Package org.opends.server.api

Interface Group

All Known Implementing Classes:
DynamicGroup, StaticGroup, VirtualStaticGroup
public interface Group
This interface defines the set of methods that must be implemented by a Directory Server group. It is expected that there will be a number of different types of groups (e.g., legacy static and dynamic groups, and virtual static groups). The following operations may be performed on a group:
  • Determining whether a given user is a member of this group
  • Determining the set of members for this group, optionally filtered based on some set of criteria.
  • Retrieving or updating the set of nested groups for this group, if the underlying group type supports nesting).
  • Updating the set of members for this group, if the underlying group type provides the ability to explicitly add or remove members.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Interface
    Description
    static final class 
    Group.ExaminedGroups
    Class holding the already visited groups.

  • Method Summary

    Modifier and Type
    Method
    Description
    Flowable<Entry>
    getAllMembers(Dn baseDN, SearchScope scope, Filter filter)
    Retrieves an iterator that may be used to cursor through the entries of the members contained in this group, or its nested groups.
    Dn
    getGroupDN()
    Retrieves the DN of the entry that contains the definition for this group.
    Flowable<Dn>
    getMemberDns()
    Retrieves an iterator that may be used to cursor through the Dns of the members contained in this group.
    default boolean
    isMember(Dn userDN)
    Indicates whether the user with the specified DN is a member of this group.
    boolean
    isMember(Dn userDN, Group.ExaminedGroups examinedGroups)
    Indicates whether the user with the specified DN is a member of this group.
    default boolean
    isMember(Entry userEntry)
    Indicates whether the user described by the provided user entry is a member of this group.
    boolean
    isMember(Entry userEntry, Group.ExaminedGroups examinedGroups)
    Indicates whether the user described by the provided user entry is a member of this group.
    boolean
    mayAlterMemberList()
    Indicates whether it is possible to alter the member list for this group (e.g., in order to add members to the group or remove members from it).
    void
    rename(Dn newGroupDn, Entry newBaseEntry)
    Renames this group, and use the provided DN as the new name for this group.
    void
    updateMembers(Entry newGroupEntry, List<Modification> modifications)
    Attempt to make multiple changes to the group's member list.
    boolean
    updatesMembers(String modifiedAttributeName)
    Indicates whether the attribute modification impacts the membership of this group.

  • Method Details

    • getGroupDN

      Dn getGroupDN()
      Retrieves the DN of the entry that contains the definition for this group.
      Returns:
      The DN of the entry that contains the definition for this group.

    • rename

      void rename(Dn newGroupDn, Entry newBaseEntry)
      Renames this group, and use the provided DN as the new name for this group.
      Parameters:
      newGroupDn - The new name for this group.
      newBaseEntry - The newly renamed base entry.

    • isMember

      default boolean isMember(Dn userDN) throws LdapException
      Indicates whether the user with the specified DN is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result.
      Parameters:
      userDN - The DN of the user for which to make the determination.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      boolean isMember(Dn userDN, Group.ExaminedGroups examinedGroups) throws LdapException
      Indicates whether the user with the specified DN is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Parameters:
      userDN - The DN of the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      default boolean isMember(Entry userEntry) throws LdapException
      Indicates whether the user described by the provided user entry is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result.
      Parameters:
      userEntry - The entry for the user for which to make the determination.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      boolean isMember(Entry userEntry, Group.ExaminedGroups examinedGroups) throws LdapException
      Indicates whether the user described by the provided user entry is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Parameters:
      userEntry - The entry for the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • getMemberDns

      Flowable<Dn> getMemberDns()
      Retrieves an iterator that may be used to cursor through the Dns of the members contained in this group. Note that this is a point-in-time determination, and the caller must not cache the result. Further, the determination should only include this group and not members from nested groups.
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.

    • getAllMembers

      Flowable<Entry> getAllMembers(Dn baseDN, SearchScope scope, Filter filter)
      Retrieves an iterator that may be used to cursor through the entries of the members contained in this group, or its nested groups. It may optionally retrieve a subset of the member entries based on a given set of criteria. Note that this is a point-in-time determination, and the caller must not cache the result.
      Parameters:
      baseDN - The base DN that should be used when determining whether a given entry will be returned. If this is null, then all entries will be considered in the scope of the criteria.
      scope - The scope that should be used when determining whether a given entry will be returned. It must not be null if the provided base DN is not null. The scope will be ignored if no base DN is provided.
      filter - The filter that should be used when determining whether a given entry will be returned. If this is null, then any entry in the scope of the criteria will be included in the results.
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.

    • mayAlterMemberList

      boolean mayAlterMemberList()
      Indicates whether it is possible to alter the member list for this group (e.g., in order to add members to the group or remove members from it).
      Returns:
      true if it is possible to add members to this group, or false if not.

    • updatesMembers

      boolean updatesMembers(String modifiedAttributeName)
      Indicates whether the attribute modification impacts the membership of this group.
      Parameters:
      modifiedAttributeName - the modified attribute name
      Returns:
      true if the modified attribute impacts the membership of this group.

    • updateMembers

      void updateMembers(Entry newGroupEntry, List<Modification> modifications) throws UnsupportedOperationException, LdapException
      Attempt to make multiple changes to the group's member list.
      Parameters:
      newGroupEntry - The new entry corresponding to the group without virtual attributes.
      modifications - The list of modifications being made to the group, which may include changes to non-member attributes.
      Throws:
      UnsupportedOperationException - If this group does not support altering the member list.
      LdapException - If a problem occurs while attempting to update the members.