Coverage Report - org.kuali.rice.kim.impl.role.RoleServiceImpl
 
Classes in this File Line Coverage Branch Coverage Complexity
RoleServiceImpl
0%
0/606
0%
0/334
4.459
 
 1   
 package org.kuali.rice.kim.impl.role;
 2   
 
 3   
 import org.apache.commons.collections.CollectionUtils;
 4   
 import org.apache.commons.lang.StringUtils;
 5   
 import org.apache.log4j.Logger;
 6   
 import org.joda.time.DateTime;
 7   
 import org.kuali.rice.core.api.util.jaxb.MapStringStringAdapter;
 8   
 import org.kuali.rice.kim.api.common.delegate.DelegateMember;
 9   
 import org.kuali.rice.kim.api.common.delegate.DelegateType;
 10   
 import org.kuali.rice.kim.api.group.GroupMember;
 11   
 import org.kuali.rice.kim.api.role.Role;
 12   
 import org.kuali.rice.kim.api.role.RoleMember;
 13   
 import org.kuali.rice.kim.api.role.RoleMembership;
 14   
 import org.kuali.rice.kim.api.role.RoleResponsibility;
 15   
 import org.kuali.rice.kim.api.role.RoleResponsibilityAction;
 16   
 import org.kuali.rice.kim.api.role.RoleService;
 17   
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 18   
 import org.kuali.rice.kim.api.type.KimType;
 19   
 import org.kuali.rice.kim.api.type.KimTypeService;
 20   
 import org.kuali.rice.kim.framework.type.KimDelegationTypeService;
 21   
 import org.kuali.rice.kim.framework.type.KimRoleTypeService;
 22   
 import org.kuali.rice.kim.impl.common.delegate.DelegateBo;
 23   
 import org.kuali.rice.kim.impl.common.delegate.DelegateMemberBo;
 24   
 import org.kuali.rice.kim.impl.group.GroupMemberBo;
 25   
 import org.kuali.rice.kim.impl.services.KIMServiceLocatorInternal;
 26   
 import org.kuali.rice.kim.impl.type.KimTypeBo;
 27   
 import org.kuali.rice.kim.service.KIMServiceLocatorWeb;
 28   
 import org.kuali.rice.kim.util.KIMPropertyConstants;
 29   
 import org.kuali.rice.kim.util.KimConstants;
 30   
 
 31   
 import javax.jws.WebParam;
 32   
 import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 33   
 import java.sql.Timestamp;
 34   
 import java.util.ArrayList;
 35   
 import java.util.Collection;
 36   
 import java.util.Collections;
 37   
 import java.util.Date;
 38   
 import java.util.HashMap;
 39   
 import java.util.HashSet;
 40   
 import java.util.List;
 41   
 import java.util.Map;
 42   
 import java.util.Set;
 43   
 import java.util.concurrent.TimeUnit;
 44   
 
 45  0 
 public class RoleServiceImpl extends RoleServiceBase implements RoleService {
 46  0 
     private static final Logger LOG = Logger.getLogger(RoleServiceImpl.class);
 47   
 
 48   
     @Override
 49   
     public Role getRole(@WebParam(name = "roleId") String roleId) {
 50  0 
         RoleBo roleBo = getRoleBo(roleId);
 51  0 
         if (roleBo == null) {
 52  0 
             return null;
 53   
         }
 54  0 
         return RoleBo.to(roleBo);
 55   
     }
 56   
 
 57   
     protected Map<String, RoleBo> getRoleBoMap(Collection<String> roleIds) {
 58   
         Map<String, RoleBo> result;
 59   
         // check for a non-null result in the cache, return it if found
 60  0 
         if (roleIds.size() == 1) {
 61  0 
             String roleId = roleIds.iterator().next();
 62  0 
             RoleBo bo = getRoleBo(roleId);
 63  0 
             if (bo.isActive()) {
 64  0 
                 result = Collections.singletonMap(roleId, bo);
 65   
             } else {
 66  0 
                 result = Collections.emptyMap();
 67   
             }
 68  0 
         } else {
 69  0 
             result = new HashMap<String, RoleBo>(roleIds.size());
 70  0 
             for (String roleId : roleIds) {
 71  0 
                 RoleBo bo = getRoleBo(roleId);
 72  0 
                 if (bo.isActive()) {
 73  0 
                     result.put(roleId, bo);
 74   
                 }
 75  0 
             }
 76   
         }
 77  0 
         return result;
 78   
     }
 79   
 
 80   
     @Override
 81   
     public List<Role> getRoles(@WebParam(name = "roleIds") List<String> roleIds) {
 82  0 
         Collection<RoleBo> roleBos = getRoleBoMap(roleIds).values();
 83  0 
         List<Role> roles = new ArrayList<Role>(roleBos.size());
 84  0 
         for (RoleBo bo : roleBos) {
 85  0 
             roles.add(RoleBo.to(bo));
 86   
         }
 87  0 
         return roles;
 88   
     }
 89   
 
 90   
     @Override
 91   
     public Role getRoleByName(@WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "roleName") String roleName) {
 92  0 
         RoleBo roleBo = getRoleBoByName(namespaceCode, roleName);
 93  0 
         if (roleBo != null) {
 94  0 
             return RoleBo.to(roleBo);
 95   
         }
 96  0 
         return null;
 97   
     }
 98   
 
 99   
     @Override
 100   
     public String getRoleIdByName(@WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "roleName") String roleName) {
 101  0 
         Role role = getRoleByName(namespaceCode, roleName);
 102  0 
         if (role != null) {
 103  0 
             return role.getId();
 104   
         } else {
 105  0 
             return null;
 106   
         }
 107   
     }
 108   
 
 109   
     @Override
 110   
     public boolean isRoleActive(@WebParam(name = "roleId") String roleId) {
 111  0 
         RoleBo roleBo = getRoleBo(roleId);
 112  0 
         return roleBo != null && roleBo.isActive();
 113   
     }
 114   
 
 115   
     @Override
 116   
     public List<Map<String, String>> getRoleQualifiersForPrincipal(@WebParam(name = "principalId") String principalId,
 117   
                                                             @WebParam(name = "roleIds") List<String> roleIds,
 118   
                                                             @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 119   
 
 120  0 
         List<Map<String, String>> results = new ArrayList<Map<String, String>>();
 121   
 
 122  0 
         List<RoleMemberBo> roleMemberBoList = getStoredRoleMembersUsingExactMatchOnQualification(principalId, null, roleIds, qualification);
 123   
 
 124  0 
         Map<String, List<RoleMembership>> roleIdToMembershipMap = new HashMap<String, List<RoleMembership>>();
 125  0 
         for (RoleMemberBo roleMemberBo : roleMemberBoList) {
 126   
             // gather up the qualifier sets and the service they go with
 127  0 
             if (roleMemberBo.getMemberTypeCode().equals(Role.PRINCIPAL_MEMBER_TYPE)) {
 128  0 
                 KimRoleTypeService roleTypeService = getRoleTypeService(roleMemberBo.getRoleId());
 129  0 
                 if (roleTypeService != null) {
 130  0 
                     List<RoleMembership> las = roleIdToMembershipMap.get(roleMemberBo.getRoleId());
 131  0 
                     if (las == null) {
 132  0 
                         las = new ArrayList<RoleMembership>();
 133  0 
                         roleIdToMembershipMap.put(roleMemberBo.getRoleId(), las);
 134   
                     }
 135  0 
                     RoleMembership mi = RoleMembership.Builder.create(
 136   
                             roleMemberBo.getRoleId(),
 137   
                             roleMemberBo.getRoleMemberId(),
 138   
                             roleMemberBo.getMemberId(),
 139   
                             roleMemberBo.getMemberTypeCode(),
 140   
                             roleMemberBo.getAttributes()).build();
 141   
 
 142  0 
                     las.add(mi);
 143  0 
                 } else {
 144  0 
                     results.add(roleMemberBo.getAttributes());
 145   
                 }
 146  0 
             }
 147   
         }
 148  0 
         for (String roleId : roleIdToMembershipMap.keySet()) {
 149  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 150   
             //it is possible that the the roleTypeService is coming from a remote application
 151   
             // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 152   
             try {
 153  0 
                 List<RoleMembership> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification(qualification, roleIdToMembershipMap.get(roleId));
 154  0 
                 for (RoleMembership rmi : matchingMembers) {
 155  0 
                     results.add(rmi.getQualifier());
 156   
                 }
 157  0 
             } catch (Exception ex) {
 158  0 
                 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
 159  0 
             }
 160  0 
         }
 161  0 
         return results;
 162   
     }
 163   
 
 164   
     @Override
 165   
     public List<Map<String, String>> getRoleQualifiersForPrincipal(@WebParam(name = "principalId") String principalId, @WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "roleName") String roleName, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 166  0 
         String roleId = getRoleIdByName(namespaceCode, roleName);
 167  0 
         if (roleId == null) {
 168  0 
             return new ArrayList<Map<String, String>>(0);
 169   
         }
 170  0 
         return getNestedRoleQualifiersForPrincipal(principalId, Collections.singletonList(roleId), qualification);
 171   
     }
 172   
 
