception ex) {
953  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + rr.getRoleId(), ex);
954    //return false;
955    }
956    } else {
957    // no qualifiers - role is always used - check membership
958  0 ArrayList<String> roleIdTempList = new ArrayList<String>( 1 );
959  0 roleIdTempList.add( rr.getMemberId() );
960    // no role type service, so can't convert qualification - just pass as is
961  0 if ( principalHasRole( principalId, roleIdTempList, qualification, true ) ) {
962  0 return true;
963    }
964    }
965   
966    }
967   
968   
969    // check for application roles and extract principals and groups from that - then check them against the
970    // role type service passing in the qualification and principal - the qualifier comes from the
971    // external system (application)
972   
973    // loop over the allRoleIds list
974  0 for ( String roleId : allRoleIds ) {
975  0 RoleImpl role = roles.get( roleId );
976  0 KimRoleTypeService roleTypeService = getRoleTypeService( roleId );
977    // check if an application role
978    //it is possible that the the roleTypeService is coming from a remote application
979    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
980  0 try {
981  0 if ( isApplicationRoleType(role.getKimTypeId(), roleTypeService) ) {
982  0 if ( roleTypeService.hasApplicationRole(principalId, principalGroupIds, role.getNamespaceCode(), role.getRoleName(), qualification) ) {
983  0 return true;
984    }
985    }
986    } catch (Exception ex) {
987  0 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
988    //return false;
989    }
990    }
991   
992    // delegations
993  0 if ( checkDelegations ) {
994  0 if ( matchesOnDelegation( allRoleIds, principalId, principalGroupIds, qualification ) ) {
995  0 return true;
996    }
997    }
998   
999    // NOTE: this logic is a little different from the getRoleMembers method
1000    // If there is no primary (matching non-delegate), this method will still return true
1001  0 return false;
1002    }
1003   
1004    /**
1005    * Support method for principalHasRole. Checks delegations on the passed in roles for the given principal and groups. (It's assumed that the principal
1006    * belongs to the given groups.)
1007    *
1008    * Delegation checks are mostly the same as role checks except that the delegation itself is qualified against the original role (like a RolePrincipal
1009    * or RoleGroup.) And then, the members of that delegation may have additional qualifiers which are not part of the original role qualifiers.
1010    *
1011    * For example:
1012    *
1013    * A role could be qualified by organization. So, there is a person in the organization with primary authority for that org. But, then they delegate authority
1014    * for that organization (not their authority - the delegation is attached to the org.) So, in this case the delegation has a qualifier of the organization
1015    * when it is attached to the role.
1016    *
1017    * The principals then attached to that delegation (which is specific to the organization), may have additional qualifiers.
1018    * For Example: dollar amount range, effective dates, document types.
1019    * As a subsequent step, those qualifiers are checked against the qualification passed in from the client.
1020    */
 
