|
Liferay 6.2-ce-ga5 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SiteMembershipPolicy
Provides the Site Membership Policy interface, allowing customization of user membership regarding sites and site roles.
Site Membership Policies define the sites a user is allowed to be a member of, the sites the user must be a member of, the site roles the user is allowed to be assigned, and the site roles the user must be assigned.
An implementation may include any number of rules and actions to enforce those rules. The implementation may include rules and actions like the following:
Liferay's core services invoke checkMembership(long[], long[],
long[])
to detect policy violations before adding the users to and removing
the users from the sites. On passing the check, the service proceeds with the
changes and propagates appropriate related actions in the portal by invoking
propagateMembership(long[], long[], long[])
. On failing the check,
the service foregoes making the changes. For example, Liferay executes this
logic when adding and updating sites, adding and removing users with respect
to sites, and adding and removing site roles with respect to users.
Liferay's UI calls the "is*" methods, such as isMembershipAllowed(long, long)
, to determine appropriate options to
display to the user. For example, the UI calls isMembershipAllowed(long, long)
to decide whether to display the "Join"
link to the user.
Liferay's core services call isMembershipProtected(PermissionChecker,
long, long)
and isRoleProtected(PermissionChecker, long, long,
long)
to protect user site memberships and site role assignments,
appropriately.
Method Summary | |
---|---|
void |
checkMembership(long[] userIds,
long[] addGroupIds,
long[] removeGroupIds)
Checks if the users can be added to and removed from the respective sites. |
void |
checkRoles(List<UserGroupRole> addUserGroupRoles,
List<UserGroupRole> removeUserGroupRoles)
Checks if the site roles can be added to or removed from their users. |
boolean |
isMembershipAllowed(long userId,
long groupId)
Returns true if the user can be added to the site. |
boolean |
isMembershipProtected(PermissionChecker permissionChecker,
long userId,
long groupId)
Returns true if the policy prevents the user from being
removed from the site by the user associated with the permission checker. |
boolean |
isMembershipRequired(long userId,
long groupId)
Returns true if site membership for the user is mandatory. |
boolean |
isRoleAllowed(long userId,
long groupId,
long roleId)
Returns true if the role can be added to the user on the
site. |
boolean |
isRoleProtected(PermissionChecker permissionChecker,
long userId,
long groupId,
long roleId)
Returns true if the policy prevents the user from being
removed from the role by the user associated with the permission checker. |
boolean |
isRoleRequired(long userId,
long groupId,
long roleId)
Returns true if the role is mandatory for the user on the
site. |
void |
propagateMembership(long[] userIds,
long[] addGroupIds,
long[] removeGroupIds)
Performs membership policy related actions after the users are added to and removed from the respective sites. |
void |
propagateRoles(List<UserGroupRole> addUserGroupRoles,
List<UserGroupRole> removeUserGroupRoles)
Performs membership policy related actions after the respective site roles are added to and removed from the affected users. |
void |
verifyPolicy()
Checks the integrity of the membership policy of each of the portal's sites and performs operations necessary for the compliance of each site and site role. |
void |
verifyPolicy(Group group)
Checks the integrity of the membership policy of the site and performs operations necessary for the site's compliance. |
void |
verifyPolicy(Group group,
Group oldGroup,
List<AssetCategory> oldAssetCategories,
List<AssetTag> oldAssetTags,
Map<String,Serializable> oldExpandoAttributes,
UnicodeProperties oldTypeSettingsProperties)
Checks the integrity of the membership policy of the site, with respect to the site's new attribute values, categories, tags, expando attributes, and type settings properties, and performs operations necessary for the compliance of the site and its site roles. |
void |
verifyPolicy(Role role)
Checks the integrity of the membership policy of the site role and performs operations necessary for the role's compliance. |
void |
verifyPolicy(Role role,
Role oldRole,
Map<String,Serializable> oldExpandoAttributes)
Checks the integrity of the membership policy of the site role, with respect to its expando attributes, and performs operations necessary for the role's compliance. |
Method Detail |
---|
void checkMembership(long[] userIds, long[] addGroupIds, long[] removeGroupIds) throws PortalException, SystemException
Liferay's core services call this method before adding the users to and removing the users from the respective sites. If this method throws an exception, the service foregoes making the changes.
userIds
- the primary keys of the users to be added and removed
from the sitesaddGroupIds
- the primary keys of the sites to which the users are
to be added (optionally null
)removeGroupIds
- the primary keys of the sites from which the users
are to be removed (optionally null
)
PortalException
- if any one user could not be added to a site, if
any one user could not be removed from a site, or if a portal
exception occurred
SystemException
- if a system exception occurredvoid checkRoles(List<UserGroupRole> addUserGroupRoles, List<UserGroupRole> removeUserGroupRoles) throws PortalException, SystemException
Liferay's core services call this method before adding the users to and removing the users from the respective site roles. If this method throws an exception, the service foregoes making the changes.