 173   
     @Override
 174   
     public List<Map<String, String>> getNestedRoleQualifiersForPrincipal(@WebParam(name = "principalId") String principalId, @WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "roleName") String roleName, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 175  0 
         String roleId = getRoleIdByName(namespaceCode, roleName);
 176  0 
         if (roleId == null) {
 177  0 
             return new ArrayList<Map<String, String>>(0);
 178   
         }
 179  0 
         return getNestedRoleQualifiersForPrincipal(principalId, Collections.singletonList(roleId), qualification);
 180   
     }
 181   
 
 182   
     @Override
 183   
     public List<Map<String, String>> getNestedRoleQualifiersForPrincipal(@WebParam(name = "principalId") String principalId, @WebParam(name = "roleIds") List<String> roleIds, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 184  0 
         List<Map<String, String>> results = new ArrayList<Map<String, String>>();
 185   
 
 186  0 
         Map<String, RoleBo> roleBosById = getRoleBoMap(roleIds);
 187   
 
 188   
         // get the person's groups
 189  0 
         List<String> groupIds = getGroupService().getGroupIdsForPrincipal(principalId);
 190  0 
         List<RoleMemberBo> roleMemberBos = getStoredRoleMembersUsingExactMatchOnQualification(principalId, groupIds, roleIds, qualification);
 191   
 
 192  0 
         Map<String, List<RoleMembership>> roleIdToMembershipMap = new HashMap<String, List<RoleMembership>>();
 193  0 
         for (RoleMemberBo roleMemberBo : roleMemberBos) {
 194  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleMemberBo.getRoleId());
 195   
             // gather up the qualifier sets and the service they go with
 196  0 
             if (roleMemberBo.getMemberTypeCode().equals(Role.PRINCIPAL_MEMBER_TYPE)
 197   
                     || roleMemberBo.getMemberTypeCode().equals(Role.GROUP_MEMBER_TYPE)) {
 198  0 
                 if (roleTypeService != null) {
 199  0 
                     List<RoleMembership> las = roleIdToMembershipMap.get(roleMemberBo.getRoleId());
 200  0 
                     if (las == null) {
 201  0 
                         las = new ArrayList<RoleMembership>();
 202  0 
                         roleIdToMembershipMap.put(roleMemberBo.getRoleId(), las);
 203   
                     }
 204  0 
                     RoleMembership mi = RoleMembership.Builder.create(
 205   
                             roleMemberBo.getRoleId(),
 206   
                             roleMemberBo.getRoleMemberId(),
 207   
                             roleMemberBo.getMemberId(),
 208   
                             roleMemberBo.getMemberTypeCode(),
 209   
                             roleMemberBo.getAttributes()).build();
 210   
 
 211  0 
                     las.add(mi);
 212  0 
                 } else {
 213  0 
                     results.add(roleMemberBo.getAttributes());
 214   
                 }
 215  0 
             } else if (roleMemberBo.getMemberTypeCode().equals(Role.ROLE_MEMBER_TYPE)) {
 216   
                 // find out if the user has the role
 217   
                 // need to convert qualification using this role's service
 218  0 
                 Map<String, String> nestedQualification = qualification;
 219  0 
                 if (roleTypeService != null) {
 220  0 
                     RoleBo roleBo = roleBosById.get(roleMemberBo.getRoleId());
 221   
                     // pulling from here as the nested roleBo is not necessarily (and likely is not)
 222   
                     // in the roleBosById Map created earlier
 223  0 
                     RoleBo nestedRole = getRoleBo(roleMemberBo.getMemberId());
 224   
                     //it is possible that the the roleTypeService is coming from a remote application
 225   
                     // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 226   
                     try {
 227  0 
                         nestedQualification = roleTypeService.convertQualificationForMemberRoles(roleBo.getNamespaceCode(), roleBo.getName(), nestedRole.getNamespaceCode(), nestedRole.getName(), qualification);
 228  0 
                     } catch (Exception ex) {
 229  0 
                         LOG.warn("Not able to retrieve RoleTypeService from remote system for roleBo Id: " + roleBo.getId(), ex);
 230  0 
                     }
 231   
                 }
 232  0 
                 List<String> nestedRoleId = new ArrayList<String>(1);
 233  0 
                 nestedRoleId.add(roleMemberBo.getMemberId());
 234   
                 // if the user has the given role, add the qualifier the *nested role* has with the
 235   
                 // originally queries role
 236  0 
                 if (principalHasRole(principalId, nestedRoleId, nestedQualification, false)) {
 237  0 
                     results.add(roleMemberBo.getAttributes());
 238   
                 }
 239   
             }
 240  0 
         }
 241  0 
         for (String roleId : roleIdToMembershipMap.keySet()) {
 242  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 243   
             //it is possible that the the roleTypeService is coming from a remote application
 244   
             // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 245   
             try {
 246  0 
                 List<RoleMembership> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification(qualification, roleIdToMembershipMap.get(roleId));
 247  0 
                 for (RoleMembership roleMembership : matchingMembers) {
 248  0 
                     results.add(roleMembership.getQualifier());
 249   
                 }
 250  0 
             } catch (Exception ex) {
 251  0 
                 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
 252  0 
             }
 253  0 
         }
 254  0 
         return results;
 255   
     }
 256   
 
 257   
     @Override
 258   
     public List<RoleMembership> getRoleMembers(@WebParam(name = "roleIds") List<String> roleIds, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 259  0 
         Set<String> foundRoleTypeMembers = new HashSet<String>();
 260  0 
         return getRoleMembers(roleIds, qualification, true, foundRoleTypeMembers);
 261   
     }
 262   
 
 263   
     @Override
 264   
     public Collection<String> getRoleMemberPrincipalIds(@WebParam(name = "namespaceCode") String namespaceCode, @WebParam(name = "roleName") String roleName, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 265  0 
         Set<String> principalIds = new HashSet<String>();
 266  0 
         Set<String> foundRoleTypeMembers = new HashSet<String>();
 267  0 
         List<String> roleIds = Collections.singletonList(getRoleIdByName(namespaceCode, roleName));
 268  0 
         for (RoleMembership roleMembership : getRoleMembers(roleIds, qualification, false, foundRoleTypeMembers)) {
 269  0 
             if (Role.GROUP_MEMBER_TYPE.equals(roleMembership.getMemberTypeCode())) {
 270  0 
                 principalIds.addAll(getGroupService().getMemberPrincipalIds(roleMembership.getMemberId()));
 271   
             } else {
 272  0 
                 principalIds.add(roleMembership.getMemberId());
 273   
             }
 274   
         }
 275  0 
         return principalIds;
 276   
     }
 277   
 
 278   
     @Override
 279   
     public boolean principalHasRole(@WebParam(name = "principalId") String principalId, @WebParam(name = "roleIds") List<String> roleIds, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 280  0 
         return principalHasRole(principalId, roleIds, qualification, true);
 281   
     }
 282   
 
 283   
     @Override
 284   
     public List<String> getPrincipalIdSubListWithRole(@WebParam(name = "principalIds") List<String> principalIds, @WebParam(name = "roleNamespaceCode") String roleNamespaceCode, @WebParam(name = "roleName") String roleName, @WebParam(name = "qualification") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> qualification) {
 285  0 
         List<String> subList = new ArrayList<String>();
 286  0 
         RoleBo role = getRoleBoByName(roleNamespaceCode, roleName);
 287  0 
         for (String principalId : principalIds) {
 288  0 
             if (principalHasRole(principalId, Collections.singletonList(role.getId()), qualification)) {
 289  0 
                 subList.add(principalId);
 290   
             }
 291   
         }
 292  0 
         return subList;
 293   
     }
 294   
 
 295   
     @Override
 296   
     public List<Role> getRolesSearchResults(@XmlJavaTypeAdapter(value = MapStringStringAdapter.class) @WebParam(name = "fieldValues") Map<String, String> fieldValues) {
 297  0 
         List<RoleBo> roleBoList = getRoleDao().getRoles(fieldValues);
 298  0 
         List<Role> roles = new ArrayList<Role>();
 299  0 
         for (RoleBo roleBo : roleBoList) {
 300  0 
             roles.add(RoleBo.to(roleBo));
 301   
         }
 302  0 
         return roles;
 303   
     }
 304   
 
 305   
     @Override
 306   
     public void principalInactivated(@WebParam(name = "principalId") String principalId) {
 307  0 
         long oneDayInMillis = TimeUnit.DAYS.toMillis(1);
 308  0 
         Timestamp yesterday = new Timestamp(System.currentTimeMillis() - oneDayInMillis);
 309   
 
 310  0 
         inactivatePrincipalRoleMemberships(principalId, yesterday);
 311  0 
         inactivatePrincipalGroupMemberships(principalId, yesterday);
 312  0 
         inactivatePrincipalDelegations(principalId, yesterday);
 313  0 
         inactivateApplicationRoleMemberships(principalId, yesterday);
 314  0 
     }
 315   
 
 316   
     @Override
 317   
     public void roleInactivated(@WebParam(name = "roleId") String roleId) {
 318  0 
         long oneDayInMillis = TimeUnit.DAYS.toMillis(1);
 319  0 
         Timestamp yesterday = new Timestamp(System.currentTimeMillis() - oneDayInMillis);
 320   
 
