org.apache.directory.server.core.authz
Class GroupCache

java.lang.Object
  extended by org.apache.directory.server.core.authz.GroupCache

public class GroupCache
extends java.lang.Object

A cache for tracking static group membership.

Version:
$Rev: 928945 $
Author:
Apache Directory Project

Constructor Summary
GroupCache(CoreSession session)
          Creates a static group cache.
 
Method Summary
 java.util.Set<org.apache.directory.shared.ldap.name.DN> getGroups(java.lang.String member)
          Gets the set of groups a user is a member of.
 void groupAdded(org.apache.directory.shared.ldap.name.DN name, org.apache.directory.shared.ldap.entry.ServerEntry entry)
          Adds a groups members to the cache.
 void groupDeleted(org.apache.directory.shared.ldap.name.DN name, org.apache.directory.shared.ldap.entry.ServerEntry entry)
          Deletes a group's members from the cache.
 void groupModified(org.apache.directory.shared.ldap.name.DN name, java.util.List<org.apache.directory.shared.ldap.entry.Modification> mods, org.apache.directory.shared.ldap.entry.ServerEntry entry, org.apache.directory.shared.ldap.schema.SchemaManager schemaManager)
          Modifies the cache to reflect changes via modify operations to the group entries.
 void groupModified(org.apache.directory.shared.ldap.name.DN name, org.apache.directory.shared.ldap.entry.ModificationOperation modOp, org.apache.directory.shared.ldap.entry.ServerEntry mods)
          Modifies the cache to reflect changes via modify operations to the group entries.
 boolean groupRenamed(org.apache.directory.shared.ldap.name.DN oldName, org.apache.directory.shared.ldap.name.DN newName)
           
 boolean isPrincipalAnAdministrator(org.apache.directory.shared.ldap.name.DN principalDn)
          An optimization.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

GroupCache

public GroupCache(CoreSession session)
           throws java.lang.Exception
Creates a static group cache.

Parameters:
directoryService - the directory service core
Throws:
org.apache.directory.shared.ldap.exception.LdapException - if there are failures on initialization
java.lang.Exception
Method Detail

groupAdded

public void groupAdded(org.apache.directory.shared.ldap.name.DN name,
                       org.apache.directory.shared.ldap.entry.ServerEntry entry)
                throws org.apache.directory.shared.ldap.exception.LdapException
Adds a groups members to the cache. Called by interceptor to account for new group additions.

Parameters:
name - the user provided name for the group entry
entry - the group entry's attributes
Throws:
org.apache.directory.shared.ldap.exception.LdapException - if there are problems accessing the attr values

groupDeleted

public void groupDeleted(org.apache.directory.shared.ldap.name.DN name,
                         org.apache.directory.shared.ldap.entry.ServerEntry entry)
                  throws org.apache.directory.shared.ldap.exception.LdapException
Deletes a group's members from the cache. Called by interceptor to account for the deletion of groups.

Parameters:
name - the normalized DN of the group entry
entry - the attributes of entry being deleted
Throws:
org.apache.directory.shared.ldap.exception.LdapException

groupModified

public void groupModified(org.apache.directory.shared.ldap.name.DN name,
                          java.util.List<org.apache.directory.shared.ldap.entry.Modification> mods,
                          org.apache.directory.shared.ldap.entry.ServerEntry entry,
                          org.apache.directory.shared.ldap.schema.SchemaManager schemaManager)
                   throws org.apache.directory.shared.ldap.exception.LdapException
Modifies the cache to reflect changes via modify operations to the group entries. Called by the interceptor to account for modify ops on groups.

Parameters:
name - the normalized name of the group entry modified
mods - the modification operations being performed
entry - the group entry being modified
Throws:
org.apache.directory.shared.ldap.exception.LdapException - if there are problems accessing attribute values

groupModified

public void groupModified(org.apache.directory.shared.ldap.name.DN name,
                          org.apache.directory.shared.ldap.entry.ModificationOperation modOp,
                          org.apache.directory.shared.ldap.entry.ServerEntry mods)
                   throws org.apache.directory.shared.ldap.exception.LdapException
Modifies the cache to reflect changes via modify operations to the group entries. Called by the interceptor to account for modify ops on groups.

Parameters:
name - the normalized name of the group entry modified
modOp - the modify operation being performed
mods - the modifications being performed
Throws:
org.apache.directory.shared.ldap.exception.LdapException - if there are problems accessing attribute values

isPrincipalAnAdministrator

public final boolean isPrincipalAnAdministrator(org.apache.directory.shared.ldap.name.DN principalDn)
An optimization. By having this method here we can directly access the group membership information and lookup to see if the principalDn is contained within.

Parameters:
principalDn - the normalized DN of the user to check if they are an admin
Returns:
true if the principal is an admin or the admin

getGroups

public java.util.Set<org.apache.directory.shared.ldap.name.DN> getGroups(java.lang.String member)
                                                                  throws org.apache.directory.shared.ldap.exception.LdapException
Gets the set of groups a user is a member of. The groups are returned as normalized Name objects within the set.

Parameters:
member - the member (user) to get the groups for
Returns:
a Set of Name objects representing the groups
Throws:
org.apache.directory.shared.ldap.exception.LdapException - if there are problems accessing attribute values

groupRenamed

public boolean groupRenamed(org.apache.directory.shared.ldap.name.DN oldName,
                            org.apache.directory.shared.ldap.name.DN newName)


Copyright © 2003-2011 Apache Software Foundation. All Rights Reserved.