Package net.sf.basedb.core
Class Group
- java.lang.Object
-
- net.sf.basedb.core.BasicItem
-
- net.sf.basedb.core.Group
-
- All Implemented Interfaces:
AccessControlled
,Identifiable
,Nameable
,Registered
,Removable
,SystemItem
public class Group extends BasicItem implements Nameable, Removable, SystemItem, Registered
This class is used to represent groups. Groups are used in the permission system to make it possible for a user to share items with other users.Groups are intended to represent the actual organisation of a company/organisation. For example a top-level group "The company" may contain the sub-groups "Sales", "Marketing" and "Research". Individual users should be added to the sub-groups only.
BASE comes with the predefined group
Everyone
, which cannot contain any members, except that the permission system works as if everyone is a member.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private static class
Group.QueryRuntimeFilterImpl
A runtime filter implementation that limits a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.
-
Field Summary
Fields Modifier and Type Field Description static String
EVERYONE
The id of theEveryone
group where all users are (virtual) members.private static QueryRuntimeFilter
RUNTIME_FILTER
This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.static Item
TYPE
The type of item represented by this class.-
Fields inherited from interface net.sf.basedb.core.Nameable
MAX_DESCRIPTION_LENGTH, MAX_NAME_LENGTH
-
Fields inherited from interface net.sf.basedb.core.SystemItem
MAX_SYSTEM_ID_LENGTH
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addGroup(Group group)
Add a group as a member to this group.void
addUser(User user)
Add a user as a member to this group.static Group
getById(DbControl dc, int id)
Get aGroup
item when you know the ID.(package private) GroupData
getData()
Get theBasicData
object that holds all data for this item.String
getDescription()
Get the description for the item.long
getDiskUsage(QuotaType quotaType, Location location)
Get the used number of bytes for the specified quota type and location.Date
getEntryDate()
Get the date that the item was registered in the database.ItemQuery<Group>
getGroups()
Get a query that returns the groups that are members of this group.static Set<Integer>
getGroupsRecursive(DbControl dc, Set<Integer> groups)
Load all groups withing groups.(package private) static Set<Integer>
getGroupsRecursive(org.hibernate.Session session, Collection<Integer> groups)
String
getName()
Get the name of the item.static Group
getNew(DbControl dc)
Create a newGroup
item.ItemQuery<Project>
getProjects()
Get a query that returns the projects that this group is a member of.static ItemQuery<Group>
getQuery()
Get a query configured to retrieve groups.Quota
getQuota()
Get theQuota
that applies to the group.User
getRemovedBy()
Get the user that flagged this item for removal.String
getSystemId()
Get the system id for the item.Item
getType()
Get the type of item represented by the object.ItemQuery<User>
getUsers()
Get a query that returns the users that are members of this group.Set<ItemProxy>
getUsingItems()
Get all:User
:s assigned to this group as a quota groupboolean
hasHiddenMembers()
Does this group have hidden members?(package private) void
initPermissions(int granted, int denied)
If the logged in user is a member of this group, read permission is granted.boolean
isDefault()
If this group should be assigned to new users by default or not.boolean
isMember(Group group)
Checks if a group is a member of this group.boolean
isMember(User user)
Checks if a user is a member of this group.boolean
isRemoved()
Check if the removed flag is set for this item.boolean
isSystemItem()
Check if the item is a system item or not.boolean
isUsed()
Checks if: A user has been assigned this group as a quota group There are also other items that can reference a group: DiscUsage Other groups ItemKeys Projects Users (as group members) The links to all these items are automatically deleted if the group is deleted and aren't included in this check.(package private) void
onBeforeCommit(Transactional.Action action)
Set group to null in disk usage where this group is referenced.void
removeGroup(Group group)
Remove a group that is a member of this group.void
removeUser(User user)
Remove a user that is a member of this group.void
setDefault(boolean isDefault)
If this group should be assigned to new users by default or not.void
setDescription(String description)
Set the description for the item.void
setEntryDate(Date entryDate)
Set the date the entry was registered in the database.void
setHiddenMembers(boolean hiddenMembers)
Set the hidden members flag for this group.void