 321  0 
         List<String> roleIds = new ArrayList<String>();
 322  0 
         roleIds.add(roleId);
 323  0 
         inactivateRoleMemberships(roleIds, yesterday);
 324  0 
         inactivateRoleDelegations(roleIds, yesterday);
 325  0 
         inactivateMembershipsForRoleAsMember(roleIds, yesterday);
 326  0 
     }
 327   
 
 328   
     @Override
 329   
     public void groupInactivated(@WebParam(name = "groupId") String groupId) {
 330  0 
         long oneDayInMillis = TimeUnit.DAYS.toMillis(1);
 331  0 
         Timestamp yesterday = new Timestamp(System.currentTimeMillis() - oneDayInMillis);
 332   
 
 333  0 
         List<String> groupIds = new ArrayList<String>();
 334  0 
         groupIds.add(groupId);
 335  0 
         inactivatePrincipalGroupMemberships(groupIds, yesterday);
 336  0 
         inactivateGroupRoleMemberships(groupIds, yesterday);
 337  0 
     }
 338   
 
 339   
     @Override
 340   
     public List<RoleMembership> getFirstLevelRoleMembers(@WebParam(name = "roleIds") List<String> roleIds) {
 341  0 
         List<RoleMemberBo> roleMemberBoList = getStoredRoleMembersForRoleIds(roleIds, null, null);
 342  0 
         List<RoleMembership> roleMemberships = new ArrayList<RoleMembership>();
 343  0 
         for (RoleMemberBo roleMemberBo : roleMemberBoList) {
 344  0 
             RoleMembership roleMembeship = RoleMembership.Builder.create(
 345   
                     roleMemberBo.getRoleId(),
 346   
                     roleMemberBo.getRoleMemberId(),
 347   
                     roleMemberBo.getMemberId(),
 348   
                     roleMemberBo.getMemberTypeCode(),
 349   
                     roleMemberBo.getAttributes()).build();
 350  0 
             roleMemberships.add(roleMembeship);
 351  0 
         }
 352  0 
         return roleMemberships;
 353   
     }
 354   
 
 355   
     @Override
 356   
     public List<RoleMembership> findRoleMemberships(@XmlJavaTypeAdapter(value = MapStringStringAdapter.class) @WebParam(name = "fieldValues") Map<String, String> fieldValues) {
 357  0 
         return getRoleDao().getRoleMembers(fieldValues);
 358   
     }
 359   
 
 360   
     @Override
 361   
     public List<String> getMemberParentRoleIds(String memberType, String memberId) {
 362  0 
         return super.getMemberParentRoleIds(memberType, memberId);
 363   
     }
 364   
 
 365   
     @Override
 366   
     public List<RoleMember> findRoleMembers(@XmlJavaTypeAdapter(value = MapStringStringAdapter.class) @WebParam(name = "fieldValues") Map<String, String> fieldValues) {
 367  0 
         return super.findRoleMembers(fieldValues);
 368   
     }
 369   
 
 370   
     @Override
 371   
     public List<DelegateMember> findDelegateMembers(@XmlJavaTypeAdapter(value = MapStringStringAdapter.class) @WebParam(name = "fieldValues") Map<String, String> fieldValues) {
 372  0 
         return super.findDelegateMembers(fieldValues);
 373   
     }
 374   
 
 375   
     @Override
 376   
     public List<DelegateMember> getDelegationMembersByDelegationId(@WebParam(name = "delegationId") String delegationId) {
 377  0 
         DelegateBo delegateBo = getKimDelegationImpl(delegationId);
 378  0 
         if (delegateBo == null) {return null;}
 379   
 
 380  0 
         return getDelegateMembersForDelegation(delegateBo);
 381   
     }
 382   
 
 383   
     @Override
 384   
     public DelegateMember getDelegationMemberByDelegationAndMemberId(@WebParam(name = "delegationId") String delegationId, @WebParam(name = "memberId") String memberId) {
 385  0 
         DelegateBo delegateBo = getKimDelegationImpl(delegationId);
 386  0 
         DelegateMemberBo delegationMember = getKimDelegationMemberImplByDelegationAndId(delegationId, memberId);
 387   
 
 388  0 
         return getDelegateCompleteInfo(delegateBo, delegationMember);
 389   
     }
 390   
 
 391   
     @Override
 392   
     public DelegateMember getDelegationMemberById(@WebParam(name = "assignedToId") String delegationMemberId) {
 393   
 
 394  0 
         DelegateMemberBo delegateMemberBo = getDelegateMemberBo(delegationMemberId);
 395  0 
         if (delegateMemberBo == null) {
 396  0 
             return null;
 397   
         }
 398   
 
 399  0 
         DelegateBo delegateBo = getKimDelegationImpl(delegateMemberBo.getDelegationId());
 400   
 
 401  0 
         return getDelegateCompleteInfo(delegateBo, delegateMemberBo);
 402   
     }
 403   
 
 404   
     @Override
 405   
     public List<RoleResponsibility> getRoleResponsibilities(@WebParam(name = "roleId") String roleId) {
 406  0 
         Map<String, String> criteria = new HashMap<String, String>(1);
 407  0 
         criteria.put(KimConstants.PrimaryKeyConstants.SUB_ROLE_ID, roleId);
 408  0 
         List<RoleResponsibilityBo> roleResponsibilityBos = (List<RoleResponsibilityBo>)
 409   
                 getBusinessObjectService().findMatching(RoleResponsibilityBo.class, criteria);
 410  0 
         List<RoleResponsibility> roleResponsibilities = new ArrayList<RoleResponsibility>();
 411   
 
 412  0 
         for (RoleResponsibilityBo roleResponsibilityImpl : roleResponsibilityBos) {
 413  0 
             roleResponsibilities.add(RoleResponsibilityBo.to(roleResponsibilityImpl));
 414   
         }
 415  0 
         return roleResponsibilities;
 416   
     }
 417   
 
 418   
     @Override
 419   
     public List<RoleResponsibilityAction> getRoleMemberResponsibilityActions(@WebParam(name = "roleMemberId") String roleMemberId) {
 420  0 
         return super.getRoleMemberResponsibilityActions(roleMemberId);
 421   
     }
 422   
 
 423   
     @Override
 424   
     public DelegateType getDelegateTypeInfo(@WebParam(name = "roleId") String roleId, @WebParam(name = "delegationTypeCode") String delegationTypeCode) {
 425  0 
         DelegateBo delegateBo = getDelegationOfType(roleId, delegationTypeCode);
 426  0 
         return DelegateBo.to(delegateBo);
 427   
     }
 428   
 
 429   
     @Override
 430   
     public DelegateType getDelegateTypeInfoById(@WebParam(name = "delegationId") String delegationId) {
 431  0 
         if (delegationId == null) {
 432  0 
             return null;
 433   
         }
 434  0 
         DelegateBo delegateBo = getKimDelegationImpl(delegationId);
 435  0 
         return DelegateBo.to(delegateBo);
 436   
     }
 437   
 
 438   
     @Override
 439   
     public void applicationRoleMembershipChanged(@WebParam(name = "roleId") String roleId) {
 440  0 
         getResponsibilityInternalService().updateActionRequestsForRoleChange(roleId);
 441  0 
     }
 442   
 
 443   
     @Override
 444   
     public List<Role> lookupRoles(@WebParam(name = "searchCriteria") @XmlJavaTypeAdapter(value = MapStringStringAdapter.class) Map<String, String> searchCriteria) {
 445  0 
         Collection<RoleBo> roleBoCollection = getBusinessObjectService().findMatching(RoleBo.class, searchCriteria);
 446  0 
         ArrayList<Role> roleList = new ArrayList<Role>();
 447  0 
         for (RoleBo roleBo : roleBoCollection) {
 448  0 
             roleList.add(RoleBo.to(roleBo));
 449   
         }
 450  0 
         return roleList;
 451   
     }
 452   
 
 453   
     @Override
 454   
     public void flushInternalRoleCache() {
 455  0 
         super.flushInternalRoleCache();
 456  0 
     }
 457   
 
 458   
     @Override
 459   
     public void flushInternalRoleMemberCache() {
 460  0 
         super.flushInternalRoleMemberCache();
 461  0 
     }
 462   
 
 463   
     @Override
 464   
     public void flushInternalDelegationCache() {
 465  0 
         super.flushInternalDelegationCache();
 466  0 
     }
 467   
 
 468   
     @Override
 469   
     public void flushInternalDelegationMemberCache() {
 470  0 
         super.flushInternalDelegationMemberCache();
 471  0 
     }
 472   
 
 473   
 
 474   
     @SuppressWarnings("unchecked")
 475   
     protected void inactivateApplicationRoleMemberships(String principalId, Timestamp yesterday) {
 476   
         // get all role type services
 477  0 
         Collection<KimType> types = KimApiServiceLocator.getKimTypeInfoService().findAllKimTypes();
 478   
         // create sub list of only application role types
 479  0 
         ArrayList<KimType> applicationRoleTypes = new ArrayList<KimType>(types.size());
 480  0 
         for (KimType typeInfo : types) {
 481  0 
             KimRoleTypeService service = getRoleTypeService(typeInfo);
 482   
             try {//log service unavailable as WARN error
 483  0 
                 if (isApplicationRoleType(typeInfo.getId(), service)) {
 484  0 
                     applicationRoleTypes.add(typeInfo);
 485   
                 }
 486  0 
             } catch (Exception e) {
 487  0 
                 LOG.warn(e.getMessage(), e);
 488  0 
             }
 489  0 
         }
 490   
 
