Class RoleManagementUtil

java.lang.Object
com.evolveum.midpoint.schema.util.roles.RoleManagementUtil

public class RoleManagementUtil extends Object
General methods useful for role analysis and management, e.g. determination of "is induced by" relations between roles.
  • Constructor Details

    • RoleManagementUtil

      public RoleManagementUtil()
  • Method Details

    • getInducedRolesOids

      @NotNull public static @NotNull Set<String> getInducedRolesOids(@NotNull @NotNull AbstractRoleType role)
      Returns OIDs of roles induced by a given role. To be used e.g. for replacement of application role assignments by an equivalent business role assignment. TODO should we consider e.g. order constraints here? probably yes
    • getMatchingAssignments

      @NotNull public static @NotNull List<AssignmentType> getMatchingAssignments(@NotNull @NotNull List<AssignmentType> assignments, @NotNull @NotNull Collection<String> targetOids)
      Selects assignments that match the collection of role OIDs, e.g. when dealing with a migration from application to business roles. We assume assignments have explicit OIDs, i.e. no dynamic references here. TODO review this assumption: - Currently, only the default relation is taken into account here. Roughly related: `UnassignExecutor`