Class AssignReadonlyAdminPrivilegeVetoMembershipHook
java.lang.Object
edu.internet2.middleware.grouper.hooks.MembershipHooks
edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeVetoMembershipHook
assign READ to an admins group based on attribute assignment to a parent folder
configure in grouper.properties:
hooks.group.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeGroupHook
hooks.membership.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeVetoMembershipHook
grouper.readonlyAdminEnforced.attributeDefName = a:b:c:reaodnlyAdmin
grouper.readonlyAdminEnforced.groupName = c:d:readonlyAdmins
setup objects in GSH:
grouperSession = GrouperSession.startRootSession();
String attributeFolderName = "a:b:c";
attributeDef = new AttributeDefSave(grouperSession).assignName(attributeFolderName + ":readonlyAdminDef").assignToStem(true).assignAttributeDefType(AttributeDefType.attr).assignCreateParentStemsIfNotExist(true).assignValueType(AttributeDefValueType.marker).save();
attributeDef.getAttributeDefActionDelegate().configureActionList("assign");
attributeDefName = new AttributeDefNameSave(grouperSession, attributeDef).assignName(attributeFolderName + ":readonlyAdmin").assignCreateParentStemsIfNotExist(true).save();
groupAdmin = new GroupSave(grouperSession).assignName("c:d:readonlyAdmins").assignCreateParentStemsIfNotExist(true).save();
make a group to test:
stem = new StemSave(grouperSession).assignName("l:m").assignCreateParentStemsIfNotExist(true).save();
stem.getAttributeDelegate().assignAttribute(attributeDefName);
groupSub = new GroupSave(grouperSession).assignName("l:m:n:o").assignCreateParentStemsIfNotExist(true).save();
groupNotSub = new GroupSave(grouperSession).assignName("l:p").assignCreateParentStemsIfNotExist(true).save();
-
Field Summary
Fields inherited from class edu.internet2.middleware.grouper.hooks.MembershipHooks
METHOD_MEMBERSHIP_POST_ADD_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_ADD_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_DELETE, METHOD_MEMBERSHIP_POST_COMMIT_INSERT, METHOD_MEMBERSHIP_POST_COMMIT_REMOVE_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_UPDATE, METHOD_MEMBERSHIP_POST_DELETE, METHOD_MEMBERSHIP_POST_INSERT, METHOD_MEMBERSHIP_POST_REMOVE_MEMBER, METHOD_MEMBERSHIP_POST_UPDATE, METHOD_MEMBERSHIP_PRE_ADD_MEMBER, METHOD_MEMBERSHIP_PRE_DELETE, METHOD_MEMBERSHIP_PRE_INSERT, METHOD_MEMBERSHIP_PRE_REMOVE_MEMBER, METHOD_MEMBERSHIP_PRE_UPDATE -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoidmembershipPreRemoveMember(HooksContext hooksContext, HooksMembershipChangeBean preDeleteMemberBean) called right before a membership delete (high level, not the side effects)Methods inherited from class edu.internet2.middleware.grouper.hooks.MembershipHooks
membershipPostAddMember, membershipPostCommitAddMember, membershipPostCommitDelete, membershipPostCommitInsert, membershipPostCommitRemoveMember, membershipPostCommitUpdate, membershipPostDelete, membershipPostInsert, membershipPostRemoveMember, membershipPostUpdate, membershipPreAddMember, membershipPreDelete, membershipPreInsert, membershipPreUpdate
-
Constructor Details
-
AssignReadonlyAdminPrivilegeVetoMembershipHook
public AssignReadonlyAdminPrivilegeVetoMembershipHook()
-
-
Method Details
-
membershipPreRemoveMember
public void membershipPreRemoveMember(HooksContext hooksContext, HooksMembershipChangeBean preDeleteMemberBean) Description copied from class:MembershipHookscalled right before a membership delete (high level, not the side effects)
-