Package net.sf.basedb.core
Class Group
java.lang.Object
net.sf.basedb.core.BasicItem
net.sf.basedb.core.Group
- All Implemented Interfaces:
AccessControlled
,Identifiable
,Nameable
,Registered
,Removable
,SystemItem
This class is used to represent groups. Groups are used in the
permission system to make it possible for a user to share items
with other users.
Groups are intended to represent the actual organisation of a company/organisation. For example a top-level group "The company" may contain the sub-groups "Sales", "Marketing" and "Research". Individual users should be added to the sub-groups only.
BASE comes with the predefined group Everyone
,
which cannot contain any members, except that the permission system
works as if everyone is a member.
-
Nested Class Summary
Modifier and TypeClassDescriptionprivate static class
A runtime filter implementation that limits a query to only return groups where the logged in user is a member unless the logged in user has generic read permission. -
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The id of theEveryone
group where all users are (virtual) members.private static final QueryRuntimeFilter
This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.static final Item
The type of item represented by this class.Fields inherited from interface net.sf.basedb.core.Nameable
MAX_DESCRIPTION_LENGTH, MAX_NAME_LENGTH
Fields inherited from interface net.sf.basedb.core.SystemItem
MAX_SYSTEM_ID_LENGTH
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
Add a group as a member to this group.void
Add a user as a member to this group.static Group
Get aGroup
item when you know the ID.(package private) GroupData
getData()
Get theBasicData
object that holds all data for this item.Get the description for the item.long
getDiskUsage
(QuotaType quotaType, Location location) Get the used number of bytes for the specified quota type and location.Get the date that the item was registered in the database.Get a query that returns the groups that are members of this group.getGroupsRecursive
(DbControl dc, Set<Integer> groups) Load all groups withing groups.getGroupsRecursive
(Session session, Collection<Integer> groups) getName()
Get the name of the item.static Group
Create a newGroup
item.Get a query that returns the projects that this group is a member of.getQuery()
Get a query configured to retrieve groups.getQuota()
Get theQuota
that applies to the group.Get the user that flagged this item for removal.Get the system id for the item.getType()
Get the type of item represented by the object.getUsers()
Get a query that returns the users that are members of this group.Get all:User
:s assigned to this group as a quota groupboolean
Does this group have hidden members?(package private) void
initPermissions
(int granted, int denied) If the logged in user is a member of this group, read permission is granted.boolean
If this group should be assigned to new users by default or not.boolean
Checks if a group is a member of this group.boolean
Checks if a user is a member of this group.boolean
Check if the removed flag is set for this item.boolean
Check if the item is a system item or not.boolean
isUsed()
Checks if: A user has been assigned this group as a quota group There are also other items that can reference a group: DiscUsage Other groups ItemKeys Projects Users (as group members) The links to all these items are automatically deleted if the group is deleted and aren't included in this check.(package private) void
onBeforeCommit
(Transactional.Action action) Set group to null in disk usage where this group is referenced.void
removeGroup
(Group group) Remove a group that is a member of this group.void
removeUser
(User user) Remove a user that is a member of this group.void
setDefault
(boolean isDefault) If this group should be assigned to new users by default or not.void
setDescription
(String description) Set the description for the item.void
setEntryDate
(Date entryDate) Set the date the entry was registered in the database.void
setHiddenMembers
(boolean hiddenMembers) Set the hidden members flag for this group.void
Set the name of the item.void
Set the quota for the group.void
setRemoved
(boolean removed) Set the removed flag for this item.Methods inherited from class net.sf.basedb.core.BasicItem
addAnnotatableParents, addUsingItems, addUsingItems, breakCircularReferences, checkBatchAnnotatableUsage, checkPermission, equals, getBasicData, getDbControl, getId, getPermissions, getPluginPermissions, getSessionControl, getVersion, hashCode, hasPermission, isDetached, isInDatabase, onAfterCommit, onAfterInsert, onRollback, setDbControl, setProjectDefaults, toString, validate
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface net.sf.basedb.core.AccessControlled
checkPermission, getPermissions, hasPermission
Methods inherited from interface net.sf.basedb.core.Identifiable
getId, getVersion
-
Field Details
-
TYPE
The type of item represented by this class.- See Also:
-
EVERYONE
The id of theEveryone
group where all users are (virtual) members.- See Also:
-
RUNTIME_FILTER
This filter will limit a query to only return groups where the logged in user is a member unless the logged in user has generic read permission.