setName(String name)
Set the name of the item.void
setQuota(Quota quota)
Set the quota for the group.void
setRemoved(boolean removed)
Set the removed flag for this item.-
Methods inherited from class net.sf.basedb.core.BasicItem
addAnnotatableParents, addUsingItems, addUsingItems, breakCircularReferences, checkBatchAnnotatableUsage, checkPermission, equals, getBasicData, getDbControl, getId, getPermissions, getPluginPermissions, getSessionControl, getVersion, hashCode, hasPermission, isDetached, isInDatabase, onAfterCommit, onAfterInsert, onRollback, setDbControl, setProjectDefaults, toString, validate
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface net.sf.basedb.core.AccessControlled
checkPermission, getPermissions, hasPermission
-
Methods inherited from interface net.sf.basedb.core.Identifiable
getId, getVersion
-
-
-
-
Field Detail
-
TYPE
public static final Item TYPE
The type of item represented by this class.- See Also:
Item.GROUP
,getType()
-
EVERYONE
public static final String EVERYONE
The id of theEveryone
group where all users are (virtual) members.- See Also:
- Constant Field Values
-
RUNTIME_FILTER
private static final QueryRuntimeFilter RUNTIME_FILTER
This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.
-
-
Constructor Detail
-
Group
Group(GroupData groupData)
-
-
Method Detail
-
getNew
public static Group getNew(DbControl dc) throws BaseException
Create a newGroup
item.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.- Returns:
- The new
Group
item - Throws:
BaseException
- If there is an error
-
getById
public static Group getById(DbControl dc, int id) throws ItemNotFoundException, PermissionDeniedException, BaseException
Get aGroup
item when you know the ID.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.id
- The ID of the item to load- Returns:
- The
Group
item - Throws:
ItemNotFoundException
- If an item with the specified ID is not foundPermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is another error
-
getGroupsRecursive
public static Set<Integer> getGroupsRecursive(DbControl dc, Set<Integer> groups)
Load all groups withing groups.- Parameters:
dc
- The DbControl to use for database accessgroups
- The groups to start with- Returns:
- A set containing the starting groups, the groups that are members of the start groups and the groups that are members following subgroups down as far as possible
-
getGroupsRecursive
static Set<Integer> getGroupsRecursive(org.hibernate.Session session, Collection<Integer> groups)
-
getQuery
public static ItemQuery<Group> getQuery()
Get a query configured to retrieve groups. If the logged in user doesn't have generic permission to all groups, only groups where the logged in user is a member are returned.- Returns:
- An
ItemQuery
object
-
getData
GroupData getData()
Description copied from class:BasicItem
Get theBasicData
object that holds all data for this item.
-
getType
public Item getType()
Description copied from interface:Identifiable
Get the type of item represented by the object. The returned value is one of the values defined in theItem
enumeration.- Specified by:
getType
in interfaceIdentifiable
- Returns:
- A value indicating the type of item
-
getName
public String getName()
Description copied from interface:Nameable
Get the name of the item.
-
setName
public void setName(String name) throws PermissionDeniedException, InvalidDataException
Description copied from interface:Nameable
Set the name of the item. The name cannot be null and mustn't be longer than the value specified by theNameable.MAX_NAME_LENGTH
constant.- Specified by:
setName
in interfaceNameable
- Parameters:
name
- The new name for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the name is null or longer than specified by theNameable.MAX_NAME_LENGTH
constant
-
getDescription
public String getDescription()
Description copied from interface:Nameable
Get the description for the item.- Specified by:
getDescription
in interfaceNameable
- Returns:
- A
String
with a description of the item
-
setDescription
public void setDescription(String description) throws PermissionDeniedException, InvalidDataException
Description copied from interface:Nameable
Set the description for the item. The description can be null but mustn't be longer than the value specified by theNameable.MAX_DESCRIPTION_LENGTH
constant.- Specified by:
setDescription
in interfaceNameable
- Parameters:
description
- The new description for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the description longer than specified by theNameable.MAX_DESCRIPTION_LENGTH
constant
-
isRemoved
public boolean isRemoved()
Description copied from interface:Removable
Check if the removed flag is set for this item.
