1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33 package edu.internet2.middleware.grouper;
34 import java.sql.Timestamp;
35 import java.util.ArrayList;
36 import java.util.Collection;
37 import java.util.Date;
38 import java.util.HashSet;
39 import java.util.Iterator;
40 import java.util.LinkedHashSet;
41 import java.util.Set;
42
43 import org.apache.commons.lang.StringUtils;
44 import org.apache.commons.logging.Log;
45
46 import edu.internet2.middleware.grouper.Stem.Scope;
47 import edu.internet2.middleware.grouper.attr.AttributeDef;
48 import edu.internet2.middleware.grouper.attr.finder.AttributeDefFinder;
49 import edu.internet2.middleware.grouper.exception.AttributeDefNotFoundException;
50 import edu.internet2.middleware.grouper.exception.GroupNotFoundException;
51 import edu.internet2.middleware.grouper.exception.GrouperException;
52 import edu.internet2.middleware.grouper.exception.InsufficientPrivilegeException;
53 import edu.internet2.middleware.grouper.exception.MemberNotFoundException;
54 import edu.internet2.middleware.grouper.exception.MembershipNotFoundException;
55 import edu.internet2.middleware.grouper.exception.QueryException;
56 import edu.internet2.middleware.grouper.exception.SchemaException;
57 import edu.internet2.middleware.grouper.exception.StemNotFoundException;
58 import edu.internet2.middleware.grouper.internal.dao.MembershipDAO;
59 import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
60 import edu.internet2.middleware.grouper.internal.dao.QueryPaging;
61 import edu.internet2.middleware.grouper.membership.MembershipResult;
62 import edu.internet2.middleware.grouper.membership.MembershipSubjectContainer;
63 import edu.internet2.middleware.grouper.membership.MembershipType;
64 import edu.internet2.middleware.grouper.misc.CompositeType;
65 import edu.internet2.middleware.grouper.misc.E;
66 import edu.internet2.middleware.grouper.misc.GrouperDAOFactory;
67 import edu.internet2.middleware.grouper.privs.AccessPrivilege;
68 import edu.internet2.middleware.grouper.privs.AttributeDefPrivilege;
69 import edu.internet2.middleware.grouper.privs.NamingPrivilege;
70 import edu.internet2.middleware.grouper.privs.Privilege;
71 import edu.internet2.middleware.grouper.privs.PrivilegeHelper;
72 import edu.internet2.middleware.grouper.service.ServiceRole;
73 import edu.internet2.middleware.grouper.subj.LazySubject;
74 import edu.internet2.middleware.grouper.util.GrouperUtil;
75 import edu.internet2.middleware.grouperClient.collections.MultiKey;
76 import edu.internet2.middleware.grouperClient.jdbc.GcDbAccess;
77 import edu.internet2.middleware.grouperClient.util.ExpirableCache;
78 import edu.internet2.middleware.subject.Source;
79 import edu.internet2.middleware.subject.Subject;
80 import edu.internet2.middleware.subject.SubjectNotFoundException;
81 import edu.internet2.middleware.subject.provider.SourceManager;
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122 public class MembershipFinder {
123
124
125
126
127 private static ExpirableCache<MultiKey, Boolean> groupUuidOrNameSubjectSourceIdSubjectIdToInGroup = new ExpirableCache<>(2);
128
129
130
131
132
133
134
135 public static boolean hasMemberCacheNoCheckSecurity(String groupUuidOrName, Subject subject) {
136
137 MultiKey groupUuidOrNameSubjectSourceIdSubjectId = new MultiKey(groupUuidOrName, subject.getSourceId(), subject.getId());
138
139 Boolean hasMember = groupUuidOrNameSubjectSourceIdSubjectIdToInGroup.get(groupUuidOrNameSubjectSourceIdSubjectId);
140 if (hasMember == null) {
141
142 String sql = "select count(1) from grouper_memberships_lw_v gmlv "
143 + " where group_" + (groupUuidOrName.contains(":") ? "name" : "id") + " = ? and subject_source = ? and subject_id = ? and list_name = 'members'";
144
145 int rows = new GcDbAccess().sql(sql).addBindVar(groupUuidOrName).addBindVar(subject.getSourceId()).addBindVar(subject.getId()).select(int.class);
146 hasMember = rows > 0;
147 groupUuidOrNameSubjectSourceIdSubjectIdToInGroup.put(groupUuidOrNameSubjectSourceIdSubjectId, hasMember);
148 }
149 return hasMember;
150
151 }
152
153
154
155
156 private Subject subjectHasMembershipForGroup;
157
158
159
160
161 public MembershipFinder assignSubjectHasMembershipForGroup(Subject theSubjectHasMembershipForGroup) {
162 this.subjectHasMembershipForGroup = theSubjectHasMembershipForGroup;
163 return this;
164 }
165
166
167
168
169 private boolean hasMembershipTypeForMember;
170
171
172
173
174
175
176 public MembershipFinder assignHasMembershipTypeForMember(boolean theHasMembershipType) {
177 this.hasMembershipTypeForMember = theHasMembershipType;
178 return this;
179 }
180
181
182
183
184 private boolean hasFieldForMember;
185
186
187
188
189 private boolean hasFieldForGroup;
190
191
192
193
194
195 public MembershipFinder assignHasFieldForGroup(boolean theHasFieldForGroup) {
196 this.hasFieldForGroup = theHasFieldForGroup;
197 return this;
198 }
199
200
201
202
203
204
205 public MembershipFinder assignHasFieldForMember(boolean theHasField) {
206 this.hasFieldForMember = theHasField;
207 return this;
208 }
209
210
211 private Timestamp pointInTimeFrom;
212
213
214 private Timestamp pointInTimeTo;
215
216
217
218
219
220
221 public MembershipFinder assignPointInTimeFrom(Timestamp pointInTimeFrom1) {
222 this.pointInTimeFrom = pointInTimeFrom1;
223 return this;
224 }
225
226
227
228
229
230
231 public MembershipFinder assignPointInTimeTo(Timestamp pointInTimeTo1) {
232 this.pointInTimeTo = pointInTimeTo1;
233 return this;
234 }
235
236
237 private Collection<String> membershipIds;
238
239
240 private MembershipType membershipType;
241
242
243 private Collection<Field> fields = new HashSet<Field>();
244
245
246
247
248 private Collection<Privilege> privilegesTheUserHas = new HashSet<Privilege>();
249
250
251
252
253 private String scope;
254
255
256
257
258
259
260 public MembershipFinder assignScope(String scope1) {
261 this.scope = scope1;
262 return this;
263 }
264
265
266
267
268
269
270 public MembershipFinder assignField(Field theField) {
271 this.fields.clear();
272 if (theField != null) {
273 this.fields.add(theField);
274 }
275 return this;
276 }
277
278
279
280
281
282
283 public MembershipFinder assignFieldName(String theFieldOrPrivilegeName) {
284 Field theField = FieldFinder.find(theFieldOrPrivilegeName, true);
285 this.assignField(theField);
286 return this;
287 }
288
289
290 private Set<Source> sources;
291
292
293 private Stem stem;
294
295
296 private Scope stemScope;
297
298
299
300
301 private FieldType fieldType;
302
303
304
305
306
307
308 public MembershipFinder assignFieldType(FieldType theFieldType) {
309 this.fieldType = theFieldType;
310 return this;
311 }
312
313
314 private boolean checkSecurity = true;
315
316
317 private String serviceId = null;
318
319
320
321
322 private ServiceRole serviceRole = null;
323
324
325
326
327
328
329 public MembershipFinder assignServiceId(String serviceId1) {
330 this.serviceId = serviceId1;
331 return this;
332 }
333
334
335
336
337
338
339 public MembershipFinder assignServiceRole(ServiceRole serviceRole1) {
340 this.serviceRole = serviceRole1;
341 return this;
342 }
343
344
345
346
347
348
349 public MembershipFinder assignStemScope(Scope theStemScope) {
350 this.stemScope = theStemScope;
351 return this;
352 }
353
354
355
356
357
358
359 public MembershipFinder assignStem(Stem theStem) {
360 this.stem = theStem;
361 return this;
362 }
363
364
365
366
367
368
369 public MembershipFinder assignCheckSecurity(boolean shouldCheckSecurity) {
370 this.checkSecurity = shouldCheckSecurity;
371 return this;
372 }
373
374
375
376
377 private Collection<String> memberIds = null;
378
379
380
381
382
383
384 public MembershipFinder addMemberId(String memberId) {
385 if (this.memberIds == null) {
386 this.memberIds = new ArrayList<String>();
387 }
388
389 if (!this.memberIds.contains(memberId)) {
390 this.memberIds.add(memberId);
391 }
392 return this;
393 }
394
395
396
397
398
399
400 public MembershipFinder addMembershipId(String membershipId) {
401 if (this.membershipIds == null) {
402 this.membershipIds = new ArrayList<String>();
403 }
404
405 if (!this.membershipIds.contains(membershipId)) {
