Class RoleType
- java.lang.Object
-
- com.evolveum.prism.xml.ns._public.types_3.ObjectType
-
- com.evolveum.midpoint.prism.impl.binding.AbstractMutableObjectable
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
-
- com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType
-
- All Implemented Interfaces:
Containerable,Freezable,com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding,JaxbVisitable,Objectable,DebugDumpable,Serializable
public class RoleType extends AbstractRoleType implements Objectable
A role in the extended Role-Based Access Control (RBAC) sense. The roles specify privileges that the user (or other object) should have. The role may "grant" accounts on resources, attributes and entitlements for such accounts. The role can also assign organizational units, other roles or various IDM objects that can be assigned directly to user. From this point of view the role is in fact just a named set of assignments. The roles form the basic building block of midPoint's extended role-based access control (RBAC) mechanism. It defines what rights (e.g. accounts) should be given to user, how they should look like (attributes) and what groups or native roles to assign to them (entitlements). Roles can also specify user authorizations to access specific parts of midPoint. This is used to implement fine-grained authorization mechanism. When combined with organizational structure it forms a delegated administration mechanism. Roles can also be conditional, i.e. applicable only if a specific condition is true. Roles can be parametric, e.g. the expressions inside the role can use parameters that were specified at the time when the role was assigned (as opposed to parameters defined when the role was defined).- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding
com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding.ContainerableList<T extends Containerable>, com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding.ReferencableList<T extends Referencable>
-
-
Field Summary
Fields Modifier and Type Field Description static QNameCOMPLEX_TYPEstatic QNameCONTAINER_NAMEstatic Producer<RoleType>FACTORY-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
F_ADMIN_GUI_CONFIGURATION, F_AUTHORIZATION, F_AUTOASSIGN, F_CONDITION, F_DATA_PROTECTION, F_DELEGABLE, F_DISPLAY_NAME, F_IDEMPOTENCE, F_IDENTIFIER, F_INDUCEMENT, F_REQUESTABLE, F_RISK_LEVEL
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
F_ACTIVATION, F_BEHAVIOR, F_COST_CENTER, F_CREDENTIALS, F_EMAIL_ADDRESS, F_JPEG_PHOTO, F_LINK_REF, F_LOCALE, F_LOCALITY, F_PERSONA_REF, F_PREFERRED_LANGUAGE, F_TELEPHONE_NUMBER, F_TIMEZONE
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
F_ARCHETYPE_REF, F_ASSIGNMENT, F_DELEGATED_REF, F_ITERATION, F_ITERATION_TOKEN, F_ROLE_INFLUENCE_REF, F_ROLE_MEMBERSHIP_REF
-
Fields inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
F_DESCRIPTION, F_DIAGNOSTIC_INFORMATION, F_DOCUMENTATION, F_EXTENSION, F_FETCH_RESULT, F_INDESTRUCTIBLE, F_LENS_CONTEXT, F_LIFECYCLE_STATE, F_METADATA, F_NAME, F_OPERATION_EXECUTION, F_PARENT_ORG_REF, F_POLICY_EXCEPTION, F_POLICY_SITUATION, F_SUBTYPE, F_TENANT_REF, F_TRIGGER, F_TRIGGERED_POLICY_RULE
-
Fields inherited from interface com.evolveum.midpoint.util.DebugDumpable
INDENT_STRING
-
-
Constructor Summary
Constructors Constructor Description RoleType()RoleType(PrismContext context)Deprecated.
