Java tutorial
/** * Copyright (c) 2000-present Liferay, Inc. All rights reserved. * * This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more * details. */ package com.liferay.portal.kernel.security.membershippolicy; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.model.UserGroup; import java.io.Serializable; import java.util.Map; /** * Provides the User Group Membership Policy interface, allowing customization * of user membership regarding user groups. * * <p> * User Group Membership Policies define the user groups a user is allowed to be * a member of and the user groups the user must be a member of. * </p> * * <p> * An implementation may include any number of rules and actions to enforce * those rules. The implementation may include rules and actions like the * following: * </p> * * <ul> * <li> * If a user doesn't have the custom attribute A, he cannot be assigned to user * group B. * </li> * <li> * If the user is added to user group A, he will automatically be added to user * group B. * </li> * <li> * The user must have the Administrator Role in order to be added to user group * "Admin User Group". * </li> * </ul> * * <p> * Liferay's core services invoke {@link #checkMembership(long[], long[], * long[])} to detect policy violations before adding the users to and removing * the users from the user groups. On passing the check, the service proceeds * with the changes and propagates appropriate related actions in the portal by * invoking {@link #propagateMembership(long[], long[], long[])}. On failing the * check, the service foregoes making the changes. For example, Liferay executes * this logic when adding and updating user groups, adding and removing users * with respect to user groups. * </p> * * <p> * Liferay's UI calls the "is*" methods, such as {@link * #isMembershipAllowed(long, long)}, to determine appropriate options to * display to the user. For example, the UI calls {@link * #isMembershipAllowed(long, long)} to decide whether to enable the checkbox * for adding the user to the user group. * </p> * * @author Roberto Daz * @author Sergio Gonzlez */ public interface UserGroupMembershipPolicy { /** * Checks if the users can be added to and removed from the respective user * groups. * * <p> * Liferay's core services call this method before adding the users to and * removing the users from the respective user groups. If this method throws * an exception, the service foregoes making the changes. * </p> * * @param userIds the primary keys of the users to be added and removed from * the user groups * @param addUserGroupIds the primary keys of the user groups to which the * users are to be added (optionally <code>null</code>) * @param removeUserGroupIds the primary keys of the user groups from which * the users are to be removed (optionally <code>null</code>) */ public void checkMembership(long[] userIds, long[] addUserGroupIds, long[] removeUserGroupIds) throws PortalException; /** * Returns <code>true</code> if the user can be added to the user group. * Liferay's UI calls this method. * * @param userId the primary key of the user * @param userGroupId the primary key of the user group * @return <code>true</code> if the user can be added to the user group; * <code>false</code> otherwise */ public boolean isMembershipAllowed(long userId, long userGroupId) throws PortalException; /** * Returns <code>true</code> if user group membership for the user is * mandatory. Liferay's UI, for example, calls this method in deciding * whether the checkbox to select the user group will be enable. * * @param userId the primary key of the user * @param userGroupId the primary key of the user group * @return <code>true</code> if user group membership for the user is * mandatory; <code>false</code> otherwise */ public boolean isMembershipRequired(long userId, long userGroupId) throws PortalException; /** * Performs membership policy related actions after the users are added to * and removed from the respective user groups. Liferay's core services call * this method after adding and removing the users to and from the * respective user groups. * * <p> * The actions must ensure the integrity of each user group's membership * policy. For example, some actions for implementations to consider * performing are: * </p> * * <ul> * <li> * If a user is added to user group A, he should be added to user group B * too. * </li> * <li> * If a user is removed from user group A, he should be removed from user * group B too. * </li> * </ul> * * @param userIds the primary key of the users to be added or removed * @param addUserGroupIds the primary keys of the user groups to which the * users were added (optionally <code>null</code>) * @param removeUserGroupIds the primary keys of the user groups from which * the users were removed (optionally <code>null</code>) */ public void propagateMembership(long[] userIds, long[] addUserGroupIds, long[] removeUserGroupIds) throws PortalException; /** * Checks the integrity of the membership policy of each of the portal's * user groups and performs operations necessary for the compliance of each * user group. This method can be triggered manually from the Control Panel. * If the <code>membership.policy.auto.verify</code> portal property is * <code>true</code> this method is triggered when starting Liferay and * every time a membership policy hook is deployed. */ public void verifyPolicy() throws PortalException; /** * Checks the integrity of the membership policy of the user group and * performs operations necessary for the user group's compliance. * * @param userGroup the user group to verify */ public void verifyPolicy(UserGroup userGroup) throws PortalException; /** * Checks the integrity of the membership policy of the user group, with * respect to the user group's new attribute values and expando attributes, * and performs operations necessary for the compliance of the user group. * Liferay calls this method when adding and updating user groups. * * <p> * The actions must ensure the integrity of the user group's membership * policy based on what has changed in the user group's attribute values and * expando attributes. * </p> * * <p> * For example, if the membership policy is that user groups with the * expando attribute A should only allow administrators, then this method * could enforce that policy using the following logic: * </p> * * <ul> * <li> * If the oldExpandoAttributes include the expando attribute A and the new * expando attributes include it too, then no action needs to be performed * regarding the policy. Note, the new expando attributes can be obtained * by calling <code>assetTagLocalService.getTags(Group.class.getName(), * group.getGroupId());</code>. * </li> * <li> * If the oldExpandoAttributes include the expando attribute A and the new * expando attributes don't include it, then no action needs to be performed * regarding the policy, as non-administrator users need not be removed. * </li> * <li> * However, if the oldExpandoAttributes don't include the expando attribute * A and the new expando attributes include it, any user group user that * does not have the Administrator role must be removed from the user group. * </li> * </ul> * * @param userGroup the added or updated user group to verify * @param oldUserGroup the old user group * @param oldExpandoAttributes the old expando attributes */ public void verifyPolicy(UserGroup userGroup, UserGroup oldUserGroup, Map<String, Serializable> oldExpandoAttributes) throws PortalException; }