1021  0 toggle protected boolean matchesOnDelegation( Set<String> allRoleIds, String principalId, List<String> principalGroupIds, AttributeSet qualification ) {
1022    // get the list of delegations for the roles
1023  0 Map<String,KimDelegationImpl> delegations = getStoredDelegationImplMapFromRoleIds(allRoleIds);
1024    // loop over the delegations - determine those which need to be inspected more directly
1025  0 for ( KimDelegationImpl delegation : delegations.values() ) {
1026    // check if each one matches via the original role type service
1027  0 if ( !delegation.isActive() ) {
1028  0 continue;
1029    }
1030  0 KimRoleTypeService roleTypeService = getRoleTypeService( delegation.getRoleId() );
1031  0 for ( KimDelegationMemberImpl dmi : delegation.getMembers() ) {
1032  0 if ( !dmi.isActive() ) {
1033  0 continue;
1034    }
1035    // check if this delegation record applies to the given person
1036  0 if ( dmi.getMemberTypeCode().equals( Role.PRINCIPAL_MEMBER_TYPE )
1037    && !dmi.getMemberId().equals( principalId ) ) {
1038  0 continue; // no match on principal
1039    }
1040    // or if a group
1041  0 if ( dmi.getMemberTypeCode().equals( Role.GROUP_MEMBER_TYPE )
1042    && !principalGroupIds.contains( dmi.getMemberId() ) ) {
1043  0 continue; // no match on group
1044    }
1045    // or if a role
1046  0 if ( dmi.getMemberTypeCode().equals( Role.ROLE_MEMBER_TYPE )
1047    && !principalHasRole( principalId, Collections.singletonList( dmi.getMemberId() ), qualification, false ) ) {
1048  0 continue; // no match on role
1049    }
1050    // OK, the member matches the current user, now check the qualifications
1051   
1052    // NOTE: this compare is slightly different than the member enumeration
1053    // since the requested qualifier is always being used rather than
1054    // the role qualifier for the member (which is not available)
1055   
1056    //it is possible that the the roleTypeService is coming from a remote application
1057    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
1058  0 try {
1059  0 if ( roleTypeService != null && !roleTypeService.doesRoleQualifierMatchQualification( qualification, dmi.getQualifier() ) ) {
1060  0 continue; // no match - skip to next record
1061    }
1062    } catch (Exception ex) {
1063  0 LOG.warn("Unable to call doesRoleQualifierMatchQualification on role type service for role Id: " + delegation.getRoleId() + " / " + qualification + " / " + dmi.getQualifier(), ex);
1064  0 continue;
1065    }
1066   
1067    // role service matches this qualifier
1068    // now try the delegation service
1069  0 KimDelegationTypeService delegationTypeService = getDelegationTypeService( dmi.getDelegationId());
1070    // QUESTION: does the qualifier map need to be merged with the main delegation qualification?
1071  0 if ( delegationTypeService != null && !delegationTypeService.doesDelegationQualifierMatchQualification(qualification, dmi.getQualifier())) {
1072  0 continue; // no match - skip to next record
1073    }
1074    // check if a role member ID is present on the delegation record
1075    // if so, check that the original role member would match the given qualifiers
1076  0 if ( StringUtils.isNotBlank( dmi.getRoleMemberId() ) ) {
1077  0 RoleMemberImpl rm = getRoleMemberImpl( dmi.getRoleMemberId() );
1078  0 if ( rm != null ) {
1079    // check that the original role member's is active and that their
1080    // qualifier would have matched this request's
1081    // qualifications (that the original person would have the permission/responsibility
1082    // for an action)
1083    // this prevents a role-membership based delegation from surviving the inactivation/
1084    // changing of the main person's role membership
1085  0 if ( !rm.isActive() ) {
1086  0 continue;
1087    }
1088  0 AttributeSet roleQualifier = rm.getQualifier();
1089    //it is possible that the the roleTypeService is coming from a remote application
1090    // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
1091  0 try {
1092  0 if (roleTypeService != null && !roleTypeService.doesRoleQualifierMatchQualification(qualification, roleQualifier) ) {
1093  0 continue;
1094    }
1095    } catch (Exception ex) {
1096  0 LOG.warn("Unable to call doesRoleQualifierMatchQualification on role type service for role Id: " + delegation.getRoleId() + " / " + qualification + " / " + roleQualifier, ex);
1097  0 continue;
1098    }
1099    } else {
1100  0 LOG.warn( "Unknown role member ID cited in the delegation member table:" );
1101  0 LOG.warn( " delegationMemberId: " + dmi.getDelegationMemberId() + " / roleMemberId: " + dmi.getRoleMemberId() );
1102    }
1103    }
1104    // all tests passed, return true
1105  0 return true;
1106    }
1107    }
1108  0 return false;
1109    }
1110   
1111   
1112    // --------------------
1113    // Support Methods
1114    // --------------------
1115   
1116   
1117   
 
1118  0 toggle public List<RoleImpl> getRolesSearchResults(java.util.Map<String,String> fieldValues) {
1119  0 return getRoleDao().getRoles(fieldValues);
1120    }
1121   
1122    /**
1123    * @see org.kuali.rice.kim.service.RoleService#roleInactivated(java.lang.String)
1124    */
 
