Package net.sf.basedb.core

Class Group

java.lang.Object

net.sf.basedb.core.BasicItem

net.sf.basedb.core.Group

All Implemented Interfaces:

AccessControlled, Identifiable, Nameable, Registered, Removable, SystemItem

public class Group
extends BasicItem
implements Nameable, Removable, SystemItem, Registered

This class is used to represent groups. Groups are used in the permission system to make it possible for a user to share items with other users.

Groups are intended to represent the actual organisation of a company/organisation. For example a top-level group "The company" may contain the sub-groups "Sales", "Marketing" and "Research". Individual users should be added to the sub-groups only.

BASE comes with the predefined group Everyone, which cannot contain any members, except that the permission system works as if everyone is a member.

Version:

2.0

Author:

Nicklas

See Also:

• Role
• Project

Last modified

$Date: 2017-05-22 14:35:27 +0200 (må, 22 maj 2017) $

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private static class	Group.QueryRuntimeFilterImpl	A runtime filter implementation that limits a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	EVERYONE	The id of the Everyone group where all users are (virtual) members.
private static final QueryRuntimeFilter	RUNTIME_FILTER	This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.
static final Item	TYPE	The type of item represented by this class.

Fields inherited from interface net.sf.basedb.core.Nameable

MAX_DESCRIPTION_LENGTH, MAX_NAME_LENGTH

Fields inherited from interface net.sf.basedb.core.SystemItem

MAX_SYSTEM_ID_LENGTH

Constructor Summary

Constructors

Constructor	Description
Group(GroupData groupData)

Method Summary

Modifier and Type	Method	Description
void	addGroup(Group group)	Add a group as a member to this group.
void	addUser(User user)	Add a user as a member to this group.
static Group	getById(DbControl dc, int id)	Get a Group item when you know the ID.
(package private) GroupData	getData()	Get the BasicData object that holds all data for this item.
String	getDescription()	Get the description for the item.
long	getDiskUsage(QuotaType quotaType, Location location)	Get the used number of bytes for the specified quota type and location.
Date	getEntryDate()	Get the date that the item was registered in the database.
ItemQuery<Group>	getGroups()	Get a query that returns the groups that are members of this group.
static Set<Integer>	getGroupsRecursive(DbControl dc, Set<Integer> groups)	Load all groups withing groups.
(package private) static Set<Integer>	getGroupsRecursive(Session session, Collection<Integer> groups)
String	getName()	Get the name of the item.
static Group	getNew(DbControl dc)	Create a new Group item.
ItemQuery<Project>	getProjects()	Get a query that returns the projects that this group is a member of.
static ItemQuery<Group>	getQuery()	Get a query configured to retrieve groups.
Quota	getQuota()	Get the Quota that applies to the group.
User	getRemovedBy()	Get the user that flagged this item for removal.
String	getSystemId()	Get the system id for the item.
Item	getType()	Get the type of item represented by the object.
ItemQuery<User>	getUsers()	Get a query that returns the users that are members of this group.
Set<ItemProxy>	getUsingItems()	Get all: User:s assigned to this group as a quota group
boolean	hasHiddenMembers()	Does this group have hidden members?
(package private) void	initPermissions(int granted, int denied)	If the logged in user is a member of this group, read permission is granted.
boolean	isDefault()	If this group should be assigned to new users by default or not.
boolean	isMember(Group group)	Checks if a group is a member of this group.
boolean	isMember(User user)	Checks if a user is a member of this group.
boolean	isRemoved()	Check if the removed flag is set for this item.
boolean	isSystemItem()	Check if the item is a system item or not.
boolean	isUsed()	Checks if: A user has been assigned this group as a quota group There are also other items that can reference a group: DiscUsage Other groups ItemKeys Projects Users (as group members) The links to all these items are automatically deleted if the group is deleted and aren't included in this check.
(package private) void	onBeforeCommit(Transactional.Action action)	Set group to null in disk usage where this group is referenced.
void	removeGroup(Group group)	Remove a group that is a member of this group.
void	removeUser(User user)	Remove a user that is a member of this group.
void	setDefault(boolean isDefault)	If this group should be assigned to new users by default or not.
void	setDescription(String description)	Set the description for the item.
void	setEntryDate(Date entryDate)	Set the date the entry was registered in the database.
void	setHiddenMembers(boolean hiddenMembers)	Set the hidden members flag for this group.
void	setName(String name)	Set the name of the item.
void	setQuota(Quota quota)	Set the quota for the group.
void	setRemoved(boolean removed)	Set the removed flag for this item.