-
Method Summary
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractRoleType
createAuthorizationList, createInducementList, getAdminGuiConfiguration, getAuthorization, getAutoassign, getCondition, getDataProtection, getDisplayName, getIdempotence, getIdentifier, getInducement, getRiskLevel, isDelegable, isRequestable, setAdminGuiConfiguration, setAutoassign, setCondition, setDataProtection, setDelegable, setDisplayName, setIdempotence, setIdentifier, setRequestable, setRiskLevel
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType
getActivation, getBehavior, getCostCenter, getCredentials, getEmailAddress, getJpegPhoto, getLinkRef, getLocale, getLocality, getPersonaRef, getPreferredLanguage, getTelephoneNumber, getTimezone, setActivation, setBehavior, setCostCenter, setCredentials, setEmailAddress, setJpegPhoto, setLocale, setLocality, setPreferredLanguage, setTelephoneNumber, setTimezone
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentHolderType
createAssignmentList, getArchetypeRef, getAssignment, getDelegatedRef, getIteration, getIterationToken, getRoleInfluenceRef, getRoleMembershipRef, setIteration, setIterationToken
-
Methods inherited from class com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType
createOperationExecutionList, createPolicyExceptionList, createTriggerList, getDescription, getDiagnosticInformation, getDocumentation, getExtension, getFetchResult, getLensContext, getLifecycleState, getMetadata, getName, getOperationExecution, getParentOrgRef, getPolicyException, getPolicySituation, getSubtype, getTenantRef, getTrigger, getTriggeredPolicyRule, isIndestructible, setDescription, setDocumentation, setExtension, setFetchResult, setIndestructible, setLensContext, setLifecycleState, setMetadata, setName, setTenantRef
-
Methods inherited from class com.evolveum.midpoint.prism.impl.binding.AbstractMutableObjectable
asPrismContainer, asPrismContainerValue, getOid, getVersion, hashCode, setOid, setupContainer, setupContainerValue, setVersion, toDebugName, toDebugType, toString
-
Methods inherited from class com.evolveum.prism.xml.ns._public.types_3.ObjectType
accept
-
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface com.evolveum.midpoint.prism.Containerable
asPrismContainerValue, cloneWithoutId, debugDump, freeze, isImmutable, setupContainerValue
-
Methods inherited from interface com.evolveum.midpoint.prism.impl.binding.ContainerablePrismBinding
prismGetContainerableList, prismGetPropertyValue, prismGetPropertyValues, prismGetReferencable, prismGetReferencableList, prismGetReferenceObjectable, prismGetSingleContainerable, prismSetPropertyValue, prismSetReferencable, prismSetReferenceObjectable, prismSetSingleContainerable
-
Methods inherited from interface com.evolveum.midpoint.util.DebugDumpable
debugDump, debugDumpLazily, debugDumpLazily
-
Methods inherited from interface com.evolveum.midpoint.prism.Freezable
checkImmutable, checkMutable
-
Methods inherited from interface com.evolveum.midpoint.prism.Objectable
getDescription, getName, getOid, getVersion, setDescription, setName, setOid, setupContainer, setVersion, toDebugName, toDebugType
-
-
-
-
Constructor Detail
-
RoleType
public RoleType()
-
RoleType
@Deprecated public RoleType(PrismContext context)
Deprecated.