 491  0 
         Map<String, Object> roleLookupMap = new HashMap<String, Object>(2);
 492  0 
         roleLookupMap.put(KIMPropertyConstants.Role.ACTIVE, "Y");
 493   
         // loop over application types
 494  0 
         for (KimType typeInfo : applicationRoleTypes) {
 495  0 
             KimRoleTypeService service = getRoleTypeService(typeInfo);
 496   
             // get all roles for that type
 497  0 
             roleLookupMap.put(KIMPropertyConstants.Role.KIM_TYPE_ID, typeInfo.getId());
 498  0 
             Collection<RoleBo> roles = getBusinessObjectService().findMatching(RoleBo.class, roleLookupMap);
 499   
             // loop over all roles in those types
 500  0 
             for (RoleBo role : roles) {
 501   
                 // call the principalInactivated() on the role type service for each role
 502  0 
                 service.principalInactivated(principalId, role.getNamespaceCode(), role.getName());
 503   
             }
 504  0 
         }
 505  0 
     }
 506   
 
 507   
 
 508   
     protected void inactivatePrincipalRoleMemberships(String principalId, Timestamp yesterday) {
 509   
         // go through all roles and post-date them
 510  0 
         List<RoleMemberBo> roleMembers = getStoredRolePrincipalsForPrincipalIdAndRoleIds(null, principalId, null);
 511  0 
         Set<String> roleIds = new HashSet<String>(roleMembers.size());
 512  0 
         for (RoleMemberBo roleMemberBo : roleMembers) {
 513  0 
             roleMemberBo.setActiveToDateValue(yesterday);
 514  0 
             roleIds.add(roleMemberBo.getRoleId()); // add to the set of IDs
 515   
         }
 516  0 
         getBusinessObjectService().save(roleMembers);
 517   
         // find all distinct role IDs and type services
 518  0 
         for (String roleId : roleIds) {
 519  0 
             RoleBo role = getRoleBo(roleId);
 520  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 521   
             try {
 522  0 
                 if (roleTypeService != null) {
 523  0 
                     roleTypeService.principalInactivated(principalId, role.getNamespaceCode(), role.getName());
 524   
                 }
 525  0 
             } catch (Exception ex) {
 526  0 
                 LOG.error("Problem notifying role type service of principal inactivation: " + role.getKimRoleType().getServiceName(), ex);
 527  0 
             }
 528  0 
         }
 529  0 
         getIdentityManagementNotificationService().roleUpdated();
 530  0 
     }
 531   
 
 532   
     protected void inactivateGroupRoleMemberships(List<String> groupIds, Timestamp yesterday) {
 533  0 
         List<RoleMemberBo> roleMemberBosOfGroupType = getStoredRoleGroupsForGroupIdsAndRoleIds(null, groupIds, null);
 534  0 
         for (RoleMemberBo roleMemberbo : roleMemberBosOfGroupType) {
 535  0 
             roleMemberbo.setActiveToDateValue(yesterday);
 536   
         }
 537  0 
         getBusinessObjectService().save(roleMemberBosOfGroupType);
 538  0 
         getIdentityManagementNotificationService().roleUpdated();
 539  0 
     }
 540   
 
 541   
     protected void inactivatePrincipalGroupMemberships(String principalId, Timestamp yesterday) {
 542  0 
         List<GroupMember> groupMembers = getRoleDao().getGroupPrincipalsForPrincipalIdAndGroupIds(null, principalId);
 543  0 
         List<GroupMemberBo> groupMemberBoList = new ArrayList<GroupMemberBo>(groupMembers.size());
 544  0 
         for (GroupMember gm : groupMembers) {
 545  0 
             GroupMember.Builder builder = GroupMember.Builder.create(gm);
 546  0 
             builder.setActiveToDate(new DateTime(yesterday.getTime()));
 547  0 
             groupMemberBoList.add(GroupMemberBo.from(builder.build()));
 548  0 
         }
 549  0 
         getBusinessObjectService().save(groupMemberBoList);
 550  0 
     }
 551   
 
 552   
     protected void inactivatePrincipalGroupMemberships(List<String> groupIds, Timestamp yesterday) {
 553  0 
         List<GroupMember> groupMembers = getRoleDao().getGroupMembers(groupIds);
 554  0 
         List<GroupMemberBo> groupMemberBoList = new ArrayList<GroupMemberBo>(groupMembers.size());
 555  0 
         for (GroupMember groupMember : groupMembers) {
 556  0 
             GroupMember.Builder builder = GroupMember.Builder.create(groupMember);
 557  0 
             builder.setActiveToDate(new DateTime(yesterday.getTime()));
 558  0 
             groupMemberBoList.add(GroupMemberBo.from(builder.build()));
 559  0 
         }
 560  0 
         getBusinessObjectService().save(groupMemberBoList);
 561  0 
     }
 562   
 
 563   
     protected void inactivatePrincipalDelegations(String principalId, Timestamp yesterday) {
 564  0 
         List<DelegateMemberBo> delegationMembers = getStoredDelegationPrincipalsForPrincipalIdAndDelegationIds(null, principalId);
 565  0 
         for (DelegateMemberBo delegateMemberBo : delegationMembers) {
 566  0 
             delegateMemberBo.setActiveToDateValue(yesterday);
 567   
         }
 568  0 
         getBusinessObjectService().save(delegationMembers);
 569  0 
         getIdentityManagementNotificationService().delegationUpdated();
 570  0 
     }
 571   
 
 572   
 
 573   
     protected List<RoleMembership> getRoleMembers(List<String> roleIds, Map<String, String> qualification, boolean followDelegations, Set<String> foundRoleTypeMembers) {
 574  0 
         List<RoleMembership> results = new ArrayList<RoleMembership>();
 575  0 
         Set<String> allRoleIds = new HashSet<String>();
 576  0 
         for (String roleId : roleIds) {
 577  0 
             if (isRoleActive(roleId)) {
 578  0 
                 allRoleIds.add(roleId);
 579   
             }
 580   
         }
 581   
         // short-circuit if no roles match
 582  0 
         if (allRoleIds.isEmpty()) {
 583  0 
             return results;
 584   
         }
 585  0 
         Set<String> matchingRoleIds = new HashSet<String>(allRoleIds.size());
 586   
         // for efficiency, retrieve all roles and store in a map
 587  0 
         Map<String, RoleBo> roles = getRoleBoMap(allRoleIds);
 588   
 
 589  0 
         List<String> copyRoleIds = new ArrayList<String>(allRoleIds);
 590  0 
         List<RoleMemberBo> rms = new ArrayList<RoleMemberBo>();
 591   
 
 592  0 
         for (String roleId : allRoleIds) {
 593  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 594  0 
             if (roleTypeService != null) {
 595  0 
                 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
 596  0 
                 if (CollectionUtils.isNotEmpty(attributesForExactMatch)) {
 597  0 
                     copyRoleIds.remove(roleId);
 598  0 
                     rms.addAll(getStoredRoleMembersForRoleIds(Collections.singletonList(roleId), null, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
 599   
                 }
 600   
             }
 601  0 
         }
 602  0 
         if (CollectionUtils.isNotEmpty(copyRoleIds)) {
 603  0 
             rms.addAll(getStoredRoleMembersForRoleIds(copyRoleIds, null, null));
 604   
         }
 605   
 
 606   
         // build a map of role ID to membership information
 607   
         // this will be used for later qualification checks
 608  0 
         Map<String, List<RoleMembership>> roleIdToMembershipMap = new HashMap<String, List<RoleMembership>>();
 609  0 
         for (RoleMemberBo roleMemberBo : rms) {
 610  0 
             RoleMembership mi = RoleMembership.Builder.create(
 611   
                     roleMemberBo.getRoleId(),
 612   
                     roleMemberBo.getRoleMemberId(),
 613   
                     roleMemberBo.getMemberId(),
 614   
                     roleMemberBo.getMemberTypeCode(),
 615   
                     roleMemberBo.getAttributes()).build();
 616   
 
