|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectedu.internet2.middleware.grouper.rules.RuleApi
public class RuleApi
helper methods to assign rules to objects without having to deal with attributes note, you can use this from gsh too
| Constructor Summary | |
|---|---|
RuleApi()
|
|
| Method Summary | |
|---|---|
static AttributeAssign |
emailOnFlattenedDisabledDate(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.Integer daysInFutureDisabledDateMin,
java.lang.Integer daysInFutureDisabledDateMax,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
send emails via daemon on impending disabled memberships |
static AttributeAssign |
emailOnFlattenedMembershipAdd(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
|
static AttributeAssign |
emailOnFlattenedMembershipAddFromStem(edu.internet2.middleware.subject.Subject actAsSubject,
Stem ruleStem,
Stem.Scope stemScope,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
|
static AttributeAssign |
emailOnFlattenedMembershipRemove(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
|
static AttributeAssign |
emailOnFlattenedMembershipRemoveFromStem(edu.internet2.middleware.subject.Subject actAsSubject,
Stem ruleStem,
Stem.Scope stemScope,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
|
static AttributeAssign |
emailOnFlattenedPermissionDisabledDate(edu.internet2.middleware.subject.Subject actAsSubject,
AttributeDef permissionDef,
java.lang.Integer daysInFutureDisabledDateMin,
java.lang.Integer daysInFutureDisabledDateMax,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
|
static AttributeAssign |
groupIntersection(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup)
put a rule on the rule group which says that if the user is not in the mustBeInGroup, then remove from ruleGroup |
static AttributeAssign |
groupIntersection(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup,
int daysInFutureForDisabledDate)
put a rule on the rule group which says that if the user is not in the mustBeInGroup, then add an end date to the membership in the rule group X days in the future |
static AttributeAssign |
groupIntersectionWithFolder(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Stem folder,
Stem.Scope stemScope)
if a member is removed from a folder, and has no more memberships in any group in the folder, then remove from the group |
static AttributeAssign |
inheritAttributeDefPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
make sure stem privileges are inherited in a attributeDef |
static AttributeAssign |
inheritFolderPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
make sure stem privileges are inherited in a stem |
static AttributeAssign |
inheritGroupPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
make sure group privileges are inherited in a stem |
static AttributeAssign |
inheritGroupPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges,
java.lang.String sqlLikeString)
make sure group privileges are inherited in a stem |
static AttributeAssign |
permissionFolderIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Stem mustBeInGroupInFolder,
Stem.Scope stemScope)
|
static AttributeAssign |
permissionGroupIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Group mustBeInGroup)
put a rule on an attribute def so that if a user comes out of a group, the user will be removed from a role which has permissions or removed assignments directly to the user |
static AttributeAssign |
permissionGroupIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Group mustBeInGroup,
int daysInFutureToDisable)
put a rule on an attribute def so that if a user comes out of a group, the user will have disabled dates from a role which has permissions or removed assignments directly to the user |
static AttributeAssign |
reassignAttributeDefPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
normalize privileges if the user who creates a group is in a group which has create privilegs on the stem |
static AttributeAssign |
reassignGroupPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
normalize privileges if the user who creates a group is in a group which has create privilegs on the stem |
static AttributeAssign |
reassignStemPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
normalize privileges if the user who creates a stem is in a group which has create privileges on the stem |
static java.lang.String |
rulesToString()
|
static java.lang.String |
rulesToString(AttributeAssignable attributeAssignable)
|
static int |
runRulesForOwner(AttributeAssignable attributeAssignable)
run rules for an attribute assignable |
static AttributeAssign |
vetoMembershipIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup,
java.lang.String vetoKey,
java.lang.String vetoMessage)
|
static AttributeAssign |
vetoMembershipIfNotInGroupInFolder(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Stem mustBeInGroupInFolder,
Stem.Scope stemScope,
java.lang.String vetoKey,
java.lang.String vetoMessage)
|
static AttributeAssign |
vetoPermissionIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionDef,
Group mustBeInGroup,
java.lang.String vetoKey,
java.lang.String vetoMessage)
veto a direct permission assignment if not in group |
static AttributeAssign |
vetoSubjectAssignInFolderIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Group mustBeInGroup,
boolean allowAll,
java.lang.String sourceId,
Stem.Scope stemScope,
java.lang.String vetoKey,
java.lang.String vetoMessage)
add a rule on a stem saying that all subject use in the folder must be in a certain group. |
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
|---|
public RuleApi()
| Method Detail |
|---|
public static AttributeAssign reassignGroupPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
actAs - ruleStem - stemScope -
public static AttributeAssign reassignAttributeDefPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
actAs - ruleStem - stemScope -
public static AttributeAssign vetoMembershipIfNotInGroupInFolder(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Stem mustBeInGroupInFolder,
Stem.Scope stemScope,
java.lang.String vetoKey,
