Package com.evolveum.midpoint.model.api
Interface AccessCertificationService
-
- All Known Implementing Classes:
ModelController
public interface AccessCertificationService
Interface to access certification related functionality. E.g. launching certification campaigns, filling-in certification forms, etc. EXPERIMENTAL.- Author:
- mederly
-
-
Method Summary
All Methods Instance Methods Abstract Methods Default Methods Modifier and Type Method Description void
cleanupCampaigns(@NotNull CleanupPolicyType policy, Task task, OperationResult result)
Cleans up closed certification campaigns.void
closeCampaign(String campaignOid, Task task, OperationResult result)
Closes a campaign.void
closeCurrentStage(String campaignOid, Task task, OperationResult parentResult)
Opens the next stage in the certification campaign.int
countOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, boolean allItems, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult)
default int
countOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult)
AccessCertificationCampaignType
createCampaign(String definitionOid, Task task, OperationResult parentResult)
Creates a certification campaign: creates AccessCertificationCampaignType object, based on general information in certification definition.AccessCertificationCasesStatisticsType
getCampaignStatistics(String campaignOid, boolean currentStageOnly, Task task, OperationResult parentResult)
Provides statistical information about outcomes of cases in a given campaign.void
openNextStage(String campaignOid, Task task, OperationResult parentResult)
Opens the next review stage in the certification campaign.void
recordDecision(String campaignOid, long caseId, long workItemId, AccessCertificationResponseType response, String comment, Task task, OperationResult parentResult)
Records a particular decision of a reviewer.void
reiterateCampaign(String campaignOid, Task task, OperationResult result)
Reiterates a closed campaign.List<AccessCertificationWorkItemType>
searchOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, boolean allItems, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult)
TODO update description Returns a set of certification decisions for currently logged-in user.default List<AccessCertificationWorkItemType>
searchOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult)
void
startRemediation(String campaignOid, Task task, OperationResult result)
Starts the remediation phase for the campaign.
-
-
-
Method Detail
-
createCampaign
AccessCertificationCampaignType createCampaign(String definitionOid, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, ObjectAlreadyExistsException, PolicyViolationException
Creates a certification campaign: creates AccessCertificationCampaignType object, based on general information in certification definition. Mandatory information in the certification definition are: - definition name - definition description - handlerUri - scope definition - stage(s) definition Optional information in the certification definition: - tenant reference Owner of newly created campaign is the currently logged-on user. The campaign will NOT be started upon creation. It should be started explicitly by calling openNextStage method.- Parameters:
definitionOid
- OID of certification definition for this campaign.task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Returns:
- Object for the created campaign. It will be stored in the repository as well.
- Throws:
SchemaException
SecurityViolationException
ConfigurationException
ObjectNotFoundException
CommunicationException
ExpressionEvaluationException
ObjectAlreadyExistsException
PolicyViolationException
-
openNextStage
void openNextStage(String campaignOid, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, ObjectAlreadyExistsException, PolicyViolationException
Opens the next review stage in the certification campaign. If the stage being opened is the first stage, certification cases will be generated for the campaign, depending on the certification definition (scope and handler). In all stages, reviewers will be assigned to cases, based again on the definition (reviewer specification in stage definition and handler).- Parameters:
campaignOid
- Certification campaign OID.task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Throws:
SchemaException
SecurityViolationException
ConfigurationException
ObjectNotFoundException
CommunicationException
ExpressionEvaluationException
ObjectAlreadyExistsException
PolicyViolationException
-
closeCurrentStage
void closeCurrentStage(String campaignOid, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException, ObjectAlreadyExistsException, PolicyViolationException
Opens the next stage in the certification campaign. If the stage being opened is the first stage, certification cases will be generated for the campaign, depending on the certification definition (scope and handler). In all stages, reviewers will be assigned to cases, based again on the definition (reviewer specification in stage definition and handler).- Parameters:
campaignOid
- Certification campaign OID.task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Throws:
SchemaException
SecurityViolationException
ConfigurationException
ObjectNotFoundException
CommunicationException
ExpressionEvaluationException
ObjectAlreadyExistsException
PolicyViolationException
-
startRemediation
void startRemediation(String campaignOid, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ObjectAlreadyExistsException, ExpressionEvaluationException
Starts the remediation phase for the campaign. The campaign has to be in the last stage and that stage has to be already closed.
