Package org.kuali.rice.kim.framework.role

Interface RoleTypeService

All Superinterfaces:
KimTypeService
public interface RoleTypeService extends KimTypeService
A KimTypeService with specific methods for Roles.

  • Method Details

    • doesRoleQualifierMatchQualification

      boolean doesRoleQualifierMatchQualification(Map<String,String> qualification, Map<String,String> roleQualifier) throws RiceIllegalArgumentException
      Gets whether a role assignment with the given qualifier is applicable for the given qualification. For example, the qualifier for a role could be as follows: chartOfAccountsCode = BL organizationCode = ARSC descendsHierarchy = true The qualification could be: chartOfAccountsCode = BL organizationCode = PSY (reports to BL-ARSC) This method would return true for this set of arguments. This would require a query of the KFS organization hierarchy, so an implementation of this sort must be done by a service which lives within KFS and will be called remotely by KIM. The contents of the passed in attribute sets should not be modified as they may be used in future calls by the role service.
      Parameters:
      qualification - the qualification. cannot be null.
      roleQualifier - the role qualifier. cannot be null.
      Returns:
      true if the qualifications match
      Throws:
      RiceIllegalArgumentException - if the qualification or roleQualifier is null

    • getMatchingRoleMemberships

      List<RoleMembership> getMatchingRoleMemberships(Map<String,String> qualification, List<RoleMembership> roleMemberships) throws RiceIllegalArgumentException
      Gets whether a role membership with the given details is applicable for the given qualification.
      Parameters:
      qualification - the qualification. cannot be null.
      roleMemberships - the list of roleMemberships to check for matches. cannot be null.
      Returns:
      an immutable list of matched roleMemberships. will not return null.
      Throws:
      RiceIllegalArgumentException - if the qualification or roleMemberships is null.

    • isDerivedRoleType

      boolean isDerivedRoleType()
      Returns true if this role type represents a "derived" role type. That is, the members of the role are known to the host application, not to KIM. This is needed for cases like the KFS Fiscal Officer, where the members of the role are in the Account table in the KFS database.
      Returns:
      true if derived type

    • hasDerivedRole

      boolean hasDerivedRole(String principalId, List<String> groupIds, String namespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
      This method can be used to check if the given principal has this derived role. It is designed to be used in case there is a more efficient way to check for whether a principal is in a role rather than retrieving all the members of the role and checking against that. The groupIds parameter is intended to be the complete list of groups to which the principal belongs. If either the principalId or the groupIds parameters are blank/empty, that parameter should be ignored.
      Parameters:
      principalId - the principalId. cannot be null or blank.
      groupIds - the groupIds the principal is a member of. cannot be null.
      namespaceCode - the namespace code the role is in. cannot be blank or null.
      roleName - the name of the role. cannot be blank or null.
      qualification - the qualification. cannot be null.
      Returns:
      if the principal has a derived role.
      Throws:
      RiceIllegalArgumentException - if the principalId, namespaceCode, roleName is blank or null.
      RiceIllegalArgumentException - if the groupIds, qualification is null.

    • getRoleMembersFromDerivedRole

      List<RoleMembership> getRoleMembersFromDerivedRole(String namespaceCode, String roleName, Map<String,String> qualification) throws RiceIllegalArgumentException
      Throws:
      RiceIllegalArgumentException

    • sortRoleMembers

      List<RoleMembership> sortRoleMembers(List<RoleMembership> roleMembers) throws RiceIllegalArgumentException
      For roles where the order of members returned may be meaningful, this method provides a hook to sort the results before they are returned from getRoleMembers on the RoleService. This method may alter the passed in list directly and return it rather than allocating a new list. This is also the place where the roleSortingCode property on the RoleMembershipInfo objects can be populated in preparation for routing if not all members of this role should be group as separate units for routing.
      Parameters:
      roleMemberships - the list of roleMemberships to check for matches. cannot be null.
      Returns:
      an immutable list of matched roleMemberships. will not return null.
      Throws:
      RiceIllegalArgumentException - if the roleMemberships is null.

    • convertQualificationForMemberRoles

      @Deprecated Map<String,String> convertQualificationForMemberRoles(String namespaceCode, String roleName, String memberRoleNamespaceCode, String memberRoleName, Map<String,String> qualification) throws RiceIllegalArgumentException
      Deprecated.
      use convertQualificationForMemberRolesAndMemberAttributes
      Takes the passed in qualifications and converts them, if necessary, for any downstream roles which may be present.
      Parameters:
      namespaceCode - the namespace code the role is in. cannot be blank or null.
      roleName - the name of the role. cannot be blank or null.
      memberRoleNamespaceCode - the namespace code the member role is in. cannot be blank or null.
      memberRoleName - the name of the member role. cannot be blank or null.
      qualification - the qualification. cannot be null.
      Returns:
      an immutable map of qualifiers. Will never return null.
      Throws:
      RiceIllegalArgumentException - if the namespaceCode, roleName, memberRoleNamespaceCode, memberRoleName is blank or null.
      RiceIllegalArgumentException - if the qualification is null.

    • convertQualificationForMemberRolesAndMemberAttributes

      Map<String,String> convertQualificationForMemberRolesAndMemberAttributes(String namespaceCode, String roleName, String memberRoleNamespaceCode, String memberRoleName, Map<String,String> qualification, Map<String,String> memberQualification) throws RiceIllegalArgumentException
      Takes the passed in qualifications and converts them, if necessary, for any downstream roles which may be present.
      Parameters:
      namespaceCode - the namespace code the role is in. cannot be blank or null.
      roleName - the name of the role. cannot be blank or null.
      memberRoleNamespaceCode - the namespace code the member role is in. cannot be blank or null.
      memberRoleName - the name of the member role. cannot be blank or null.
      qualification - the qualification. cannot be null.
      memberQualification - the attributes defined for the memberRole
      Returns:
      an immutable map of qualifiers. Will never return null.
      Throws:
      RiceIllegalArgumentException - if the namespaceCode, roleName, memberRoleNamespaceCode, memberRoleName is blank or null.
      RiceIllegalArgumentException - if the qualification is null.
      Since:
      2.3.4

    • dynamicRoleMembership

      boolean dynamicRoleMembership(String namespaceCode, String roleName) throws RiceIllegalArgumentException
      Determines if the role specified by the given namespace and role name has a dynamic role membership. A dynamic role membership means that a role membership may be changed over time and cannot be safely cached.
      Parameters:
      namespaceCode - the namespace code of the role. cannot be null or blank
      roleName - the name of the role. cannot be null or blank.
      Returns:
      true if the membership results of the Role are dynamic, false otherwise
      Throws:
      IllegalArgumentException - if the namespaceCode, roleName is blank or null.
      RiceIllegalArgumentException

    • getQualifiersForExactMatch

      List<String> getQualifiersForExactMatch()
      Roles whose memberships may be matched exactly by qualifiers, this method returns the list of such qualifier names.
      Returns:
      immutable list of qualifier names that can be used for exact match. Will never return null.

    • shouldValidateQualifiersForMemberType

      boolean shouldValidateQualifiersForMemberType(MemberType memberType)
      Returns whether a membertype should have its qualifiers validated
      Returns:
      true if
      Since:
      2.1.2

    • roleMemberRemoved

      void roleMemberRemoved(RoleMember member)