protected boolean validAssignGroup(IdentityManagementGroupDocument document) {
boolean rulePassed = true;
Map<String, String> additionalPermissionDetails = new HashMap<String, String>();
additionalPermissionDetails.put(
KimConstants.AttributeConstants.NAMESPACE_CODE, document.getGroupNamespace());
additionalPermissionDetails.put(
KimConstants.AttributeConstants.GROUP_NAME, document.getGroupName());
if (document.getMembers() != null && document.getMembers().size() > 0) {
if (!getDocumentDictionaryService()
.getDocumentAuthorizer(document)
.isAuthorizedByTemplate(
document,
KimConstants.NAMESPACE_CODE,
KimConstants.PermissionTemplateNames.POPULATE_GROUP,
GlobalVariables.getUserSession().getPrincipalId(),
additionalPermissionDetails,
null)) {
GlobalVariables.getMessageMap()
.putError(
"document.groupName",
RiceKeyConstants.ERROR_ASSIGN_GROUP,
new String[] {document.getGroupNamespace(), document.getGroupName()});
rulePassed = false;
}
}
return rulePassed;
}
@Override
protected boolean processCustomSaveDocumentBusinessRules(Document document) {
if (!(document instanceof IdentityManagementGroupDocument)) {
return false;
}
IdentityManagementGroupDocument groupDoc = (IdentityManagementGroupDocument) document;
boolean valid = true;
GlobalVariables.getMessageMap().addToErrorPath(KRADConstants.DOCUMENT_PROPERTY_NAME);
valid &= validAssignGroup(groupDoc);
valid &= validDuplicateGroupName(groupDoc);
getDictionaryValidationService()
.validateDocumentAndUpdatableReferencesRecursively(
document, getMaxDictionaryValidationDepth(), true, false);
valid &= validateGroupQualifier(groupDoc.getQualifiers(), groupDoc.getKimType());
valid &= validGroupMemberActiveDates(groupDoc.getMembers());
// KULRICE-6858 Validate group members are in identity system
valid &= validGroupMemberPrincipalIDs(groupDoc.getMembers());
GlobalVariables.getMessageMap().removeFromErrorPath(KRADConstants.DOCUMENT_PROPERTY_NAME);
return valid;
}
protected boolean validDuplicateGroupName(IdentityManagementGroupDocument groupDoc) {
Group group = null;
if (null != groupDoc.getGroupNamespace() && null != groupDoc.getGroupName()) {
group =
KimApiServiceLocator.getGroupService()
.getGroupByNamespaceCodeAndName(
groupDoc.getGroupNamespace(), groupDoc.getGroupName());
}
boolean rulePassed = true;
if (group != null) {
if (group.getId().equals(groupDoc.getGroupId())) {
rulePassed = true;
} else {
GlobalVariables.getMessageMap()
.putError(
"document.groupName",
RiceKeyConstants.ERROR_DUPLICATE_ENTRY,
new String[] {"Group Name"});
rulePassed = false;
}
}
return rulePassed;
}