406 this.membershipIds.add(membershipId);
407 }
408 return this;
409 }
410
411
412
413
414
415
416 public MembershipFinder addSubjects(Collection<Subject> subjects) {
417
418 Set<Member> members = MemberFinder.findBySubjects(subjects, false);
419
420 for (Member member : GrouperUtil.nonNull(members)) {
421 this.addMemberId(member.getUuid());
422 }
423 return this;
424 }
425
426
427
428
429
430
431 public MembershipFinder assignMemberIds(Collection<String> theMemberIds) {
432 this.memberIds = theMemberIds;
433 return this;
434 }
435
436
437
438
439
440
441 public MembershipFinder assignGroupIds(Collection<String> theGroupIds) {
442 this.groupIds = theGroupIds;
443 return this;
444 }
445
446
447
448
449
450
451 public MembershipFinder assignFields(Collection<Field> theFields) {
452 this.fields = theFields;
453 return this;
454 }
455
456
457
458
459
460
461 public MembershipFinder assignPrivileges(Collection<Privilege> thePrivileges) {
462 this.fields = Privilege.convertPrivilegesToFields(thePrivileges);
463 return this;
464 }
465
466
467
468
469
470
471 public MembershipFinder assignFieldsByName(Collection<String> theFieldNames) {
472
473 Set<Field> theFields = new HashSet<Field>();
474
475 for (String fieldName : GrouperUtil.nonNull(theFieldNames)) {
476 Field field = FieldFinder.find(fieldName, true);
477 theFields.add(field);
478 }
479
480 this.fields = theFields;
481
482 return this;
483 }
484
485
486
487
488
489
490 public MembershipFinder assignStemIds(Collection<String> theStemIds) {
491 this.stemIds = theStemIds;
492 return this;
493 }
494
495
496
497
498
499
500 public MembershipFinder assignAttributeDefIds(Collection<String> theAttributeDefIds) {
501 this.attributeDefIds = theAttributeDefIds;
502 return this;
503 }
504
505
506
507
508
509
510
511 public MembershipFinder assignMembershipType(MembershipType theMembershipType) {
512 this.membershipType = theMembershipType;
513 return this;
514 }
515
516
517
518
519
520
521 public MembershipFinder assignMembershipIds(Collection<String> theMembershipIds) {
522 this.membershipIds = theMembershipIds;
523 return this;
524 }
525
526
527
528
529
530
531 public MembershipFinder addSubject(Subject subject) {
532
533
534
535 Member member = MemberFinder.findBySubject(GrouperSession.staticGrouperSession(), subject, true);
536 return this.addMemberId(member.getUuid());
537 }
538
539
540
541
542 private Collection<String> groupIds = null;
543
544
545
546
547
548
549 public MembershipFinder addGroupId(String groupId) {
550 if (!StringUtils.isBlank(groupId)) {
551 if (this.groupIds == null) {
552 this.groupIds = new ArrayList<String>();
553 }
554
555 if (!this.groupIds.contains(groupId)) {
556 this.groupIds.add(groupId);
557 }
558 }
559 return this;
560 }
561
562
563
564
565
566
567 public MembershipFinder assignRoleIds(Collection<String> theRoleIds) {
568 this.groupIds = theRoleIds;
569 return this;
570 }
571
572
573
574
575
576
577 public MembershipFinder assignSources(Set<Source> theSources) {
578 this.sources = theSources;
579 return this;
580 }
581
582
583
584
585
586
587 public MembershipFinder addGroup(Group group) {
588
589 return this.addGroupId(group.getId());
590 }
591
592
593
594
595
596
597 public MembershipFinder addGroup(String name) {
598
599 Group group = GroupFinder.findByName(GrouperSession.staticGrouperSession(), name, true);
600
601 return this.addGroupId(group.getId());
602 }
603
604
605
606
607
608
609 public MembershipFinder addField(String name) {
610 Field field = FieldFinder.find(name, false);
611 this.addField(field);
612 return this;
613 }
614
615
616
617
618
619
620 public MembershipFinder addField(Field field) {
621 this.fields.add(field);
622 return this;
623 }
624
625
626
627
628
629
630 public MembershipFinder addPrivilegeTheUserHas(String name) {
631 Privilege privilege = Privilege.getInstance(name);
632 this.addPrivilegeTheUserHas(privilege);
633 return this;
634 }
635
636
637
638
639
640
641 public MembershipFinder addPrivilegeTheUserHas(Privilege field) {
642 this.privilegesTheUserHas.add(field);
643 return this;
644 }
645
646
647
648 private Boolean enabled;
649
650
651 private Boolean hasEnabledDate;
652
653
654 private Boolean hasDisabledDate;
655
656
657 private CompositeType customCompositeType;
658
659
660 private Group customCompositeGroup;
661
662
663
664
665 private Collection<String> stemIds = null;
666
667
668
669
670 private Collection<String> attributeDefIds = null;
671
672
673
674
675
676
677 public MembershipFinder assignCustomCompositeType(CompositeType theCustomCompositeType) {
678 this.customCompositeType = theCustomCompositeType;
679 return this;
680 }
681
682
683
684
685
686
687 public MembershipFinder assignCustomCompositeGroup(Group theCustomCompositeGroup) {
688 this.customCompositeGroup = theCustomCompositeGroup;
689 return this;
690 }
691
692
693
694
695
696
697 public MembershipFinder assignEnabled(Boolean theEnabled) {
698 this.enabled = theEnabled;
699 return this;
700 }
701
702
703
704
705
706
707
708
709 public MembershipFinder assignHasEnabledDate(Boolean theHasEnabledDate) {
710 this.hasEnabledDate = theHasEnabledDate;
711 return this;
712 }
713
714
715
716
717
718
719
720
721 public MembershipFinder assignHasDisabledDate(Boolean theHasDisabledDate) {
722 this.hasDisabledDate = theHasDisabledDate;
723 return this;
724 }
725
726
727
728
729
730
731
732
733 public boolean hasMembership() {
734
735 return GrouperUtil.length(findMembershipsGroupsMembers()) > 0;
736 }
737
738
739
740
741
742 public MembershipResult findMembershipResult() {
743
744 Set<Object[]> membershipsOwnersMembers = this.findMembershipsMembers();
745 Field field = this.field(true);
746 String theFieldId = field == null ? null : field.getUuid();
747
748 Collection<Field> theFields = this.fields;
749
750 if (this.hasFieldForGroup || this.hasFieldForStem || this.hasFieldForAttributeDef || this.hasFieldForMember) {
751 theFields = null;
752 }
753
754 boolean theIncludeInheritedPrivileges = this.includeInheritedPrivileges;
755
756 if (this.hasFieldForGroup || this.hasFieldForStem || this.hasFieldForAttributeDef || this.hasFieldForMember) {
757 theIncludeInheritedPrivileges = false;
758 }
759
760 return new MembershipResult(membershipsOwnersMembers, theFieldId, theFields,
761 theIncludeInheritedPrivileges);
762 }
763
764
765
766
767 private boolean includeInheritedPrivileges = false;
768
769
770
771
772
773
774 public MembershipFinder assignIncludeInheritedPrivileges(boolean theIncludeInheritedPrivileges) {
775 this.includeInheritedPrivileges = theIncludeInheritedPrivileges;
776 return this;
777 }
778
779
780
781
782
783
784 private Field field(boolean firstFieldIfMultiple) {
785 if (!firstFieldIfMultiple) {
786 this.assertOneOrNoFields();
787 }
788 if (GrouperUtil.length(this.fields) == 0) {
789 return null;
790 }
791 if (GrouperUtil.length(this.fields) == 1) {
792 return this.fields.iterator().next();
793 }
794
795 FieldType fieldType = null;
796 for (Field field : this.fields) {
797 if (fieldType == null) {
798 fieldType = field.getType();
799 } else {
800 if (fieldType != field.getType()) {
801 throw new RuntimeException("Expecting field type of: " + fieldType + ", but received: " + field.getType());
802 }
803 }
804 }
805 return this.fields.iterator().next();
806 }
807
808
809
810
811 private void assertOneOrNoFields() {
812 if (GrouperUtil.length(this.fields) <= 1) {
813 return;
814 }
815 throw new RuntimeException("Expecting 0 or 1 fields but got: " + GrouperUtil.length(this.fields));
816 }
817
818
819
820
821
822 private boolean findAllFields = false;
823
824
825
826
827
828 public MembershipFinder assignFindAllFields(boolean theFindAllFields) {
829 this.findAllFields = theFindAllFields;
830 return this;
831 }
832
833
834
835
836
837
838 public Set<Object[]> findMembershipsMembers() {
839
840 if (pointInTimeFrom != null || pointInTimeTo != null) {
841 throw new RuntimeException("Use findPITMembershipsMembers() for point in time queries");
842 }
843
844 if (this.findAllFields) {
845
846 if (GrouperUtil.length(this.fields) > 0) {
847 throw new RuntimeException("Cannot findAllFields and pass in a field");
848 }
849
850 Set<Object[]> totalResults = new LinkedHashSet<Object[]>();
