Package org.openiam.srvc.am

Interface RoleDataWebService

  • All Known Implementing Classes:
    RoleDataWebServiceImpl
    public interface RoleDataWebService
    Interface permitting the management of Roles and related objects such as groups and users.
    Version:
    1
    Author:
    Suneet Shah

    • Method Detail

      • saveRole

        Response saveRole​(Role role)
        This method creates a new role or update existed one. For example:
        Parameters:
        role - - the Role object, which should be created or updated
        Returns:
        - a Response Object. If operation succeed then Response object contains the primary key of saved role otherwise it contains error code.

      • removeRole

        Response removeRole​(String roleId)
        This method removes role from openIAM database for a particular roleID.
        Parameters:
        roleId - - The Role ID to be removed.
        Returns:
        - a Response Object which contains operation status.

      • getRole

        Role getRole​(String roleId)
        Returns a paged List of Role objects that are linked to a Group.
        Parameters:
        roleId - - the Group ID
        Returns:
        a paged List of Role objects that are linked to a Group. if no roles are found returns null

      • suggestById

        Role suggestById​(String id)
        Find a resource in Elasticsearch. Significantly faster than going to the database. Use this method when performance is important and/or data integrity is not 100% required, as the database and ES may be out of sync for a period of time
        Parameters:
        id - the role id
        Returns:
        resource

      • addGroupToRole

        Response addGroupToRole​(String roleId,
                        String groupId,
                        Set<String> rightIds,
                        Date startDate,
                        Date endDate)
        This method adds particular roleId to a particular group.
        Parameters:
        roleId - The roleId which is to be added to the group.
        groupId - The group for which the roleId is to be added .
        Returns:
        a Response Object, containing the status of this operation.

      • validateGroup2RoleAddition

        Response validateGroup2RoleAddition​(String roleId,
                                    String groupId)

      • removeGroupFromRole

        Response removeGroupFromRole​(String roleId,
                             String groupId)
        Removes the association between a single group and role.
        Parameters:
        roleId - The roleId which is to be deleted from the group.
        groupId - The group from which the roleId is to be deleted
        Returns:
        a Response Object, containing the status of this operation.

      • findBeans

        RoleListResponse findBeans​(RoleSearchBean searchBean,
                           EntitlementsCollection[] dependants,
                           int from,
                           int size)
        Return a paged List of Roles based on parameters, which are specified in RoleSearchBean object
        Parameters:
        searchBean - - RoleSearchBean object
        dependants - - collection instead of deep copy flag
        from - - where to start in the list
        size - - how many to return
        Returns:
        List of Roles objects. Returns null if no roles are found.

      • countBeans

        int countBeans​(RoleSearchBean searchBean)
        Returns total number of Roles based on parameters, which are specified in RoleSearchBean object
        Parameters:
        searchBean - - RoleSearchBean object
        Returns:
        - Integer, total number of roles based on parameters, which are specified in RoleSearchBean object

      • addChildRole

        Response addChildRole​(String roleId,
                      String childRoleId,
                      Set<String> rights,
                      Date startDate,
                      Date endDate)
        Makes Role specified by childRoleId a child of Role specified by roleId
        Parameters:
        roleId - - the Role ID to which another group specified by childRoleId will be added
        childRoleId - - - the Role ID which will be added to the group specified by roleId
        Returns:
        a Response Object, containing the status of this operation.

      • removeChildRole

        Response removeChildRole​(String roleId,
                         String childRoleId)
        Remove Role specified by childRoleId from the membership list of Group specified by roleId
        Parameters:
        roleId - - the Role ID from which another group specified by childRoleId will be deleted
        childRoleId - - the Role ID which will be deleted from the group specified by roleId
        Returns:
        a Response Object, containing the status of this operation.

      • canAddUserToRole

        Response canAddUserToRole​(String userId,
                          String roleId)
        Checks if User specified by userId can be added to the Role specified by roleId as a member
        Parameters:
        userId - - the User ID
        roleId - - the Role ID
        Returns:
        a Response Object, containing the status of this operation. if status is SUCCESS then the User can be added to this Role

      • canRemoveUserFromRole

        Response canRemoveUserFromRole​(String userId,
                               String roleId)
        Checks if User specified by userId can be removed from the Role specified by roleId as a member
        Parameters:
        userId - - the User ID
        roleId - - the Role ID
        Returns:
        a Response Object, containing the status of this operation. if status is SUCCESS then the User can be removed from this Role

      • hasChildEntities

        boolean hasChildEntities​(String roleId)

      • reindexRole

        Response reindexRole​(String id)
        Parameters:
        id - - Role id for reindex
        Returns:

      • getAllRoleIds

        List<String> getAllRoleIds()
        Gets all role IDs
        Returns:

      • getDetachedForUser

        RoleListResponse getDetachedForUser​(String userId,
                                    String name,
                                    int from,
                                    int size)
        method is used to detect all user's role that are not linked with any resources.
        Parameters:
        userId - - id of User to check detached roles
        name - - name for case INSENSITIVE CONTAINS match search.
        from - - zero based very first result
        Returns:
        - RoleListResponse

      • getWithResources

        RoleListResponse getWithResources​(String userId,
                                  RoleSearchBean searchBean,
                                  Set<String> resourceTypeIds,
                                  int from,
                                  int size)
        method is used to get user's roles with entitled resources, filtered by #resourceTypeIds. Resources are returned in Role#getResources() container (only ids).
        Parameters:
        userId - - user id
        searchBean - - searchBean for objects
        resourceTypeIds - - types of resources to fetch
        from - - zero based very first result
        size - - total size of page.
        Returns:
        GroupListResponse with requested objects

      • saveBulkRole

        Response saveBulkRole​(EntitlementBulkRequest entitlementBulkRequest)
        Bulk operation on Role objects, this method with save roles in bulk
        Parameters:
        entitlementBulkRequest - - EntitlementBulkRequest object that will be saved.

      • forceSweepUserCountCache

        void forceSweepUserCountCache()
        force refresh cache which holds count of users assigned to roles and max number limit