T
- The type of configuration handled by this group
implementation.@PublicAPI(stability=VOLATILE, mayInstantiate=false, mayExtend=true, mayInvoke=true) public abstract class Group<T extends org.forgerock.opendj.server.config.server.GroupImplementationCfg> extends Object
Constructor and Description |
---|
Group() |
Modifier and Type | Method and Description |
---|---|
abstract void |
addMember(Entry userEntry)
Attempts to add the provided user as a member of this group.
|
abstract void |
addNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN)
Attempts to add the provided group DN as a nested group within
this group.
|
void |
finalizeGroupImplementation()
Performs any necessary finalization that may be needed whenever
this group implementation is taken out of service within the
Directory Server (e.g., if it is disabled or the server is
shutting down).
|
abstract SearchFilter |
getGroupDefinitionFilter()
Retrieves a search filter that may be used to identify entries
containing definitions for groups of this type in the Directory
Server.
|
abstract org.forgerock.opendj.ldap.Dn |
getGroupDN()
Retrieves the DN of the entry that contains the definition for
this group.
|
MemberList |
getMembers()
Retrieves an iterator that may be used to cursor through the
entries of the members contained in this group.
|
abstract MemberList |
getMembers(org.forgerock.opendj.ldap.Dn baseDN,
org.forgerock.opendj.ldap.SearchScope scope,
SearchFilter filter)
Retrieves an iterator that may be used to cursor through the
entries of the members contained in this group.
|
abstract List<org.forgerock.opendj.ldap.Dn> |
getNestedGroupDNs()
Retrieves a list of the DNs of any nested groups whose members
should be considered members of this group.
|
abstract void |
initializeGroupImplementation(T configuration)
Initializes a "shell" instance of this group implementation that
may be used to identify and instantiate instances of this type of
group in the directory data.
|
boolean |
isConfigurationAcceptable(org.forgerock.opendj.server.config.server.GroupImplementationCfg configuration,
List<LocalizableMessage> unacceptableReasons)
Indicates whether the provided configuration is acceptable for
this group implementation.
|
abstract boolean |
isGroupDefinition(Entry entry)
Indicates whether the provided entry contains a valid definition
for this type of group.
|
boolean |
isMember(org.forgerock.opendj.ldap.Dn userDN)
Indicates whether the user with the specified DN is a member of
this group.
|
abstract boolean |
isMember(org.forgerock.opendj.ldap.Dn userDN,
AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups)
Indicates whether the user with the specified DN is a member of
this group.
|
boolean |
isMember(Entry userEntry)
Indicates whether the user described by the provided user entry
is a member of this group.
|
abstract boolean |
isMember(Entry userEntry,
AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups)
Indicates whether the user described by the provided user entry
is a member of this group.
|
abstract boolean |
mayAlterMemberList()
Indicates whether it is possible to alter the member list for
this group (e.g., in order to add members to the group or remove
members from it).
|
abstract Group<T> |
newInstance(ServerContext serverContext,
Entry groupEntry)
Creates a new group of this type based on the definition
contained in the provided entry.
|
abstract void |
removeMember(org.forgerock.opendj.ldap.Dn userDN)
Attempts to remove the specified user as a member of this group.
|
abstract void |
removeNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN)
Attempts to remove the provided group as a nested group within
this group.
|
abstract void |
setGroupDN(org.forgerock.opendj.ldap.Dn groupDN)
Sets the DN of the entry that contains the definition for
this group.
|
abstract boolean |
supportsNestedGroups()
Indicates whether this group supports nesting other groups, such
that the members of the nested groups will also be considered
members of this group.
|
String |
toString()
Retrieves a string representation of this group.
|
abstract void |
toString(StringBuilder buffer)
Appends a string representation of this group to the provided
buffer.
|
abstract void |
updateMembers(List<Modification> modifications)
Attempt to make multiple changes to the group's member list.