851 this.findAllFields = false;
852
853
854 this.fields = GrouperUtil.toSet(Group.getDefaultList());
855 totalResults.addAll(GrouperUtil.nonNull(this.findMembershipsMembers()));
856
857
858 this.fields = Privilege.convertPrivilegesToFields(AccessPrivilege.ALL_PRIVILEGES);
859 totalResults.addAll(GrouperUtil.nonNull(this.findMembershipsMembers()));
860
861
862 this.fields = Privilege.convertPrivilegesToFields(NamingPrivilege.ALL_PRIVILEGES);
863 totalResults.addAll(GrouperUtil.nonNull(this.findMembershipsMembers()));
864
865 this.fields = Privilege.convertPrivilegesToFields(AttributeDefPrivilege.ALL_PRIVILEGES);
866 totalResults.addAll(GrouperUtil.nonNull(this.findMembershipsMembers()));
867
868 this.findAllFields = true;
869 this.fields = null;
870
871 return totalResults;
872
873 }
874
875 Field field = this.field(true);
876 if ((this.fieldType != null && this.fieldType == FieldType.NAMING )
877 || (field != null && field.isStemListField())
878 || GrouperUtil.length(this.stemIds) > 0) {
879 return this.findMembershipsStemsMembers();
880 } else if ((this.fieldType != null && this.fieldType == FieldType.ATTRIBUTE_DEF )
881 || (field != null && field.isAttributeDefListField())
882 || GrouperUtil.length(this.attributeDefIds) > 0) {
883 Set<Object[]> result = this.findMembershipsAttributeDefsMembers();
884 return result;
885 } else if ((field == null && this.fieldType == null)
886 || this.fieldType == FieldType.ACCESS || this.fieldType == FieldType.LIST
887 || (field != null && field.isGroupListField())
888 || GrouperUtil.length(this.groupIds) > 0) {
889 return this.findMembershipsGroupsMembers();
890 } else {
891 throw new RuntimeException("Not expecting field / fieldType: " + field + ", " + this.fieldType);
892 }
893 }
894
895
896
897
898
899 private Set<Object[]> findMembershipsGroupsMembers() {
900
901
902 Field field = this.field(true);
903 if (field != null && !field.isGroupAccessField() && !field.isGroupListField()) {
904 throw new RuntimeException("Not expecting field: " + field +
905 ", expecting a group field since other part of the query involve group memberships");
906 }
907
908 if (this.fieldType != null && this.fieldType != FieldType.ACCESS && this.fieldType != FieldType.LIST) {
909 throw new RuntimeException("Not expecting fieldType: " + this.fieldType +
910 ", expecting a group field type since other part of the query involve group memberships");
911 }
912
913 if (GrouperUtil.length(this.stemIds) > 0) {
914 throw new RuntimeException("Not expecting stem lookups, since other parts of the query "
915 + " involve group memberships");
916
917 }
918
919 if (GrouperUtil.length(this.attributeDefIds) > 0) {
920 throw new RuntimeException("Not expecting attribute definition lookups, since other parts of the query "
921 + " involve group memberships");
922 }
923
924 Collection<Field> inheritedFields = Field.calculateInheritedPrivileges(this.fields, this.includeInheritedPrivileges);
925
926 Member memberHasMembershipForGroup = null;
927
928 if (this.subjectHasMembershipForGroup != null) {
929 memberHasMembershipForGroup = MemberFinder.findBySubject(GrouperSession.staticGrouperSession(),
930 this.subjectHasMembershipForGroup, false);
931 if (memberHasMembershipForGroup == null) {
932 return new HashSet<Object[]>();
933 }
934 }
935
936 return GrouperDAOFactory.getFactory().getMembership().findAllByGroupOwnerOptions(this.groupIds, this.memberIds,
937 this.membershipIds, this.membershipType, inheritedFields, this.privilegesTheUserHas, this.sources, this.scope, this.stem, this.stemScope,
938 this.enabled, this.checkSecurity, this.fieldType, this.serviceId, this.serviceRole,
939 this.queryOptionsForMember, this.scopeForMember, this.splitScopeForMember,
940 this.hasFieldForMember, this.hasMembershipTypeForMember, this.queryOptionsForGroup,
941 this.scopeForGroup, this.splitScopeForGroup, this.hasFieldForGroup,
942 this.hasMembershipTypeForGroup, memberHasMembershipForGroup, this.hasEnabledDate, this.hasDisabledDate, this.customCompositeType, this.customCompositeGroup, this.queryOptionsForMembership);
943
944
945 }
946
947
948
949
950
951
952 public Set<Object[]> findPITMembershipsMembers() {
953 return this.findPITMembershipsGroupsMembers();
954 }
955
956
957
958
959
960
961
962 private Set<Object[]> findPITMembershipsGroupsMembers() {
963
964
965 Field field = this.field(true);
966 if (field != null && !field.isGroupAccessField() && !field.isGroupListField()) {
967 throw new RuntimeException("Not expecting field: " + field +
968 ", expecting a group field since other part of the query involve group memberships");
969 }
970
971 if (this.fieldType != null && this.fieldType != FieldType.ACCESS && this.fieldType != FieldType.LIST) {
972 throw new RuntimeException("Not expecting fieldType: " + this.fieldType +
973 ", expecting a group field type since other part of the query involve group memberships");
974 }
975
976 if (GrouperUtil.length(this.stemIds) > 0) {
977 throw new RuntimeException("Not expecting stem lookups, since other parts of the query "
978 + " involve group memberships");
979
980 }
981
982 if (GrouperUtil.length(this.attributeDefIds) > 0) {
983 throw new RuntimeException("Not expecting attribute definition lookups, since other parts of the query "
984 + " involve group memberships");
985 }
986
987 return GrouperDAOFactory.getFactory().getPITMembershipView().findAllByGroupOwnerOptions(this.groupIds, this.memberIds, this.fields, this.sources, this.stem, this.stemScope, this.checkSecurity, this.fieldType,
988 this.queryOptionsForMember, this.scopeForMember, this.splitScopeForMember, this.hasFieldForMember, this.pointInTimeFrom, this.pointInTimeTo);
989 }
990
991
992
993
994
995 private Set<Object[]> findMembershipsStemsMembers() {
996
997 Collection<Field> inheritedFields = Field.calculateInheritedPrivileges(this.fields, this.includeInheritedPrivileges);
998
999
1000 Field field = this.field(true);
1001 if (field != null && !field.isStemListField()) {
1002 throw new RuntimeException("Not expecting field: " + field +
1003 ", expecting a stem field since other part of the query involve stem memberships");
1004 }
1005
1006 if (this.fieldType != null && this.fieldType != FieldType.NAMING) {
1007 throw new RuntimeException("Not expecting fieldType: " + this.fieldType +
1008 ", expecting a stem field type since other part of the query involve stem memberships");
1009 }
1010
1011 if (GrouperUtil.length(this.groupIds) > 0) {
1012 throw new RuntimeException("Not expecting group lookups, since other parts of the query "
1013 + " involve stem memberships");
1014
1015 }
1016
1017 if (GrouperUtil.length(this.attributeDefIds) > 0) {
1018 throw new RuntimeException("Not expecting attribute definition lookups, since other parts of the query "
1019 + " involve stem memberships");
1020 }
1021
1022 return GrouperDAOFactory.getFactory().getMembership().findAllByStemOwnerOptions(this.stemIds, this.memberIds,
1023 this.membershipIds, this.membershipType, inheritedFields, this.sources,
1024 this.scope, this.stem, this.stemScope, this.enabled, this.checkSecurity,
1025 this.queryOptionsForMember, this.scopeForMember, this.splitScopeForMember,
1026 this.hasFieldForMember, this.hasMembershipTypeForMember, this.queryOptionsForStem,
1027 this.scopeForStem, this.splitScopeForStem, this.hasFieldForStem,
1028 this.hasMembershipTypeForStem, this.hasEnabledDate, this.hasDisabledDate,
1029 this.customCompositeType, this.customCompositeGroup);
1030
1031 }
1032
1033
1034
1035
1036
1037
1038 public Membership findMembership(boolean exceptionIfNotFound) {
1039
1040 Set<Object[]> memberships = findMembershipsMembers();
1041
1042
1043 Membership membership = null;
1044
1045 if (GrouperUtil.length(memberships) > 1) {
1046 throw new RuntimeException("Why is there more than one membership found? " + this);
1047 }
1048
1049 if (GrouperUtil.length(memberships) == 1) {
1050 membership = (Membership)memberships.iterator().next()[0];
1051 }
1052
1053 if (membership == null && exceptionIfNotFound) {
1054 throw new RuntimeException("could not find membership: "
1055 + this);
1056 }
1057 return membership;
1058
1059 }
1060
1061
1062
1063
1064 @Override
1065 public String toString() {
