Interface GroupAdministrationPermissionService
@ExperimentalApi
public interface GroupAdministrationPermissionService
Allows clients to check group permissions of users
- Since:
- 3.3.0
-
Method Summary
Modifier and TypeMethodDescriptiongetAdministeredGroups(User user, AdministeredGroupsQuery query) Looks for groups a user administersLooks for groups that currently logged in user administersgetDirectGroupLevelAdminGroups(boolean considerOnlyTargetGroupsWithApplications) getDirectGroupLevelAdminUsers(boolean considerOnlyTargetGroupsWithApplications) booleanisCurrentUserAdminOfGroup(Group group) Check if a current logged in user is an administrator of a groupbooleanisUserAdminOfGroup(User user, Group group) Check if a user is an administrator of a groupbooleanisUserGroupLevelAdmin(User user)
-
Method Details
-
getAdministeredGroupsForCurrentUser
List<UserGroupAdministrationMapping> getAdministeredGroupsForCurrentUser(@Nonnull AdministeredGroupsQuery query) throws OperationFailedException, FeatureInaccessibleException Looks for groups that currently logged in user administers- Parameters:
query- the criteria that the returned groups must meet or null for all groups- Returns:
- a set of mappings containing all groups currently logged in user administers
- Throws:
IllegalStateException- if user associated with the current session, no more exists in the directoryOperationFailedExceptionFeatureInaccessibleException
-
getAdministeredGroups
List<UserGroupAdministrationMapping> getAdministeredGroups(User user, @Nonnull AdministeredGroupsQuery query) throws OperationFailedException, FeatureInaccessibleException Looks for groups a user administers- Parameters:
user- the userquery- the criteria that the returned groups must meet or null for all groups- Returns:
- a set of mappings containing all groups user can administer
- Throws:
IllegalStateException- if the supplied user doesn't existsOperationFailedExceptionFeatureInaccessibleException
-
isUserGroupLevelAdmin
- Parameters:
user- the user- Returns:
- true if the specified user administers at least one group, either through a directly assigned grant or through memberships
- Throws:
OperationFailedException
-
isCurrentUserAdminOfGroup
boolean isCurrentUserAdminOfGroup(Group group) throws GroupNotFoundException, UserNotFoundException, DirectoryNotFoundException, OperationFailedException, FeatureInaccessibleException Check if a current logged in user is an administrator of a group- Parameters:
group- the group- Returns:
trueif the user is an administrator of the group,falseotherwise- Throws:
GroupNotFoundExceptionUserNotFoundExceptionDirectoryNotFoundExceptionOperationFailedExceptionFeatureInaccessibleException
-
isUserAdminOfGroup
boolean isUserAdminOfGroup(User user, Group group) throws GroupNotFoundException, UserNotFoundException, DirectoryNotFoundException, OperationFailedException, FeatureInaccessibleException Check if a user is an administrator of a group- Parameters:
user- the usergroup- the group- Returns:
trueif the user is an administrator of the group,falseotherwise- Throws:
GroupNotFoundExceptionUserNotFoundExceptionDirectoryNotFoundExceptionOperationFailedExceptionFeatureInaccessibleException
-
getDirectGroupLevelAdminUsers
- Parameters:
considerOnlyTargetGroupsWithApplications- whether only groups with mapped application should be taken into account- Returns:
- set of users with direct grants to manage any group
-
getDirectGroupLevelAdminGroups
- Parameters:
considerOnlyTargetGroupsWithApplications- whether only groups with mapped application should be taken into account- Returns:
- set of groups with direct grants to manage any group
-