AuthzGroup

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.sakaiproject.service.legacy.authzGroup
Interface AuthzGroup

All Superinterfaces:: Comparable, Edit, Entity, Serializable

All Known Subinterfaces:: Group, Site

All Known Implementing Classes:: BaseAuthzGroup, BaseGroup, BaseSite

public interface AuthzGroup
extends Edit, Comparable, Serializable

AuthzGroup is a authorization group; a group of users, each with a role, and a set of permissions of functions made to each role.

AuthzGroups can related to Entities in Sakai; The entity reference forms the AuthzGroup id.

Special AuthzGroups not related to an entity have ids that begin with a "!".

Author:: Sakai Software Development Team

Field Summary

Fields inherited from interface org.sakaiproject.service.legacy.entity.Entity

SEPARATOR

Method Summary
`void`	`addMember(String userId, String roleId, boolean active, boolean provided)` Add a member to the AuthzGroup.
`Role`	`addRole(String id)` Create a new Role within this AuthzGroup.
`Role`	`addRole(String id, Role other)` Create a new Role within this AuthzGroup, as a copy of this other role
`User`	`getCreatedBy()`
`Time`	`getCreatedTime()`
`String`	`getDescription()`
`String`	`getMaintainRole()` Access the name of the role to use for giving a user membership with "maintain" access.
`Member`	`getMember(String userId)` Access the user's membership record for this AuthzGroup; the role, and status flags.
`Set`	`getMembers()` Access all Membership records defined for this AuthzGroup.
`User`	`getModifiedBy()`
`Time`	`getModifiedTime()`
`String`	`getProviderGroupId()` Access the group id for the GroupProvider for this AuthzGroup.
`Role`	`getRole(String id)` Access a Role defined in this AuthzGroup.
`Set`	`getRoles()` Access all Roles defined for this AuthzGroup.
`Set`	`getRolesIsAllowed(String function)` Access all roles that have been granted permission to this function.
`Role`	`getUserRole(String userId)` Access the active role for this user's membership.
`Set`	`getUsers()` Access all users who have active role membership in the AuthzGroup.
`Set`	`getUsersHasRole(String role)` Access all users who have an active role membership with this role.
`Set`	`getUsersIsAllowed(String function)` Access all users who have an active role membership to a role that is allowed this function.
`boolean`	`hasRole(String userId, String role)` Test if this user has a membership in this AuthzGroup that has this role and is active.
`boolean`	`isAllowed(String userId, String function)` Test if this user is allowed to perform the function in this AuthzGroup.
`boolean`	`isEmpty()` Is this AuthzGroup empty of any roles or membership?
`boolean`	`keepIntersection(AuthzGroup other)` Adjust membership so that active members are all active in other, and inactive members are all defined in other
`void`	`removeMember(String userId)` Remove membership for for this user from the AuthzGroup.
`void`	`removeMembers()` Remove all membership from this AuthzGroup.
`void`	`removeRole(String role)` Remove this Role from this AuthzGroup.
`void`	`removeRoles()` Remove all Roles from this AuthzGroup.
`void`	`setMaintainRole(String role)` Set the role name to use for "maintain" access.
`void`	`setProviderGroupId(String id)` Set the external group id for the GroupProvider for this AuthzGroup (set to null to have none).

Methods inherited from interface org.sakaiproject.service.legacy.entity.Edit

getPropertiesEdit, isActiveEdit

Methods inherited from interface org.sakaiproject.service.legacy.entity.Entity

getId, getProperties, getReference, getReference, getUrl, getUrl, toXml

Methods inherited from interface java.lang.Comparable

compareTo

Method Detail

addMember

public void addMember(String userId,
                      String roleId,
                      boolean active,
                      boolean provided)

Add a member to the AuthzGroup.

Parameters:: userId - The user.; active - The active flag.; provided - If true, from an external provider.

addRole

public Role addRole(String id)
             throws IdUsedException

Create a new Role within this AuthzGroup.

Parameters:: id - The role id.
Returns:: the new Role.
Throws:: IdUsedException - if the id is already a Role in this AuthzGroup.

addRole

public Role addRole(String id,
                    Role other)
             throws IdUsedException

Create a new Role within this AuthzGroup, as a copy of this other role

Parameters:: id - The role id.; other - The role to copy.
Returns:: the new Role.
Throws:: IdUsedException - if the id is already a Role in this AuthzGroup.

getCreatedBy

public User getCreatedBy()

Returns:: the user who created this.

getCreatedTime

public Time getCreatedTime()

Returns:: the time created.

getDescription

public String getDescription()

Returns:: a description of the item this realm applies to.

getMaintainRole

public String getMaintainRole()

Access the name of the role to use for giving a user membership with "maintain" access.