1066 StringBuilder result = new StringBuilder();
1067 if (enabled != null) {
1068 result.append("enabled: ").append(this.enabled);
1069 }
1070 if (GrouperUtil.length(this.memberIds) > 0) {
1071 result.append("memberIds: ").append(GrouperUtil.toStringForLog(this.memberIds, 100));
1072 }
1073 if (GrouperUtil.length(this.fields) > 0) {
1074 result.append("fields: ").append(GrouperUtil.toStringForLog(this.fields, 100));
1075 }
1076 if (GrouperUtil.length(this.groupIds) > 0) {
1077 result.append("groupIds: ").append(GrouperUtil.toStringForLog(this.groupIds, 100));
1078 }
1079 if (GrouperUtil.length(this.membershipIds) > 0) {
1080 result.append("membershipIds: ").append(GrouperUtil.toStringForLog(this.membershipIds, 100));
1081 }
1082 if (GrouperUtil.length(this.membershipType) > 0) {
1083 result.append("membershipType: ").append(this.membershipType);
1084 }
1085 if (GrouperUtil.length(this.sources) > 0) {
1086 result.append("sources: ").append(GrouperUtil.toStringForLog(this.sources, 100));
1087 }
1088 if (GrouperUtil.length(this.stem) > 0) {
1089 result.append("stem: ").append(this.stem);
1090 }
1091 if (GrouperUtil.length(this.stemScope) > 0) {
1092 result.append("membershipType: ").append(this.membershipType);
1093 }
1094 return result.toString();
1095 }
1096
1097
1098
1099
1100
1101
1102 public MembershipFinder addStem(Stem stem) {
1103
1104 return this.addStemId(stem.getUuid());
1105 }
1106
1107
1108
1109
1110
1111
1112 public MembershipFinder addStem(String name) {
1113
1114 Stem stem = StemFinder.findByName(GrouperSession.staticGrouperSession(), name, true);
1115 return this.addStemId(stem.getId());
1116 }
1117
1118
1119
1120
1121
1122
1123 public MembershipFinder addStemId(String stemId) {
1124 if (!StringUtils.isBlank(stemId)) {
1125 if (this.stemIds == null) {
1126 this.stemIds = new ArrayList<String>();
1127 }
1128
1129 if (!this.stemIds.contains(stemId)) {
1130 this.stemIds.add(stemId);
1131 }
1132 }
1133 return this;
1134 }
1135
1136
1137
1138
1139
1140
1141 public MembershipFinder addSourceId(String sourceId) {
1142
1143 if (!StringUtils.isBlank(sourceId)) {
1144 Source source = SourceManager.getInstance().getSource(sourceId);
1145 addSource(source);
1146 }
1147 return this;
1148 }
1149
1150
1151
1152
1153
1154
1155 public MembershipFinder addSource(Source source) {
1156 if (source != null) {
1157 if (this.sources == null) {
1158 this.sources = new HashSet<Source>();
1159 }
1160
1161 this.sources.add(source);
1162 }
1163 return this;
1164 }
1165
1166
1167
1168
1169
1170 private Set<Object[]> findMembershipsAttributeDefsMembers() {
1171
1172 Collection<Field> inheritedFields = Field.calculateInheritedPrivileges(this.fields, this.includeInheritedPrivileges);
1173
1174
1175 Field field = this.field(true);
1176 if (field != null && !field.isAttributeDefListField()) {
1177 throw new RuntimeException("Not expecting field: " + field +
1178 ", expecting an attribute definition field since other part of the query involve attribute definition memberships");
1179 }
1180
1181 if (this.fieldType != null && this.fieldType != FieldType.ATTRIBUTE_DEF) {
1182 throw new RuntimeException("Not expecting fieldType: " + this.fieldType +
1183 ", expecting an attribute def field type since other part of the query involve attributeDef memberships");
1184 }
1185
1186 if (GrouperUtil.length(this.groupIds) > 0) {
1187 throw new RuntimeException("Not expecting group lookups, since other parts of the query "
1188 + " involve attributeDef memberships");
1189
1190 }
1191
1192 if (GrouperUtil.length(this.stemIds) > 0) {
1193 throw new RuntimeException("Not expecting stem lookups, since other parts of the query "
1194 + " involve attributeDef memberships");
1195 }
1196
1197 Set<Object[]> result = GrouperDAOFactory.getFactory().getMembership().findAllByAttributeDefOwnerOptions(this.attributeDefIds, this.memberIds,
1198 this.membershipIds, this.membershipType, inheritedFields, this.sources, this.scope, this.stem, this.stemScope,
1199 this.enabled, this.checkSecurity, this.queryOptionsForMember, this.scopeForMember, this.splitScopeForMember,
1200 this.hasFieldForMember, this.hasMembershipTypeForMember,
1201 this.queryOptionsForAttributeDef, this.scopeForAttributeDef, this.splitScopeForAttributeDef, this.hasFieldForAttributeDef,
1202 this.hasMembershipTypeForAttributeDef, this.hasEnabledDate, this.hasDisabledDate, this.customCompositeType, this.customCompositeGroup);
1203 return result;
1204 }
1205
1206
1207
1208
1209
1210
1211 public MembershipFinder addAttributeDef(AttributeDef attributeDef) {
1212
1213 return this.addAttributeDefId(attributeDef.getId());
1214 }
1215
1216
1217
1218
1219
1220
1221 public MembershipFinder addAttributeDef(String name) {
1222
1223 AttributeDef attributeDef = AttributeDefFinder.findByName(name, true);
1224
1225 return this.addGroupId(attributeDef.getId());
1226 }
1227
1228
1229
1230
1231
1232
1233 public MembershipFinder addAttributeDefId(String attributeDefId) {
1234 if (!StringUtils.isBlank(attributeDefId)) {
1235 if (this.attributeDefIds == null) {
1236 this.attributeDefIds = new ArrayList<String>();
1237 }
1238
1239 if (!this.attributeDefIds.contains(attributeDefId)) {
1240 this.attributeDefIds.add(attributeDefId);
1241 }
1242 }
1243 return this;
1244 }
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261 public static Set<Object[]> findStemMemberships(Collection<String> stemIds, Collection<String> memberIds,
1262 Collection<String> membershipIds, MembershipType membershipType,
1263 Field field,
1264 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled, Boolean shouldCheckSecurity) {
1265 return GrouperDAOFactory.getFactory().getMembership().findAllByStemOwnerOptions(stemIds, memberIds,
1266 membershipIds, membershipType, field, sources, scope, stem, stemScope, enabled, shouldCheckSecurity);
1267 }
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284 public static Set<Object[]> findMemberships(Collection<String> groupIds, Collection<String> memberIds,
1285 Collection<String> membershipIds, MembershipType membershipType,
1286 Field field,
1287 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled, Boolean shouldCheckSecurity) {
1288 return findMemberships(groupIds, memberIds, membershipIds, membershipType, field, sources, scope, stem, stemScope, enabled,
1289 shouldCheckSecurity, null);
1290 }
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309 public static Set<Object[]> findMemberships(Collection<String> groupIds, Collection<String> memberIds,
1310 Collection<String> membershipIds, MembershipType membershipType,
1311 Field field,
1312 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled, Boolean shouldCheckSecurity, FieldType fieldType) {
1313 return findMemberships(groupIds, memberIds, membershipIds, membershipType, field, sources, scope,
1314 stem, stemScope, enabled, shouldCheckSecurity, fieldType, null, null);
1315 }
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336 public static Membership findImmediateMembership(
1337 GrouperSession s, Stem stem, Subject subj, Field f, boolean exceptionIfNotFound
1338 ) throws MembershipNotFoundException, SchemaException {
1339
1340
1341
1342 GrouperSession.validate(s);
1343 try {
1344 Member m = MemberFinder.findBySubject(s, subj, true);
1345 Membership ms = GrouperDAOFactory.getFactory().getMembership().findByStemOwnerAndMemberAndFieldAndType(
1346 stem.getUuid(), m.getUuid(), f, MembershipType.IMMEDIATE.getTypeString(), true, true);
1347 PrivilegeHelper.dispatch( s, ms.getOwnerStem(), s.getSubject(), f.getReadPriv() );
1348 return ms;
1349 } catch (MembershipNotFoundException mnfe) {
1350 if (exceptionIfNotFound) {
1351 throw mnfe;
1352 }
1353 return null;
1354 } catch (StemNotFoundException eGNF) {
1355
1356 if (exceptionIfNotFound) {
1357 throw new MembershipNotFoundException(eGNF.getMessage(), eGNF);
1358 }
1359 return null;
1360 } catch (InsufficientPrivilegeException eIP) {
1361 if (exceptionIfNotFound) {
1362 throw new MembershipNotFoundException(eIP.getMessage(), eIP);
1363 }
1364 return null;
1365 }
1366 }
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382 public static Set<Object[]> findMemberships(Collection<String> groupIds, Collection<String> memberIds,
