Class RoleType
- java.lang.Object
-
- com.evolveum.prism.xml.ns._public.types_3.ObjectType
-
- com.evolveum.midpoint.prism.impl.binding.AbstractMutableObjectable
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType
-
- All Implemented Interfaces:
Containerable
,Freezable
,com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding
,JaxbVisitable
,Objectable
,DebugDumpable
,Serializable
public class RoleType extends AbstractRoleType implements Objectable
A role in the extended Role-Based Access Control (RBAC) sense. The roles specify privileges that the user (or other object) should have. The role may "grant" accounts on resources, attributes and entitlements for such accounts. The role can also assign organizational units, other roles or various IDM objects that can be assigned directly to user. From this point of view the role is in fact just a named set of assignments. The roles form the basic building block of midPoint's extended role-based access control (RBAC) mechanism. It defines what rights (e.g. accounts) should be given to user, how they should look like (attributes) and what groups or native roles to assign to them (entitlements). Roles can also specify user authorizations to access specific parts of midPoint. This is used to implement fine-grained authorization mechanism. When combined with organizational structure it forms a delegated administration mechanism. Roles can also be conditional, i.e. applicable only if a specific condition is true. Roles can be parametric, e.g. the expressions inside the role can use parameters that were specified at the time when the role was assigned (as opposed to parameters defined when the role was defined).- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding
com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding.ContainerableList<T extends Containerable>, com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding.ReferencableList<T extends Referencable>
-
-
Field Summary
Fields Modifier and Type Field Description static QName
COMPLEX_TYPE
static QName
CONTAINER_NAME
static Producer<RoleType>
FACTORY
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
F_ADMIN_GUI_CONFIGURATION, F_AUTHORIZATION, F_AUTOASSIGN, F_CONDITION, F_DATA_PROTECTION, F_DELEGABLE, F_DISPLAY_NAME, F_IDEMPOTENCE, F_IDENTIFIER, F_INDUCEMENT, F_REQUESTABLE, F_RISK_LEVEL
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
F_ACTIVATION, F_BEHAVIOR, F_COST_CENTER, F_CREDENTIALS, F_EMAIL_ADDRESS, F_JPEG_PHOTO, F_LINK_REF, F_LOCALE, F_LOCALITY, F_PERSONA_REF, F_PREFERRED_LANGUAGE, F_TELEPHONE_NUMBER, F_TIMEZONE
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
F_ARCHETYPE_REF, F_ASSIGNMENT, F_DELEGATED_REF, F_ITERATION, F_ITERATION_TOKEN, F_ROLE_INFLUENCE_REF, F_ROLE_MEMBERSHIP_REF
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
F_DESCRIPTION, F_DIAGNOSTIC_INFORMATION, F_DOCUMENTATION, F_EXTENSION, F_FETCH_RESULT, F_INDESTRUCTIBLE, F_LENS_CONTEXT, F_LIFECYCLE_STATE, F_METADATA, F_NAME, F_OPERATION_EXECUTION, F_PARENT_ORG_REF, F_POLICY_EXCEPTION, F_POLICY_SITUATION, F_SUBTYPE, F_TENANT_REF, F_TRIGGER, F_TRIGGERED_POLICY_RULE
-
Fields inherited from interface com.evolveum.midpoint.util.DebugDumpable
INDENT_STRING
-
-
Constructor Summary
Constructors Constructor Description RoleType()
RoleType(PrismContext context)
Deprecated.