Methods inherited from class net.sf.basedb.core.BasicItem

addAnnotatableParents, addUsingItems, addUsingItems, breakCircularReferences, checkBatchAnnotatableUsage, checkPermission, equals, getBasicData, getDbControl, getId, getPermissions, getPluginPermissions, getSessionControl, getVersion, hashCode, hasPermission, isDetached, isInDatabase, onAfterCommit, onAfterInsert, onRollback, setDbControl, setProjectDefaults, toString, validate

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface net.sf.basedb.core.AccessControlled

checkPermission, getPermissions, hasPermission

Methods inherited from interface net.sf.basedb.core.Identifiable

getId, getVersion

Field Details

TYPE

public static final Item TYPE

The type of item represented by this class.

See Also:

• Item.GROUP
• getType()

EVERYONE

public static final String EVERYONE

The id of the Everyone group where all users are (virtual) members.

See Also:

• Constant Field Values

RUNTIME_FILTER

private static final QueryRuntimeFilter RUNTIME_FILTER

This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.

Constructor Details

Group

Group(GroupData groupData)

Method Details

getNew

public static Group getNew(DbControl dc)
                    throws BaseException

Create a new Group item.

Parameters:

dc - The DbControl which will be used for permission checking and database access.

Returns:

The new Group item

Throws:

BaseException - If there is an error

getById

public static Group getById(DbControl dc,
 int id)
                     throws ItemNotFoundException,
PermissionDeniedException,
BaseException

Get a Group item when you know the ID.

Parameters:

dc - The DbControl which will be used for permission checking and database access.

id - The ID of the item to load

Returns:

The Group item

Throws:

ItemNotFoundException - If an item with the specified ID is not found

PermissionDeniedException - If the logged in user doesn't have Permission.READ permission to the item

BaseException - If there is another error

getGroupsRecursive

public static Set<Integer> getGroupsRecursive(DbControl dc,
 Set<Integer> groups)

Load all groups withing groups.

Parameters:

dc - The DbControl to use for database access

groups - The groups to start with

Returns:

A set containing the starting groups, the groups that are members of the start groups and the groups that are members following subgroups down as far as possible

getGroupsRecursive

static Set<Integer> getGroupsRecursive(Session session,
 Collection<Integer> groups)

getQuery

public static ItemQuery<Group> getQuery()

Get a query configured to retrieve groups. If the logged in user doesn't have generic permission to all groups, only groups where the logged in user is a member are returned.

Returns:

An ItemQuery object

getData

GroupData getData()

Description copied from class: BasicItem

Get the BasicData object that holds all data for this item.

Specified by:

getData in class BasicItem

getType

public Item getType()

Description copied from interface: Identifiable

Get the type of item represented by the object. The returned value is one of the values defined in the Item enumeration.

Specified by:

getType in interface Identifiable

Returns:

A value indicating the type of item

getName

public String getName()

Description copied from interface: Nameable

Get the name of the item.

Specified by:

getName in interface Nameable

Returns:

A String with the name of the item

setName

public void setName(String name)
             throws PermissionDeniedException,
InvalidDataException

Description copied from interface: Nameable

Set the name of the item. The name cannot be null and mustn't be longer than the value specified by the Nameable.MAX_NAME_LENGTH constant.

Specified by:

setName in interface Nameable

Parameters:

name - The new name for the item

Throws:

PermissionDeniedException - If the logged in user doesn't have write permission

InvalidDataException - If the name is null or longer than specified by the Nameable.MAX_NAME_LENGTH constant

getDescription

public String getDescription()

Description copied from interface: Nameable

Get the description for the item.