1383 Collection<String> membershipIds, MembershipType membershipType,
1384 Field field,
1385 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled) {
1386
1387 return findMemberships(groupIds, memberIds, membershipIds, membershipType, field, sources, scope, stem, stemScope, enabled, null, null);
1388
1389 }
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407 public static Set<Object[]> findAttributeDefMemberships(Collection<String> attributeDefIds,
1408 Collection<String> memberIds,
1409 Collection<String> membershipIds, MembershipType membershipType,
1410 Field field,
1411 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled,
1412 Boolean shouldCheckSecurity) {
1413
1414 return GrouperDAOFactory.getFactory().getMembership().findAllByAttributeDefOwnerOptions(attributeDefIds, memberIds,
1415 membershipIds, membershipType, field, sources, scope, stem, stemScope, enabled, shouldCheckSecurity);
1416
1417 }
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436 public static Set<Object[]> findMemberships(Collection<String> groupIds, Collection<String> memberIds,
1437 Collection<String> membershipIds, MembershipType membershipType,
1438 Field field,
1439 Set<Source> sources, String scope, Stem stem, Scope stemScope, Boolean enabled, Boolean shouldCheckSecurity,
1440 FieldType fieldType, String serviceId, ServiceRole serviceRole) {
1441
1442 return GrouperDAOFactory.getFactory().getMembership().findAllByGroupOwnerOptions(groupIds, memberIds,
1443 membershipIds, membershipType, GrouperUtil.toSet(field), null, sources, scope, stem, stemScope, enabled, shouldCheckSecurity,
1444 fieldType, serviceId, serviceRole, null, null, false, false, false, null, null, false, false, false, null);
1445 }
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467 @Deprecated
1468 public static Membership findCompositeMembership(GrouperSession s, Group g, Subject subj)
1469 throws MembershipNotFoundException, SchemaException {
1470
1471 return findCompositeMembership(s, g, subj, true);
1472
1473 }
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495 public static Membership findCompositeMembership(GrouperSession s, Group g, Subject subj, boolean exceptionOnNull)
1496 throws MembershipNotFoundException, SchemaException {
1497
1498
1499
1500
1501 GrouperSession.validate(s);
1502 try {
1503 Field f = Group.getDefaultList();
1504 Member m = MemberFinder.findBySubject(s, subj, true);
1505 Membership ms = GrouperDAOFactory.getFactory().getMembership().findByGroupOwnerAndMemberAndFieldAndType(
1506 g.getUuid(), m.getUuid(), f, MembershipType.COMPOSITE.getTypeString(), true, true);
1507 PrivilegeHelper.dispatch( s, ms.getOwnerGroup(), s.getSubject(), f.getReadPriv() );
1508 return ms;
1509 } catch (MembershipNotFoundException mnfe) {
1510 if (exceptionOnNull) {
1511 throw mnfe;
1512 }
1513 return null;
1514 } catch (InsufficientPrivilegeException eIP) {
1515 if (exceptionOnNull) {
1516 throw new MembershipNotFoundException(eIP.getMessage(), eIP);
1517 }
1518 return null;
1519 }
1520 }
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545 public static Set<Membership> findEffectiveMemberships(
1546 GrouperSession s, Group/internet2/middleware/grouper/Group.html#Group">Group g, Subject subj, Field f, Group via, int depth
1547 )
1548 throws MembershipNotFoundException,
1549 SchemaException
1550 {
1551
1552
1553
1554 GrouperSession.validate(s);
1555 Set mships = new LinkedHashSet();
1556 Member m = MemberFinder.findBySubject(s, subj, true);
1557 try {
1558 PrivilegeHelper.dispatch( s, g, s.getSubject(), f.getReadPriv() );
1559 Iterator it = GrouperDAOFactory.getFactory().getMembership().findAllEffectiveByGroupOwner(
1560 g.getUuid(), m.getUuid(), f, via.getUuid(), depth, true
1561 ).iterator();
1562 Membership eff;
1563 while (it.hasNext()) {
1564 eff = (Membership) it.next();
1565 mships.add(eff);
1566 }
1567 }
1568 catch (InsufficientPrivilegeException eIP) {
1569
1570 }
1571 return mships;
1572 }
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597 @Deprecated
1598 public static Membership findImmediateMembership(
1599 GrouperSession s, Group g, Subject subj, Field f
1600 ) throws MembershipNotFoundException, SchemaException {
1601 return findImmediateMembership(s, g, subj, f, true);
1602 }
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626 public static Membership findImmediateMembership(
1627 GrouperSession s, Group g, Subject subj, boolean exceptionIfNotFound)
1628 throws MembershipNotFoundException, SchemaException {
1629 return findImmediateMembership(s, g, subj, Group.getDefaultList(), exceptionIfNotFound);
1630 }
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654 public static Membership findImmediateMembership(
1655 GrouperSession s, Group g, Subject subj, Field f, boolean exceptionIfNotFound
1656 ) throws MembershipNotFoundException, SchemaException {
1657
1658
1659
1660 GrouperSession.validate(s);
1661 try {
1662 Member m = MemberFinder.findBySubject(s, subj, true);
1663 Membership ms = GrouperDAOFactory.getFactory().getMembership().findByGroupOwnerAndMemberAndFieldAndType(
1664 g.getUuid(), m.getUuid(), f, MembershipType.IMMEDIATE.getTypeString(), true, true);
1665 PrivilegeHelper.dispatch( s, ms.getOwnerGroup(), s.getSubject(), f.getReadPriv() );
1666 return ms;
1667 } catch (MembershipNotFoundException mnfe) {
1668 if (exceptionIfNotFound) {
1669 throw mnfe;
1670 }
1671 return null;
1672 } catch (GroupNotFoundException eGNF) {
1673
1674 if (exceptionIfNotFound) {
1675 throw new MembershipNotFoundException(eGNF.getMessage(), eGNF);
1676 }
1677 return null;
1678 } catch (InsufficientPrivilegeException eIP) {
1679 if (exceptionIfNotFound) {
1680 throw new MembershipNotFoundException(eIP.getMessage(), eIP);
1681 }
1682 return null;
1683 }
1684 }
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706 public static Membership findImmediateMembership(
1707 GrouperSession s, AttributeDef attributeDef, Subject subj, Field f, boolean exceptionIfNotFound
1708 ) throws MembershipNotFoundException, SchemaException {
1709
1710
1711
1712 GrouperSession.validate(s);
1713 try {
1714 Member m = MemberFinder.findBySubject(s, subj, true);
1715 Membership ms = GrouperDAOFactory.getFactory().getMembership().findByAttrDefOwnerAndMemberAndFieldAndType(
1716 attributeDef.getUuid(), m.getUuid(), f, MembershipType.IMMEDIATE.getTypeString(), true, true);
1717 PrivilegeHelper.dispatch( s, ms.getOwnerAttributeDef(), s.getSubject(), f.getReadPriv() );
1718 return ms;
1719 } catch (MembershipNotFoundException mnfe) {
1720 if (exceptionIfNotFound) {
1721 throw mnfe;
1722 }
1723 return null;
1724 } catch (AttributeDefNotFoundException eGNF) {
1725
1726 if (exceptionIfNotFound) {
1727 throw new MembershipNotFoundException(eGNF.getMessage(), eGNF);
1728 }
1729 return null;
1730 } catch (InsufficientPrivilegeException eIP) {
1731 if (exceptionIfNotFound) {
1732 throw new MembershipNotFoundException(eIP.getMessage(), eIP);
1733 }
1734 return null;
1735 }
1736 }
1737
1738
1739
1740
1741
1742
1743 public static Set<Membership> internal_findAllChildrenNoPriv(Membership dto) {
1744 Set children = new LinkedHashSet();
1745 Membership child;
1746 Iterator it = GrouperDAOFactory.getFactory().getMembership().findAllChildMemberships(dto, true).iterator();
1747 while (it.hasNext()) {
1748 child = (Membership) it.next();
1749 children.addAll( internal_findAllChildrenNoPriv(child) );
1750 children.add(child);
1751 }
1752 return children;
1753 }
1754
1755
1756
1757
1758
1759
1760
1761
1762 public static Set<Member> findMembers(Group group, Field field)
1763 throws IllegalArgumentException {
1764 return findMembers(group, field, null);
1765 }
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775 public static Set<Member> findMembers(Group group, Field field, QueryOptions queryOptions)
1776 throws IllegalArgumentException
1777 {
1778 return findMembers(group, field, null, queryOptions);
1779 }
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789 public static Set<Member> findMembers(Group group, Field field, Set<Source> sources, QueryOptions queryOptions)
1790 throws IllegalArgumentException
1791 {
1792
1793 if (group == null) {