-
setRemoved
public void setRemoved(boolean removed) throws PermissionDeniedException
Description copied from interface:Removable
Set the removed flag for this item.- Specified by:
setRemoved
in interfaceRemovable
- Parameters:
removed
- TRUE if the item should be flagged as removed, FALSE otherwise- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.DELETE
permission for setting the flag to TRUE orPermission.WRITE
permission for setting the flag to FALSE
-
getRemovedBy
public User getRemovedBy() throws PermissionDeniedException, ItemNotFoundException
Description copied from interface:Removable
Get the user that flagged this item for removal.- Specified by:
getRemovedBy
in interfaceRemovable
- Returns:
- A User object, or null if this item has not been flagged
- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission for the userItemNotFoundException
- If the user that removed this item can't be found
-
getSystemId
public String getSystemId()
Description copied from interface:SystemItem
Get the system id for the item.- Specified by:
getSystemId
in interfaceSystemItem
- Returns:
- The id of the item or null if it is not a system item
-
isSystemItem
public boolean isSystemItem()
Description copied from interface:SystemItem
Check if the item is a system item or not. A system item have a non-null value for the system id.- Specified by:
isSystemItem
in interfaceSystemItem
- Returns:
- TRUE if this item is a system item, FALSE otherwise
-
getEntryDate
public Date getEntryDate()
Description copied from interface:Registered
Get the date that the item was registered in the database.- Specified by:
getEntryDate
in interfaceRegistered
- Returns:
- A date or null if this is not known
-
setEntryDate
public void setEntryDate(Date entryDate)
Description copied from interface:Registered
Set the date the entry was registered in the database. Implementations should only allow this property to be set before the item is first stored in the database. The intention of this method is to facilitate export/import of data between server.- Specified by:
setEntryDate
in interfaceRegistered
- Parameters:
entryDate
- A date or null to use today's date
-
onBeforeCommit
void onBeforeCommit(Transactional.Action action)
Set group to null in disk usage where this group is referenced.- Overrides:
onBeforeCommit
in classBasicItem
- See Also:
Transactional
, Developer documentation: Transactions, Developer documentation: Coding rules and guidelines for item classes
-
isUsed
public boolean isUsed() throws BaseException
Checks if:- A user has been assigned this group as a quota group
- DiscUsage
- Other groups
- ItemKeys
- Projects
- Users (as group members)
- Overrides:
isUsed
in classBasicItem
- Returns:
- TRUE if this item is used, FALSE otherwise
- Throws:
BaseException
- If not able to tell if item is used or not.- See Also:
BasicItem.getUsingItems()
-
getUsingItems
public Set<ItemProxy> getUsingItems()
Get all:User
:s assigned to this group as a quota group
- Overrides:
getUsingItems
in classBasicItem
- Returns:
- A set containing proxies for the items, or an empty set if no items are using this item
- Since:
- 2.2
- See Also:
BasicItem.addUsingItems(Set, Item, org.hibernate.query.Query)
-
initPermissions
void initPermissions(int granted, int denied) throws BaseException
If the logged in user is a member of this group, read permission is granted. If this is a system group, delete and create permissions are revoked.- Overrides:
initPermissions
in classBasicItem
- Parameters:
granted
- Permissions that have been granted by the subclassdenied
- Permissions that have been denied by the subclass- Throws:
BaseException
- If the permissions couldn't be initialised
-
getQuota
public Quota getQuota() throws PermissionDeniedException, BaseException
Get theQuota
that applies to the group.- Returns:
- A
Quota
item, or null if no quota has been assigned to this group - Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is some other error.