Specified by:

getDescription in interface Nameable

Returns:

A String with a description of the item

setDescription

public void setDescription(String description)
                    throws PermissionDeniedException,
InvalidDataException

Description copied from interface: Nameable

Set the description for the item. The description can be null but mustn't be longer than the value specified by the Nameable.MAX_DESCRIPTION_LENGTH constant.

Specified by:

setDescription in interface Nameable

Parameters:

description - The new description for the item

Throws:

PermissionDeniedException - If the logged in user doesn't have write permission

InvalidDataException - If the description longer than specified by the Nameable.MAX_DESCRIPTION_LENGTH constant

isRemoved

public boolean isRemoved()

Description copied from interface: Removable

Check if the removed flag is set for this item.

Specified by:

isRemoved in interface Removable

Returns:

TRUE if the item is flagged as removed, FALSE otherwise

setRemoved

public void setRemoved(boolean removed)
                throws PermissionDeniedException

Description copied from interface: Removable

Set the removed flag for this item.

Specified by:

setRemoved in interface Removable

Parameters:

removed - TRUE if the item should be flagged as removed, FALSE otherwise

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.DELETE permission for setting the flag to TRUE or Permission.WRITE permission for setting the flag to FALSE

getRemovedBy

public User getRemovedBy()
                  throws PermissionDeniedException,
ItemNotFoundException

Description copied from interface: Removable

Get the user that flagged this item for removal.

Specified by:

getRemovedBy in interface Removable

Returns:

A User object, or null if this item has not been flagged

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.READ permission for the user

ItemNotFoundException - If the user that removed this item can't be found

getSystemId

public String getSystemId()

Description copied from interface: SystemItem

Get the system id for the item.

Specified by:

getSystemId in interface SystemItem

Returns:

The id of the item or null if it is not a system item

isSystemItem

public boolean isSystemItem()

Description copied from interface: SystemItem

Check if the item is a system item or not. A system item have a non-null value for the system id.

Specified by:

isSystemItem in interface SystemItem

Returns:

TRUE if this item is a system item, FALSE otherwise

getEntryDate

public Date getEntryDate()

Description copied from interface: Registered

Get the date that the item was registered in the database.

Specified by:

getEntryDate in interface Registered

Returns:

A date or null if this is not known

setEntryDate

public void setEntryDate(Date entryDate)

Description copied from interface: Registered

Set the date the entry was registered in the database. Implementations should only allow this property to be set before the item is first stored in the database. The intention of this method is to facilitate export/import of data between server.

Specified by:

setEntryDate in interface Registered

Parameters:

entryDate - A date or null to use today's date

onBeforeCommit

void onBeforeCommit(Transactional.Action action)

Set group to null in disk usage where this group is referenced.

Overrides:

onBeforeCommit in class BasicItem

See Also:

• Transactional
• Developer documentation: Transactions
• Developer documentation: Coding rules and guidelines for item classes

isUsed

public boolean isUsed()
               throws BaseException

Checks if:

• A user has been assigned this group as a quota group

There are also other items that can reference a group:

• DiscUsage
• Other groups
• ItemKeys
• Projects
• Users (as group members)

The links to all these items are automatically deleted if the group is deleted and aren't included in this check.

Overrides:

isUsed in class BasicItem

Returns:

TRUE if this item is used, FALSE otherwise

Throws:

BaseException - If not able to tell if item is used or not.

See Also:

• BasicItem.getUsingItems()

getUsingItems

public Set<ItemProxy> getUsingItems()

Get all:

• User:s assigned to this group as a quota group

Overrides:

getUsingItems in class BasicItem

Returns:

A set containing proxies for the items, or an empty set if no items are using this item

Since:

2.2

See Also:

• BasicItem.addUsingItems(Set, Item, org.hibernate.query.Query)

initPermissions

void initPermissions(int granted,
 int denied)
              throws BaseException

If the logged in user is a member of this group, read permission is granted. If this is a system group, delete and create permissions are revoked.