1794 throw new IllegalArgumentException("null Group");
1795 }
1796 if (field == null) {
1797 throw new IllegalArgumentException("null Field");
1798 }
1799 Set<Member> members = null;
1800 try {
1801 GrouperSession s = GrouperSession.staticGrouperSession();
1802 PrivilegeHelper.dispatch( s, group, s.getSubject(), field.getReadPriv() );
1803 members = GrouperDAOFactory.getFactory().getMembership().findAllMembersByGroupOwnerAndField(
1804 group.getUuid(), field, sources, queryOptions, true);
1805 }
1806 catch (InsufficientPrivilegeException eIP) {
1807
1808 }
1809 catch (SchemaException eSchema) {
1810 String groupName = null;
1811 try {
1812 groupName = group.getName();
1813 } catch (Exception e) {
1814 LOG.error("error getting group name", e);
1815 }
1816 throw new RuntimeException("Error retrieving members for group: " + groupName, eSchema);
1817 }
1818 return members;
1819 }
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829 public static Set<Subject> internal_findGroupSubjects(GrouperSession s, Group group, Field f)
1830 throws GrouperException
1831 {
1832 GrouperSession.validate(s);
1833 Set subjs = new LinkedHashSet();
1834 Iterator it = PrivilegeHelper.canViewMemberships(
1835 s, GrouperDAOFactory.getFactory().getMembership().findAllByGroupOwnerAndField(group.getUuid(), f, true)
1836 ).iterator();
1837 try {
1838 while (it.hasNext()) {
1839
1840
1841
1842
1843
1844
1845 try {
1846 subjs.add ( new LazySubject((Membership) it.next()) );
1847 }catch(GrouperException gre) {
1848 if(gre.getCause() instanceof MemberNotFoundException) {
1849 throw (MemberNotFoundException) gre.getCause();
1850 }
1851 if(gre.getCause() instanceof SubjectNotFoundException) {
1852 throw (SubjectNotFoundException) gre.getCause();
1853 }
1854 }
1855 }
1856 }
1857 catch (MemberNotFoundException eMNF) {
1858 String msg = "internal_findSubjects: " + eMNF.getMessage();
1859 LOG.fatal(msg);
1860 throw new GrouperException(msg, eMNF);
1861 }
1862 catch (SubjectNotFoundException eSNF) {
1863 String msg = "internal_findSubjects: " + eSNF.getMessage();
1864 LOG.fatal(msg);
1865 throw new GrouperException(msg, eSNF);
1866 }
1867 return subjs;
1868 }
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878 public static Set<Subject> internal_findAttributeDefSubjectsImmediateOnly(GrouperSession s,
1879 AttributeDef attributeDef, Field f) throws GrouperException {
1880 GrouperSession.validate(s);
1881 Set<Subject> subjs = new LinkedHashSet();
1882 try {
1883 PrivilegeHelper.dispatch(s, attributeDef, s.getSubject(), f.getReadPriv());
1884 Iterator<Member> it = null;
1885
1886
1887
1888
1889
1890 while (it.hasNext()) {
1891 try {
1892 subjs.add(new LazySubject(it.next()));
1893 } catch (GrouperException gre) {
1894 if (gre.getCause() instanceof MemberNotFoundException) {
1895 throw (MemberNotFoundException) gre.getCause();
1896 }
1897 if (gre.getCause() instanceof SubjectNotFoundException) {
1898 throw (SubjectNotFoundException) gre.getCause();
1899 }
1900 }
1901 }
1902 } catch (MemberNotFoundException eMNF) {
1903 String msg = "internal_findGroupSubjectsImmediateOnly: " + eMNF.getMessage();
1904 LOG.fatal(msg);
1905 throw new GrouperException(msg, eMNF);
1906 } catch (SubjectNotFoundException eSNF) {
1907 String msg = "internal_findGroupSubjectsImmediateOnly: " + eSNF.getMessage();
1908 LOG.fatal(msg);
1909 throw new GrouperException(msg, eSNF);
1910 } catch (InsufficientPrivilegeException e) {
1911 String msg = "internal_findGroupSubjectsImmediateOnly: " + e.getMessage();
1912 LOG.fatal(msg);
1913 throw new GrouperException(msg, e);
1914 } catch (SchemaException e) {
1915 String msg = "internal_findGroupSubjectsImmediateOnly: " + e.getMessage();
1916 LOG.fatal(msg);
1917 throw new GrouperException(msg, e);
1918 }
1919 return subjs;
1920 }
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930 public static Set<Subject> internal_findStemSubjectsImmediateOnly(GrouperSession s,
1931 Stem stem, Field f) throws GrouperException {
1932 GrouperSession.validate(s);
1933 Set<Subject> subjs = new LinkedHashSet();
1934 try {
1935 PrivilegeHelper.dispatch(s, stem, s.getSubject(), f.getReadPriv());
1936 Iterator<Member> it = GrouperDAOFactory.getFactory().getMembership()
1937 .findAllMembersByStemOwnerAndFieldAndType(stem.getUuid(), f,
1938 MembershipType.IMMEDIATE.getTypeString(), null, true).iterator();
1939
1940 while (it.hasNext()) {
1941 try {
1942 subjs.add(new LazySubject(it.next()));
1943 } catch (GrouperException gre) {
1944 if (gre.getCause() instanceof MemberNotFoundException) {
1945 throw (MemberNotFoundException) gre.getCause();
1946 }
1947 if (gre.getCause() instanceof SubjectNotFoundException) {
1948 throw (SubjectNotFoundException) gre.getCause();
1949 }
1950 }
1951 }
1952 } catch (MemberNotFoundException eMNF) {
1953 String msg = "internal_findStemSubjectsImmediateOnly: " + eMNF.getMessage();
1954 LOG.fatal(msg);
1955 throw new GrouperException(msg, eMNF);
1956 } catch (SubjectNotFoundException eSNF) {
1957 String msg = "internal_findStemSubjectsImmediateOnly: " + eSNF.getMessage();
1958 LOG.fatal(msg);
1959 throw new GrouperException(msg, eSNF);
1960 } catch (InsufficientPrivilegeException e) {
1961 String msg = "internal_findStemSubjectsImmediateOnly: " + e.getMessage();
1962 LOG.fatal(msg);
1963 throw new GrouperException(msg, e);
1964 } catch (SchemaException e) {
1965 String msg = "internal_findStemSubjectsImmediateOnly: " + e.getMessage();
1966 LOG.fatal(msg);
1967 throw new GrouperException(msg, e);
1968 }
1969 return subjs;
1970 }
1971
1972
1973
1974 private static final Log LOG = GrouperUtil.getLog(MemberFinder.class);
1975
1976
1977
1978
1979
1980
1981
1982
1983 public static Set<Subject> internal_findSubjectsStemPriv(GrouperSession s, Stem stem, Field f) {
1984
1985
1986 GrouperSession.validate(s);
1987 Membership mbs;
1988 Set subjs = new LinkedHashSet();
1989 Iterator it = GrouperDAOFactory.getFactory().getMembership().findAllByStemOwnerAndField(stem.getUuid(), f, true).iterator();
1990 while (it.hasNext()) {
1991 mbs = (Membership) it.next();
1992 try {
1993 subjs.add ( new LazySubject(mbs) );
1994
1995
1996 }
1997 catch (Exception e) {
1998
1999
2000 LOG.error(E.MSF_FINDSUBJECTS + e.getMessage());
2001 }
2002 }
2003 return subjs;
2004 }
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014 public static Set<Member> internal_findMembersByType(GrouperSession s, Group g, Field f, String type) {
2015 GrouperSession.validate(s);
2016 Set members = new LinkedHashSet();
2017 Membership ms;
2018 Iterator it = internal_findAllByGroupOwnerAndFieldAndType(s, g, f, type).iterator();
2019 while (it.hasNext()) {
2020 ms = (Membership) it.next();
2021 try {
2022 members.add(ms.getMember());
2023 }
2024 catch (MemberNotFoundException eMNF) {
2025
2026 }
2027 }
2028 return members;
2029 }
2030
2031
2032
2033
2034 private QueryOptions queryOptionsForMember;
2035
2036
2037
2038
2039 private QueryOptions queryOptionsForMembership;
2040
2041
2042
2043
2044 private String scopeForMember;
2045
2046
2047
2048
2049
2050
2051 public MembershipFinder assignScopeForMember(String theFilterForMember) {
2052 this.scopeForMember = theFilterForMember;
2053 return this;
2054 }
2055
2056
2057
2058
2059 private boolean splitScopeForMember;
2060
2061
2062
2063
2064 private QueryOptions queryOptionsForGroup;
2065
2066
2067
2068
2069
2070
2071 public MembershipFinder assignQueryOptionsForGroup(QueryOptions theQueryOptionsForGroup) {
2072 this.queryOptionsForGroup = theQueryOptionsForGroup;
2073 return this;
2074 }
2075
2076
2077
2078
2079 private boolean splitScopeForGroup;
2080
2081
2082
2083
2084 private boolean hasMembershipTypeForGroup;
2085
2086
2087
2088
2089 private String scopeForGroup;
2090
2091
2092
2093
2094 private boolean hasFieldForStem;
2095
2096
2097
2098
2099
2100
2101 public MembershipFinder assignHasFieldForStem(boolean theHasFieldForStem) {
2102 this.hasFieldForStem = theHasFieldForStem;
2103 return this;
2104 }
2105
2106
2107
2108
2109 private boolean hasMembershipTypeForStem;
2110
2111
2112
2113
2114
2115 public MembershipFinder assignHasMembershipTypeForStem(boolean theHasMembershipTypeForStem) {
2116 this.hasMembershipTypeForStem = theHasMembershipTypeForStem;
2117 return this;