-
-
Constructor Details
-
Group
Group(GroupData groupData)
-
-
Method Details
-
getNew
Create a newGroup
item.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.- Returns:
- The new
Group
item - Throws:
BaseException
- If there is an error
-
getById
public static Group getById(DbControl dc, int id) throws ItemNotFoundException, PermissionDeniedException, BaseException Get aGroup
item when you know the ID.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.id
- The ID of the item to load- Returns:
- The
Group
item - Throws:
ItemNotFoundException
- If an item with the specified ID is not foundPermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is another error
-
getGroupsRecursive
Load all groups withing groups.- Parameters:
dc
- The DbControl to use for database accessgroups
- The groups to start with- Returns:
- A set containing the starting groups, the groups that are members of the start groups and the groups that are members following subgroups down as far as possible
-
getGroupsRecursive
-
getQuery
Get a query configured to retrieve groups. If the logged in user doesn't have generic permission to all groups, only groups where the logged in user is a member are returned.- Returns:
- An
ItemQuery
object
-
getData
GroupData getData()Description copied from class:BasicItem
Get theBasicData
object that holds all data for this item. -
getType
Description copied from interface:Identifiable
Get the type of item represented by the object. The returned value is one of the values defined in theItem
enumeration.- Specified by:
getType
in interfaceIdentifiable
- Returns:
- A value indicating the type of item
-
getName
Description copied from interface:Nameable
Get the name of the item. -
setName
Description copied from interface:Nameable
Set the name of the item. The name cannot be null and mustn't be longer than the value specified by theNameable.MAX_NAME_LENGTH
constant.- Specified by:
setName
in interfaceNameable
- Parameters:
name
- The new name for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the name is null or longer than specified by theNameable.MAX_NAME_LENGTH
constant
-
getDescription
Description copied from interface:Nameable
Get the description for the item.- Specified by:
getDescription
in interfaceNameable
- Returns:
- A
String
with a description of the item
-
setDescription
public void setDescription(String description) throws PermissionDeniedException, InvalidDataException Description copied from interface:Nameable
Set the description for the item. The description can be null but mustn't be longer than the value specified by theNameable.MAX_DESCRIPTION_LENGTH
constant.- Specified by:
setDescription
in interfaceNameable
- Parameters:
description
- The new description for the item- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the description longer than specified by theNameable.MAX_DESCRIPTION_LENGTH
constant
-
isRemoved
public boolean isRemoved()Description copied from interface:Removable
Check if the removed flag is set for this item. -
setRemoved
Description copied from interface:Removable
Set the removed flag for this item.- Specified by:
setRemoved
in interfaceRemovable
- Parameters:
removed
- TRUE if the item should be flagged as removed, FALSE otherwise- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.DELETE
permission for setting the flag to TRUE orPermission.WRITE
permission for setting the flag to FALSE
-
getRemovedBy
Description copied from interface:Removable
Get the user that flagged this item for removal.- Specified by:
getRemovedBy
in interfaceRemovable
- Returns:
- A User object, or null if this item has not been flagged
- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission for the userItemNotFoundException
- If the user that removed this item can't be found
-
getSystemId
Description copied from interface:SystemItem
Get the system id for the item.- Specified by:
getSystemId
in interfaceSystemItem
- Returns:
- The id of the item or null if it is not a system item
-
isSystemItem
public boolean isSystemItem()Description copied from interface:SystemItem
Check if the item is a system item or not. A system item have a non-null value for the system id.- Specified by:
isSystemItem
in interfaceSystemItem
- Returns:
- TRUE if this item is a system item, FALSE otherwise
-
getEntryDate
Description copied from interface:Registered
Get the date that the item was registered in the database.- Specified by:
getEntryDate
in interfaceRegistered
- Returns:
- A date or null if this is not known
-
setEntryDate
Description copied from interface:Registered
Set the date the entry was registered in the database. Implementations should only allow this property to be set before the item is first stored in the database. The intention of this method is to facilitate export/import of data between server.- Specified by:
setEntryDate
in interfaceRegistered
- Parameters:
entryDate
- A date or null to use today's date
-
onBeforeCommit
Set group to null in disk usage where this group is referenced. -
isUsed
Checks if:- A user has been assigned this group as a quota group
- DiscUsage
- Other groups
- ItemKeys
- Projects
- Users (as group members)
- Overrides:
isUsed
in classBasicItem
- Returns:
- TRUE if this item is used, FALSE otherwise
- Throws:
BaseException
- If not able to tell if item is used or not.- See Also:
-
getUsingItems
Get all:User
:s assigned to this group as a quota group
- Overrides:
getUsingItems
in classBasicItem
- Returns:
- A set containing proxies for the items, or an empty set if no items are using this item
- Since:
- 2.2
- See Also:
-
initPermissions
If the logged in user is a member of this group, read permission is granted. If this is a system group, delete and create permissions are revoked.- Overrides:
initPermissions
in classBasicItem
- Parameters:
granted
- Permissions that have been granted by the subclassdenied
- Permissions that have been denied by the subclass- Throws:
BaseException
- If the permissions couldn't be initialised
-
getQuota
Get theQuota
that applies to the group.- Returns:
- A
Quota
item, or null if no quota has been assigned to this group - Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is some other error.