 617   
             // if the qualification check does not need to be made, just add the result
 618  0 
             if ((qualification == null || qualification.isEmpty()) || getRoleTypeService(roleMemberBo.getRoleId()) == null) {
 619  0 
                 if (roleMemberBo.getMemberTypeCode().equals(Role.ROLE_MEMBER_TYPE)) {
 620   
                     // if a role member type, do a non-recursive role member check
 621   
                     // to obtain the group and principal members of that role
 622   
                     // given the qualification
 623  0 
                     Map<String, String> nestedRoleQualification = qualification;
 624  0 
                     if (getRoleTypeService(roleMemberBo.getRoleId()) != null) {
 625   
                         // get the member role object
 626  0 
                         RoleBo memberRole = getRoleBo(mi.getMemberId());
 627  0 
                         nestedRoleQualification = getRoleTypeService(roleMemberBo.getRoleId())
 628   
                                 .convertQualificationForMemberRoles(
 629   
                                         roles.get(roleMemberBo.getRoleId()).getNamespaceCode(),
 630   
                                         roles.get(roleMemberBo.getRoleId()).getName(),
 631   
                                         memberRole.getNamespaceCode(),
 632   
                                         memberRole.getName(),
 633   
                                         qualification);
 634   
                     }
 635  0 
                     if (isRoleActive(roleMemberBo.getRoleId())) {
 636  0 
                         Collection<RoleMembership> nestedRoleMembers = getNestedRoleMembers(nestedRoleQualification, mi, foundRoleTypeMembers);
 637  0 
                         if (!nestedRoleMembers.isEmpty()) {
 638  0 
                             results.addAll(nestedRoleMembers);
 639  0 
                             matchingRoleIds.add(roleMemberBo.getRoleId());
 640   
                         }
 641   
                     }
 642  0 
                 } else { // not a role member type
 643  0 
                     results.add(mi);
 644  0 
                     matchingRoleIds.add(roleMemberBo.getRoleId());
 645   
                 }
 646  0 
                 matchingRoleIds.add(roleMemberBo.getRoleId());
 647   
             } else {
 648  0 
                 List<RoleMembership> lrmi = roleIdToMembershipMap.get(mi.getRoleId());
 649  0 
                 if (lrmi == null) {
 650  0 
                     lrmi = new ArrayList<RoleMembership>();
 651  0 
                     roleIdToMembershipMap.put(mi.getRoleId(), lrmi);
 652   
                 }
 653  0 
                 lrmi.add(mi);
 654   
             }
 655  0 
         }
 656   
         // if there is anything in the role to membership map, we need to check the role type services
 657   
         // for those entries
 658  0 
         if (!roleIdToMembershipMap.isEmpty()) {
 659   
             // for each role, send in all the qualifiers for that role to the type service
 660   
             // for evaluation, the service will return those which match
 661  0 
             for (String roleId : roleIdToMembershipMap.keySet()) {
 662   
                 //it is possible that the the roleTypeService is coming from a remote application
 663   
                 // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 664   
                 try {
 665  0 
                     KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 666  0 
                     List<RoleMembership> matchingMembers = roleTypeService.doRoleQualifiersMatchQualification(qualification, roleIdToMembershipMap.get(roleId));
 667   
                     // loop over the matching entries, adding them to the results
 668  0 
                     for (RoleMembership roleMemberships : matchingMembers) {
 669  0 
                         if (roleMemberships.getMemberTypeCode().equals(Role.ROLE_MEMBER_TYPE)) {
 670   
                             // if a role member type, do a non-recursive role member check
 671   
                             // to obtain the group and principal members of that role
 672   
                             // given the qualification
 673   
                             // get the member role object
 674  0 
                             RoleBo memberRole = getRoleBo(roleMemberships.getMemberId());
 675  0 
                             if (memberRole.isActive()) {
 676  0 
                                 Map<String, String> nestedRoleQualification = roleTypeService.convertQualificationForMemberRoles(
 677   
                                         roles.get(roleMemberships.getRoleId()).getNamespaceCode(),
 678   
                                         roles.get(roleMemberships.getRoleId()).getName(),
 679   
                                         memberRole.getNamespaceCode(),
 680   
                                         memberRole.getName(),
 681   
                                         qualification);
 682  0 
                                 Collection<RoleMembership> nestedRoleMembers = getNestedRoleMembers(nestedRoleQualification, roleMemberships, foundRoleTypeMembers);
 683  0 
                                 if (!nestedRoleMembers.isEmpty()) {
 684  0 
                                     results.addAll(nestedRoleMembers);
 685  0 
                                     matchingRoleIds.add(roleMemberships.getRoleId());
 686   
                                 }
 687   
                             }
 688  0 
                         } else { // not a role member
 689  0 
                             results.add(roleMemberships);
 690  0 
                             matchingRoleIds.add(roleMemberships.getRoleId());
 691   
                         }
 692   
                     }
 693  0 
                 } catch (Exception ex) {
 694  0 
                     LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
 695  0 
                 }
 696   
             }
 697   
         }
 698  0 
         return results;
 699   
     }
 700   
 
 701   
 
 702   
     protected boolean principalHasRole(String principalId, List<String> roleIds, Map<String, String> qualification, boolean checkDelegations) {
 703  0 
         if (StringUtils.isBlank(principalId)) {
 704  0 
             return false;
 705   
         }
 706  0 
         Set<String> allRoleIds = new HashSet<String>();
 707   
         // remove inactive roles
 708  0 
         for (String roleId : roleIds) {
 709  0 
             if (isRoleActive(roleId)) {
 710  0 
                 allRoleIds.add(roleId);
 711   
             }
 712   
         }
 713   
         // short-circuit if no roles match
 714  0 
         if (allRoleIds.isEmpty()) {
 715  0 
             return false;
 716   
         }
 717   
         // for efficiency, retrieve all roles and store in a map
 718  0 
         Map<String, RoleBo> roles = getRoleBoMap(allRoleIds);
 719   
         // get all roles to which the principal is assigned
 720  0 
         List<String> copyRoleIds = new ArrayList<String>(allRoleIds);
 721  0 
         List<RoleMemberBo> rps = new ArrayList<RoleMemberBo>();
 722   
 
 723  0 
         for (String roleId : allRoleIds) {
 724  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 725  0 
             if (roleTypeService != null) {
 726  0 
                 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
 727  0 
                 if (CollectionUtils.isNotEmpty(attributesForExactMatch)) {
 728  0 
                     copyRoleIds.remove(roleId);
 729  0 
                     rps.addAll(getStoredRolePrincipalsForPrincipalIdAndRoleIds(Collections.singletonList(roleId), principalId, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
 730   
                 }
 731   
             }
 732  0 
         }
 733  0 
         if (CollectionUtils.isNotEmpty(copyRoleIds)) {
 734  0 
             rps.addAll(getStoredRolePrincipalsForPrincipalIdAndRoleIds(copyRoleIds, principalId, null));
 735   
         }
 736   
 
 737   
         // if the qualification is null and the role list is not, then any role in the list will match
 738   
         // so since the role ID list is not blank, we can return true at this point
 739  0 
         if ((qualification == null || qualification.isEmpty()) && !rps.isEmpty()) {
 740  0 
             return true;
 741   
         }
 742   
 
 743   
         // check each membership to see if the principal matches
 744   
 
 745   
         // build a map of role ID to membership information
 746   
         // this will be used for later qualification checks
 747  0 
         Map<String, List<RoleMembership>> roleIdToMembershipMap = new HashMap<String, List<RoleMembership>>();
 748  0 
         if (getRoleIdToMembershipMap(roleIdToMembershipMap, rps)) {
 749  0 
             return true;
 750   
         }
 751   
 
 752   
         // perform the checks against the role type services
 753  0 
         for (String roleId : roleIdToMembershipMap.keySet()) {
 754   
             try {
 755  0 
                 KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 756  0 
                 if (!roleTypeService.doRoleQualifiersMatchQualification(qualification, roleIdToMembershipMap.get(roleId)).isEmpty()) {
 757  0 
                     return true;
 758   
                 }
 759  0 
             } catch (Exception ex) {
 760  0 
                 LOG.warn("Unable to find role type service with id: " + roleId);
 761  0 
             }
 762   
         }
 763   
 
 764   
         // find the groups that the principal belongs to
 765  0 
         List<String> principalGroupIds = getGroupService().getGroupIdsForPrincipal(principalId);
 766   
         // find the role/group associations
 767  0 
         if (!principalGroupIds.isEmpty()) {
 768  0 
             List<RoleMemberBo> rgs = getStoredRoleGroupsUsingExactMatchOnQualification(principalGroupIds, allRoleIds, qualification);
 769  0 
             roleIdToMembershipMap.clear(); // clear the role/member map for further use
 770  0 
             if (getRoleIdToMembershipMap(roleIdToMembershipMap, rgs)) {
 771  0 
                 return true;
 772   
             }
 773   
 
 774   
             // perform the checks against the role type services
 775  0 
             for (String roleId : roleIdToMembershipMap.keySet()) {
 776   
                 try {
 777  0 
                     KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 778  0 
                     if (!roleTypeService.doRoleQualifiersMatchQualification(qualification, roleIdToMembershipMap.get(roleId)).isEmpty()) {
 779  0 
                         return true;
 780   
                     }
 781  0 
                 } catch (Exception ex) {
 782  0 
                     LOG.warn("Unable to find role type service with id: " + roleId);
 783  0 
                 }
 784   
             }
 785   
         }
 786   
 