2118 }
2119
2120
2121
2122
2123 private QueryOptions queryOptionsForStem;
2124
2125
2126
2127
2128
2129
2130 public MembershipFinder assignQueryOptionsForStem(QueryOptions theQueryOptionsForStem) {
2131 this.queryOptionsForStem = theQueryOptionsForStem;
2132 return this;
2133 }
2134
2135
2136
2137
2138 private String scopeForStem;
2139
2140
2141
2142
2143
2144
2145 public MembershipFinder assignScopeForStem(String theScopeForStem) {
2146 this.scopeForStem = theScopeForStem;
2147 return this;
2148 }
2149
2150
2151
2152
2153 private boolean splitScopeForStem;
2154
2155
2156
2157
2158 private boolean hasFieldForAttributeDef;
2159
2160
2161
2162
2163
2164
2165 public MembershipFinder assignHasFieldForAttributeDef(boolean theHasFieldForAttributeDef) {
2166 this.hasFieldForAttributeDef = theHasFieldForAttributeDef;
2167 return this;
2168 }
2169
2170
2171
2172
2173 private boolean hasMembershipTypeForAttributeDef;
2174
2175
2176
2177
2178
2179
2180 public MembershipFinder assignHasMembershipTypeForAttributeDef(boolean theHasMembershipTypeForAttributeDef) {
2181 this.hasMembershipTypeForAttributeDef = theHasMembershipTypeForAttributeDef;
2182 return this;
2183 }
2184
2185
2186
2187
2188 private QueryOptions queryOptionsForAttributeDef;
2189
2190
2191
2192
2193
2194
2195 public MembershipFinder assignQueryOptionsForAttributeDef(QueryOptions theQueryOptionsForAttributeDef) {
2196 this.queryOptionsForAttributeDef = theQueryOptionsForAttributeDef;
2197 return this;
2198 }
2199
2200
2201
2202
2203 private String scopeForAttributeDef;
2204
2205
2206
2207
2208
2209
2210 public MembershipFinder assignScopeForAttributeDef(String theScopeForAttributeDef) {
2211 this.scopeForAttributeDef = theScopeForAttributeDef;
2212 return this;
2213 }
2214
2215
2216
2217
2218 private boolean splitScopeForAttributeDef;
2219
2220
2221
2222
2223
2224
2225 public MembershipFinder assignSplitScopeForAttributeDef(boolean theSplitScopeForAttributeDef) {
2226 this.splitScopeForAttributeDef = theSplitScopeForAttributeDef;
2227 return this;
2228 }
2229
2230
2231
2232
2233
2234
2235 public MembershipFinder assignSplitScopeForStem(boolean theSplitScopeForStem) {
2236 this.splitScopeForStem = theSplitScopeForStem;
2237 return this;
2238 }
2239
2240
2241
2242
2243
2244
2245 public MembershipFinder assignScopeForGroup(String theScopeForGroup) {
2246 this.scopeForGroup = theScopeForGroup;
2247 return this;
2248 }
2249
2250
2251
2252
2253
2254
2255 public MembershipFinder assignHasMembershipTypeForGroup(boolean theHasMembershipTypeForGroup) {
2256 this.hasMembershipTypeForGroup = theHasMembershipTypeForGroup;
2257 return this;
2258 }
2259
2260
2261
2262
2263
2264
2265 public MembershipFinder assignSplitScopeForGroup(boolean theSplitScopeForGroup) {
2266 this.splitScopeForGroup = theSplitScopeForGroup;
2267 return this;
2268 }
2269
2270
2271
2272
2273
2274
2275 public MembershipFinder assignSplitScopeForMember(boolean theSplitScopeForMember) {
2276 this.splitScopeForMember = theSplitScopeForMember;
2277 return this;
2278 }
2279
2280
2281
2282
2283
2284
2285 public MembershipFinder assignQueryOptionsForMember(QueryOptions theQueryOptions) {
2286 this.queryOptionsForMember = theQueryOptions;
2287 return this;
2288 }
2289
2290
2291
2292
2293
2294
2295 public MembershipFinder assignQueryOptionsForMembership(QueryOptions theQueryOptions) {
2296 this.queryOptionsForMembership = theQueryOptions;
2297 return this;
2298 }
2299
2300
2301
2302
2303
2304
2305 public MembershipFinder assignPrivilegesTheUserHas(Collection<Privilege> thePrivilegesTheUserHas) {
2306 this.privilegesTheUserHas = thePrivilegesTheUserHas;
2307 return this;
2308 }
2309
2310
2311
2312
2313
2314
2315 public MembershipFinder assignPrivilegesTheUserHasByName(Collection<String> thePrivilegeNamesOfPrivilegesTheUserHas) {
2316
2317 this.privilegesTheUserHas = GrouperUtil.nonNull(Privilege.convertNamesToPrivileges(thePrivilegeNamesOfPrivilegesTheUserHas));
2318
2319 return this;
2320 }
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330 public static Set<Membership> internal_findAllByCreatedAfter(GrouperSession s, Date d, Field f)
2331 throws QueryException
2332 {
2333
2334
2335
2336 Set mships = new LinkedHashSet();
2337 Membership ms;
2338 Iterator it = GrouperDAOFactory.getFactory().getMembership().findAllByCreatedAfter(d, f, true).iterator();
2339 while (it.hasNext()) {
2340 ms = (Membership) it.next();
2341 mships.add(ms);
2342 }
2343 return mships;
2344 }
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354 public static Set<Membership> internal_findAllByCreatedBefore(GrouperSession s, Date d, Field f)
2355 throws QueryException {
2356
2357
2358
2359 Set mships = new LinkedHashSet();
2360 Membership ms;
2361 Iterator it = GrouperDAOFactory.getFactory().getMembership().findAllByCreatedBefore(d, f, true).iterator();
2362 while (it.hasNext()) {
2363 ms = (Membership) it.next();
2364 mships.add(ms);
2365 }
2366 return mships;
2367 }
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377 public static Set<Membership> internal_findAllByGroupOwnerAndFieldAndType(GrouperSession s, Group groupOwner, Field f, String type) {
2378
2379
2380 GrouperSession.validate(s);
2381 return PrivilegeHelper.canViewMemberships(
2382 s, GrouperDAOFactory.getFactory().getMembership().findAllByGroupOwnerAndFieldAndType(groupOwner.getUuid(), f, type, true)
2383 );
2384 }
2385
2386
2387
2388
2389
2390
2391
2392
2393 public static Set<Membership> internal_findAllEffectiveByMemberAndField(
2394 GrouperSession s, Member m, Field f
2395 )
2396 {
2397
2398
2399 GrouperSession.validate(s);
2400 return PrivilegeHelper.canViewMemberships(
2401 s, GrouperDAOFactory.getFactory().getMembership().findAllEffectiveByMemberAndField(m.getUuid(), f, true)
2402 );
2403 }
2404
2405
2406
2407
2408
2409
2410
2411
2412 public static Set<Membership> internal_findAllImmediateByMemberAndField(GrouperSession s, Member m, Field f) {
2413 return internal_findAllImmediateByMemberAndField(s, m, f, true);
2414 }
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424 public static Set<Membership> internal_findAllImmediateByMemberAndField(GrouperSession s, Member m, Field f, boolean enabledOnly) {
2425
2426
2427 GrouperSession.validate(s);
2428 return PrivilegeHelper.canViewMemberships(
2429 s, GrouperDAOFactory.getFactory().getMembership().findAllImmediateByMemberAndField(m.getUuid(), f, enabledOnly)
2430 );
2431 }
2432
2433
2434
2435
2436
2437
2438
2439
2440 public static Set<Membership> internal_findAllNonImmediateByMemberAndField(GrouperSession s, Member m, Field f) {
2441
2442
2443 GrouperSession.validate(s);
2444 return PrivilegeHelper.canViewMemberships(
2445 s, GrouperDAOFactory.getFactory().getMembership().findAllNonImmediateByMemberAndField(m.getUuid(), f, true)
2446 );
2447 }
2448
2449
2450
2451
2452
2453
2454
2455
2456 public static Set<Membership> internal_findMemberships(GrouperSession s, Member m, Field f) {
2457
2458
2459 GrouperSession.validate(s);
2460 MembershipDAO dao = GrouperDAOFactory.getFactory().getMembership();
2461 return dao.findMembershipsByMemberAndFieldSecure(s, m.getUuid(), f, true);
2462 }
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475 public static Set<Membership> internal_findAllImmediateByGroupAndFieldAndPage(Group group,
2476 Field field, int start, int pageSize, int sortLimit, int[] numberOfRecords) throws SchemaException {
2477 Set<Membership> allChildren;
2478
2479 QueryOptionsl/dao/QueryOptions.html#QueryOptions">QueryOptions queryOptions = new QueryOptions().retrieveCount(true).retrieveResults(false);
2480 group.getImmediateMembers(field, queryOptions);
2481 int totalSize = queryOptions.getCount().intValue();
2482
2483 if (GrouperUtil.length(numberOfRecords) > 0) {
2484 numberOfRecords[0] = totalSize;
2485 }
2486
2487
2488 if (totalSize <= sortLimit) {
2489 allChildren = group.getImmediateMemberships(field);
2490 } else {
2491
2492
2493
2494
2495 QueryPagingnal/dao/QueryPaging.html#QueryPaging">QueryPaging queryPaging = new QueryPaging();
2496 queryPaging.setPageSize(pageSize);
2497 queryPaging.setFirstIndexOnPage(start);
2498
2499
2500 queryOptions = new QueryOptions().paging(queryPaging);
2501
