protected boolean validAssignGroup(IdentityManagementGroupDocument document) { boolean rulePassed = true; Map<String, String> additionalPermissionDetails = new HashMap<String, String>(); additionalPermissionDetails.put( KimConstants.AttributeConstants.NAMESPACE_CODE, document.getGroupNamespace()); additionalPermissionDetails.put( KimConstants.AttributeConstants.GROUP_NAME, document.getGroupName()); if (document.getMembers() != null && document.getMembers().size() > 0) { if (!getDocumentDictionaryService() .getDocumentAuthorizer(document) .isAuthorizedByTemplate( document, KimConstants.NAMESPACE_CODE, KimConstants.PermissionTemplateNames.POPULATE_GROUP, GlobalVariables.getUserSession().getPrincipalId(), additionalPermissionDetails, null)) { GlobalVariables.getMessageMap() .putError( "document.groupName", RiceKeyConstants.ERROR_ASSIGN_GROUP, new String[] {document.getGroupNamespace(), document.getGroupName()}); rulePassed = false; } } return rulePassed; }
@Override protected boolean processCustomSaveDocumentBusinessRules(Document document) { if (!(document instanceof IdentityManagementGroupDocument)) { return false; } IdentityManagementGroupDocument groupDoc = (IdentityManagementGroupDocument) document; boolean valid = true; GlobalVariables.getMessageMap().addToErrorPath(KRADConstants.DOCUMENT_PROPERTY_NAME); valid &= validAssignGroup(groupDoc); valid &= validDuplicateGroupName(groupDoc); getDictionaryValidationService() .validateDocumentAndUpdatableReferencesRecursively( document, getMaxDictionaryValidationDepth(), true, false); valid &= validateGroupQualifier(groupDoc.getQualifiers(), groupDoc.getKimType()); valid &= validGroupMemberActiveDates(groupDoc.getMembers()); // KULRICE-6858 Validate group members are in identity system valid &= validGroupMemberPrincipalIDs(groupDoc.getMembers()); GlobalVariables.getMessageMap().removeFromErrorPath(KRADConstants.DOCUMENT_PROPERTY_NAME); return valid; }
protected boolean validDuplicateGroupName(IdentityManagementGroupDocument groupDoc) { Group group = null; if (null != groupDoc.getGroupNamespace() && null != groupDoc.getGroupName()) { group = KimApiServiceLocator.getGroupService() .getGroupByNamespaceCodeAndName( groupDoc.getGroupNamespace(), groupDoc.getGroupName()); } boolean rulePassed = true; if (group != null) { if (group.getId().equals(groupDoc.getGroupId())) { rulePassed = true; } else { GlobalVariables.getMessageMap() .putError( "document.groupName", RiceKeyConstants.ERROR_DUPLICATE_ENTRY, new String[] {"Group Name"}); rulePassed = false; } } return rulePassed; }