Overrides:

initPermissions in class BasicItem

Parameters:

granted - Permissions that have been granted by the subclass

denied - Permissions that have been denied by the subclass

Throws:

BaseException - If the permissions couldn't be initialised

getQuota

public Quota getQuota()
               throws PermissionDeniedException,
BaseException

Get the Quota that applies to the group.

Returns:

A Quota item, or null if no quota has been assigned to this group

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.READ permission to the item

BaseException - If there is some other error.

setQuota

public void setQuota(Quota quota)
              throws PermissionDeniedException,
InvalidDataException

Set the quota for the group.

Parameters:

quota - The new Quota, or null to disable quota for this group

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group or Permission.USE permission for the quota

InvalidDataException - If the quota is null

getDiskUsage

public long getDiskUsage(QuotaType quotaType,
 Location location)
                  throws BaseException

Get the used number of bytes for the specified quota type and location.

Parameters:

quotaType - The QuotaType. Null is not allowed.

location - The location. Null is not allowed

Returns:

The number of bytes that have been used

Throws:

BaseException - If there is some kind of error.

isDefault

public boolean isDefault()

If this group should be assigned to new users by default or not.

Since:

2.4

setDefault

public void setDefault(boolean isDefault)

If this group should be assigned to new users by default or not. Note! The client must call User.addToDefaultRolesAndGroups().

Parameters:

isDefault - The new setting

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group, or if this group is the EVERYONE group

Since:

2.4

hasHiddenMembers

public boolean hasHiddenMembers()

Does this group have hidden members? In a group with hidden members one user doesn't get read permission to other members of the same group.

Returns:

TRUE if the members are hidden

Since:

2.13

setHiddenMembers

public void setHiddenMembers(boolean hiddenMembers)

Set the hidden members flag for this group.

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group, or if this group is the EVERYONE group

Since:

2.13

addUser

public void addUser(User user)
             throws PermissionDeniedException,
InvalidDataException

Add a user as a member to this group. It is not allowed to add members to the EVERYONE group.

Parameters:

user - The user to add

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group and Permission.USE for the user

InvalidDataException - If the user is null

removeUser

public void removeUser(User user)
                throws PermissionDeniedException,
InvalidDataException

Remove a user that is a member of this group.

Parameters:

user - The user to remove

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for the group and Permission.USE for the user

InvalidDataException - If the user is null

isMember

public boolean isMember(User user)

Checks if a user is a member of this group. A useris counted as a member if it has been added to this group with the addUser(User) method or has been assigned this group as the User.getQuotaGroup().

Parameters:

user - The user to check

Returns:

TRUE if the user is a member, FALSE otherwise

getUsers

public ItemQuery<User> getUsers()
                         throws BaseException

Get a query that returns the users that are members of this group. This query excludes users that the logged in user doesn't have permission to read.

Returns:

A query to select users from database with.

Throws:

BaseException - If there is an error when building the query.

See Also:

• User.getQuery()

addGroup

public void addGroup(Group group)
              throws PermissionDeniedException,
InvalidDataException

Add a group as a member to this group. This method does nothing if one tries to add a group to itself. It is not allowed to add members to the EVERYONE group.

Parameters:

group - The group to add

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for both groups

InvalidDataException - If the group is null

removeGroup

public void removeGroup(Group group)
                 throws PermissionDeniedException,
InvalidDataException

Remove a group that is a member of this group.

Parameters:

group - The group to remove

Throws:

PermissionDeniedException - If the logged in user doesn't have Permission.WRITE permission for both groups

InvalidDataException - If the group is null

isMember

public boolean isMember(Group group)

Checks if a group is a member of this group.

Parameters:

group - The group to check

Returns:

TRUE if the group is a member, FALSE otherwise

getGroups

public ItemQuery<Group> getGroups()

Get a query that returns the groups that are members of this group. This query excludes groups that the logged in user doesn't have permission to read.

Returns:

A restricted query to select groups from database with.

See Also:

• getQuery()

getProjects

public ItemQuery<Project> getProjects()

Get a query that returns the projects that this group is a member of. This query excludes projects that the logged in user doesn't have permission to read.

Returns:

A restricted item query to select projects from database with.

See Also:

• Project.getQuery()