1125  0 toggle public void roleInactivated(String roleId){
1126  0 Timestamp yesterday = new Timestamp( new java.util.Date().getTime() - (24*60*60*1000) );
1127  0 List<String> roleIds = new ArrayList<String>();
1128  0 roleIds.add(roleId);
1129  0 inactivateRoleMemberships(roleIds, yesterday);
1130  0 inactivateRoleDelegations(roleIds, yesterday);
1131  0 inactivateMembershipsForRoleAsMember(roleIds, yesterday);
1132    }
1133   
 
1134  0 toggle private void inactivateRoleMemberships(List<String> roleIds, Timestamp yesterday){
1135  0 List<RoleMemberImpl> roleMembers = getStoredRoleMembersForRoleIds(roleIds, null, null);
1136  0 for(RoleMemberImpl rm: roleMembers){
1137  0 rm.setActiveToDate(yesterday);
1138    }
1139  0 getBusinessObjectService().save(roleMembers);
1140  0 getIdentityManagementNotificationService().roleUpdated();
1141    }
1142   
 
1143  0 toggle private void inactivateMembershipsForRoleAsMember(List<String> roleIds, Timestamp yesterday){
1144  0 List<RoleMemberImpl> roleMembers = getStoredRoleMembershipsForRoleIdsAsMembers(roleIds, null);
1145  0 for(RoleMemberImpl rm: roleMembers){
1146  0 rm.setActiveToDate(yesterday);
1147    }
1148  0 getBusinessObjectService().save(roleMembers);
1149  0 getIdentityManagementNotificationService().roleUpdated();
1150    }
1151   
 
1152  0 toggle private void inactivateRoleDelegations(List<String> roleIds, Timestamp yesterday){
1153  0 List<KimDelegationImpl> delegations = getStoredDelegationImplsForRoleIds(roleIds);
1154  0 for(KimDelegationImpl delegation: delegations){
1155  0 delegation.setActive(false);
1156  0 for(KimDelegationMemberImpl delegationMember: delegation.getMembers()){
1157  0 delegationMember.setActiveToDate(yesterday);
1158    }
1159    }
1160  0 getBusinessObjectService().save(delegations);
1161  0 getIdentityManagementNotificationService().delegationUpdated();
1162    }
1163   
1164    /**
1165    * @see org.kuali.rice.kim.service.RoleService#principalInactivated(java.lang.String)
1166    */
 
1167  0 toggle public void principalInactivated(String principalId) {
1168  0 Timestamp yesterday = new Timestamp( System.currentTimeMillis() - (24*60*60*1000) );
1169  0 inactivatePrincipalRoleMemberships(principalId, yesterday);
1170  0 inactivatePrincipalGroupMemberships(principalId, yesterday);
1171  0 inactivatePrincipalDelegations(principalId, yesterday);
1172  0 inactivateApplicationRoleMemberships( principalId, yesterday );
1173    }
1174   
 
1175  0 toggle @SuppressWarnings("unchecked")
1176    protected void inactivateApplicationRoleMemberships( String principalId, Timestamp yesterday){
1177    // get all role type services
1178  0 Collection<KimTypeInfo> types = KIMServiceLocatorWeb.getTypeInfoService().getAllTypes();
1179    // create sub list of only application role types
1180  0 ArrayList<KimTypeInfo> applicationRoleTypes = new ArrayList<KimTypeInfo>( types.size() );
1181  0 for ( KimTypeInfo typeInfo : types ) {
1182  0 KimRoleTypeService service = getRoleTypeService(typeInfo);
1183  0 try {//log service unavailable as WARN error
1184  0 if ( isApplicationRoleType(typeInfo.getKimTypeId(), service)) {
1185  0 applicationRoleTypes.add(typeInfo);
1186    }
1187    }catch(Exception e) {
1188  0 LOG.warn(e.getMessage(), e);
1189    }
1190    }
1191   
1192  0 Map<String,Object> roleLookupMap = new HashMap<String, Object>(2);
1193  0 roleLookupMap.put( KIMPropertyConstants.Role.ACTIVE, "Y");
1194    // loop over application types
1195  0 for ( KimTypeInfo typeInfo : applicationRoleTypes ) {
1196  0 KimRoleTypeService service = getRoleTypeService(typeInfo);
1197    // get all roles for that type
1198  0 roleLookupMap.put( KIMPropertyConstants.Role.KIM_TYPE_ID, typeInfo.getKimTypeId());
1199  0 Collection<RoleImpl> roles = getBusinessObjectService().findMatching( RoleImpl.class, roleLookupMap);
1200    // loop over all roles in those types
1201  0 for ( RoleImpl role : roles ) {
1202    // call the principalInactivated() on the role type service for each role
1203  0 service.principalInactivated(principalId, role.getNamespaceCode(), role.getRoleName());
1204    }
1205    }
1206    }
1207   
 
