Package org.opends.server.core

Interface Group

public sealed interface Group
This interface defines the set of methods that must be implemented by a Directory Server group. It is expected that there will be a number of different types of groups (e.g., legacy static and dynamic groups, and virtual static groups). The following operations may be performed on a group:
  • Determining whether a given user is a member of this group
  • Determining the set of members for this group, optionally filtered based on some set of criteria.
  • Retrieving or updating the set of nested groups for this group, if the underlying group type supports nesting).
  • Updating the set of members for this group, if the underlying group type provides the ability to explicitly add or remove members.

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Interface
    Description
    static final class 
    Group.ExaminedGroups
    Class holding the already visited groups.

  • Method Summary

    Modifier and Type
    Method
    Description
    Flowable<Entry>
    getAllMembers(Dn baseDN, SearchScope scope, Filter filter)
    Retrieves an iterator that may be used to cursor through the entries of the members contained in this group, or its nested groups.
    Dn
    getGroupDN()
    Retrieves the DN of the entry that contains the definition for this group.
    Flowable<Dn>
    getMemberDns()
    Retrieves an iterator that may be used to cursor through the Dns of the members contained in this group.
    default boolean
    isMember(Dn userDN)
    Indicates whether the user with the specified DN is a member of this group.
    boolean
    isMember(Dn userDN, Group.ExaminedGroups examinedGroups)
    Indicates whether the user with the specified DN is a member of this group.
    default boolean
    isMember(Entry userEntry)
    Indicates whether the user described by the provided user entry is a member of this group.
    boolean
    isMember(Entry userEntry, Group.ExaminedGroups examinedGroups)
    Indicates whether the user described by the provided user entry is a member of this group.
    void
    rename(Dn newGroupDn, Entry newBaseEntry)
    Renames this group, and use the provided DN as the new name for this group.

  • Method Details

    • getGroupDN

      Dn getGroupDN()
      Retrieves the DN of the entry that contains the definition for this group.
      Returns:
      The DN of the entry that contains the definition for this group.

    • rename

      void rename(Dn newGroupDn, Entry newBaseEntry)
      Renames this group, and use the provided DN as the new name for this group.
      Parameters:
      newGroupDn - The new name for this group.
      newBaseEntry - The newly renamed base entry.

    • isMember

      default boolean isMember(Dn userDN) throws LdapException
      Indicates whether the user with the specified DN is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result.
      Parameters:
      userDN - The DN of the user for which to make the determination.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      boolean isMember(Dn userDN, Group.ExaminedGroups examinedGroups) throws LdapException
      Indicates whether the user with the specified DN is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Parameters:
      userDN - The DN of the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      default boolean isMember(Entry userEntry) throws LdapException
      Indicates whether the user described by the provided user entry is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result.
      Parameters:
      userEntry - The entry for the user for which to make the determination.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • isMember

      boolean isMember(Entry userEntry, Group.ExaminedGroups examinedGroups) throws LdapException
      Indicates whether the user described by the provided user entry is a member of this group. Note that this is a point-in-time determination and the caller must not cache the result. Also note that group implementations that support nesting should use this version of the method rather than the version that does not take a set of DNs when attempting to determine whether a nested group includes the target member.
      Parameters:
      userEntry - The entry for the user for which to make the determination.
      examinedGroups - A set of groups that have already been examined in the process of making the determination. This provides a mechanism to prevent infinite recursion due to circular references (e.g., two groups include each other as nested groups). Each time a group instance is checked, its DN should be added to the list, and any DN already contained in the list should be skipped. The use of an atomic reference allow to lazily create the Set to optimize memory when there is no nested groups.
      Returns:
      true if the specified user is currently a member of this group, or false if not.
      Throws:
      LdapException - If a problem occurs while attempting to make the determination.

    • getMemberDns

      Flowable<Dn> getMemberDns()
      Retrieves an iterator that may be used to cursor through the Dns of the members contained in this group. Note that this is a point-in-time determination, and the caller must not cache the result. Further, the determination should only include this group and not members from nested groups.
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.

    • getAllMembers

      Flowable<Entry> getAllMembers(Dn baseDN, SearchScope scope, Filter filter)
      Retrieves an iterator that may be used to cursor through the entries of the members contained in this group, or its nested groups. It may optionally retrieve a subset of the member entries based on a given set of criteria. Note that this is a point-in-time determination, and the caller must not cache the result.
      Parameters:
      baseDN - The base DN that should be used when determining whether a given entry will be returned. If this is null, then all entries will be considered in the scope of the criteria.
      scope - The scope that should be used when determining whether a given entry will be returned. It must not be null if the provided base DN is not null. The scope will be ignored if no base DN is provided.
      filter - The filter that should be used when determining whether a given entry will be returned. If this is null, then any entry in the scope of the criteria will be included in the results.
      Returns:
      An iterator that may be used to cursor through the entries of the members contained in this group.