public class AssignReadonlyAdminPrivilegeVetoMembershipHook extends MembershipHooks
assign READ to an admins group based on attribute assignment to a parent folder configure in grouper.properties: hooks.group.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeGroupHook hooks.membership.class=edu.internet2.middleware.grouper.hooks.examples.AssignReadonlyAdminPrivilegeVetoMembershipHook grouper.readonlyAdminEnforced.attributeDefName = a:b:c:reaodnlyAdmin grouper.readonlyAdminEnforced.groupName = c:d:readonlyAdmins setup objects in GSH: grouperSession = GrouperSession.startRootSession(); String attributeFolderName = "a:b:c"; attributeDef = new AttributeDefSave(grouperSession).assignName(attributeFolderName + ":readonlyAdminDef").assignToStem(true).assignAttributeDefType(AttributeDefType.attr).assignCreateParentStemsIfNotExist(true).assignValueType(AttributeDefValueType.marker).save(); attributeDef.getAttributeDefActionDelegate().configureActionList("assign"); attributeDefName = new AttributeDefNameSave(grouperSession, attributeDef).assignName(attributeFolderName + ":readonlyAdmin").assignCreateParentStemsIfNotExist(true).save(); groupAdmin = new GroupSave(grouperSession).assignName("c:d:readonlyAdmins").assignCreateParentStemsIfNotExist(true).save(); make a group to test: stem = new StemSave(grouperSession).assignName("l:m").assignCreateParentStemsIfNotExist(true).save(); stem.getAttributeDelegate().assignAttribute(attributeDefName); groupSub = new GroupSave(grouperSession).assignName("l:m:n:o").assignCreateParentStemsIfNotExist(true).save(); groupNotSub = new GroupSave(grouperSession).assignName("l:p").assignCreateParentStemsIfNotExist(true).save();
METHOD_MEMBERSHIP_POST_ADD_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_ADD_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_DELETE, METHOD_MEMBERSHIP_POST_COMMIT_INSERT, METHOD_MEMBERSHIP_POST_COMMIT_REMOVE_MEMBER, METHOD_MEMBERSHIP_POST_COMMIT_UPDATE, METHOD_MEMBERSHIP_POST_DELETE, METHOD_MEMBERSHIP_POST_INSERT, METHOD_MEMBERSHIP_POST_REMOVE_MEMBER, METHOD_MEMBERSHIP_POST_UPDATE, METHOD_MEMBERSHIP_PRE_ADD_MEMBER, METHOD_MEMBERSHIP_PRE_DELETE, METHOD_MEMBERSHIP_PRE_INSERT, METHOD_MEMBERSHIP_PRE_REMOVE_MEMBER, METHOD_MEMBERSHIP_PRE_UPDATE
Constructor and Description |
---|
AssignReadonlyAdminPrivilegeVetoMembershipHook() |
Modifier and Type | Method and Description |
---|---|
void |
membershipPreRemoveMember(HooksContext hooksContext,
HooksMembershipChangeBean preDeleteMemberBean)
called right before a membership delete (high level, not the side effects)
|
membershipPostAddMember, membershipPostCommitAddMember, membershipPostCommitDelete, membershipPostCommitInsert, membershipPostCommitRemoveMember, membershipPostCommitUpdate, membershipPostDelete, membershipPostInsert, membershipPostRemoveMember, membershipPostUpdate, membershipPreAddMember, membershipPreDelete, membershipPreInsert, membershipPreUpdate
public AssignReadonlyAdminPrivilegeVetoMembershipHook()
public void membershipPreRemoveMember(HooksContext hooksContext, HooksMembershipChangeBean preDeleteMemberBean)
MembershipHooks
Copyright © 2016 Internet2. All rights reserved.