1208  0 toggle protected void inactivatePrincipalRoleMemberships(String principalId, Timestamp yesterday){
1209    // go through all roles and post-date them
1210  0 List<RoleMemberImpl> roleMembers = getStoredRolePrincipalsForPrincipalIdAndRoleIds(null, principalId, null);
1211  0 Set<String> roleIds = new HashSet<String>( roleMembers.size() );
1212  0 for ( RoleMemberImpl rm : roleMembers ) {
1213  0 rm.setActiveToDate(yesterday);
1214  0 roleIds.add(rm.getRoleId()); // add to the set of IDs
1215    }
1216  0 getBusinessObjectService().save(roleMembers);
1217    // find all distinct role IDs and type services
1218  0 for ( String roleId : roleIds ) {
1219  0 RoleImpl role = getRoleImpl(roleId);
1220  0 KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
1221  0 try {
1222  0 if ( roleTypeService != null ) {
1223  0 roleTypeService.principalInactivated( principalId, role.getNamespaceCode(), role.getRoleName() );
1224    }
1225    } catch ( Exception ex ) {
1226  0 LOG.error( "Problem notifying role type service of principal inactivation: " + role.getKimRoleType().getKimTypeServiceName(), ex );
1227    }
1228    }
1229  0 getIdentityManagementNotificationService().roleUpdated();
1230    }
1231   
 
1232  0 toggle protected void inactivatePrincipalGroupMemberships(String principalId, Timestamp yesterday){
1233  0 List<GroupMembershipInfo> groupMemberInfos = getRoleDao().getGroupPrincipalsForPrincipalIdAndGroupIds(null, principalId);
1234  0 List<GroupMemberImpl> groupMembers = new ArrayList<GroupMemberImpl>(groupMemberInfos.size());
1235  0 for ( GroupMembershipInfo rm : groupMemberInfos ) {
1236  0 rm.setActiveToDate( new Date(yesterday.getTime()) );
1237  0 groupMembers.add(toGroupMemberImpl(rm));
1238    }
1239   
1240  0 getBusinessObjectService().save(groupMembers);
1241    }
1242   
 
1243  0 toggle protected void inactivatePrincipalDelegations(String principalId, Timestamp yesterday){
1244  0 List<KimDelegationMemberImpl> delegationMembers = getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(null, principalId);
1245  0 for ( KimDelegationMemberImpl rm : delegationMembers ) {
1246  0 rm.setActiveToDate(yesterday);
1247    }
1248  0 getBusinessObjectService().save(delegationMembers);
1249  0 getIdentityManagementNotificationService().delegationUpdated();
1250    }
1251   
 
