Package net.sf.basedb.core

Class Group

java.lang.Object
net.sf.basedb.core.BasicItem
net.sf.basedb.core.Group
All Implemented Interfaces:
AccessControlled, Identifiable, Nameable, Registered, Removable, SystemItem
public class Group
extends BasicItem
implements Nameable, Removable, SystemItem, Registered
This class is used to represent groups. Groups are used in the permission system to make it possible for a user to share items with other users.

Groups are intended to represent the actual organisation of a company/organisation. For example a top-level group "The company" may contain the sub-groups "Sales", "Marketing" and "Research". Individual users should be added to the sub-groups only.

BASE comes with the predefined group Everyone, which cannot contain any members, except that the permission system works as if everyone is a member.

Version:
2.0
Author:
Nicklas
See Also:
Role, Project
Last modified
$Date: 2017-05-22 14:35:27 +0200 (må, 22 maj 2017) $

  • Field Details

    • TYPE

      public static final Item TYPE
      The type of item represented by this class.
      See Also:
      Item.GROUP, getType()

    • EVERYONE

      public static final String EVERYONE
      The id of the Everyone group where all users are (virtual) members.
      See Also:
      Constant Field Values

    • RUNTIME_FILTER

      private static final QueryRuntimeFilter RUNTIME_FILTER
      This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.

  • Constructor Details

  • Method Details

    • getNew

      public static Group getNew​(DbControl dc) throws BaseException
      Create a new Group item.
      Parameters:
      dc - The DbControl which will be used for permission checking and database access.
      Returns:
      The new Group item
      Throws:
      BaseException - If there is an error

    • getById

      public static Group getById​(DbControl dc, int id) throws ItemNotFoundException, PermissionDeniedException, BaseException
      Get a Group item when you know the ID.
      Parameters:
      dc - The DbControl which will be used for permission checking and database access.
      id - The ID of the item to load
      Returns:
      The Group item
      Throws:
      ItemNotFoundException - If an item with the specified ID is not found
      PermissionDeniedException - If the logged in user doesn't have Permission.READ permission to the item
      BaseException - If there is another error

    • getGroupsRecursive

      public static Set<Integer> getGroupsRecursive​(DbControl dc, Set<Integer> groups)
      Load all groups withing groups.
      Parameters:
      dc - The DbControl to use for database access
      groups - The groups to start with
      Returns:
      A set containing the starting groups, the groups that are members of the start groups and the groups that are members following subgroups down as far as possible

    • getGroupsRecursive

      static Set<Integer> getGroupsRecursive​(Session session, Collection<Integer> groups)

    • getQuery

      public static ItemQuery<Group> getQuery()
      Get a query configured to retrieve groups. If the logged in user doesn't have generic permission to all groups, only groups where the logged in user is a member are returned.
      Returns:
      An ItemQuery object

    • getData

      GroupData getData()
      Description copied from class: BasicItem
      Get the BasicData object that holds all data for this item.
      Specified by:
      getData in class BasicItem

    • getType

      public Item getType()
      Description copied from interface: Identifiable
      Get the type of item represented by the object. The returned value is one of the values defined in the Item enumeration.
      Specified by:
      getType in interface Identifiable
      Returns:
      A value indicating the type of item

    • getName

      public String getName()
      Description copied from interface: Nameable
      Get the name of the item.
      Specified by:
      getName in interface Nameable
      Returns:
      A String with the name of the item

    • setName

      public void setName​(String name) throws PermissionDeniedException, InvalidDataException
      Description copied from interface: Nameable
      Set the name of the item. The name cannot be null and mustn't be longer than the value specified by the Nameable.MAX_NAME_LENGTH constant.
      Specified by:
      setName in interface Nameable
      Parameters:
      name - The new name for the item
      Throws:
      PermissionDeniedException - If the logged in user doesn't have write permission
      InvalidDataException - If the name is null or longer than specified by the Nameable.MAX_NAME_LENGTH constant

    • getDescription

      public String getDescription()
      Description copied from interface: Nameable
      Get the description for the item.
      Specified by:
      getDescription in interface Nameable
      Returns:
      A String with a description of the item

