Package com.evolveum.midpoint.schema.util.roles

Class RoleManagementUtil

java.lang.Object

com.evolveum.midpoint.schema.util.roles.RoleManagementUtil

public class RoleManagementUtil
extends Object

General methods useful for role analysis and management, e.g. determination of "is induced by" relations between roles.

Constructor Summary

Constructors

Constructor	Description
RoleManagementUtil()

Method Summary

Modifier and Type	Method	Description
static @NotNull Set<String>	getInducedRolesOids(@NotNull AbstractRoleType role)	Returns OIDs of roles induced by a given role.
static @NotNull List<AssignmentType>	getMatchingAssignments(@NotNull List<AssignmentType> assignments, @NotNull Collection<String> targetOids)	Selects assignments that match the collection of role OIDs, e.g.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

RoleManagementUtil

public RoleManagementUtil()

Method Details

getInducedRolesOids

@NotNull
public static @NotNull Set<String> getInducedRolesOids(@NotNull
 @NotNull AbstractRoleType role)

Returns OIDs of roles induced by a given role. To be used e.g. for replacement of application role assignments by an equivalent business role assignment. TODO should we consider e.g. order constraints here? probably yes

getMatchingAssignments

@NotNull
public static @NotNull List<AssignmentType> getMatchingAssignments(@NotNull
 @NotNull List<AssignmentType> assignments,
 @NotNull
 @NotNull Collection<String> targetOids)

Selects assignments that match the collection of role OIDs, e.g. when dealing with a migration from application to business roles. We assume assignments have explicit OIDs, i.e. no dynamic references here. TODO review this assumption: - Currently, only the default relation is taken into account here. Roughly related: `UnassignExecutor`