T
- The type of configuration handled by this group implementation.@PublicAPI(stability=VOLATILE, mayInstantiate=false, mayExtend=true, mayInvoke=true) public abstract class Group<T extends org.forgerock.opendj.server.config.server.GroupImplementationCfg> extends Object
Constructor and Description |
---|
Group() |
Modifier and Type | Method and Description |
---|---|
abstract void |
addMember(Entry userEntry)
Attempts to add the provided user as a member of this group.
|
abstract void |
addNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN)
Attempts to add the provided group DN as a nested group within this group.
|
void |
finalizeGroupImplementation()
Performs any necessary finalization that may be needed whenever this group implementation is taken out of service
within the Directory Server (e.g., if it is disabled or the server is shutting down).
|
abstract SearchFilter |
getGroupDefinitionFilter()
Retrieves a search filter that may be used to identify entries containing definitions for groups of this type in
the Directory Server.
|
abstract org.forgerock.opendj.ldap.Dn |
getGroupDN()
Retrieves the DN of the entry that contains the definition for this group.
|
MemberList |
getMembers()
Retrieves an iterator that may be used to cursor through the entries of the members contained in this group.
|
abstract MemberList |
getMembers(org.forgerock.opendj.ldap.Dn baseDN,
org.forgerock.opendj.ldap.SearchScope scope,
SearchFilter filter)
Retrieves an iterator that may be used to cursor through the entries of the members contained in this group.
|
abstract List<org.forgerock.opendj.ldap.Dn> |
getNestedGroupDNs()
Retrieves a list of the DNs of any nested groups whose members should be considered members of this group.
|
abstract void |
initializeGroupImplementation(T configuration)
Initializes a "shell" instance of this group implementation that may be used to identify and instantiate
instances of this type of group in the directory data.
|
boolean |
isConfigurationAcceptable(T configuration,
List<LocalizableMessage> unacceptableReasons)
Indicates whether the provided configuration is acceptable for this group implementation.
|
abstract boolean |
isGroupDefinition(Entry entry)
Indicates whether the provided entry contains a valid definition for this type of group.
|
boolean |
isMember(org.forgerock.opendj.ldap.Dn userDN)
Indicates whether the user with the specified DN is a member of this group.
|
abstract boolean |
isMember(org.forgerock.opendj.ldap.Dn userDN,
AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups)
Indicates whether the user with the specified DN is a member of this group.
|
boolean |
isMember(Entry userEntry)
Indicates whether the user described by the provided user entry is a member of this group.
|
abstract boolean |
isMember(Entry userEntry,
AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups)
Indicates whether the user described by the provided user entry is a member of this group.
|
abstract boolean |
mayAlterMemberList()
Indicates whether it is possible to alter the member list for this group (e.g., in order to add members to the
group or remove members from it).
|
abstract Group<T> |
newInstance(ServerContext serverContext,
Entry groupEntry)
Creates a new group of this type based on the definition contained in the provided entry.
|
abstract void |
removeMember(org.forgerock.opendj.ldap.Dn userDN)
Attempts to remove the specified user as a member of this group.
|
abstract void |
removeNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN)
Attempts to remove the provided group as a nested group within this group.
|
abstract void |
setGroupDN(org.forgerock.opendj.ldap.Dn groupDN)
Sets the DN of the entry that contains the definition for this group.
|
abstract boolean |
supportsNestedGroups()
Indicates whether this group supports nesting other groups, such that the members of the nested groups will also
be considered members of this group.
|
String |
toString()
Retrieves a string representation of this group.
|
abstract void |
toString(StringBuilder buffer)
Appends a string representation of this group to the provided buffer.
|
abstract void |
updateMembers(List<Modification> modifications)
Attempt to make multiple changes to the group's member list.