-
Method Summary
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
createAuthorizationList, createInducementList, getAdminGuiConfiguration, getAuthorization, getAutoassign, getCondition, getDataProtection, getDisplayName, getIdempotence, getIdentifier, getInducement, getRiskLevel, isDelegable, isRequestable, setAdminGuiConfiguration, setAutoassign, setCondition, setDataProtection, setDelegable, setDisplayName, setIdempotence, setIdentifier, setRequestable, setRiskLevel
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
getActivation, getBehavior, getCostCenter, getCredentials, getEmailAddress, getJpegPhoto, getLinkRef, getLocale, getLocality, getPersonaRef, getPreferredLanguage, getTelephoneNumber, getTimezone, setActivation, setBehavior, setCostCenter, setCredentials, setEmailAddress, setJpegPhoto, setLocale, setLocality, setPreferredLanguage, setTelephoneNumber, setTimezone
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
createAssignmentList, getArchetypeRef, getAssignment, getDelegatedRef, getIteration, getIterationToken, getRoleInfluenceRef, getRoleMembershipRef, setIteration, setIterationToken
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
createOperationExecutionList, createPolicyExceptionList, createTriggerList, getDescription, getDiagnosticInformation, getDocumentation, getExtension, getFetchResult, getLensContext, getLifecycleState, getMetadata, getName, getOperationExecution, getParentOrgRef, getPolicyException, getPolicySituation, getSubtype, getTenantRef, getTrigger, getTriggeredPolicyRule, isIndestructible, setDescription, setDocumentation, setExtension, setFetchResult, setIndestructible, setLensContext, setLifecycleState, setMetadata, setName, setTenantRef
-
Methods inherited from class com.evolveum.midpoint.prism.impl.binding.AbstractMutableObjectable
asPrismContainer, asPrismContainerValue, getOid, getVersion, hashCode, setOid, setupContainer, setupContainerValue, setVersion, toDebugName, toDebugType, toString
-
Methods inherited from class com.evolveum.prism.xml.ns._public.types_3.ObjectType
accept
-
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface com.evolveum.midpoint.prism.Containerable
asPrismContainerValue, cloneWithoutId, debugDump, freeze, isImmutable, setupContainerValue
-
Methods inherited from interface com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding
prismGetContainerableList, prismGetPropertyValue, prismGetPropertyValues, prismGetReferencable, prismGetReferencableList, prismGetReferenceObjectable, prismGetSingleContainerable, prismSetPropertyValue, prismSetReferencable, prismSetReferenceObjectable, prismSetSingleContainerable
-
Methods inherited from interface com.evolveum.midpoint.util.DebugDumpable
debugDump, debugDumpLazily, debugDumpLazily
-
Methods inherited from interface com.evolveum.midpoint.prism.Freezable
checkImmutable, checkMutable
-
Methods inherited from interface com.evolveum.midpoint.prism.Objectable
getDescription, getName, getOid, getVersion, setDescription, setName, setOid, setupContainer, setVersion, toDebugName, toDebugType
-
-
-
-
Constructor Detail
-
RoleType
public RoleType()
-
RoleType
@Deprecated public RoleType(PrismContext context)
Deprecated.
-
-
Method Detail
-
prismGetContainerName
protected QName prismGetContainerName()
- Overrides:
prismGetContainerName
in classAbstractRoleType
-
prismGetContainerType
protected QName prismGetContainerType()
- Overrides:
prismGetContainerType
in classAbstractRoleType
-
asPrismObject
public PrismObject<RoleType> asPrismObject()
- Specified by:
asPrismObject
in interfaceObjectable
- Overrides:
asPrismObject
in classAbstractRoleType
-
equals
public boolean equals(Object other)
- Overrides:
equals
in classAbstractRoleType
-
version
public RoleType version(String value)
- Overrides:
version
in classAbstractRoleType
-
oid
public RoleType oid(String value)
- Overrides:
oid
in classAbstractRoleType
-
displayName
public RoleType displayName(PolyStringType value)
- Overrides:
displayName
in classAbstractRoleType
-
displayName
public RoleType displayName(String value)
- Overrides:
displayName
in classAbstractRoleType
-
identifier
public RoleType identifier(String value)
- Overrides:
identifier
in classAbstractRoleType
-
inducement
public RoleType inducement(AssignmentType value)
- Overrides:
inducement
in classAbstractRoleType
-
beginInducement
public AssignmentType beginInducement()
- Overrides:
beginInducement
in classAbstractRoleType
-
authorization
public RoleType authorization(AuthorizationType value)
- Overrides:
authorization
in classAbstractRoleType
-
beginAuthorization
public AuthorizationType beginAuthorization()
- Overrides:
beginAuthorization
in classAbstractRoleType
-
requestable
public RoleType requestable(Boolean value)
- Overrides:
requestable
in classAbstractRoleType
-
delegable
public RoleType delegable(Boolean value)
- Overrides:
delegable
in classAbstractRoleType
-
idempotence
public RoleType idempotence(IdempotenceType value)
- Overrides:
idempotence
in classAbstractRoleType
-
riskLevel
public RoleType riskLevel(String value)
- Overrides:
riskLevel
in classAbstractRoleType
-
condition
public RoleType condition(MappingType value)
- Overrides:
condition
in classAbstractRoleType
-
beginCondition
public MappingType beginCondition()
- Overrides:
beginCondition
in classAbstractRoleType
-
adminGuiConfiguration
public RoleType adminGuiConfiguration(AdminGuiConfigurationType value)
- Overrides:
adminGuiConfiguration
in classAbstractRoleType
-
beginAdminGuiConfiguration
public AdminGuiConfigurationType beginAdminGuiConfiguration()
- Overrides:
beginAdminGuiConfiguration
in classAbstractRoleType
-
dataProtection
public RoleType dataProtection(DataProtectionType value)
- Overrides:
dataProtection
in classAbstractRoleType
-
beginDataProtection
public DataProtectionType beginDataProtection()
- Overrides:
beginDataProtection
in classAbstractRoleType
-
autoassign
public RoleType autoassign(AutoassignSpecificationType value)
- Overrides:
autoassign
in classAbstractRoleType
-
beginAutoassign
public AutoassignSpecificationType beginAutoassign()
- Overrides:
beginAutoassign
in classAbstractRoleType
-
linkRef
public RoleType linkRef(ObjectReferenceType value)
- Overrides:
linkRef
in classAbstractRoleType
-
linkRef
public RoleType linkRef(String oid, QName type)
- Overrides:
linkRef
in classAbstractRoleType
-
linkRef
public RoleType linkRef(String oid, QName type, QName relation)
- Overrides:
linkRef
in classAbstractRoleType
-
beginLinkRef
public ObjectReferenceType beginLinkRef()
- Overrides:
beginLinkRef
in classAbstractRoleType
-
personaRef
public RoleType personaRef(ObjectReferenceType value)
- Overrides:
personaRef
in classAbstractRoleType
-
personaRef
public RoleType personaRef(String oid, QName type)
- Overrides:
personaRef
in classAbstractRoleType
-
personaRef
public RoleType personaRef(String oid, QName type, QName relation)
- Overrides:
personaRef
in classAbstractRoleType
-
beginPersonaRef
public ObjectReferenceType beginPersonaRef()
- Overrides:
beginPersonaRef
in classAbstractRoleType
-
activation
public RoleType activation(ActivationType value)
- Overrides:
activation
in classAbstractRoleType
-
beginActivation
public ActivationType beginActivation()
- Overrides:
beginActivation
in classAbstractRoleType
-
jpegPhoto
public RoleType jpegPhoto(byte[] value)
- Overrides:
jpegPhoto
in classAbstractRoleType
-
costCenter
public RoleType costCenter(String value)
- Overrides:
costCenter
in classAbstractRoleType
-
locality
public RoleType locality(PolyStringType value)
- Overrides:
locality
in classAbstractRoleType
-
locality
public RoleType locality(String value)
- Overrides:
locality
in classAbstractRoleType
-
preferredLanguage
public RoleType preferredLanguage(String value)
- Overrides:
preferredLanguage
in classAbstractRoleType
-
locale
public RoleType locale(String value)
- Overrides:
locale
in classAbstractRoleType
-
timezone
public RoleType timezone(String value)
- Overrides:
timezone
in classAbstractRoleType
-
emailAddress
public RoleType emailAddress(String value)
- Overrides:
emailAddress
in classAbstractRoleType
-
telephoneNumber
public RoleType telephoneNumber(String value)
- Overrides:
telephoneNumber
in classAbstractRoleType
-
credentials
public RoleType credentials(CredentialsType value)
- Overrides:
credentials
in classAbstractRoleType
-
beginCredentials
public CredentialsType beginCredentials()
- Overrides:
beginCredentials
in classAbstractRoleType
-
behavior
public RoleType behavior(BehaviorType value)
- Overrides:
behavior
in classAbstractRoleType
-
beginBehavior
public BehaviorType beginBehavior()
- Overrides:
beginBehavior
in classAbstractRoleType
-
assignment
public RoleType assignment(AssignmentType value)
- Overrides:
assignment
in classAbstractRoleType
-
beginAssignment
public AssignmentType beginAssignment()
- Overrides:
beginAssignment
in classAbstractRoleType
-
iteration
public RoleType iteration(Integer value)
- Overrides:
iteration
in classAbstractRoleType
-
iterationToken
public RoleType iterationToken(String value)
- Overrides:
iterationToken
in classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(ObjectReferenceType value)
- Overrides:
archetypeRef
in classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(String oid, QName type)
- Overrides:
archetypeRef
in classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(String oid, QName type, QName relation)
- Overrides:
archetypeRef
in classAbstractRoleType
-
beginArchetypeRef
public ObjectReferenceType beginArchetypeRef()
- Overrides:
beginArchetypeRef
in classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(ObjectReferenceType value)
- Overrides:
roleMembershipRef
in classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(String oid, QName type)
- Overrides:
roleMembershipRef
in classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(String oid, QName type, QName relation)
- Overrides:
roleMembershipRef
in classAbstractRoleType
-
beginRoleMembershipRef
public ObjectReferenceType beginRoleMembershipRef()
- Overrides:
beginRoleMembershipRef
in classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(ObjectReferenceType value)
- Overrides:
delegatedRef
in classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(String oid, QName type)
- Overrides:
delegatedRef
in classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(String oid, QName type, QName relation)
- Overrides:
delegatedRef
in classAbstractRoleType
-
beginDelegatedRef
public ObjectReferenceType beginDelegatedRef()
- Overrides:
beginDelegatedRef
in classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(ObjectReferenceType value)
- Overrides:
roleInfluenceRef
in classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(String oid, QName type)
- Overrides:
roleInfluenceRef
in classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(String oid, QName type, QName relation)
- Overrides:
roleInfluenceRef
in classAbstractRoleType
-
beginRoleInfluenceRef
public ObjectReferenceType beginRoleInfluenceRef()
- Overrides:
beginRoleInfluenceRef
in classAbstractRoleType
-
name
public RoleType name(PolyStringType value)
- Overrides:
name
in classAbstractRoleType
-
name
public RoleType name(String value)
- Overrides:
name
in classAbstractRoleType
-
description
public RoleType description(String value)
- Overrides:
description
in classAbstractRoleType
-
documentation
public RoleType documentation(String value)
- Overrides:
documentation
in classAbstractRoleType
-
subtype
public RoleType subtype(String value)
- Overrides:
subtype
in classAbstractRoleType
-
fetchResult
public RoleType fetchResult(OperationResultType value)
- Overrides:
fetchResult
in classAbstractRoleType
-
beginFetchResult
public OperationResultType beginFetchResult()
- Overrides:
beginFetchResult
in classAbstractRoleType
-
extension
public RoleType extension(ExtensionType value)
- Overrides:
extension
in classAbstractRoleType
-
beginExtension
public ExtensionType beginExtension()
- Overrides:
beginExtension
in classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(ObjectReferenceType value)
- Overrides:
parentOrgRef
in classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(String oid, QName type)
- Overrides:
parentOrgRef
in classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(String oid, QName type, QName relation)
- Overrides:
parentOrgRef
in classAbstractRoleType
-
beginParentOrgRef
public ObjectReferenceType beginParentOrgRef()
- Overrides:
beginParentOrgRef
in classAbstractRoleType
-
trigger
public RoleType trigger(TriggerType value)
- Overrides:
trigger
in classAbstractRoleType
-
beginTrigger
public TriggerType beginTrigger()
- Overrides:
beginTrigger
in classAbstractRoleType
-
metadata
public RoleType metadata(MetadataType value)
- Overrides:
metadata
in classAbstractRoleType
-
beginMetadata
public MetadataType beginMetadata()
- Overrides:
beginMetadata
in classAbstractRoleType
-
tenantRef
public RoleType tenantRef(ObjectReferenceType value)
- Overrides:
tenantRef
in classAbstractRoleType
-
tenantRef
public RoleType tenantRef(String oid, QName type)
- Overrides:
tenantRef
in classAbstractRoleType
-
tenantRef
public RoleType tenantRef(String oid, QName type, QName relation)
- Overrides:
tenantRef
in classAbstractRoleType
-
beginTenantRef
public ObjectReferenceType beginTenantRef()
- Overrides:
beginTenantRef
in classAbstractRoleType
-
lifecycleState
public RoleType lifecycleState(String value)
- Overrides:
lifecycleState
in classAbstractRoleType
-
operationExecution
public RoleType operationExecution(OperationExecutionType value)
- Overrides:
operationExecution
in classAbstractRoleType
-
beginOperationExecution
public OperationExecutionType beginOperationExecution()
- Overrides:
beginOperationExecution
in classAbstractRoleType
-
lensContext
public RoleType lensContext(LensContextType value)
- Overrides:
lensContext
in classAbstractRoleType
-
beginLensContext
public LensContextType beginLensContext()
- Overrides:
beginLensContext
in classAbstractRoleType
-
policySituation
public RoleType policySituation(String value)
- Overrides:
policySituation
in classAbstractRoleType
-
triggeredPolicyRule
public RoleType triggeredPolicyRule(EvaluatedPolicyRuleType value)
- Overrides:
triggeredPolicyRule
in classAbstractRoleType
-
beginTriggeredPolicyRule
public EvaluatedPolicyRuleType beginTriggeredPolicyRule()
- Overrides:
beginTriggeredPolicyRule
in classAbstractRoleType
-
policyException
public RoleType policyException(PolicyExceptionType value)
- Overrides:
policyException
in classAbstractRoleType
-
beginPolicyException
public PolicyExceptionType beginPolicyException()
- Overrides:
beginPolicyException
in classAbstractRoleType
-
diagnosticInformation
public RoleType diagnosticInformation(DiagnosticInformationType value)
- Overrides:
diagnosticInformation
in classAbstractRoleType
-
beginDiagnosticInformation
public DiagnosticInformationType beginDiagnosticInformation()
- Overrides:
beginDiagnosticInformation
in classAbstractRoleType
-
indestructible
public RoleType indestructible(Boolean value)
- Overrides:
indestructible
in classAbstractRoleType
-
end
public <X> X end()
- Overrides:
end
in classAbstractRoleType
-
clone
public RoleType clone()
- Overrides:
clone
in classAbstractRoleType
-
-