-
closeCampaign
void closeCampaign(String campaignOid, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ObjectAlreadyExistsException, ExpressionEvaluationException
Closes a campaign.
-
reiterateCampaign
void reiterateCampaign(String campaignOid, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ObjectAlreadyExistsException, ExpressionEvaluationException
Reiterates a closed campaign.
-
searchOpenWorkItems
List<AccessCertificationWorkItemType> searchOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, boolean allItems, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ExpressionEvaluationException
TODO update description Returns a set of certification decisions for currently logged-in user. Each decision is returned in context of its certification case. Case has to match a given query. So, in contrast to model.searchContainers(AccessCertificationCaseType...) method that returns specified cases with all their decisions, this one returns a list of cases where each case has at most one decision: the one that corresponds to specified reviewer and current certification stage. Zero decisions means that the reviewer has not provided any decision yet. Query argument for cases is the same as in the model.searchContainers(AccessCertificationCaseType...) call.- Parameters:
baseWorkItemsQuery
- Specification of the cases to retrieve.notDecidedOnly
- If true, only response==(NO_DECISION or null) should be returned. Although it can be formulated in Query API terms, this would refer to implementation details - so the cleaner way is keep this knowledge inside certification module only.allItems
- If true, returns items for all users (requires "ALL" authorization).options
- Options to use (e.g. RESOLVE_NAMES).task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Returns:
- A list of relevant certification cases.
- Throws:
ObjectNotFoundException
SchemaException
SecurityViolationException
ConfigurationException
CommunicationException
ExpressionEvaluationException
-
searchOpenWorkItems
default List<AccessCertificationWorkItemType> searchOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ExpressionEvaluationException
-
countOpenWorkItems
int countOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, boolean allItems, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ExpressionEvaluationException
-
countOpenWorkItems
default int countOpenWorkItems(ObjectQuery baseWorkItemsQuery, boolean notDecidedOnly, Collection<SelectorOptions<GetOperationOptions>> options, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ExpressionEvaluationException
-
recordDecision
void recordDecision(String campaignOid, long caseId, long workItemId, AccessCertificationResponseType response, String comment, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ObjectAlreadyExistsException, ExpressionEvaluationException
Records a particular decision of a reviewer.- Parameters:
campaignOid
- OID of the campaign to which the decision belongs.caseId
- ID of the certification case to which the decision belongs.workItemId
- ID of the work item to which the decision belongs.response
- The response.comment
- Reviewer's comment.task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Throws:
ObjectNotFoundException
SchemaException
SecurityViolationException
ConfigurationException
CommunicationException
ObjectAlreadyExistsException
ExpressionEvaluationException
-
getCampaignStatistics
AccessCertificationCasesStatisticsType getCampaignStatistics(String campaignOid, boolean currentStageOnly, Task task, OperationResult parentResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, ConfigurationException, CommunicationException, ObjectAlreadyExistsException, ExpressionEvaluationException
Provides statistical information about outcomes of cases in a given campaign.- Parameters:
campaignOid
- OID of the campaign to report oncurrentStageOnly
- Whether to report on stage outcomes for current-stage cases (if true), or to report on overall outcomes of all cases (if false).task
- Task in context of which all operations will take place.parentResult
- Result for the operations.- Returns:
- filled-in statistics object
- Throws:
ObjectNotFoundException
SchemaException
SecurityViolationException
ConfigurationException
CommunicationException
ObjectAlreadyExistsException
ExpressionEvaluationException
-
cleanupCampaigns
void cleanupCampaigns(@NotNull @NotNull CleanupPolicyType policy, Task task, OperationResult result)
Cleans up closed certification campaigns. The authorizations are checked by the method implementation.
-
-