Returns:: The name of the "maintain" role.

getMember

public Member getMember(String userId)

Access the user's membership record for this AuthzGroup; the role, and status flags.

Parameters:: userId - The user id.
Returns:: The Membership record for the user in this AuthzGroup, or null if the use is not a member.

getMembers

public Set getMembers()

Access all Membership records defined for this AuthzGroup.

Returns:: The set of Membership records (Membership) defined for this AuthzGroup.

getModifiedBy

public User getModifiedBy()

Returns:: the user who last modified this.

getModifiedTime

public Time getModifiedTime()

Returns:: the time last modified.

getProviderGroupId

public String getProviderGroupId()

Access the group id for the GroupProvider for this AuthzGroup.

Returns:: The the group id for the GroupProvider for this AuthzGroup, or null if none defined.

getRole

public Role getRole(String id)

Access a Role defined in this AuthzGroup.

Parameters:: id - The role id.
Returns:: The Role, if found, or null, if not.

getRoles

public Set getRoles()

Access all Roles defined for this AuthzGroup.

Returns:: The set of roles (Role) defined for this AuthzGroup.

getRolesIsAllowed

public Set getRolesIsAllowed(String function)

Access all roles that have been granted permission to this function.

Parameters:: function - The function to check.
Returns:: The Set of role names (String) that have been granted permission to this function.

getUserRole

public Role getUserRole(String userId)

Access the active role for this user's membership.

Parameters:: userId - The user id.
Returns:: The Role for this user's membership, or null if the user has no active membership.

getUsers

public Set getUsers()

Access all users who have active role membership in the AuthzGroup.

Returns:: The Set of users ids (String) who have active role membership in the AuthzGroup.

getUsersHasRole

public Set getUsersHasRole(String role)

Access all users who have an active role membership with this role.

Returns:: The Set of user ids (String) who have an active role membership with this role.

getUsersIsAllowed

public Set getUsersIsAllowed(String function)

Access all users who have an active role membership to a role that is allowed this function.

Parameters:: function - The function to check.
Returns:: The Set of user ids (String) who have an active role membership to a role that is allowed this function.

hasRole

public boolean hasRole(String userId,
                       String role)

Test if this user has a membership in this AuthzGroup that has this role and is active.

Parameters:: userId - The user id.; role - The role name.
Returns:: true if the User has has a membership in this AuthzGroup that has this role and is active.

isAllowed

public boolean isAllowed(String userId,
                         String function)

Test if this user is allowed to perform the function in this AuthzGroup.

Parameters:: userId - The user id.; function - The function to open.
Returns:: true if this user is allowed to perform the function in this AuthzGroup, false if not.

isEmpty

public boolean isEmpty()

Is this AuthzGroup empty of any roles or membership?

Returns:: true if the AuthzGroup is empty, false if not.

removeMember

public void removeMember(String userId)

Remove membership for for this user from the AuthzGroup.

Parameters:: userId - The user.

removeMembers

public void removeMembers()

Remove all membership from this AuthzGroup.

removeRole

public void removeRole(String role)

Remove this Role from this AuthzGroup. Any grants of this Role in the AuthzGroup are also removed.

Parameters:: role - The role name.

removeRoles

public void removeRoles()

Remove all Roles from this AuthzGroup.

setMaintainRole

public void setMaintainRole(String role)

Set the role name to use for "maintain" access.

Parameters:: role - The name of the "maintain" role.

setProviderGroupId

public void setProviderGroupId(String id)

Set the external group id for the GroupProvider for this AuthzGroup (set to null to have none).

Parameters:: id - The external group id for the GroupProvider, or null if there is to be none.

keepIntersection

public boolean keepIntersection(AuthzGroup other)

Adjust membership so that active members are all active in other, and inactive members are all defined in other

Parameters:: other - The other azg to adjust to.
Returns:: true if any changes were made, false if not.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.sakaiproject.service.legacy.authzGroup Interface AuthzGroup

addMember

addRole

addRole

getCreatedBy

getCreatedTime

getDescription

getMaintainRole

getMember

getMembers

getModifiedBy

getModifiedTime

getProviderGroupId

getRole

getRoles

getRolesIsAllowed

getUserRole

getUsers

getUsersHasRole

getUsersIsAllowed

hasRole

isAllowed

isEmpty

removeMember

removeMembers

removeRole

removeRoles

setMaintainRole

setProviderGroupId

keepIntersection

org.sakaiproject.service.legacy.authzGroup
Interface AuthzGroup