Class DynamicGroup

java.lang.Object
org.opends.server.extensions.DynamicGroup
All Implemented Interfaces:
Group

public final class DynamicGroup extends Object implements Group
This class provides a dynamic group implementation, in which membership is determined dynamically based on criteria provided in the form of one or more LDAP URLs. All dynamic groups should contain the groupOfURLs object class, with the memberURL attribute specifying the membership criteria.
  • Constructor Details

    • DynamicGroup

      public DynamicGroup(ServerContext serverContext, Dn groupEntryDN, LinkedHashSet<LdapUrl> memberURLs)
      Creates a new dynamic group instance with the provided information.
      Parameters:
      serverContext - The server context
      groupEntryDN - The DN of the entry that holds the definition for this group. It must not be null.
      memberURLs - The set of LDAP URLs that define the membership criteria for this group. It must not be null.
  • Method Details

    • newInstance

      public static DynamicGroup newInstance(ServerContext serverContext, Entry groupEntry)
      Creates a new group of this type based on the definition contained in the provided entry.
      Parameters:
      serverContext - The server context
      groupEntry - The entry containing the definition for the group to be created.
      Returns:
      The group instance created from the definition in the provided entry.
    • getGroupDefinitionFilter

      public static Filter getGroupDefinitionFilter()
      Retrieves a search filter that may be used to identify entries containing definitions for groups of this type in the Directory Server.
      Returns:
      A search filter that may be used to identify entries containing definitions for groups of this type in the Directory Server.
    • isGroupDefinition

      public static boolean isGroupDefinition(Entry entry)
      Indicates whether the provided entry contains a valid definition for this type of group.
      Parameters:
      entry - The entry for which to make the determination.
      Returns:
      true if the provided entry does contain a valid definition for this type of group, or false if it does not.
    • getGroupDN

      public Dn getGroupDN()
      Description copied from interface: Group
      Retrieves the DN of the entry that contains the definition for this group.
      Specified by:
      getGroupDN in interface Group
      Returns:
      The DN of the entry that contains the definition for this group.
    • rename

      public void rename(Dn newGroupDn, Entry newBaseEntry)
      Description copied from interface: Group
      Renames this group, and use the provided DN as the new name for this group.
      Specified by:
      rename in interface Group
      Parameters:
      newGroupDn - The new name for this group.
      newBaseEntry - The newly renamed base entry.
    • getMemberURLs

      public LdapUrl[] getMemberURLs()
      Retrieves the set of member URLs for this dynamic group. The returned set must not be altered by the caller.
      Returns:
      The set of member URLs for this dynamic group.
    • isMember

      public boolean isMember(Dn userDN, Group.ExaminedGroups examinedGroups) throws LdapException
      Description copied from interface: Group
      Indicates whether the user with the specified DN is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Specified by:
      isMember in interface Group
      Parameters:
      userDN - The DN of the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.
    • isMember

      public boolean isMember(Entry userEntry, Group.ExaminedGroups examinedGroups)
      Description copied from interface: Group
      Indicates whether the user described by the provided user entry is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Specified by:
      isMember in interface Group
      Parameters:
      userEntry - The entry for the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
    • getMemberDns

      public Flowable<Dn> getMemberDns()
      Description copied from interface: Group
      Retrieves an iterator that may be used to cursor through the Dns of the members contained in this group. Note that this is a point-in-time determination, and the caller must not cache the result. Further, the determination should only include this group and not members from nested groups.
      Specified by:
      getMemberDns in interface Group
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.
    • getAllMembers

      public Flowable<Entry> getAllMembers(Dn baseDN, SearchScope scope, Filter filter)
      Description copied from interface: Group
      Retrieves an iterator that may be used to cursor through the entries of the members contained in this group, or its nested groups. It may optionally retrieve a subset of the member entries based on a given set of criteria. Note that this is a point-in-time determination, and the caller must not cache the result.
      Specified by:
      getAllMembers in interface Group
      Parameters:
      baseDN - The base DN that should be used when determining whether a given entry will be returned. If this is null, then all entries will be considered in the scope of the criteria.
      scope - The scope that should be used when determining whether a given entry will be returned. It must not be null if the provided base DN is not null. The scope will be ignored if no base DN is provided.
      filter - The filter that should be used when determining whether a given entry will be returned. If this is null, then any entry in the scope of the criteria will be included in the results.
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.
    • mayAlterMemberList

      public boolean mayAlterMemberList()
      Description copied from interface: Group
      Indicates whether it is possible to alter the member list for this group (e.g., in order to add members to the group or remove members from it).
      Specified by:
      mayAlterMemberList in interface Group
      Returns:
      true if it is possible to add members to this group, or false if not.
    • updatesMembers

      public boolean updatesMembers(String modifiedAttributeName)
      Description copied from interface: Group
      Indicates whether the attribute modification impacts the membership of this group.
      Specified by:
      updatesMembers in interface Group
      Parameters:
      modifiedAttributeName - the modified attribute name
      Returns:
      true if the modified attribute impacts the membership of this group.
    • updateMembers

      public void updateMembers(Entry newGroupEntry, List<Modification> modifications)
      Description copied from interface: Group
      Attempt to make multiple changes to the group's member list.
      Specified by:
      updateMembers in interface Group
      Parameters:
      newGroupEntry - The new entry corresponding to the group without virtual attributes.
      modifications - The list of modifications being made to the group, which may include changes to non-member attributes.
    • toString

      public String toString()
      Overrides:
      toString in class Object