RoleManagementUtil (midPoint API Distribution 4.9-SNAPSHOT API)

java.lang.Object

com.evolveum.midpoint.schema.util.roles.RoleManagementUtil

public class RoleManagementUtil extends Object

General methods useful for role analysis and management, e.g. determination of "is induced by" relations between roles.

Constructor Summary

Constructors

Constructor

Description

RoleManagementUtil()
Method Summary

Modifier and Type

Method

Description

static @NotNull Set<String>

getInducedRolesOids(@NotNull AbstractRoleType role)

Returns OIDs of roles induced by a given role.

static @NotNull List<AssignmentType>

getMatchingAssignments(@NotNull List<AssignmentType> assignments, @NotNull Collection<String> targetOids)

Selects assignments that match the collection of role OIDs, e.g.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- RoleManagementUtil
  
  public RoleManagementUtil()
Method Details
- getInducedRolesOids
  
  @NotNull public static @NotNull Set<String> getInducedRolesOids(@NotNull @NotNull AbstractRoleType role)
  
  Returns OIDs of roles induced by a given role. To be used e.g. for replacement of application role assignments by an equivalent business role assignment. TODO should we consider e.g. order constraints here? probably yes
- getMatchingAssignments
  
  @NotNull public static @NotNull List<AssignmentType> getMatchingAssignments(@NotNull @NotNull List<AssignmentType> assignments, @NotNull @NotNull Collection<String> targetOids)
  
  Selects assignments that match the collection of role OIDs, e.g. when dealing with a migration from application to business roles. We assume assignments have explicit OIDs, i.e. no dynamic references here. TODO review this assumption: - Currently, only the default relation is taken into account here. Roughly related: `UnassignExecutor`