-
-
Method Detail
-
prismGetContainerName
protected QName prismGetContainerName()
- Overrides:
prismGetContainerNamein classAbstractRoleType
-
prismGetContainerType
protected QName prismGetContainerType()
- Overrides:
prismGetContainerTypein classAbstractRoleType
-
asPrismObject
public PrismObject<RoleType> asPrismObject()
- Specified by:
asPrismObjectin interfaceObjectable- Overrides:
asPrismObjectin classAbstractRoleType
-
equals
public boolean equals(Object other)
- Overrides:
equalsin classAbstractRoleType
-
version
public RoleType version(String value)
- Overrides:
versionin classAbstractRoleType
-
oid
public RoleType oid(String value)
- Overrides:
oidin classAbstractRoleType
-
displayName
public RoleType displayName(PolyStringType value)
- Overrides:
displayNamein classAbstractRoleType
-
displayName
public RoleType displayName(String value)
- Overrides:
displayNamein classAbstractRoleType
-
identifier
public RoleType identifier(String value)
- Overrides:
identifierin classAbstractRoleType
-
inducement
public RoleType inducement(AssignmentType value)
- Overrides:
inducementin classAbstractRoleType
-
beginInducement
public AssignmentType beginInducement()
- Overrides:
beginInducementin classAbstractRoleType
-
authorization
public RoleType authorization(AuthorizationType value)
- Overrides:
authorizationin classAbstractRoleType
-
beginAuthorization
public AuthorizationType beginAuthorization()
- Overrides:
beginAuthorizationin classAbstractRoleType
-
requestable
public RoleType requestable(Boolean value)
- Overrides:
requestablein classAbstractRoleType
-
delegable
public RoleType delegable(Boolean value)
- Overrides:
delegablein classAbstractRoleType
-
idempotence
public RoleType idempotence(IdempotenceType value)
- Overrides:
idempotencein classAbstractRoleType
-
riskLevel
public RoleType riskLevel(String value)
- Overrides:
riskLevelin classAbstractRoleType
-
condition
public RoleType condition(MappingType value)
- Overrides:
conditionin classAbstractRoleType
-
beginCondition
public MappingType beginCondition()
- Overrides:
beginConditionin classAbstractRoleType
-
adminGuiConfiguration
public RoleType adminGuiConfiguration(AdminGuiConfigurationType value)
- Overrides:
adminGuiConfigurationin classAbstractRoleType
-
beginAdminGuiConfiguration
public AdminGuiConfigurationType beginAdminGuiConfiguration()
- Overrides:
beginAdminGuiConfigurationin classAbstractRoleType
-
dataProtection
public RoleType dataProtection(DataProtectionType value)
- Overrides:
dataProtectionin classAbstractRoleType
-
beginDataProtection
public DataProtectionType beginDataProtection()
- Overrides:
beginDataProtectionin classAbstractRoleType
-
autoassign
public RoleType autoassign(AutoassignSpecificationType value)
- Overrides:
autoassignin classAbstractRoleType
-
beginAutoassign
public AutoassignSpecificationType beginAutoassign()
- Overrides:
beginAutoassignin classAbstractRoleType
-
linkRef
public RoleType linkRef(ObjectReferenceType value)
- Overrides:
linkRefin classAbstractRoleType
-
linkRef
public RoleType linkRef(String oid, QName type)
- Overrides:
linkRefin classAbstractRoleType
-
linkRef
public RoleType linkRef(String oid, QName type, QName relation)
- Overrides:
linkRefin classAbstractRoleType
-
beginLinkRef
public ObjectReferenceType beginLinkRef()
- Overrides:
beginLinkRefin classAbstractRoleType
-
personaRef
public RoleType personaRef(ObjectReferenceType value)
- Overrides:
personaRefin classAbstractRoleType
-
personaRef
public RoleType personaRef(String oid, QName type)
- Overrides:
personaRefin classAbstractRoleType
-
personaRef
public RoleType personaRef(String oid, QName type, QName relation)
- Overrides:
personaRefin classAbstractRoleType
-
beginPersonaRef
public ObjectReferenceType beginPersonaRef()
- Overrides:
beginPersonaRefin classAbstractRoleType
-
activation
public RoleType activation(ActivationType value)
- Overrides:
activationin classAbstractRoleType
-
beginActivation
public ActivationType beginActivation()
- Overrides:
beginActivationin classAbstractRoleType
-
jpegPhoto
public RoleType jpegPhoto(byte[] value)
- Overrides:
jpegPhotoin classAbstractRoleType
-
costCenter
public RoleType costCenter(String value)
- Overrides:
costCenterin classAbstractRoleType
-
locality
public RoleType locality(PolyStringType value)
- Overrides:
localityin classAbstractRoleType
-
locality
public RoleType locality(String value)
- Overrides:
localityin classAbstractRoleType
-
preferredLanguage
public RoleType preferredLanguage(String value)
- Overrides:
preferredLanguagein classAbstractRoleType
-
locale
public RoleType locale(String value)
- Overrides:
localein classAbstractRoleType
-
timezone
public RoleType timezone(String value)
- Overrides:
timezonein classAbstractRoleType
-
emailAddress
public RoleType emailAddress(String value)
- Overrides:
emailAddressin classAbstractRoleType
-
telephoneNumber
public RoleType telephoneNumber(String value)
- Overrides:
telephoneNumberin classAbstractRoleType
-
credentials
public RoleType credentials(CredentialsType value)
- Overrides:
credentialsin classAbstractRoleType
-
beginCredentials
public CredentialsType beginCredentials()
- Overrides:
beginCredentialsin classAbstractRoleType
-
behavior
public RoleType behavior(BehaviorType value)
- Overrides:
behaviorin classAbstractRoleType
-
beginBehavior
public BehaviorType beginBehavior()
- Overrides:
beginBehaviorin classAbstractRoleType
-
assignment
public RoleType assignment(AssignmentType value)
- Overrides:
assignmentin classAbstractRoleType
-
beginAssignment
public AssignmentType beginAssignment()
- Overrides:
beginAssignmentin classAbstractRoleType
-
iteration
public RoleType iteration(Integer value)
- Overrides:
iterationin classAbstractRoleType
-
iterationToken
public RoleType iterationToken(String value)
- Overrides:
iterationTokenin classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(ObjectReferenceType value)
- Overrides:
archetypeRefin classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(String oid, QName type)
- Overrides:
archetypeRefin classAbstractRoleType
-
archetypeRef
public RoleType archetypeRef(String oid, QName type, QName relation)
- Overrides:
archetypeRefin classAbstractRoleType
-
beginArchetypeRef
public ObjectReferenceType beginArchetypeRef()
- Overrides:
beginArchetypeRefin classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(ObjectReferenceType value)
- Overrides:
roleMembershipRefin classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(String oid, QName type)
- Overrides:
roleMembershipRefin classAbstractRoleType
-
roleMembershipRef
public RoleType roleMembershipRef(String oid, QName type, QName relation)
- Overrides:
roleMembershipRefin classAbstractRoleType
-
beginRoleMembershipRef
public ObjectReferenceType beginRoleMembershipRef()
- Overrides:
beginRoleMembershipRefin classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(ObjectReferenceType value)
- Overrides:
delegatedRefin classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(String oid, QName type)
- Overrides:
delegatedRefin classAbstractRoleType
-
delegatedRef
public RoleType delegatedRef(String oid, QName type, QName relation)
- Overrides:
delegatedRefin classAbstractRoleType
-
beginDelegatedRef
public ObjectReferenceType beginDelegatedRef()
- Overrides:
beginDelegatedRefin classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(ObjectReferenceType value)
- Overrides:
roleInfluenceRefin classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(String oid, QName type)
- Overrides:
roleInfluenceRefin classAbstractRoleType
-
roleInfluenceRef
public RoleType roleInfluenceRef(String oid, QName type, QName relation)
- Overrides:
roleInfluenceRefin classAbstractRoleType
-
beginRoleInfluenceRef
public ObjectReferenceType beginRoleInfluenceRef()
- Overrides:
beginRoleInfluenceRefin classAbstractRoleType
-
name
public RoleType name(PolyStringType value)
- Overrides:
namein classAbstractRoleType
-
name
public RoleType name(String value)
- Overrides:
namein classAbstractRoleType
-
description
public RoleType description(String value)
- Overrides:
descriptionin classAbstractRoleType
-
documentation
public RoleType documentation(String value)
- Overrides:
documentationin classAbstractRoleType
-
subtype
public RoleType subtype(String value)
- Overrides:
subtypein classAbstractRoleType
-
fetchResult
public RoleType fetchResult(OperationResultType value)
- Overrides:
fetchResultin classAbstractRoleType
-
beginFetchResult
public OperationResultType beginFetchResult()
- Overrides:
beginFetchResultin classAbstractRoleType
-
extension
public RoleType extension(ExtensionType value)
- Overrides:
extensionin classAbstractRoleType
-
beginExtension
public ExtensionType beginExtension()
- Overrides:
beginExtensionin classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(ObjectReferenceType value)
- Overrides:
parentOrgRefin classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(String oid, QName type)
- Overrides:
parentOrgRefin classAbstractRoleType
-
parentOrgRef
public RoleType parentOrgRef(String oid, QName type, QName relation)
- Overrides:
parentOrgRefin classAbstractRoleType
-
beginParentOrgRef
public ObjectReferenceType beginParentOrgRef()
- Overrides:
beginParentOrgRefin classAbstractRoleType
-
trigger
public RoleType trigger(TriggerType value)
- Overrides:
triggerin classAbstractRoleType
-
beginTrigger
public TriggerType beginTrigger()
- Overrides:
beginTriggerin classAbstractRoleType
-
metadata
public RoleType metadata(MetadataType value)
- Overrides:
metadatain classAbstractRoleType
-
beginMetadata
public MetadataType beginMetadata()
- Overrides:
beginMetadatain classAbstractRoleType
-
tenantRef
public RoleType tenantRef(ObjectReferenceType value)
- Overrides:
tenantRefin classAbstractRoleType
-
tenantRef
public RoleType tenantRef(String oid, QName type)
- Overrides:
tenantRefin classAbstractRoleType
-
tenantRef
public RoleType tenantRef(String oid, QName type, QName relation)
- Overrides:
tenantRefin classAbstractRoleType
-
beginTenantRef
public ObjectReferenceType beginTenantRef()
- Overrides:
beginTenantRefin classAbstractRoleType
-
lifecycleState
public RoleType lifecycleState(String value)
- Overrides:
lifecycleStatein classAbstractRoleType
-
operationExecution
public RoleType operationExecution(OperationExecutionType value)
- Overrides:
operationExecutionin classAbstractRoleType
-
beginOperationExecution
public OperationExecutionType beginOperationExecution()
- Overrides:
beginOperationExecutionin classAbstractRoleType
-
lensContext
public RoleType lensContext(LensContextType value)
- Overrides:
lensContextin classAbstractRoleType
-
beginLensContext
public LensContextType beginLensContext()
- Overrides:
beginLensContextin classAbstractRoleType
-
policySituation
public RoleType policySituation(String value)
- Overrides:
policySituationin classAbstractRoleType
-
triggeredPolicyRule
public RoleType triggeredPolicyRule(EvaluatedPolicyRuleType value)
- Overrides:
triggeredPolicyRulein classAbstractRoleType
-
beginTriggeredPolicyRule
public EvaluatedPolicyRuleType beginTriggeredPolicyRule()
- Overrides:
beginTriggeredPolicyRulein classAbstractRoleType
-
policyException
public RoleType policyException(PolicyExceptionType value)
- Overrides:
policyExceptionin classAbstractRoleType
-
beginPolicyException
public PolicyExceptionType beginPolicyException()
- Overrides:
beginPolicyExceptionin classAbstractRoleType
-
diagnosticInformation
public RoleType diagnosticInformation(DiagnosticInformationType value)
- Overrides:
diagnosticInformationin classAbstractRoleType
-
beginDiagnosticInformation
public DiagnosticInformationType beginDiagnosticInformation()
- Overrides:
beginDiagnosticInformationin classAbstractRoleType
-
indestructible
public RoleType indestructible(Boolean value)
- Overrides:
indestructiblein classAbstractRoleType
-
end
public <X> X end()
- Overrides:
endin classAbstractRoleType
-
clone
public RoleType clone()
- Overrides:
clonein classAbstractRoleType
-
-