-
setQuota
Set the quota for the group.- Parameters:
quota
- The newQuota
, or null to disable quota for this group- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group orPermission.USE
permission for the quotaInvalidDataException
- If the quota is null
-
getDiskUsage
Get the used number of bytes for the specified quota type and location.- Parameters:
quotaType
- TheQuotaType
. Null is not allowed.location
- The location. Null is not allowed- Returns:
- The number of bytes that have been used
- Throws:
BaseException
- If there is some kind of error.
-
isDefault
public boolean isDefault()If this group should be assigned to new users by default or not.- Since:
- 2.4
-
setDefault
public void setDefault(boolean isDefault) If this group should be assigned to new users by default or not. Note! The client must callUser.addToDefaultRolesAndGroups()
.- Parameters:
isDefault
- The new setting- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group, or if this group is theEVERYONE
group- Since:
- 2.4
-
hasHiddenMembers
public boolean hasHiddenMembers()Does this group have hidden members? In a group with hidden members one user doesn't get read permission to other members of the same group.- Returns:
- TRUE if the members are hidden
- Since:
- 2.13
-
setHiddenMembers
public void setHiddenMembers(boolean hiddenMembers) Set the hidden members flag for this group.- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group, or if this group is theEVERYONE
group- Since:
- 2.13
-
addUser
Add a user as a member to this group. It is not allowed to add members to theEVERYONE
group.- Parameters:
user
- The user to add- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group andPermission.USE
for the userInvalidDataException
- If the user is null
-
removeUser
Remove a user that is a member of this group.- Parameters:
user
- The user to remove- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for the group andPermission.USE
for the userInvalidDataException
- If the user is null
-
isMember
Checks if a user is a member of this group. A useris counted as a member if it has been added to this group with theaddUser(User)
method or has been assigned this group as theUser.getQuotaGroup()
.- Parameters:
user
- The user to check- Returns:
- TRUE if the user is a member, FALSE otherwise
-
getUsers
Get a query that returns the users that are members of this group. This query excludes users that the logged in user doesn't have permission to read.- Returns:
- A query to select users from database with.
- Throws:
BaseException
- If there is an error when building the query.- See Also:
-
addGroup
Add a group as a member to this group. This method does nothing if one tries to add a group to itself. It is not allowed to add members to theEVERYONE
group.- Parameters:
group
- The group to add- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for both groupsInvalidDataException
- If the group is null
-
removeGroup
Remove a group that is a member of this group.- Parameters:
group
- The group to remove- Throws:
PermissionDeniedException
- If the logged in user doesn't havePermission.WRITE
permission for both groupsInvalidDataException
- If the group is null
-
isMember
Checks if a group is a member of this group.- Parameters:
group
- The group to check- Returns:
- TRUE if the group is a member, FALSE otherwise
-
getGroups
Get a query that returns the groups that are members of this group. This query excludes groups that the logged in user doesn't have permission to read.- Returns:
- A restricted query to select groups from database with.
- See Also:
-
getProjects
Get a query that returns the projects that this group is a member of. This query excludes projects that the logged in user doesn't have permission to read.- Returns:
- A restricted item query to select projects from database with.
- See Also:
-