-
setQuota
public void setQuota(Quota quota) throws PermissionDeniedException, InvalidDataException
Set the quota for the group.- Parameters:
quota
- The newQuota
, or null to disable quota for this group- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group orPermission.USE
permission for the quotaInvalidDataException
- If the quota is null
-
getDiskUsage
public long getDiskUsage(QuotaType quotaType, Location location) throws BaseException
Get the used number of bytes for the specified quota type and location.- Parameters:
quotaType
- TheQuotaType
. Null is not allowed.location
- The location. Null is not allowed- Returns:
- The number of bytes that have been used
- Throws:
BaseException
- If there is some kind of error.
-
isDefault
public boolean isDefault()
If this group should be assigned to new users by default or not.- Since:
- 2.4
-
setDefault
public void setDefault(boolean isDefault)
If this group should be assigned to new users by default or not. Note! The client must callUser.addToDefaultRolesAndGroups()
.- Parameters:
isDefault
- The new setting- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group, or if this group is theEVERYONE
group- Since:
- 2.4
-
hasHiddenMembers
public boolean hasHiddenMembers()
Does this group have hidden members? In a group with hidden members one user doesn't get read permission to other members of the same group.- Returns:
- TRUE if the members are hidden
- Since:
- 2.13
-
setHiddenMembers
public void setHiddenMembers(boolean hiddenMembers)
Set the hidden members flag for this group.- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group, or if this group is theEVERYONE
group- Since:
- 2.13
-
addUser
public void addUser(User user) throws PermissionDeniedException, InvalidDataException
Add a user as a member to this group. It is not allowed to add members to theEVERYONE
group.- Parameters:
user
- The user to add- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group andPermission.USE
for the userInvalidDataException
- If the user is null
-
removeUser
public void removeUser(User user) throws PermissionDeniedException, InvalidDataException
Remove a user that is a member of this group.- Parameters:
user
- The user to remove- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group andPermission.USE
for the userInvalidDataException
- If the user is null
-
isMember
public boolean isMember(User user)
Checks if a user is a member of this group. A useris counted as a member if it has been added to this group with theaddUser(User)
method or has been assigned this group as theUser.getQuotaGroup()
.- Parameters:
user
- The user to check- Returns:
- TRUE if the user is a member, FALSE otherwise
-
getUsers
public ItemQuery<User> getUsers() throws BaseException
Get a query that returns the users that are members of this group. This query excludes users that the logged in user doesn't have permission to read.- Returns:
- A query to select users from database with.
- Throws:
BaseException
- If there is an error when building the query.- See Also:
User.getQuery()
-
addGroup
public void addGroup(Group group) throws PermissionDeniedException, InvalidDataException
Add a group as a member to this group. This method does nothing if one tries to add a group to itself. It is not allowed to add members to theEVERYONE
group.- Parameters:
group
- The group to add- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for both groupsInvalidDataException
- If the group is null
-
removeGroup
public void removeGroup(Group group) throws PermissionDeniedException, InvalidDataException
Remove a group that is a member of this group.- Parameters:
group
- The group to remove- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for both groupsInvalidDataException
- If the group is null
-
isMember
public boolean isMember(Group group)
Checks if a group is a member of this group.- Parameters:
group
- The group to check- Returns:
- TRUE if the group is a member, FALSE otherwise
-
getGroups
public ItemQuery<Group> getGroups()
Get a query that returns the groups that are members of this group. This query excludes groups that the logged in user doesn't have permission to read.- Returns:
- A restricted query to select groups from database with.
- See Also:
getQuery()
-
getProjects
public ItemQuery<Project> getProjects()
Get a query that returns the projects that this group is a member of. This query excludes projects that the logged in user doesn't have permission to read.- Returns:
- A restricted item query to select projects from database with.
- See Also:
Project.getQuery()
-
-