 787   
         // check member roles
 788   
         // first, check that the qualifiers on the role membership match
 789   
         // then, perform a principalHasRole on the embedded role
 790  0 
         List<RoleMemberBo> roleMemberBos = getStoredRoleMembersForRoleIds(roleIds, Role.ROLE_MEMBER_TYPE, null);
 791  0 
         for (RoleMemberBo roleMemberBo : roleMemberBos) {
 792  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleMemberBo.getRoleId());
 793  0 
             if (roleTypeService != null) {
 794   
                 //it is possible that the the roleTypeService is coming from a remote application
 795   
                 // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 796   
                 try {
 797  0 
                     if (roleTypeService.doesRoleQualifierMatchQualification(qualification, roleMemberBo.getAttributes())) {
 798  0 
                         RoleBo memberRole = getRoleBo(roleMemberBo.getMemberId());
 799  0 
                         Map<String, String> nestedRoleQualification = roleTypeService.convertQualificationForMemberRoles(
 800   
                                 roles.get(roleMemberBo.getRoleId()).getNamespaceCode(),
 801   
                                 roles.get(roleMemberBo.getRoleId()).getName(),
 802   
                                 memberRole.getNamespaceCode(),
 803   
                                 memberRole.getName(),
 804   
                                 qualification);
 805  0 
                         ArrayList<String> roleIdTempList = new ArrayList<String>(1);
 806  0 
                         roleIdTempList.add(roleMemberBo.getMemberId());
 807  0 
                         if (principalHasRole(principalId, roleIdTempList, nestedRoleQualification, true)) {
 808  0 
                             return true;
 809   
                         }
 810   
                     }
 811  0 
                 } catch (Exception ex) {
 812  0 
                     LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleMemberBo.getRoleId(), ex);
 813   
                     //return false;
 814  0 
                 }
 815   
             } else {
 816   
                 // no qualifiers - role is always used - check membership
 817  0 
                 ArrayList<String> roleIdTempList = new ArrayList<String>(1);
 818  0 
                 roleIdTempList.add(roleMemberBo.getMemberId());
 819   
                 // no role type service, so can't convert qualification - just pass as is
 820  0 
                 if (principalHasRole(principalId, roleIdTempList, qualification, true)) {
 821  0 
                     return true;
 822   
                 }
 823   
             }
 824   
 
 825  0 
         }
 826   
 
 827   
 
 828   
         // check for application roles and extract principals and groups from that - then check them against the
 829   
         // role type service passing in the qualification and principal - the qualifier comes from the
 830   
         // external system (application)
 831   
 
 832   
         // loop over the allRoleIds list
 833  0 
         for (String roleId : allRoleIds) {
 834  0 
             RoleBo role = roles.get(roleId);
 835  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 836   
             // check if an application role
 837   
             //it is possible that the the roleTypeService is coming from a remote application
 838   
             // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 839   
             try {
 840  0 
                 if (isApplicationRoleType(role.getKimTypeId(), roleTypeService)) {
 841  0 
                     if (roleTypeService.hasApplicationRole(principalId, principalGroupIds, role.getNamespaceCode(), role.getName(), qualification)) {
 842  0 
                         return true;
 843   
                     }
 844   
                 }
 845  0 
             } catch (Exception ex) {
 846  0 
                 LOG.warn("Not able to retrieve RoleTypeService from remote system for role Id: " + roleId, ex);
 847   
                 //return false;
 848  0 
             }
 849  0 
         }
 850   
 
 851   
         // delegations
 852  0 
         if (checkDelegations) {
 853  0 
             if (matchesOnDelegation(allRoleIds, principalId, principalGroupIds, qualification)) {
 854  0 
                 return true;
 855   
             }
 856   
         }
 857   
 
 858   
         // NOTE: this logic is a little different from the getRoleMembers method
 859   
         // If there is no primary (matching non-delegate), this method will still return true
 860  0 
         return false;
 861   
     }
 862   
 
 863   
 
 864   
     protected boolean isApplicationRoleType(String roleTypeId, KimRoleTypeService service) {
 865  0 
         Boolean result = getApplicationRoleTypeCache().get(roleTypeId);
 866  0 
         if (result == null) {
 867  0 
             if (service != null) {
 868  0 
                 result = service.isApplicationRoleType();
 869   
             } else {
 870  0 
                 result = Boolean.FALSE;
 871   
             }
 872   
         }
 873  0 
         return result;
 874   
     }
 875   
 
 876   
     /**
 877   
      * Support method for principalHasRole.  Checks delegations on the passed in roles for the given principal and groups.  (It's assumed that the principal
 878   
      * belongs to the given groups.)
 879   
      * <p/>
 880   
      * Delegation checks are mostly the same as role checks except that the delegateBo itself is qualified against the original role (like a RolePrincipal
 881   
      * or RoleGroup.)  And then, the members of that delegateBo may have additional qualifiers which are not part of the original role qualifiers.
 882   
      * <p/>
 883   
      * For example:
 884   
      * <p/>
 885   
      * A role could be qualified by organization.  So, there is a person in the organization with primary authority for that org.  But, then they delegate authority
 886   
      * for that organization (not their authority - the delegateBo is attached to the org.)  So, in this case the delegateBo has a qualifier of the organization
 887   
      * when it is attached to the role.
 888   
      * <p/>
 889   
      * The principals then attached to that delegateBo (which is specific to the organization), may have additional qualifiers.
 890   
      * For Example: dollar amount range, effective dates, document types.
 891   
      * As a subsequent step, those qualifiers are checked against the qualification passed in from the client.
 892   
      */
 893   
     protected boolean matchesOnDelegation(Set<String> allRoleIds, String principalId, List<String> principalGroupIds, Map<String, String> qualification) {
 894   
         // get the list of delegations for the roles
 895  0 
         Map<String, DelegateBo> delegations = getStoredDelegationImplMapFromRoleIds(allRoleIds);
 896   
         // loop over the delegations - determine those which need to be inspected more directly
 897  0 
         for (DelegateBo delegation : delegations.values()) {
 898   
             // check if each one matches via the original role type service
 899  0 
             if (!delegation.isActive()) {
 900  0 
                 continue;
 901   
             }
 902  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(delegation.getRoleId());
 903  0 
             for (DelegateMemberBo delegateMemberBo : delegation.getMembers()) {
 904  0 
                 if (!delegateMemberBo.isActive(new Timestamp(new Date().getTime()))) {
 905  0 
                     continue;
 906   
                 }
 907   
                 // check if this delegateBo record applies to the given person
 908  0 
                 if (delegateMemberBo.getTypeCode().equals(Role.PRINCIPAL_MEMBER_TYPE)
 909   
                         && !delegateMemberBo.getMemberId().equals(principalId)) {
 910  0 
                     continue; // no match on principal
 911   
                 }
 912   
                 // or if a group
 913  0 
                 if (delegateMemberBo.getTypeCode().equals(Role.GROUP_MEMBER_TYPE)
 914   
                         && !principalGroupIds.contains(delegateMemberBo.getMemberId())) {
 915  0 
                     continue; // no match on group
 916   
                 }
 917   
                 // or if a role
 918  0 
                 if (delegateMemberBo.getTypeCode().equals(Role.ROLE_MEMBER_TYPE)
 919   
                         && !principalHasRole(principalId, Collections.singletonList(delegateMemberBo.getMemberId()), qualification, false)) {
 920  0 
                     continue; // no match on role
 921   
                 }
 922   
                 // OK, the member matches the current user, now check the qualifications
 923   
 
 924   
                 // NOTE: this compare is slightly different than the member enumeration
 925   
                 // since the requested qualifier is always being used rather than
 926   
                 // the role qualifier for the member (which is not available)
 927   
 
 928   
                 //it is possible that the the roleTypeService is coming from a remote application
 929   
                 // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 930   
                 try {
 931   
                     //TODO: remove reference to Attributes here and use Attributes instead.
 932  0 
                     if (roleTypeService != null && !roleTypeService.doesRoleQualifierMatchQualification(qualification, delegateMemberBo.getQualifier())) {
 933  0 
                         continue; // no match - skip to next record
 934   
                     }
 935  0 
                 } catch (Exception ex) {
 936  0 
                     LOG.warn("Unable to call doesRoleQualifierMatchQualification on role type service for role Id: " + delegation.getRoleId() + " / " + qualification + " / " + delegateMemberBo.getQualifier(), ex);
 937  0 
                     continue;
 938  0 
                 }
 939   
 
 940   
                 // role service matches this qualifier
 941   
                 // now try the delegateBo service
 942  0 
                 KimDelegationTypeService delegationTypeService = getDelegationTypeService(delegateMemberBo.getDelegationId());
 943   
                 // QUESTION: does the qualifier map need to be merged with the main delegateBo qualification?
 944  0 
                 if (delegationTypeService != null && !delegationTypeService.doesDelegationQualifierMatchQualification(qualification, delegateMemberBo.getQualifier())) {
 945  0 
                     continue; // no match - skip to next record
 946   
                 }
 947   
                 // check if a role member ID is present on the delegateBo record
 948   
                 // if so, check that the original role member would match the given qualifiers
 949  0 
                 if (StringUtils.isNotBlank(delegateMemberBo.getRoleMemberId())) {
 950  0 
                     RoleMemberBo rm = getRoleMemberBo(delegateMemberBo.getRoleMemberId());
 951  0 
                     if (rm != null) {
 952   
                         // check that the original role member's is active and that their
 953   
                         // qualifier would have matched this request's
 954   
                         // qualifications (that the original person would have the permission/responsibility
 955   
                         // for an action)
 956   
                         // this prevents a role-membership based delegateBo from surviving the inactivation/
 957   
                         // changing of the main person's role membership
 958  0 
                         if (!rm.isActive(new Timestamp(new Date().getTime()))) {
 959  0 
                             continue;
 960   
                         }
 961  0 
                         Map<String, String> roleQualifier = rm.getAttributes();
 962   
                         //it is possible that the the roleTypeService is coming from a remote application
 963   
                         // and therefore it can't be guaranteed that it is up and working, so using a try/catch to catch this possibility.
 964   
                         try {
 965  0 
                             if (roleTypeService != null && !roleTypeService.doesRoleQualifierMatchQualification(qualification, roleQualifier)) {
 966  0 
                                 continue;
 967   
                             }
 968  0 
                         } catch (Exception ex) {
 969  0 
                             LOG.warn("Unable to call doesRoleQualifierMatchQualification on role type service for role Id: " + delegation.getRoleId() + " / " + qualification + " / " + roleQualifier, ex);
 970  0 
                             continue;
 971  0 
                         }
 972  0 
                     } else {
 973  0 
                         LOG.warn("Unknown role member ID cited in the delegateBo member table:");
 974  0 
                         LOG.warn("       assignedToId: " + delegateMemberBo.getDelegationMemberId() + " / roleMemberId: " + delegateMemberBo.getRoleMemberId());
 975   
                     }
 976   
                 }
 977   
                 // all tests passed, return true
 978  0 
                 return true;
 979   
             }
 980  0 
         }
 981  0 
         return false;
 982   
     }
 983   
 