    • setDescription

      public void setDescription​(String description) throws PermissionDeniedException, InvalidDataException
      Description copied from interface: Nameable
      Set the description for the item. The description can be null but mustn't be longer than the value specified by the Nameable.MAX_DESCRIPTION_LENGTH constant.
      Specified by:
      setDescription in interface Nameable
      Parameters:
      description - The new description for the item
      Throws:
      PermissionDeniedException - If the logged in user doesn't have write permission
      InvalidDataException - If the description longer than specified by the Nameable.MAX_DESCRIPTION_LENGTH constant

    • isRemoved

      public boolean isRemoved()
      Description copied from interface: Removable
      Check if the removed flag is set for this item.
      Specified by:
      isRemoved in interface Removable
      Returns:
      TRUE if the item is flagged as removed, FALSE otherwise

    • setRemoved

      public void setRemoved​(boolean removed) throws PermissionDeniedException
      Description copied from interface: Removable
      Set the removed flag for this item.
      Specified by:
      setRemoved in interface Removable
      Parameters:
      removed - TRUE if the item should be flagged as removed, FALSE otherwise
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.DELETE permission for setting the flag to TRUE or Permission.WRITE permission for setting the flag to FALSE

    • getRemovedBy

      public User getRemovedBy() throws PermissionDeniedException, ItemNotFoundException
      Description copied from interface: Removable
      Get the user that flagged this item for removal.
      Specified by:
      getRemovedBy in interface Removable
      Returns:
      A User object, or null if this item has not been flagged
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.READ permission for the user
      ItemNotFoundException - If the user that removed this item can't be found

    • getSystemId

      public String getSystemId()
      Description copied from interface: SystemItem
      Get the system id for the item.
      Specified by:
      getSystemId in interface SystemItem
      Returns:
      The id of the item or null if it is not a system item

    • isSystemItem

      public boolean isSystemItem()
      Description copied from interface: SystemItem
      Check if the item is a system item or not. A system item have a non-null value for the system id.
      Specified by:
      isSystemItem in interface SystemItem
      Returns:
      TRUE if this item is a system item, FALSE otherwise

    • getEntryDate

      public Date getEntryDate()
      Description copied from interface: Registered
      Get the date that the item was registered in the database.
      Specified by:
      getEntryDate in interface Registered
      Returns:
      A date or null if this is not known

    • setEntryDate

      public void setEntryDate​(Date entryDate)
      Description copied from interface: Registered
      Set the date the entry was registered in the database. Implementations should only allow this property to be set before the item is first stored in the database. The intention of this method is to facilitate export/import of data between server.
      Specified by:
      setEntryDate in interface Registered
      Parameters:
      entryDate - A date or null to use today's date

    • onBeforeCommit

      void onBeforeCommit​(Transactional.Action action)
      Set group to null in disk usage where this group is referenced.
      Overrides:
      onBeforeCommit in class BasicItem
      See Also:
      Transactional, Developer documentation: Transactions, Developer documentation: Coding rules and guidelines for item classes

    • isUsed

      public boolean isUsed() throws BaseException
      Checks if:
      • A user has been assigned this group as a quota group
      There are also other items that can reference a group:
      • DiscUsage
      • Other groups
      • ItemKeys
      • Projects
      • Users (as group members)
      The links to all these items are automatically deleted if the group is deleted and aren't included in this check.
      Overrides:
      isUsed in class BasicItem
      Returns:
      TRUE if this item is used, FALSE otherwise
      Throws:
      BaseException - If not able to tell if item is used or not.
      See Also:
      BasicItem.getUsingItems()

    • getUsingItems

      public Set<ItemProxy> getUsingItems()
      Get all:
      • User:s assigned to this group as a quota group
      Overrides:
      getUsingItems in class BasicItem
      Returns:
      A set containing proxies for the items, or an empty set if no items are using this item
      Since:
      2.2
      See Also:
      BasicItem.addUsingItems(Set, Item, org.hibernate.query.Query)

    • initPermissions

      void initPermissions​(int granted, int denied) throws BaseException
      If the logged in user is a member of this group, read permission is granted. If this is a system group, delete and create permissions are revoked.
      Overrides:
      initPermissions in class BasicItem
      Parameters:
      granted - Permissions that have been granted by the subclass
      denied - Permissions that have been denied by the subclass
      Throws:
      BaseException - If the permissions couldn't be initialised

    • getQuota

      public Quota getQuota() throws PermissionDeniedException, BaseException
      Get the Quota that applies to the group.
      Returns:
      A Quota item, or null if no quota has been assigned to this group
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.READ permission to the item
      BaseException - If there is some other error.

