edu.internet2.middleware.grouper.ui
Interface UIGroupPrivilegeResolver

All Known Implementing Classes:
DefaultUIGroupPrivilegeResolver

public interface UIGroupPrivilegeResolver

Interface which provides ability to override the default privilege model for Groups in the UI i.e. if a group has been 'loaded' it should probably be maintained by the loader rather than a user - even GrouperSystem/wheel group members. see https://bugs.internet2.edu/jira/browse/GRP-72

Version:
$Id: UIGroupPrivilegeResolver.java,v 1.3 2008-04-17 20:48:07 isgwb Exp $
Author:
Gary Brown.

Method Summary
 Map asMap()
          Convenience method to provide all possible 'answers' in a Map - which is strightforward for JSP/JSTL to 'query'.
 boolean canEditGroup()
          Is the subject allowed to edit core attributes or delete the group?
 boolean canInviteExternalPeople()
          if allowed to invite external people to this group
 boolean canManageAnyCustomField()
          Can the subject change at least one custom attribute?
 boolean canManageField(String field)
          Can the subject modify the given field?
 boolean canManageMembers()
          Can the subject update the membership?
 boolean canManagePrivileges()
          Is the subject allowed to grant / revoke privileges?
 boolean canOptinGroup()
          Is the subject allowed to optin to the group?
 boolean canOptoutGroup()
          Is the subject allowed to optout of the group?
 boolean canReadField(String field)
          Can the subject read the given field?
 boolean canReadGroup()
          Is the subject allowed to view the membership?
 boolean canViewGroup()
          Is the subject allowed to view the group?
 void init()
          Called by the factory after group, subject and GrouperSession are set to allow any initialisation
 void setGroup(Group g)
          Can only be called once, by the factory, to set the group for which we are resolving privileges
 void setGrouperSession(GrouperSession s)
          Can only be called once, by the factory, to set the GrouperSession
 void setSubject(Subject subj)
          Can only be called once, by the factory, to set the subject for who we are resolving privileges
 

Method Detail

setGroup

void setGroup(Group g)
Can only be called once, by the factory, to set the group for which we are resolving privileges

Parameters:
g -

setSubject

void setSubject(Subject subj)
Can only be called once, by the factory, to set the subject for who we are resolving privileges

Parameters:
subj -

setGrouperSession

void setGrouperSession(GrouperSession s)
Can only be called once, by the factory, to set the GrouperSession

Parameters:
s -

canManagePrivileges

boolean canManagePrivileges()
Is the subject allowed to grant / revoke privileges?

Returns:
whether the Subject can manage privileges

canInviteExternalPeople

boolean canInviteExternalPeople()
if allowed to invite external people to this group

Returns:
true if allowed to invite external people

canEditGroup

boolean canEditGroup()
Is the subject allowed to edit core attributes or delete the group?

Returns:
if the Subject can edit group

canViewGroup

boolean canViewGroup()
Is the subject allowed to view the group?

Returns:
whether the Subject can view the group

canReadGroup

boolean canReadGroup()
Is the subject allowed to view the membership?

Returns:
whether the Subject can read the group

canOptinGroup

boolean canOptinGroup()
Is the subject allowed to optin to the group?

Returns:
whether the Subject can optin to the group

canOptoutGroup

boolean canOptoutGroup()
Is the subject allowed to optout of the group?

Returns:
whether the Subject can opt out of the group

canManageField

boolean canManageField(String field)
Can the subject modify the given field?

Parameters:
field -
Returns:
whether the Subject can manage teh given field

canReadField

boolean canReadField(String field)
Can the subject read the given field?

Parameters:
field -
Returns:
whether the Subject can read th egiven field

canManageAnyCustomField

boolean canManageAnyCustomField()
Can the subject change at least one custom attribute?

Returns:
if there are any custom attributes that the Subject can manage

canManageMembers

boolean canManageMembers()
Can the subject update the membership?

Returns:
if the Subject can manage members

asMap

Map asMap()
Convenience method to provide all possible 'answers' in a Map - which is strightforward for JSP/JSTL to 'query'. Keys are method names. canReadField and canWriteField use nested Maps. In JSTL ${groupPrivilegeResolver.canReadField['field']}

Returns:
all privilege resolutions

init

void init()
Called by the factory after group, subject and GrouperSession are set to allow any initialisation