java.lang.String vetoMessage)
actAs - ruleGroup - mustBeInGroupInFolder - stemScope - vetoKey - vetoMessage -
public static AttributeAssign vetoSubjectAssignInFolderIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Group mustBeInGroup,
boolean allowAll,
java.lang.String sourceId,
Stem.Scope stemScope,
java.lang.String vetoKey,
java.lang.String vetoMessage)
actAs - ruleStem - mustBeInGroup - if blank and not allowAll, then restrict allallowAll - if mustBeIn is blank and allowAll, then allow all (to override a restriction in ancestor folders)sourceId - optional (recommended), to constraint this to subjects from certain sourcesstemScope - vetoKey - vetoMessage -
public static AttributeAssign vetoMembershipIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup,
java.lang.String vetoKey,
java.lang.String vetoMessage)
actAs - ruleGroup - mustBeInGroup - vetoKey - vetoMessage -
public static AttributeAssign inheritAttributeDefPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
actAs - stem - stemScope - ONE or SUBsubjectToAssign - privileges - can use Privilege.getInstances() to convert from string
public static AttributeAssign inheritFolderPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
actAs - stem - stemScope - ONE or SUBsubjectToAssign - privileges - can use Privilege.getInstances() to convert from string
public static AttributeAssign inheritGroupPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges)
actAs - stem - stemScope - ONE or SUBsubjectToAssign - privileges - can use Privilege.getInstances() to convert from string
public static AttributeAssign inheritGroupPrivileges(edu.internet2.middleware.subject.Subject actAs,
Stem stem,
Stem.Scope stemScope,
edu.internet2.middleware.subject.Subject subjectToAssign,
java.util.Set<Privilege> privileges,
java.lang.String sqlLikeString)
actAs - stem - stemScope - ONE or SUBsubjectToAssign - privileges - can use Privilege.getInstances() to convert from stringsqlLikeString -
public static AttributeAssign groupIntersectionWithFolder(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Stem folder,
Stem.Scope stemScope)
actAs - ruleGroup - folder - stemScope -
public static AttributeAssign groupIntersection(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup)
actAs - ruleGroup - mustBeInGroup -
public static AttributeAssign groupIntersection(edu.internet2.middleware.subject.Subject actAs,
Group ruleGroup,
Group mustBeInGroup,
int daysInFutureForDisabledDate)
actAs - ruleGroup - mustBeInGroup - daysInFutureForDisabledDate -
public static java.lang.String rulesToString()
public static java.lang.String rulesToString(AttributeAssignable attributeAssignable)
attributeAssignable -
public static int runRulesForOwner(AttributeAssignable attributeAssignable)
attributeAssignable -
public static AttributeAssign permissionGroupIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Group mustBeInGroup,
int daysInFutureToDisable)
actAs - permissionToAssignRule - mustBeInGroup - daysInFutureToDisable -
public static AttributeAssign permissionGroupIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Group mustBeInGroup)
actAs - permissionToAssignRule - mustBeInGroup -
public static AttributeAssign permissionFolderIntersection(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionToAssignRule,
Stem mustBeInGroupInFolder,
Stem.Scope stemScope)
actAs - permissionToAssignRule - mustBeInGroupInFolder - stemScope -
public static AttributeAssign vetoPermissionIfNotInGroup(edu.internet2.middleware.subject.Subject actAs,
AttributeDef permissionDef,
Group mustBeInGroup,
java.lang.String vetoKey,
java.lang.String vetoMessage)
actAs - permissionDef - mustBeInGroup - vetoKey - vetoMessage -
public static AttributeAssign emailOnFlattenedMembershipRemove(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
ruleGroup - actAsSubject - emailToValue - e.g. "a@b.c, ${safeSubject.emailAddress}"emailSubjectValue - e.g. "You will be removed from group: ${groupDisplayExtension}"emailBodyValue - e.g. "template: testEmailGroupBodyFlattenedRemove"
public static AttributeAssign emailOnFlattenedMembershipAddFromStem(edu.internet2.middleware.subject.Subject actAsSubject,
Stem ruleStem,
Stem.Scope stemScope,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
actAsSubject - ruleStem - stemScope - emailToValue - emailSubjectValue - emailBodyValue -
public static AttributeAssign emailOnFlattenedMembershipRemoveFromStem(edu.internet2.middleware.subject.Subject actAsSubject,
Stem ruleStem,
Stem.Scope stemScope,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
actAsSubject - ruleStem - stemScope - emailToValue - emailSubjectValue - emailBodyValue -
public static AttributeAssign emailOnFlattenedMembershipAdd(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
ruleGroup - actAsSubject - emailToValue - e.g. "a@b.c, ${safeSubject.emailAddress}"emailSubjectValue - e.g. "You were added to group: ${groupDisplayExtension}"emailBodyValue - e.g. "template: testEmailGroupBodyFlattenedAdd"
public static AttributeAssign emailOnFlattenedDisabledDate(edu.internet2.middleware.subject.Subject actAsSubject,
Group ruleGroup,
java.lang.Integer daysInFutureDisabledDateMin,
java.lang.Integer daysInFutureDisabledDateMax,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
actAsSubject - ruleGroup - daysInFutureDisabledDateMin - daysInFutureDisabledDateMax - emailToValue - emailSubjectValue - emailBodyValue -
public static AttributeAssign emailOnFlattenedPermissionDisabledDate(edu.internet2.middleware.subject.Subject actAsSubject,
AttributeDef permissionDef,
java.lang.Integer daysInFutureDisabledDateMin,
java.lang.Integer daysInFutureDisabledDateMax,
java.lang.String emailToValue,
java.lang.String emailSubjectValue,
java.lang.String emailBodyValue)
actAsSubject - permissionDef - daysInFutureDisabledDateMin - daysInFutureDisabledDateMax - emailToValue - emailSubjectValue - emailBodyValue -
public static AttributeAssign reassignStemPrivilegesIfFromGroup(edu.internet2.middleware.subject.Subject actAs,
Stem ruleStem,
Stem.Scope stemScope)
actAs - ruleStem - stemScope -
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||