| Subclasses of MembershipHooks in edu.internet2.middleware.grouper.hooks.examples |
class |
AssignReadonlyAdminPrivilegeVetoMembershipHook
assign READ to an admins group based on attribute assignment to a parent folder
configure in grouper.properties:
hooks.group.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeGroupHook
hooks.membership.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeVetoMembershipHook
grouper.readonlyAdminEnforced.attributeDefName = a:b:c:reaodnlyAdmin
grouper.readonlyAdminEnforced.groupName = c:d:readonlyAdmins
setup objects in GSH:
grouperSession = GrouperSession.startRootSession();
String attributeFolderName = "a:b:c";
attributeDef = new AttributeDefSave(grouperSession).assignName(attributeFolderName + ":readonlyAdminDef").assignToStem(true).assignAttributeDefType(AttributeDefType.attr).assignCreateParentStemsIfNotExist(true).assignValueType(AttributeDefValueType.marker).save();
attributeDef.getAttributeDefActionDelegate().configureActionList("assign");
attributeDefName = new AttributeDefNameSave(grouperSession, attributeDef).assignName(attributeFolderName + ":readonlyAdmin").assignCreateParentStemsIfNotExist(true).save();
groupAdmin = new GroupSave(grouperSession).assignName("c:d:readonlyAdmins").assignCreateParentStemsIfNotExist(true).save();
make a group to test:
stem = new StemSave(grouperSession).assignName("l:m").assignCreateParentStemsIfNotExist(true).save();
stem.getAttributeDelegate().assignAttribute(attributeDefName);
groupSub = new GroupSave(grouperSession).assignName("l:m:n:o").assignCreateParentStemsIfNotExist(true).save();
groupNotSub = new GroupSave(grouperSession).assignName("l:p").assignCreateParentStemsIfNotExist(true).save();
|
class |
AssignSelfOptOutMembershipPrivilegeRevocationVetoHook
If you want the group or groups in a folder to allow opt out to anyone in group,
then configure this hook in grouper.properties:
hooks.group.class=edu.internet2.middleware.grouper.hooks.examples.AssignSelfOptOutGroupPrivilegeHook
hooks.membership.class=edu.internet2.middleware.grouper.hooks.examples.AssignSelfOptOutMembershipPrivilegeRevocationVetoHook
configure an attribute to assign to groups or folders in grouper.properties
grouper.optOutRequired.attributeDefName = a:b:c:assignOptOut
https://bugs.internet2.edu/jira/browse/GRP-1197
grouperSession = GrouperSession.startRootSession();
String attributeFolderName = "a:b:c";
attributeDef = new AttributeDefSave(grouperSession).assignName(attributeFolderName + ":assignOptOutDef").assignToStem(true).assignAttributeDefType(AttributeDefType.attr).assignCreateParentStemsIfNotExist(true).assignValueType(AttributeDefValueType.marker).save();
attributeDef.getAttributeDefActionDelegate().configureActionList("assign");
attributeDefName = new AttributeDefNameSave(grouperSession, attributeDef).assignName(attributeFolderName + ":assignOptOut").assignCreateParentStemsIfNotExist(true).save();
Test it out
stem = new StemSave(grouperSession).assignName("j:k").assignCreateParentStemsIfNotExist(true).save();
stem.getAttributeDelegate().assignAttribute(attributeDefName);
groupSub = new GroupSave(grouperSession).assignName("j:k:l:m").assignCreateParentStemsIfNotExist(true).save();
|
class |
MembershipHooksImplExample
test implementation of group hooks for test |
class |
MembershipOneInFolderMaxHook
Hook allows only one membership in a folder at a time |