/*
* The Kuali Financial System, a comprehensive financial management system for higher education.
*
* Copyright 2005-2014 The Kuali Foundation
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.kuali.rice.kim.impl.jaxb;
import java.io.Serializable;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlType;
/**
* This class represents a <roleData> element.
*
* <p>The expected XML structure is as follows:
*
* <br>
* <br><roleData>
* <br> <roles>
* <br> <role>
* <br> <roleName namespaceCode=""></roleName>
* <br> <kimTypeName namespaceCode=""></kimTypeName>
* <br> <description></description>
* <br> <active></active>
* <br> <roleMembers>
* <br> <roleMember>
* <br> <principalId></principalId>
* <br> <principalName></principalName>
* <br> <groupId></groupId>
* <br> <groupName namespaceCode=""></groupName>
* <br> <roleIdAsMember></roleIdAsMember>
* <br> <roleNameAsMember namespaceCode=""></roleNameAsMember>
* <br> <activeFromDate></activeFromDate>
* <br> <activeToDate></activeToDate>
* <br> <qualifications>
* <br> <qualification key=""></qualification>
* <br> </qualifications>
* <br> </roleMember>
* <br> </roleMembers>
* <br> <rolePermissions>
* <br> <rolePermission>
* <br> <permissionId></permissionId>
* <br> <permissionName namespaceCode=""></permissionName>
* <br> </rolePermission>
* <br> </rolePermissions>
* <br> </role>
* <br> </roles>
* <br> <roleMembers>
* <br> <roleMember>
* <br> <roleId></roleId>
* <br> <roleName namespaceCode=""></roleName>
* <br> <principalId></principalId>
* <br> <principalName></principalName>
* <br> <groupId></groupId>
* <br> <groupName namespaceCode=""></groupName>
* <br> <roleIdAsMember></roleIdAsMember>
* <br> <roleNameAsMember namespaceCode=""></roleNameAsMember>
* <br> <activeFromDate></activeFromDate>
* <br> <activeToDate></activeToDate>
* <br> <qualifications>
* <br> <qualification key=""></qualification>
* <br> </qualifications>
* <br> </roleMember>
* <br> </roleMembers>
* <br> <rolePermissions>
* <br> <rolePermission>
* <br> <roleId></roleId>
* <br> <roleName namespaceCode=""></roleName>
* <br> <permissionId></permissionId>
* <br> <permissionName namespaceCode=""></permissionName>
* <br> </rolePermission>
* <br> </rolePermissions>
* <br></roleData>
*
* <p>Note the following:
* <ul>
* <li>The <roles> element is optional, and can contain zero or more <role> elements.
* <li>The <roleName> element on the <role> element and its "namespaceCode" attribute
* are required, and must be non-blank. The namespace code must map to a valid namespace.
* If the name and namespace combo matches an existing role, then the role in the XML will
* overwrite the existing role.
* <li>The <kimTypeName> and its "namespaceCode" attribute are both required, and the
* name and namespace combo must match an existing KIM type.
* <li>The <description> element is required, and must be non-blank.
* <li>The <active> element is optional, and will be set to true if not specified.
* <li>Both <roleMembers> elements are optional, and can contain zero or more
* <roleMember> elements. If the <roleMembers> element within the <role>
* element is specified, then any role members that are not within that element will be removed
* from the role if the XML is overwriting an existing one. (The <roleMembers> element
* outside of the <role> element can still add or re-add members that are not located
* within the other <roleMembers> element.)
* <li>For both <roleMember> elements:
* <ul>
* <li>Exactly one of these sets of member identification must be specified:
* <ol>
* <li>A <principalId> and/or <principalName> element, where the former
* must contain a valid principal ID and the latter must contain a valid principal name.
* <li>A <groupId> and/or <groupName> element, where the former must contain
* a valid group ID and the latter must contain a valid group name and namespace.
* <li>A <roleIdAsMember> and/or <roleNameAsMember> element, where the former
* must contain a valid role ID and the latter must contain a valid role name and namespace.
* </ol>
* <li>The <activeFromDate> element is optional, and its content must be a date String
* that can be parsed by the DateTimeService.
* <li>The <activeToDate> element is optional, and its content must be a date String
* that can be parsed by the DateTimeService.
* <li>The <qualifications> element is optional, and can contain zero or more
* <qualification> elements.
* <li>The <qualification> element's "key" attribute is required, and must be non-blank.
* Duplicate keys within a <qualifications> element are not permitted.
* </ul>
* <li>For both <rolePermission> elements:
* <ul>
* <li>A <permissionId> and/or <permissionName> element must be specified, where the
* former must contain a valid permission ID and the latter must contain a valid permission
* name and namespace.
* </ul>
* <li>For the <roleMember> and <rolePermission> elements not inside a <role> element:
* <ul>
* <li>A <roleId> and/or <roleName> element must be specified, where the former must
* contain a valid role ID and the latter must contain a valid role name and namespace.
* </ul>
* <li>The ingestion process is currently order-dependent, which should be kept in mind when adding
* roles as members of another role or assigning permissions to roles. (The permission XML always
* gets ingested prior to the role XML.)
* <li>The assignments of permissions to roles can only be added, not removed or deactivated.
* (TODO: Improve the role/permission-updating API to allow for updates and removals.)
* <li>The same roles, role members, and role permissions can be ingested within the same file,
* where subsequent ones will overwrite previous ones. (TODO: Is this acceptable?)
* <li>The IDs of principals, groups, roles, and permissions are not included when exporting the XML.
* <li>Delegations and responsibility actions are currently not supported by the ingestion process.
* </ul>
*
* TODO: Verify that the above behavior is correct.
*
* @author Kuali Rice Team (rice.collab@kuali.org)
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name="RoleDataType", propOrder={"roles", "roleMembers", "rolePermissions"})
public class RoleDataXmlDTO implements Serializable {
private static final long serialVersionUID = 1L;
@XmlElement(name="roles")
private RolesXmlDTO roles;
@XmlElement(name="roleMembers")
private RoleMembersXmlDTO.OutsideOfRole roleMembers;
@XmlElement(name="rolePermissions")
private RolePermissionsXmlDTO.OutsideOfRole rolePermissions;
public RoleDataXmlDTO() {}
public RoleDataXmlDTO(RolesXmlDTO roles) {
this.roles = roles;
}
/**
* @return the roles
*/
public RolesXmlDTO getRoles() {
return this.roles;
}
/**
* @param roles the roles to set
*/
public void setRoles(RolesXmlDTO roles) {
this.roles = roles;
}
/**
* @return the roleMembers
*/
public RoleMembersXmlDTO.OutsideOfRole getRoleMembers() {
return this.roleMembers;
}
/**
* @param roleMembers the roleMembers to set
*/
public void setRoleMembers(RoleMembersXmlDTO.OutsideOfRole roleMembers) {
this.roleMembers = roleMembers;
}
/**
* @return the rolePermissions
*/
public RolePermissionsXmlDTO.OutsideOfRole getRolePermissions() {
return this.rolePermissions;
}
/**
* @param rolePermissions the rolePermissions to set
*/
public void setRolePermissions(RolePermissionsXmlDTO.OutsideOfRole rolePermissions) {
this.rolePermissions = rolePermissions;
}
}