|
public Group()
public abstract void initializeGroupImplementation(T configuration) throws org.forgerock.opendj.config.server.ConfigException, InitializationException
configuration
- The configuration for this group
implementation.org.forgerock.opendj.config.server.ConfigException
- If there is a problem with the provided
configuration entry.InitializationException
- If a problem occurs while
attempting to initialize this
group implementation that is
not related to the server
configuration.public boolean isConfigurationAcceptable(org.forgerock.opendj.server.config.server.GroupImplementationCfg configuration, List<LocalizableMessage> unacceptableReasons)
configuration
- The group implementation
configuration for which to make the
determination.unacceptableReasons
- A list that may be used to hold the
reasons that the provided
configuration is not acceptable.true
if the provided configuration is acceptable
for this group implementation, or false
if not.public void finalizeGroupImplementation()
public abstract Group<T> newInstance(ServerContext serverContext, Entry groupEntry) throws DirectoryException
initializeGroupImplementation
method.serverContext
- The server context.groupEntry
- The entry containing the definition for the
group to be created.DirectoryException
- If a problem occurs while trying to
create the group instance.public abstract SearchFilter getGroupDefinitionFilter() throws DirectoryException
initializeGroupImplementation
method.DirectoryException
- If a problem occurs while trying to
locate all of the applicable group
definition entries.public abstract boolean isGroupDefinition(Entry entry)
entry
- The entry for which to make the determination.true
if the provided entry does contain a valid
definition for this type of group, or false
if
it does not.public abstract org.forgerock.opendj.ldap.Dn getGroupDN()
public abstract void setGroupDN(org.forgerock.opendj.ldap.Dn groupDN)
groupDN
- The DN of the entry that contains the
definition for this group.public abstract boolean supportsNestedGroups()
true
if this group supports nesting other
groups, or false
if it does not.public abstract List<org.forgerock.opendj.ldap.Dn> getNestedGroupDNs()
public abstract void addNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN) throws UnsupportedOperationException, DirectoryException
nestedGroupDN
- The DN of the group that should be added
to the set of nested groups for this
group.UnsupportedOperationException
- If this group does not
support nesting.DirectoryException
- If a problem occurs while attempting
to nest the provided group DN.public abstract void removeNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN) throws UnsupportedOperationException, DirectoryException
nestedGroupDN
- The DN of the group that should be removed
from the set of nested groups for this
group.UnsupportedOperationException
- If this group does not
support nesting.DirectoryException
- If a problem occurs while attempting
to nest the provided group DN.public boolean isMember(org.forgerock.opendj.ldap.Dn userDN) throws DirectoryException
userDN
- The DN of the user for which to make the
determination.true
if the specified user is currently a member
of this group, or false
if not.DirectoryException
- If a problem occurs while attempting
to make the determination.public abstract boolean isMember(org.forgerock.opendj.ldap.Dn userDN, AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups) throws DirectoryException
userDN
- The DN of the user for which to make the
determination.examinedGroups
- A set of groups that have already been
examined in the process of making the
determination. This provides a mechanism
to prevent infinite recursion due to
circular references (e.g., two groups
include each other as nested groups).
Each time a group instance is checked,
its DN should be added to the list, and
any DN already contained in the list
should be skipped.
The use of an atomic reference allow to
lazily create the Set to optimize memory
when there is no nested groups.true
if the specified user is currently a member
of this group, or false
if not.DirectoryException
- If a problem occurs while attempting
to make the determination.public boolean isMember(Entry userEntry) throws DirectoryException
userEntry
- The entry for the user for which to make the
determination.true
if the specified user is currently a member
of this group, or false
if not.DirectoryException
- If a problem occurs while attempting
to make the determination.public abstract boolean isMember(Entry userEntry, AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups) throws DirectoryException
userEntry
- The entry for the user for which to make
the determination.examinedGroups
- A set of groups that have already been
examined in the process of making the
determination. This provides a mechanism
to prevent infinite recursion due to
circular references (e.g., two groups
include each other as nested groups).
Each time a group instance is checked,
its DN should be added to the list, and
any DN already contained in the list
should be skipped.
The use of an atomic reference allow to
lazily create the Set to optimize memory
when there is no nested groups.true
if the specified user is currently a member
of this group, or false
if not.DirectoryException
- If a problem occurs while attempting
to make the determination.public MemberList getMembers() throws DirectoryException
DirectoryException
- If a problem occurs while attempting
to retrieve the set of members.public abstract MemberList getMembers(org.forgerock.opendj.ldap.Dn baseDN, org.forgerock.opendj.ldap.SearchScope scope, SearchFilter filter) throws DirectoryException
baseDN
- The base DN that should be used when determining
whether a given entry will be returned. If this
is null
, then all entries will be
considered in the scope of the criteria.scope
- The scope that should be used when determining
whether a given entry will be returned. It must
not be null
if the provided base DN is
not null
. The scope will be ignored if
no base DN is provided.filter
- The filter that should be used when determining
whether a given entry will be returned. If this
is null
, then any entry in the scope of
the criteria will be included in the results.DirectoryException
- If a problem occurs while attempting
to retrieve the set of members.public abstract boolean mayAlterMemberList()
true
if it is possible to add members to this
group, or false
if not.public abstract void updateMembers(List<Modification> modifications) throws UnsupportedOperationException, DirectoryException
modifications
- The list of modifications being made to the group,
which may include changes to non-member attributes.UnsupportedOperationException
- If this group does not support
altering the member list.DirectoryException
- If a problem occurs while attempting to
update the members.public abstract void addMember(Entry userEntry) throws UnsupportedOperationException, DirectoryException
userEntry
- The entry for the user to be added as a member
of this group.UnsupportedOperationException
- If this group does not
support altering the
member list.DirectoryException
- If a problem occurs while attempting
to add the provided user as a member
of this group.public abstract void removeMember(org.forgerock.opendj.ldap.Dn userDN) throws UnsupportedOperationException, DirectoryException
userDN
- The DN of the user to remove as a member of this
group.UnsupportedOperationException
- If this group does not
support altering the
member list.DirectoryException
- If a problem occurs while attempting
to remove the provided user as a
member of this group.public abstract void toString(StringBuilder buffer)
buffer
- The buffer to which the string representation
should be appended.Copyright © 2010-2017 ForgeRock AS. All Rights Reserved.