 984   
     /**
 985   
      * Helper method used by principalHasRole to build the role ID -> list of members map.
 986   
      *
 987   
      * @return <b>true</b> if no further checks are needed because no role service is defined
 988   
      */
 989   
     protected boolean getRoleIdToMembershipMap(Map<String, List<RoleMembership>> roleIdToMembershipMap, List<RoleMemberBo> roleMembers) {
 990  0 
         for (RoleMemberBo roleMemberBo : roleMembers) {
 991  0 
             RoleMembership roleMembership = RoleMembership.Builder.create(
 992   
                     roleMemberBo.getRoleId(),
 993   
                     roleMemberBo.getRoleMemberId(),
 994   
                     roleMemberBo.getMemberId(),
 995   
                     roleMemberBo.getMemberTypeCode(),
 996   
                     roleMemberBo.getAttributes()).build();
 997   
 
 998   
             // if the role type service is null, assume that all qualifiers match
 999  0 
             if (getRoleTypeService(roleMemberBo.getRoleId()) == null) {
 1000  0 
                 return true;
 1001   
             }
 1002  0 
             List<RoleMembership> lrmi = roleIdToMembershipMap.get(roleMembership.getRoleId());
 1003  0 
             if (lrmi == null) {
 1004  0 
                 lrmi = new ArrayList<RoleMembership>();
 1005  0 
                 roleIdToMembershipMap.put(roleMembership.getRoleId(), lrmi);
 1006   
             }
 1007  0 
             lrmi.add(roleMembership);
 1008  0 
         }
 1009  0 
         return false;
 1010   
     }
 1011   
 
 1012   
     /**
 1013   
      * Retrieves a KimDelegationImpl object by its ID. If the delegateBo already exists in the cache, this method will return the cached
 1014   
      * version; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.
 1015   
      */
 1016   
     protected DelegateBo getKimDelegationImpl(String delegationId) {
 1017  0 
         if (StringUtils.isBlank(delegationId)) {
 1018  0 
             return null;
 1019   
         }
 1020   
 
 1021   
         // If the KimDelegationImpl exists in the cache, return the cached one.
 1022  0 
         DelegateBo tempDelegate = getDelegationFromCache(delegationId);
 1023  0 
         if (tempDelegate != null) {
 1024  0 
             return tempDelegate;
 1025   
         }
 1026   
         // Otherwise, retrieve it normally.
 1027  0 
         tempDelegate = (DelegateBo) getBusinessObjectService().findByPrimaryKey(DelegateBo.class,
 1028   
                 Collections.singletonMap(KimConstants.PrimaryKeyConstants.DELEGATION_ID, delegationId));
 1029  0 
         this.addDelegationBoToCache(tempDelegate);
 1030  0 
         return tempDelegate;
 1031   
     }
 1032   
 
 1033   
     /**
 1034   
      * Retrieves the role type service associated with the given role ID
 1035   
      *
 1036   
      * @param roleId the role ID to get the role type service for
 1037   
      * @return the Role Type Service
 1038   
      */
 1039   
     protected KimRoleTypeService getRoleTypeService(String roleId) {
 1040  0 
         KimRoleTypeService service = getRoleTypeServiceCache().get(roleId);
 1041  0 
         if (service == null && !getRoleTypeServiceCache().containsKey(roleId)) {
 1042  0 
             RoleBo roleBo = getRoleBo(roleId);
 1043  0 
             KimType roleType = KimTypeBo.to(roleBo.getKimRoleType());
 1044  0 
             if (roleType != null) {
 1045  0 
                 service = getRoleTypeService(roleType);
 1046   
             }
 1047  0 
             getRoleTypeServiceCache().put(roleId, service);
 1048   
         }
 1049  0 
         return service;
 1050   
     }
 1051   
 
 1052   
     protected KimRoleTypeService getRoleTypeService(KimType typeInfo) {
 1053  0 
         String serviceName = typeInfo.getServiceName();
 1054  0 
         if (serviceName != null) {
 1055   
             try {
 1056  0 
                 KimTypeService service = (KimTypeService) KIMServiceLocatorInternal.getService(serviceName);
 1057  0 
                 if (service != null && service instanceof KimRoleTypeService) {
 1058  0 
                     return (KimRoleTypeService) service;
 1059   
                 }
 1060  0 
                 return (KimRoleTypeService) KIMServiceLocatorInternal.getService("kimNoMembersRoleTypeService");
 1061  0 
             } catch (Exception ex) {
 1062  0 
                 LOG.error("Unable to find role type service with name: " + serviceName, ex);
 1063  0 
                 return (KimRoleTypeService) KIMServiceLocatorInternal.getService("kimNoMembersRoleTypeService");
 1064   
             }
 1065   
         }
 1066  0 
         return null;
 1067   
     }
 1068   
 
 1069   
     protected KimDelegationTypeService getDelegationTypeService(String delegationId) {
 1070  0 
         KimDelegationTypeService service = getDelegationTypeServiceCache().get(delegationId);
 1071  0 
         if (service == null && !getDelegationTypeServiceCache().containsKey(delegationId)) {
 1072  0 
             DelegateBo delegateBo = getKimDelegationImpl(delegationId);
 1073  0 
             KimType delegationType = KimApiServiceLocator.getKimTypeInfoService().getKimType(delegateBo.getKimTypeId());
 1074  0 
             if (delegationType != null) {
 1075  0 
                 KimTypeService tempService = KIMServiceLocatorWeb.getKimTypeService(delegationType);
 1076  0 
                 if (tempService != null && tempService instanceof KimDelegationTypeService) {
 1077  0 
                     service = (KimDelegationTypeService) tempService;
 1078   
                 } else {
 1079  0 
                     LOG.error("Service returned for type " + delegationType + "(" + delegationType.getName() + ") was not a KimDelegationTypeService.  Was a " + tempService.getClass());
 1080   
                 }
 1081  0 
             } else { // delegateBo has no type - default to role type if possible
 1082  0 
                 KimRoleTypeService roleTypeService = getRoleTypeService(delegateBo.getRoleId());
 1083  0 
                 if (roleTypeService != null && roleTypeService instanceof KimDelegationTypeService) {
 1084  0 
                     service = (KimDelegationTypeService) roleTypeService;
 1085   
                 }
 1086   
             }
 1087  0 
             getDelegationTypeServiceCache().put(delegationId, service);
 1088   
         }
 1089  0 
         return service;
 1090   
     }
 1091   
 
 1092   
     protected Collection<RoleMembership> getNestedRoleMembers(Map<String, String> qualification, RoleMembership rm, Set<String> foundRoleTypeMembers) {
 1093   
         // If this role has already been traversed, skip it
 1094  0 
         if (foundRoleTypeMembers.contains(rm.getMemberId())) {
 1095  0 
             return new ArrayList<RoleMembership>();  // return an empty list
 1096   
         }
 1097  0 
         foundRoleTypeMembers.add(rm.getMemberId());
 1098   
 
 1099  0 
         ArrayList<String> roleIdList = new ArrayList<String>(1);
 1100  0 
         roleIdList.add(rm.getMemberId());
 1101   
 
 1102   
         // get the list of members from the nested role - ignore delegations on those sub-roles
 1103  0 
         Collection<RoleMembership> currentNestedRoleMembers = getRoleMembers(roleIdList, qualification, false, foundRoleTypeMembers);
 1104   
 
 1105   
         // add the roles whose members matched to the list for delegateBo checks later
 1106  0 
         Collection<RoleMembership> returnRoleMembers = new ArrayList<RoleMembership>();
 1107  0 
         for (RoleMembership roleMembership : currentNestedRoleMembers) {
 1108  0 
             RoleMembership.Builder rmBuilder = RoleMembership.Builder.create(roleMembership);
 1109   
 
 1110   
             // use the member ID of the parent role (needed for responsibility joining)
 1111  0 
             rmBuilder.setRoleMemberId(rm.getRoleMemberId());
 1112   
             // store the role ID, so we know where this member actually came from
 1113  0 
             rmBuilder.setRoleId(rm.getRoleId());
 1114  0 
             rmBuilder.setEmbeddedRoleId(rm.getMemberId());
 1115  0 
             returnRoleMembers.add(rmBuilder.build());
 1116  0 
         }
 1117  0 
         return returnRoleMembers;
 1118   
     }
 1119   
 