    • setQuota

      public void setQuota​(Quota quota) throws PermissionDeniedException, InvalidDataException
      Set the quota for the group.
      Parameters:
      quota - The new Quota, or null to disable quota for this group
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group or Permission.USE permission for the quota
      InvalidDataException - If the quota is null

    • getDiskUsage

      public long getDiskUsage​(QuotaType quotaType, Location location) throws BaseException
      Get the used number of bytes for the specified quota type and location.
      Parameters:
      quotaType - The QuotaType. Null is not allowed.
      location - The location. Null is not allowed
      Returns:
      The number of bytes that have been used
      Throws:
      BaseException - If there is some kind of error.

    • isDefault

      public boolean isDefault()
      If this group should be assigned to new users by default or not.
      Since:
      2.4

    • setDefault

      public void setDefault​(boolean isDefault)
      If this group should be assigned to new users by default or not. Note! The client must call User.addToDefaultRolesAndGroups().
      Parameters:
      isDefault - The new setting
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group, or if this group is the EVERYONE group
      Since:
      2.4

    • hasHiddenMembers

      public boolean hasHiddenMembers()
      Does this group have hidden members? In a group with hidden members one user doesn't get read permission to other members of the same group.
      Returns:
      TRUE if the members are hidden
      Since:
      2.13

    • setHiddenMembers

      public void setHiddenMembers​(boolean hiddenMembers)
      Set the hidden members flag for this group.
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group, or if this group is the EVERYONE group
      Since:
      2.13

    • addUser

      public void addUser​(User user) throws PermissionDeniedException, InvalidDataException
      Add a user as a member to this group. It is not allowed to add members to the EVERYONE group.
      Parameters:
      user - The user to add
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group and Permission.USE for the user
      InvalidDataException - If the user is null

    • removeUser

      public void removeUser​(User user) throws PermissionDeniedException, InvalidDataException
      Remove a user that is a member of this group.
      Parameters:
      user - The user to remove
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group and Permission.USE for the user
      InvalidDataException - If the user is null

    • isMember

      public boolean isMember​(User user)
      Checks if a user is a member of this group. A useris counted as a member if it has been added to this group with the addUser(User) method or has been assigned this group as the User.getQuotaGroup().
      Parameters:
      user - The user to check
      Returns:
      TRUE if the user is a member, FALSE otherwise

    • getUsers

      public ItemQuery<User> getUsers() throws BaseException
      Get a query that returns the users that are members of this group. This query excludes users that the logged in user doesn't have permission to read.
      Returns:
      A query to select users from database with.
      Throws:
      BaseException - If there is an error when building the query.
      See Also:
      User.getQuery()

    • addGroup

      public void addGroup​(Group group) throws PermissionDeniedException, InvalidDataException
      Add a group as a member to this group. This method does nothing if one tries to add a group to itself. It is not allowed to add members to the EVERYONE group.
      Parameters:
      group - The group to add
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for both groups
      InvalidDataException - If the group is null

    • removeGroup

      public void removeGroup​(Group group) throws PermissionDeniedException, InvalidDataException
      Remove a group that is a member of this group.
      Parameters:
      group - The group to remove
      Throws:
      PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for both groups
      InvalidDataException - If the group is null

    • isMember

      public boolean isMember​(Group group)
      Checks if a group is a member of this group.
      Parameters:
      group - The group to check
      Returns:
      TRUE if the group is a member, FALSE otherwise

    • getGroups

      public ItemQuery<Group> getGroups()
      Get a query that returns the groups that are members of this group. This query excludes groups that the logged in user doesn't have permission to read.
      Returns:
      A restricted query to select groups from database with.
      See Also:
      getQuery()

    • getProjects

      public ItemQuery<Project> getProjects()
      Get a query that returns the projects that this group is a member of. This query excludes projects that the logged in user doesn't have permission to read.
      Returns:
      A restricted item query to select projects from database with.
      See Also:
      Project.getQuery()