public interface GroupService
A group is a collection of principals (users or other groups) and is uniquely identified by name and context. A group is associated with and scoped to a context in which it is defined. Group contexts are repository contexts that have the membership capability.
Modifier and Type | Method and Description |
---|---|
Group |
createGroup(String contextId,
String name,
String description,
Set<Principal> members)
Creates the group.
|
void |
deleteGroup(String groupId)
Deletes the group.
|
Set<GroupDescriptor> |
getAllGroupsByMember(Principal member)
Gets all of the group descriptors that have the specified principal as a member.
|
Set<GroupDescriptor> |
getAllReachableGroupsByMember(Principal member)
Gets the set of all of the reachable groups.
|
Group |
getGroupById(String groupId)
Gets the full representation of the group by its identifier.
|
Group |
getGroupByName(String contextId,
String name)
Gets the full representation of the group by its name and context.
|
GroupDescriptor |
getGroupDescriptorById(String groupId)
Gets the lightweight representation of the group by its identifier.
|
GroupDescriptor |
getGroupDescriptorByName(String contextId,
String name)
Gets the lightweight representation of a group by its name and context.
|
Set<GroupDescriptor> |
getGroupDescriptors(String contextId)
Gets the lightweight representation of all of the groups that are defined at the context.
|
Set<GroupDescriptor> |
getGroupDescriptorsByIds(Set<String> groupIds)
Gets the lightweight representations of a set of groups by their specified identifiers.
|
Set<Group> |
getGroups(String contextId)
Gets all of the groups defined at the context.
|
Set<Group> |
getGroupsByIds(Set<String> groupIds)
Gets all of the groups by a list of identifiers.
|
Set<GroupDescriptor> |
getGroupsByMember(String contextId,
Principal member)
Gets all of the groups in a context that have the principal as a member.
|
Set<GroupDescriptor> |
getReachableGroupsByMember(String contextId,
Principal member)
Gets the set of all of the reachable groups at the context.
|
boolean |
groupExists(String contextId,
String name)
Indicates whether a group with the name exists at the context.
|
boolean |
isMember(String groupId,
Principal member,
boolean includeImplicit)
Indicates whether the principal is a member of the group, using the group identifier.
|
void |
removeFromAllGroups(Principal member)
Removes the member from all groups.
|
void |
removeFromGroups(String contextId,
Set<Principal> members)
Removes the members from all groups in a specific context.
|
Group |
updateGroup(Group group)
Updates the definition of the group.
|
Group createGroup(String contextId, String name, String description, Set<Principal> members) throws GroupExistsException, InvalidGroupMemberException
This method requires read access to the context.
The method requires the ScopedPrivileges.PRIVILEGE_MANAGE_MEMBERSHIP
privilege.
contextId
- the context in which the group will be created.name
- the name of the group.description
- the description of the group.members
- the members of the group.GroupExistsException
- thrown when a group by the name exists at the specified context.InvalidGroupMemberException
- thrown when any of the members violate any membership contracts.Group updateGroup(Group group) throws GroupNotFoundException, GroupExistsException, InvalidGroupMemberException
This method requires read access to the context.
This method requires the ScopedPrivileges.PRIVILEGE_MANAGE_MEMBERSHIP
privilege.
group
- the group.GroupNotFoundException
- thrown when the group is not be found on the server.GroupExistsException
- thrown when the updated group's new name exists at the specified context.InvalidGroupMemberException
- thrown when a group is updated with new members that violate any membership
contracts.void deleteGroup(String groupId) throws GroupNotFoundException
This method requires Read access to the context.
This method requires the ScopedPrivileges.PRIVILEGE_MANAGE_MEMBERSHIP
privilege.
groupId
- the group identifier.GroupNotFoundException
- thrown when the group to delete is not be found.void removeFromAllGroups(Principal member)
This method requires Read access to the contexts.
This method requires the ScopedPrivileges.PRIVILEGE_MANAGE_MEMBERSHIP
privilege.
member
- the member.void removeFromGroups(String contextId, Set<Principal> members)
Read access to the context is required by this method.
The ScopedPrivileges.PRIVILEGE_MANAGE_MEMBERSHIP
privilege is also
required by this method.
contextId
- the context of the groups to modify.members
- the members.boolean groupExists(String contextId, String name)
contextId
- the context identifier of the group.name
- the name of the group.True
, when a group exists with the name at the specified context.boolean isMember(String groupId, Principal member, boolean includeImplicit)
If False
is specified for includeImplicit
, this method returns True
then the principal
is an explicit member or False
when the principal is not a member, the group does not exist, or the
principal does not exist. If True is specified for includeImplicit, this method checks for explicit membership and
any sub groups for membership.
groupId
- the identifier of the group.member
- the principal.includeImplicit
- True
, when membership checking should include implicit memberships through nested
groups, False
when this should be an explicit membership only.Group getGroupById(String groupId) throws GroupNotFoundException
This method requires Read access to the context.
groupId
- the identifier of the group.GroupNotFoundException
- thrown when the specified group is not be found.Group getGroupByName(String contextId, String name) throws GroupNotFoundException
This method requires Read access to the context.
contextId
- the context of the group.name
- the name of the group.GroupNotFoundException
- thrown when the specified group is not be found.GroupDescriptor getGroupDescriptorById(String groupId) throws GroupNotFoundException
This method requires Read access to the context.
groupId
- the identifier of the group.GroupNotFoundException
- thrown when the specified group is not be found.GroupDescriptor getGroupDescriptorByName(String contextId, String name) throws GroupNotFoundException
This method requires Read access to the context..
contextId
- the context of the group.name
- the name of the group.GroupNotFoundException
- thrown when the specified group is not be found.Set<GroupDescriptor> getGroupDescriptorsByIds(Set<String> groupIds)
groupIds
- the identifiers of the groups.Set<Group> getGroupsByIds(Set<String> groupIds)
groupIds
- the identifiers of the groups.Set<Group> getGroups(String contextId)
This method requires Read access to the context.
contextId
- the context of the groups.Set<GroupDescriptor> getGroupDescriptors(String contextId)
This method requires Read access to the context.
contextId
- the context of the groups.Set<GroupDescriptor> getAllGroupsByMember(Principal member)
member
- the principal.Set<GroupDescriptor> getGroupsByMember(String contextId, Principal member)
This method requires Read access to the context.
contextId
- the context.member
- the principal.Set<GroupDescriptor> getAllReachableGroupsByMember(Principal member)
Reachable groups are the groups that are directly groups and all groups that are (transitively) reachable from them in the group hierarchy.
Example:
Group hierarchy: GROUP_A > GROUP_B and GROUP_B > GROUP_C.
Directly assigned authority: GROUP_A.
Reachable authorities: GROUP_A, GROUP_B, GROUP_C.
member
- the principal.Set<GroupDescriptor> getReachableGroupsByMember(String contextId, Principal member)
Reachable groups are the groups that are directly assigned and all groups that are (transitively) reachable from them in the group hierarchy.
This method requires Read access to the context.
contextId
- the context.member
- the principal.<i>Copyright (c) 2022, SAS Institute Inc., Cary, NC, USA</i>