|
public abstract void initializeGroupImplementation(T configuration) throws org.forgerock.opendj.config.server.ConfigException, InitializationException
configuration
- The configuration for this group implementation.org.forgerock.opendj.config.server.ConfigException
- If there is a problem with the provided configuration entry.InitializationException
- If a problem occurs while attempting to initialize this group implementation that is not related to
the server configuration.public boolean isConfigurationAcceptable(T configuration, List<LocalizableMessage> unacceptableReasons)
configuration
- The group implementation configuration for which to make the determination.unacceptableReasons
- A list that may be used to hold the reasons that the provided configuration is not acceptable.true
if the provided configuration is acceptable for this group implementation, or false
if not.public void finalizeGroupImplementation()
public abstract Group<T> newInstance(ServerContext serverContext, Entry groupEntry) throws DirectoryException
initializeGroupImplementation
method.serverContext
- The server context.groupEntry
- The entry containing the definition for the group to be created.DirectoryException
- If a problem occurs while trying to create the group instance.public abstract SearchFilter getGroupDefinitionFilter() throws DirectoryException
initializeGroupImplementation
method.DirectoryException
- If a problem occurs while trying to locate all of the applicable group definition entries.public abstract boolean isGroupDefinition(Entry entry)
entry
- The entry for which to make the determination.true
if the provided entry does contain a valid definition for this type of group, or
false
if it does not.public abstract org.forgerock.opendj.ldap.Dn getGroupDN()
public abstract void setGroupDN(org.forgerock.opendj.ldap.Dn groupDN)
groupDN
- The DN of the entry that contains the definition for this group.public abstract boolean supportsNestedGroups()
true
if this group supports nesting other groups, or false
if it does not.public abstract List<org.forgerock.opendj.ldap.Dn> getNestedGroupDNs()
public abstract void addNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN) throws UnsupportedOperationException, DirectoryException
nestedGroupDN
- The DN of the group that should be added to the set of nested groups for this group.UnsupportedOperationException
- If this group does not support nesting.DirectoryException
- If a problem occurs while attempting to nest the provided group DN.public abstract void removeNestedGroup(org.forgerock.opendj.ldap.Dn nestedGroupDN) throws UnsupportedOperationException, DirectoryException
nestedGroupDN
- The DN of the group that should be removed from the set of nested groups for this group.UnsupportedOperationException
- If this group does not support nesting.DirectoryException
- If a problem occurs while attempting to nest the provided group DN.public boolean isMember(org.forgerock.opendj.ldap.Dn userDN) throws DirectoryException
userDN
- The DN of the user for which to make the determination.true
if the specified user is currently a member of this group, or false
if not.DirectoryException
- If a problem occurs while attempting to make the determination.public abstract boolean isMember(org.forgerock.opendj.ldap.Dn userDN, AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups) throws DirectoryException
userDN
- The DN of the user for which to make the determination.examinedGroups
- A set of groups that have already been examined in the process of making the determination. This
provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups
include each other as nested groups). Each time a group instance is checked, its DN should be added to
the list, and any DN already contained in the list should be skipped. The use of an atomic reference
allow to lazily create the Set to optimize memory when there is no nested groups.true
if the specified user is currently a member of this group, or false
if not.DirectoryException
- If a problem occurs while attempting to make the determination.public boolean isMember(Entry userEntry) throws DirectoryException
userEntry
- The entry for the user for which to make the determination.true
if the specified user is currently a member of this group, or false
if not.DirectoryException
- If a problem occurs while attempting to make the determination.public abstract boolean isMember(Entry userEntry, AtomicReference<Set<org.forgerock.opendj.ldap.Dn>> examinedGroups) throws DirectoryException
userEntry
- The entry for the user for which to make the determination.examinedGroups
- A set of groups that have already been examined in the process of making the determination. This
provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups
include each other as nested groups). Each time a group instance is checked, its DN should be added to
the list, and any DN already contained in the list should be skipped. The use of an atomic reference
allow to lazily create the Set to optimize memory when there is no nested groups.true
if the specified user is currently a member of this group, or false
if not.DirectoryException
- If a problem occurs while attempting to make the determination.public MemberList getMembers() throws DirectoryException
DirectoryException
- If a problem occurs while attempting to retrieve the set of members.public abstract MemberList getMembers(org.forgerock.opendj.ldap.Dn baseDN, org.forgerock.opendj.ldap.SearchScope scope, SearchFilter filter) throws DirectoryException
baseDN
- The base DN that should be used when determining whether a given entry will be returned. If this is
null
, then all entries will be considered in the scope of the criteria.scope
- The scope that should be used when determining whether a given entry will be returned. It must not be
null
if the provided base DN is not null
. The scope will be ignored if no base DN is
provided.filter
- The filter that should be used when determining whether a given entry will be returned. If this is
null
, then any entry in the scope of the criteria will be included in the results.DirectoryException
- If a problem occurs while attempting to retrieve the set of members.public abstract boolean mayAlterMemberList()
true
if it is possible to add members to this group, or false
if not.public abstract void updateMembers(List<Modification> modifications) throws UnsupportedOperationException, DirectoryException
modifications
- The list of modifications being made to the group, which may include changes to non-member attributes.UnsupportedOperationException
- If this group does not support altering the member list.DirectoryException
- If a problem occurs while attempting to update the members.public abstract void addMember(Entry userEntry) throws UnsupportedOperationException, DirectoryException
userEntry
- The entry for the user to be added as a member of this group.UnsupportedOperationException
- If this group does not support altering the member list.DirectoryException
- If a problem occurs while attempting to add the provided user as a member of this group.public abstract void removeMember(org.forgerock.opendj.ldap.Dn userDN) throws UnsupportedOperationException, DirectoryException
userDN
- The DN of the user to remove as a member of this group.UnsupportedOperationException
- If this group does not support altering the member list.DirectoryException
- If a problem occurs while attempting to remove the provided user as a member of this group.public String toString()
public abstract void toString(StringBuilder buffer)
buffer
- The buffer to which the string representation should be appended.Copyright © 2010–2017 ForgeRock AS. All rights reserved.