2502 Set<Member> members = group.getImmediateMembers(field, queryOptions);
2503 allChildren = group.getImmediateMemberships(field, members);
2504 }
2505 return allChildren;
2506 }
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518 public static Set<Membership> internal_findAllCompositeByGroupAndPage(Group group,
2519 int start, int pageSize, int sortLimit, int[] numberOfRecords) throws SchemaException {
2520 Set<Membership> allChildren;
2521
2522 QueryOptionsl/dao/QueryOptions.html#QueryOptions">QueryOptions queryOptions = new QueryOptions().retrieveCount(true).retrieveResults(false);
2523 group.getCompositeMembers(queryOptions);
2524 int totalSize = queryOptions.getCount().intValue();
2525
2526 if (GrouperUtil.length(numberOfRecords) > 0) {
2527 numberOfRecords[0] = totalSize;
2528 }
2529
2530
2531 if (totalSize <= sortLimit) {
2532 allChildren = group.getCompositeMemberships();
2533 } else {
2534
2535
2536
2537
2538 QueryPagingnal/dao/QueryPaging.html#QueryPaging">QueryPaging queryPaging = new QueryPaging();
2539 queryPaging.setPageSize(pageSize);
2540 queryPaging.setFirstIndexOnPage(start);
2541
2542
2543 queryOptions = new QueryOptions().paging(queryPaging);
2544
2545 Set<Member> members = group.getCompositeMembers(queryOptions);
2546 allChildren = group.getCompositeMemberships(members);
2547 }
2548 return allChildren;
2549 }
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562 public static Set<Membership> internal_findAllEffectiveByGroupAndFieldAndPage(Group group,
2563 Field field, int start, int pageSize, int sortLimit, int[] numberOfRecords) throws SchemaException {
2564 Set<Membership> allChildren;
2565
2566 QueryOptionsl/dao/QueryOptions.html#QueryOptions">QueryOptions queryOptions = new QueryOptions().retrieveCount(true).retrieveResults(false);
2567 group.getEffectiveMembers(field, queryOptions);
2568 int totalSize = queryOptions.getCount().intValue();
2569
2570 if (GrouperUtil.length(numberOfRecords) > 0) {
2571 numberOfRecords[0] = totalSize;
2572 }
2573
2574
2575 if (totalSize <= sortLimit) {
2576 allChildren = group.getEffectiveMemberships(field);
2577 } else {
2578
2579
2580
2581
2582 QueryPagingnal/dao/QueryPaging.html#QueryPaging">QueryPaging queryPaging = new QueryPaging();
2583 queryPaging.setPageSize(pageSize);
2584 queryPaging.setFirstIndexOnPage(start);
2585
2586
2587 queryOptions = new QueryOptions().paging(queryPaging);
2588
2589 Set<Member> members = group.getEffectiveMembers(field, queryOptions);
2590 allChildren = group.getEffectiveMemberships(field, members);
2591 }
2592 return allChildren;
2593 }
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606 public static Set<Membership> internal_findAllByGroupAndFieldAndPage(Group group,
2607 Field field, int start, int pageSize, int sortLimit, int[] numberOfRecords) throws SchemaException {
2608 Set<Membership> allChildren;
2609
2610 QueryOptionsl/dao/QueryOptions.html#QueryOptions">QueryOptions queryOptions = new QueryOptions().retrieveCount(true).retrieveResults(false);
2611 group.getMembers(field, queryOptions);
2612 int totalSize = queryOptions.getCount().intValue();
2613
2614 if (GrouperUtil.length(numberOfRecords) > 0) {
2615 numberOfRecords[0] = totalSize;
2616 }
2617
2618
2619 if (totalSize <= sortLimit) {
2620 allChildren = group.getMemberships(field);
2621 } else {
2622
2623
2624
2625
2626 QueryPagingnal/dao/QueryPaging.html#QueryPaging">QueryPaging queryPaging = new QueryPaging();
2627 queryPaging.setPageSize(pageSize);
2628 queryPaging.setFirstIndexOnPage(start);
2629
2630
2631 queryOptions = new QueryOptions().paging(queryPaging);
2632
2633 Set<Member> members = group.getMembers(field, queryOptions);
2634 allChildren = group.getMemberships(field, members);
2635 }
2636 return allChildren;
2637 }
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647 public static Set<Subject> internal_findAttributeDefSubjects(GrouperSession s, AttributeDef attributeDef, Field f)
2648 throws GrouperException {
2649 GrouperSession.validate(s);
2650 Set subjs = new LinkedHashSet();
2651 Iterator it = null;
2652
2653
2654
2655
2656 try {
2657 while (it.hasNext()) {
2658
2659
2660
2661
2662
2663
2664 try {
2665 subjs.add ( new LazySubject((Membership) it.next()) );
2666 }catch(GrouperException gre) {
2667 if(gre.getCause() instanceof MemberNotFoundException) {
2668 throw (MemberNotFoundException) gre.getCause();
2669 }
2670 if(gre.getCause() instanceof SubjectNotFoundException) {
2671 throw (SubjectNotFoundException) gre.getCause();
2672 }
2673 }
2674 }
2675 }
2676 catch (MemberNotFoundException eMNF) {
2677 String msg = "internal_findSubjects: " + eMNF.getMessage();
2678 LOG.fatal(msg);
2679 throw new GrouperException(msg, eMNF);
2680 }
2681 catch (SubjectNotFoundException eSNF) {
2682 String msg = "internal_findSubjects: " + eSNF.getMessage();
2683 LOG.fatal(msg);
2684 throw new GrouperException(msg, eSNF);
2685 }
2686 return subjs;
2687 }
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697 public static Set<Subject> internal_findGroupSubjectsImmediateOnly(GrouperSession s,
2698 Group group, Field f) throws GrouperException {
2699 GrouperSession.validate(s);
2700 Set<Subject> subjs = new LinkedHashSet();
2701 try {
2702 PrivilegeHelper.dispatch(s, group, s.getSubject(), f.getReadPriv());
2703 Iterator<Member> it = GrouperDAOFactory.getFactory().getMembership()
2704 .findAllMembersByGroupOwnerAndFieldAndType(group.getUuid(), f,
2705 MembershipType.IMMEDIATE.getTypeString(), null, true).iterator();
2706
2707 while (it.hasNext()) {
2708 try {
2709 subjs.add(new LazySubject(it.next()));
2710 } catch (GrouperException gre) {
2711 if (gre.getCause() instanceof MemberNotFoundException) {
2712 throw (MemberNotFoundException) gre.getCause();
2713 }
2714 if (gre.getCause() instanceof SubjectNotFoundException) {
2715 throw (SubjectNotFoundException) gre.getCause();
2716 }
2717 }
2718 }
2719 } catch (MemberNotFoundException eMNF) {
2720 String msg = "internal_findGroupSubjectsImmediateOnly: " + eMNF.getMessage();
2721 LOG.fatal(msg);
2722 throw new GrouperException(msg, eMNF);
2723 } catch (SubjectNotFoundException eSNF) {
2724 String msg = "internal_findGroupSubjectsImmediateOnly: " + eSNF.getMessage();
2725 LOG.fatal(msg);
2726 throw new GrouperException(msg, eSNF);
2727 } catch (InsufficientPrivilegeException e) {
2728 String msg = "internal_findGroupSubjectsImmediateOnly: " + e.getMessage();
2729 LOG.fatal(msg);
2730 throw new GrouperException(msg, e);
2731 } catch (SchemaException e) {
2732 String msg = "internal_findGroupSubjectsImmediateOnly: " + e.getMessage();
2733 LOG.fatal(msg);
2734 throw new GrouperException(msg, e);
2735 }
2736 return subjs;
2737 }
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752 public static Membership findByUuid(GrouperSession grouperSession, String uuid, boolean exceptionIfNotFound, boolean enabledOnly)
2753 throws MembershipNotFoundException {
2754
2755 GrouperSession.validate(grouperSession);
2756 Membership membership = GrouperDAOFactory.getFactory().getMembership().findByUuid(uuid, exceptionIfNotFound, enabledOnly);
2757 if (membership == null) {
2758 if(exceptionIfNotFound) {
2759 throw new MembershipNotFoundException("Not allowed to view membership: " + uuid);
2760 }
2761 return null;
2762 }
2763 if ( PrivilegeHelper.canViewMembership( grouperSession.internal_getRootSession(), membership ) ) {
2764 return membership;
2765 }
2766 return null;
2767 }
2768
2769
2770
2771
2772
2773
2774
2775 public static Set<MembershipSubjectContainer> findAllImmediateMemberhipSubjectContainers(GrouperSession grouperSession, Subject subject) {
2776
2777 Set<MembershipSubjectContainer> result = new HashSet<MembershipSubjectContainer>();
2778 GrouperSession.validate(grouperSession);
2779
2780 for (FieldTypeieldType.html#FieldType">FieldType fieldType : new FieldType[] {FieldType.LIST, FieldType.ACCESS, FieldType.NAMING, FieldType.ATTRIBUTE_DEF}) {
2781 MembershipResult membershipResult = new MembershipFinder().addSubject(subject)
2782 .assignFieldType(fieldType)
2783 .assignMembershipType(MembershipType.IMMEDIATE).findMembershipResult();
2784 result.addAll(membershipResult.getMembershipSubjectContainers());
2785 }
2786
2787 return result;
2788 }
2789 }
2790