Interface EvaluatedAssignment

    • Method Detail

      • getAssignmentId

        Long getAssignmentId()
      • getAuthorizations

        Collection<com.evolveum.midpoint.security.api.Authorization> getAuthorizations()
      • getRelation

        QName getRelation()
      • getNormalizedRelation

        QName getNormalizedRelation()
      • isValid

        boolean isValid()
        TODO Define this concept. It looks like it mixes ideas of validity (activation, lifecycle state) and relativity mode (condition).
      • isPresentInCurrentObject

        boolean isPresentInCurrentObject()
      • isPresentInOldObject

        boolean isPresentInOldObject()
      • getObjectPolicyRules

        @NotNull
        @NotNull Collection<? extends EvaluatedPolicyRule> getObjectPolicyRules()
        Returns all policy rules that apply to the focal/projections objects and are derived from this assignment - even those that were not triggered. The policy rules are compiled from all the applicable sources (target, meta-roles, etc.)
      • getThisTargetPolicyRules

        @NotNull
        @NotNull Collection<? extends EvaluatedPolicyRule> getThisTargetPolicyRules()
        Returns all policy rules that directly apply to the target object of this assignment (and are derived from this assignment) - even those that were not triggered. The policy rules are compiled from all the applicable sources (target, meta-roles, etc.)
      • getOtherTargetsPolicyRules

        @NotNull
        @NotNull Collection<? extends EvaluatedPolicyRule> getOtherTargetsPolicyRules()
        Returns all policy rules that apply to some other target object of this assignment (and are derived from this assignment) - even those that were not triggered. The policy rules are compiled from all the applicable sources (target, meta-roles, etc.)
      • getAllTargetsPolicyRules

        @NotNull
        @NotNull Collection<? extends EvaluatedPolicyRule> getAllTargetsPolicyRules()
        Returns all policy rules that apply to any of the target objects provided by this assignment (and are derived from this assignment) - even those that were not triggered. The policy rules are compiled from all the applicable sources (target, meta-roles, etc.) The difference to getThisTargetPolicyRules is that if e.g. jack is a Pirate, and Pirate induces Sailor, then - `getThisTargetPolicyRules` will show rules that are attached to Pirate - `getAllTargetsPolicyRules` will show rules that are attached to Pirate and Sailor - `getOtherTargetsPolicyRules` will show rules that are attached to Sailor
      • getAllAssociatedPolicyRules

        @NotNull
        @NotNull Collection<AssociatedPolicyRule> getAllAssociatedPolicyRules()
        Returns getAllTargetsPolicyRules() plus so-called "foreign policy rules". Those are rules that are related to this assignment because they contain an exclusion trigger pointing to this assignment as the conflicting one. This is necessary to implement "declare once, use twice" approach where it should be sufficient to declare an exclusion constraint at one of the targets only. See e.g. MID-8269. There are important things to be aware of, though. Please see AssociatedPolicyRule for more information.
      • getAllTargetsPolicyRulesCount

        int getAllTargetsPolicyRulesCount()
        How many target policy rules are there.
      • getFocusMappings

        Collection<? extends Mapping<?,​?>> getFocusMappings()
        These are evaluated focus mappings. Since 4.0.1 the evaluation is carried out not during assignment evaluation but afterwards.
      • toHumanReadableString

        String toHumanReadableString()
      • isBeingAdded

        boolean isBeingAdded()
        Assignment is either being added in the current wave or was added in some of the previous waves.
      • isBeingDeleted

        boolean isBeingDeleted()
        Assignment is either being deleted in the current wave or was deleted in some of the previous waves.
      • isBeingKept

        boolean isBeingKept()
        Assignment was present at the beginning and is not being deleted.
      • getAdminGuiDependencies

        Set<String> getAdminGuiDependencies()
        Set of abstract role OIDs considered for addition of admin gui configuration.