1252  0 toggle public List<RoleMembershipInfo> getFirstLevelRoleMembers(List<String> roleIds){
1253  0 List<RoleMemberImpl> rms = getStoredRoleMembersForRoleIds(roleIds, null, null);
1254  0 List<RoleMembershipInfo> roleMembershipInfoList = new ArrayList<RoleMembershipInfo>();
1255  0 for ( RoleMemberImpl rm : rms ) {
1256  0 roleMembershipInfoList.add(new RoleMembershipInfo( rm.getRoleId(), rm.getRoleMemberId(), rm.getMemberId(), rm.getMemberTypeCode(), rm.getQualifier()));
1257    }
1258  0 return roleMembershipInfoList;
1259    }
1260   
1261   
1262    /**
1263    * When a group is inactivated, inactivate the memberships of principals in that group
1264    * and the memberships of that group in roles
1265    *
1266    * @see org.kuali.rice.kim.service.GroupUpdateService#groupInactivated(java.lang.String)
1267    */
 
1268  0 toggle public void groupInactivated(String groupId) {
1269  0 Timestamp yesterday = new Timestamp( System.currentTimeMillis() - (24*60*60*1000) );
1270  0 List<String> groupIds = new ArrayList<String>();
1271  0 groupIds.add(groupId);
1272  0 inactivatePrincipalGroupMemberships(groupIds, yesterday);
1273  0 inactivateGroupRoleMemberships(groupIds, yesterday);
1274    }
1275   
 
1276  0 toggle protected void inactivatePrincipalGroupMemberships(List<String> groupIds, Timestamp yesterday){
1277  0 List<GroupMembershipInfo> groupMemberInfos = getRoleDao().getGroupMembers(groupIds);
1278  0 List<GroupMemberImpl> groupMembers = new ArrayList<GroupMemberImpl>(groupMemberInfos.size());
1279  0 for ( GroupMembershipInfo rm : groupMemberInfos ) {
1280  0 rm.setActiveToDate( new Date(yesterday.getTime()) );
1281  0 groupMembers.add(toGroupMemberImpl(rm));
1282    }
1283  0 getBusinessObjectService().save(groupMembers);
1284    }
1285   
 
1286  0 toggle protected void inactivateGroupRoleMemberships(List<String> groupIds, Timestamp yesterday){
1287  0 List<RoleMemberImpl> roleMembersOfGroupType = getStoredRoleGroupsForGroupIdsAndRoleIds(null, groupIds, null);
1288  0 for(RoleMemberImpl rm: roleMembersOfGroupType){
1289  0 rm.setActiveToDate(yesterday);
1290    }
1291  0 getBusinessObjectService().save(roleMembersOfGroupType);
1292  0 getIdentityManagementNotificationService().roleUpdated();
1293    }
1294   
 
1295  0 toggle protected GroupMemberImpl toGroupMemberImpl(GroupMembershipInfo kimGroupMember) {
1296  0 GroupMemberImpl groupMemberImpl = null;
1297   
1298  0 if (kimGroupMember != null) {
1299  0 groupMemberImpl = new GroupMemberImpl();
1300  0 groupMemberImpl.setGroupId(kimGroupMember.getGroupId());
1301  0 groupMemberImpl.setGroupMemberId(kimGroupMember.getGroupMemberId());
1302  0 groupMemberImpl.setMemberId(kimGroupMember.getMemberId());
1303  0 groupMemberImpl.setMemberTypeCode(kimGroupMember.getMemberTypeCode());
1304  0 if (kimGroupMember.getActiveFromDate() != null) {
1305  0 groupMemberImpl.setActiveFromDate(new java.sql.Timestamp(kimGroupMember.getActiveFromDate().getTime()));
1306    }
1307  0 if (kimGroupMember.getActiveToDate() != null) {
1308  0 groupMemberImpl.setActiveToDate(new java.sql.Timestamp(kimGroupMember.getActiveToDate().getTime()));
1309    }
1310  0 groupMemberImpl.setVersionNumber(kimGroupMember.getVersionNumber());
1311    }
1312   
1313  0 return groupMemberImpl;
1314    }
1315   
 
1316  0 toggle public List<RoleMembershipInfo> findRoleMembers(Map<String,String> fieldValues){
1317  0 return getRoleDao().getRoleMembers(fieldValues);
1318    }
1319   
 