 1120   
     /**
 1121   
      * Retrieves a KimDelegationMemberImpl object by its ID and the ID of the delegation it belongs to. If the delegation member exists in the cache,
 1122   
      * this method will return the cached one; otherwise, it will retrieve the uncached version from the database and then cache it before returning it.
 1123   
      */
 1124   
     protected DelegateMemberBo getKimDelegationMemberImplByDelegationAndId(String delegationId, String delegationMemberId) {
 1125  0 
         if (StringUtils.isBlank(delegationId) || StringUtils.isBlank(delegationMemberId)) {
 1126  0 
             return null;
 1127   
         }
 1128   
 
 1129   
         // If the KimDelegationMemberImpl exists in the cache, return the cached one.
 1130  0 
         DelegateMemberBo tempDelegationMember = getDelegationMemberByDelegationAndIdFromCache(delegationId, delegationMemberId);
 1131  0 
         if (tempDelegationMember != null) {
 1132  0 
             return tempDelegationMember;
 1133   
         }
 1134   
         // Otherwise, retrieve it normally.
 1135  0 
         Map<String, String> searchCriteria = new HashMap<String, String>();
 1136  0 
         searchCriteria.put(KimConstants.PrimaryKeyConstants.DELEGATION_ID, delegationId);
 1137  0 
         searchCriteria.put(KimConstants.PrimaryKeyConstants.DELEGATION_MEMBER_ID, delegationMemberId);
 1138  0 
         List<DelegateMemberBo> memberList =
 1139   
                 (List<DelegateMemberBo>) getBusinessObjectService().findMatching(DelegateMemberBo.class, searchCriteria);
 1140  0 
         if (memberList != null && !memberList.isEmpty()) {
 1141  0 
             tempDelegationMember = memberList.get(0);
 1142  0 
             addDelegateMemberBoToCache(tempDelegationMember);
 1143   
         }
 1144  0 
         return tempDelegationMember;
 1145   
     }
 1146   
 
 1147   
     private List<RoleMemberBo> getStoredRoleMembersUsingExactMatchOnQualification(String principalId, List<String> groupIds, List<String> roleIds, Map<String, String> qualification) {
 1148  0 
         List<String> copyRoleIds = new ArrayList<String>(roleIds);
 1149  0 
         List<RoleMemberBo> roleMemberBoList = new ArrayList<RoleMemberBo>();
 1150   
 
 1151  0 
         for (String roleId : roleIds) {
 1152  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 1153  0 
             if (roleTypeService != null) {
 1154  0 
                 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
 1155  0 
                 if (CollectionUtils.isNotEmpty(attributesForExactMatch)) {
 1156  0 
                     copyRoleIds.remove(roleId);
 1157  0 
                     roleMemberBoList.addAll(getStoredRoleMembersForRoleIdsWithFilters(Collections.singletonList(roleId), principalId, groupIds, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
 1158   
                 }
 1159   
             }
 1160  0 
         }
 1161  0 
         if (CollectionUtils.isNotEmpty(copyRoleIds)) {
 1162  0 
             roleMemberBoList.addAll(getStoredRoleMembersForRoleIdsWithFilters(copyRoleIds, principalId, groupIds, null));
 1163   
         }
 1164  0 
         return roleMemberBoList;
 1165   
     }
 1166   
 
 1167   
     private Map<String, String> populateQualifiersForExactMatch(Map<String, String> defaultQualification, List<String> attributes) {
 1168  0 
         Map<String,String> qualifiersForExactMatch = new HashMap<String,String>();
 1169  0 
         if (defaultQualification != null && CollectionUtils.isNotEmpty(defaultQualification.keySet())) {
 1170  0 
             for (String attributeName : attributes) {
 1171  0 
                 if (StringUtils.isNotEmpty(defaultQualification.get(attributeName))) {
 1172  0 
                     qualifiersForExactMatch.put(attributeName, defaultQualification.get(attributeName));
 1173   
                 }
 1174   
             }
 1175   
         }
 1176  0 
         return qualifiersForExactMatch;
 1177   
     }
 1178   
 
 1179   
     private List<RoleMemberBo> getStoredRoleGroupsUsingExactMatchOnQualification(List<String> groupIds, Set<String> roleIds, Map<String, String> qualification) {
 1180  0 
         List<String> copyRoleIds = new ArrayList<String>(roleIds);
 1181  0 
         List<RoleMemberBo> roleMemberBos = new ArrayList<RoleMemberBo>();
 1182   
 
 1183  0 
         for (String roleId : roleIds) {
 1184  0 
             KimRoleTypeService roleTypeService = getRoleTypeService(roleId);
 1185  0 
             if (roleTypeService != null) {
 1186  0 
                 List<String> attributesForExactMatch = roleTypeService.getQualifiersForExactMatch();
 1187  0 
                 if (CollectionUtils.isNotEmpty(attributesForExactMatch)) {
 1188  0 
                     copyRoleIds.remove(roleId);
 1189  0 
                     roleMemberBos.addAll(getStoredRoleGroupsForGroupIdsAndRoleIds(Collections.singletonList(roleId), groupIds, populateQualifiersForExactMatch(qualification, attributesForExactMatch)));
 1190   
                 }
 1191   
             }
 1192  0 
         }
 1193  0 
         if (CollectionUtils.isNotEmpty(copyRoleIds)) {
 1194  0 
             roleMemberBos.addAll(getStoredRoleGroupsForGroupIdsAndRoleIds(copyRoleIds, groupIds, null));
 1195   
         }
 1196  0 
         return roleMemberBos;
 1197   
     }
 1198   
 
 1199   
     private void inactivateRoleMemberships(List<String> roleIds, Timestamp yesterday) {
 1200  0 
         List<RoleMemberBo> roleMemberBoList = getStoredRoleMembersForRoleIds(roleIds, null, null);
 1201  0 
         for (RoleMemberBo roleMemberBo : roleMemberBoList) {
 1202  0 
             roleMemberBo.setActiveToDateValue(yesterday);
 1203   
         }
 1204  0 
         getBusinessObjectService().save(roleMemberBoList);
 1205  0 
         getIdentityManagementNotificationService().roleUpdated();
 1206  0 
     }
 1207   
 
 1208   
     private void inactivateRoleDelegations(List<String> roleIds, Timestamp yesterday) {
 1209  0 
         List<DelegateBo> delegations = getStoredDelegationImplsForRoleIds(roleIds);
 1210  0 
         for (DelegateBo delegation : delegations) {
 1211  0 
             delegation.setActive(false);
 1212  0 
             for (DelegateMemberBo delegationMember : delegation.getMembers()) {
 1213  0 
                 delegationMember.setActiveToDateValue(yesterday);
 1214   
             }
 1215   
         }
 1216  0 
         getBusinessObjectService().save(delegations);
 1217  0 
         getIdentityManagementNotificationService().delegationUpdated();
 1218  0 
     }
 1219   
 
 1220   
     private void inactivateMembershipsForRoleAsMember(List<String> roleIds, Timestamp yesterday) {
 1221  0 
         List<RoleMemberBo> roleMemberBoList = getStoredRoleMembershipsForRoleIdsAsMembers(roleIds, null);
 1222  0 
         for (RoleMemberBo roleMemberBo : roleMemberBoList) {
 1223  0 
             roleMemberBo.setActiveToDateValue(yesterday);
 1224   
         }
 1225  0 
         getBusinessObjectService().save(roleMemberBoList);
 1226  0 
         getIdentityManagementNotificationService().roleUpdated();
 1227  0 
     }
 1228   
 
 1229   
     private List<DelegateMember> getDelegateMembersForDelegation(DelegateBo delegateBo) {
 1230  0 
         if (delegateBo == null || delegateBo.getMembers() == null) {return null;}
 1231  0 
         List<DelegateMember> delegateMembersReturnList = new ArrayList<DelegateMember>();
 1232  0 
         for (DelegateMemberBo delegateMemberBo : delegateBo.getMembers()) {
 1233  0 
             DelegateMember delegateMember = getDelegateCompleteInfo(delegateBo, delegateMemberBo);
 1234   
 
 1235  0 
             delegateMembersReturnList.add(DelegateMemberBo.to(delegateMemberBo));
 1236  0 
         }
 1237  0 
         return delegateMembersReturnList;
 1238   
     }
 1239   
 
 1240   
     private DelegateMember getDelegateCompleteInfo(DelegateBo delegateBo, DelegateMemberBo delegateMemberBo) {
 1241  0 
         if (delegateBo == null || delegateMemberBo == null) {return null;}
 1242   
 
 1243  0 
         DelegateMember.Builder delegateMemberBuilder = DelegateMember.Builder.create(delegateMemberBo);
 1244  0 
         delegateMemberBuilder.setTypeCode(delegateBo.getDelegationTypeCode());
 1245  0 
         return delegateMemberBuilder.build();
 1246   
     }
 1247   
 }
Report generated by Cobertura 1.9.4.1 on 7/28/11 3:23 AM.