1320  0 toggle public List<DelegateMemberCompleteInfo> findDelegateMembersCompleteInfo(final Map<String, String> fieldValues){
1321  0 List<DelegateMemberCompleteInfo> delegateMembersCompleteInfo = new ArrayList<DelegateMemberCompleteInfo>();
1322  0 DelegateMemberCompleteInfo delegateMemberCompleteInfo;
1323  0 List<KimDelegationImpl> delegations = (List<KimDelegationImpl>)getLookupService().findCollectionBySearchHelper(
1324    KimDelegationImpl.class, fieldValues, true);
1325  0 if(delegations!=null && !delegations.isEmpty()){
1326  0 Map<String, String> delegationMemberFieldValues = new HashMap<String, String>();
1327  0 for(String key: fieldValues.keySet()){
1328  0 if(key.startsWith(KimConstants.KimUIConstants.MEMBER_ID_PREFIX)){
1329  0 delegationMemberFieldValues.put(
1330    key.substring(key.indexOf(
1331    KimConstants.KimUIConstants.MEMBER_ID_PREFIX)+KimConstants.KimUIConstants.MEMBER_ID_PREFIX.length()),
1332    fieldValues.get(key));
1333    }
1334    }
1335  0 StringBuffer memberQueryString = new StringBuffer();
1336  0 for(KimDelegationImpl delegation: delegations)
1337  0 memberQueryString.append(delegation.getDelegationId()+KimConstants.KimUIConstants.OR_OPERATOR);
1338  0 delegationMemberFieldValues.put(KimConstants.PrimaryKeyConstants.DELEGATION_ID,
1339    KimCommonUtilsInternal.stripEnd(memberQueryString.toString(), KimConstants.KimUIConstants.OR_OPERATOR));
1340  0 List<KimDelegationMemberImpl> delegateMembers = (List<KimDelegationMemberImpl>)getLookupService().findCollectionBySearchHelper(
1341    KimDelegationMemberImpl.class, delegationMemberFieldValues, true);
1342  0 KimDelegationImpl delegationTemp;
1343  0 for(KimDelegationMemberImpl delegateMember: delegateMembers){
1344  0 delegateMemberCompleteInfo = delegateMember.toSimpleInfo();
1345  0 delegationTemp = getDelegationImpl(delegations, delegateMember.getDelegationId());
1346  0 delegateMemberCompleteInfo.setRoleId(delegationTemp.getRoleId());
1347  0 delegateMemberCompleteInfo.setDelegationTypeCode(delegationTemp.getDelegationTypeCode());
1348  0 Object member = getMember(delegateMemberCompleteInfo.getMemberTypeCode(), delegateMemberCompleteInfo.getMemberId());
1349  0 delegateMemberCompleteInfo.setMemberName(getMemberName(member));
1350  0 delegateMemberCompleteInfo.setMemberNamespaceCode(getMemberNamespaceCode(member));
1351  0 delegateMembersCompleteInfo.add(delegateMemberCompleteInfo);
1352    }
1353   
1354    }
1355  0 return delegateMembersCompleteInfo;
1356    }
1357   
 
1358  0 toggle public DelegateTypeInfo getDelegateTypeInfo(String roleId, String delegationTypeCode){
1359  0 KimDelegationImpl delegation = getDelegationOfType(roleId, delegationTypeCode);
1360  0 if(delegation==null) return null;
1361  0 return delegation.toSimpleInfo();
1362    }
1363   
 
1364  0 toggle public DelegateTypeInfo getDelegateTypeInfoById(String delegationId){
1365  0 if(delegationId==null) return null;
1366  0 KimDelegationImpl delegation = getKimDelegationImpl(delegationId);
1367  0 if(delegation==null) return null;
1368  0 return delegation.toSimpleInfo();
1369    }
1370   
 
1371  0 toggle public List<DelegateMemberCompleteInfo> getDelegationMembersByDelegationId(String delegationId){
1372  0 KimDelegationImpl delegation = getKimDelegationImpl(delegationId);
1373  0 if(delegation==null) return null;
1374   
1375  0 return getDelegationInfoForDelegation(delegation);
1376    }
1377   
 
1378  0 toggle public DelegateMemberCompleteInfo getDelegationMemberByDelegationAndMemberId(String delegationId, String delegationMemberId){
1379  0 KimDelegationImpl delegation = getKimDelegationImpl(delegationId);
1380  0 KimDelegationMemberImpl delegationMember = getKimDelegationMemberImplByDelegationAndId(delegationId, delegationMemberId);
1381   
1382  0 return getDelegateCompleteInfo(delegation, delegationMember);
1383    }
1384   
 
1385  0 toggle public DelegateMemberCompleteInfo getDelegationMemberById(@WebParam(name="delegationMemberId") String delegationMemberId){
1386  0 KimDelegationMemberImpl delegationMember = getKimDelegationMemberImpl(delegationMemberId);
1387  0 if(delegationMember==null) return null;
1388   
1389  0 KimDelegationImpl delegation = getKimDelegationImpl(delegationMember.getDelegationId());
1390   
1391  0 return getDelegateCompleteInfo(delegation, delegationMember);
1392    }
1393   
 
1394  0 toggle private List<DelegateMemberCompleteInfo> getDelegationInfoForDelegation(KimDelegationImpl delegation){
1395  0 if(delegation==null || delegation.getMembers()==null) return null;
1396  0 List<DelegateMemberCompleteInfo> delegateInfoList = new ArrayList<DelegateMemberCompleteInfo>();
1397  0 for(KimDelegationMemberImpl delegationMember: delegation.getMembers()){
1398  0 delegateInfoList.add(getDelegateCompleteInfo(delegation, delegationMember));
1399    }
1400  0 return delegateInfoList;
1401    }
1402   
 
1403  0 toggle private DelegateMemberCompleteInfo getDelegateCompleteInfo(KimDelegationImpl delegation, KimDelegationMemberImpl delegationMember){
1404  0 if(delegation==null || delegationMember==null) return null;
1405  0 DelegateMemberCompleteInfo delegateMemberCompleteInfo = delegationMember.toSimpleInfo();
1406  0 delegateMemberCompleteInfo.setDelegationTypeCode(delegation.getDelegationTypeCode());
1407  0 Object member = getMember(delegationMember.getMemberTypeCode(), delegationMember.getMemberId());
1408  0 delegateMemberCompleteInfo.setMemberName(getMemberName(member));
1409  0 delegateMemberCompleteInfo.setMemberNamespaceCode(getMemberNamespaceCode(member));
1410  0 return delegateMemberCompleteInfo;
1411    }
1412   
 
1413  0 toggle public List<RoleResponsibilityInfo> getRoleResponsibilities(String roleId){
1414  0 Map<String, String> criteria = new HashMap<String, String>(1);
1415  0 criteria.put(KimConstants.PrimaryKeyConstants.ROLE_ID, roleId);
1416  0 List<RoleResponsibilityImpl> responsibilityImpls = (List<RoleResponsibilityImpl>)
1417    getBusinessObjectService().findMatching(RoleResponsibilityImpl.class, criteria);
1418  0 List<RoleResponsibilityInfo> roleResponsibilities = new ArrayList<RoleResponsibilityInfo>();
1419  0 RoleResponsibilityInfo roleResponsibilityInfo;
1420  0 for(RoleResponsibilityImpl roleResponsibilityImpl: responsibilityImpls){
1421  0 roleResponsibilityInfo = new RoleResponsibilityInfo();
1422  0 KimCommonUtilsInternal.copyProperties(roleResponsibilityInfo, roleResponsibilityImpl);
1423  0 roleResponsibilities.add(roleResponsibilityInfo);
1424    }
1425  0 return roleResponsibilities;
1426    }
1427   
 
1428  0 toggle public void applicationRoleMembershipChanged( String roleId ) {
1429  0 getResponsibilityInternalService().updateActionRequestsForRoleChange(roleId);
1430    }
1431   
1432    }
 
CloverReport generated by Clover Code Coverage v3.0.2
Wed Apr 13 2011 04:19:36 EDT.		   Clover: Open Source License registered to University of Arizona.