addUserGroupRoles
- the user group roles to be addedremoveUserGroupRoles
- the user group roles to be removed
PortalException
- if any one user group role violated the policy or
if a portal exception occurred
SystemException
- if a system exception occurredboolean isMembershipAllowed(long userId, long groupId) throws PortalException, SystemException
true
if the user can be added to the site. Liferay's
UI calls this method.
userId
- the primary key of the usergroupId
- the primary key of the site
true
if the user can be added to the site;
false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredboolean isMembershipProtected(PermissionChecker permissionChecker, long userId, long groupId) throws PortalException, SystemException
true
if the policy prevents the user from being
removed from the site by the user associated with the permission checker.
permissionChecker
- the permission checker referencing a useruserId
- the primary key of the user to check for protectiongroupId
- the primary key of the site
true
if the policy prevents the user from being
removed from the site by the user associated with the permission
checker; false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredboolean isMembershipRequired(long userId, long groupId) throws PortalException, SystemException
true
if site membership for the user is mandatory.
Liferay's UI, for example, calls this method in deciding whether to
display the option to leave the site.
userId
- the primary key of the usergroupId
- the primary key of the site
true
if site membership for the user is mandatory;
false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredboolean isRoleAllowed(long userId, long groupId, long roleId) throws PortalException, SystemException
true
if the role can be added to the user on the
site. Liferay's UI calls this method.
userId
- the primary key of the usergroupId
- the primary key of the siteroleId
- the primary key of the role
true
if the role can be added to the user on the
site; false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredboolean isRoleProtected(PermissionChecker permissionChecker, long userId, long groupId, long roleId) throws PortalException, SystemException
true
if the policy prevents the user from being
removed from the role by the user associated with the permission checker.
permissionChecker
- the permission checker referencing a useruserId
- the primary key of the user to check for protectiongroupId
- the primary key of the siteroleId
- the primary key of the role
true
if the policy prevents the user from being
removed from the role by the user associated with the permission
checker; false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredboolean isRoleRequired(long userId, long groupId, long roleId) throws PortalException, SystemException
true
if the role is mandatory for the user on the
site. Liferay's UI calls this method.
userId
- the primary key of the usergroupId
- the primary key of the siteroleId
- the primary key of the role
true
if the role is mandatory for the user on the
site; false
otherwise
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid propagateMembership(long[] userIds, long[] addGroupIds, long[] removeGroupIds) throws PortalException, SystemException
The actions must ensure the integrity of each site's membership policy. For example, some actions for implementations to consider performing are:
userIds
- the primary key of the users that have been added or
removedaddGroupIds
- the primary keys of the sites to which the users were
added (optionally null
)removeGroupIds
- the primary keys of the sites from which the users
were removed (optionally null
)
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid propagateRoles(List<UserGroupRole> addUserGroupRoles, List<UserGroupRole> removeUserGroupRoles) throws PortalException, SystemException
The actions must ensure the membership policy of each site role. For example, some actions for implementations to consider performing are:
addUserGroupRoles
- the user group roles addedremoveUserGroupRoles
- the user group roles removed
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid verifyPolicy() throws PortalException, SystemException
membership.policy.auto.verify
portal property
is true
this method is triggered when starting Liferay and
every time a membership policy hook is deployed.
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid verifyPolicy(Group group) throws PortalException, SystemException
group
- the site to verify
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid verifyPolicy(Group group, Group oldGroup, List<AssetCategory> oldAssetCategories, List<AssetTag> oldAssetTags, Map<String,Serializable> oldExpandoAttributes, UnicodeProperties oldTypeSettingsProperties) throws PortalException, SystemException
The actions must ensure the integrity of the site's membership policy based on what has changed in the site's attribute values, categories, tags, expando attributes, and type settings properties.
For example, if the membership policy is that sites with the "admnistrator" tag should only allow administrators as users, then this method could enforce that policy using the following logic:
assetTagLocalService.getTags(Group.class.getName(),
group.getGroupId());
.
group
- the added or updated site to verifyoldGroup
- the old siteoldAssetCategories
- the old categoriesoldAssetTags
- the old tagsoldExpandoAttributes
- the old expando attributesoldTypeSettingsProperties
- the old type settings properties
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid verifyPolicy(Role role) throws PortalException, SystemException
role
- the role to verify
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurredvoid verifyPolicy(Role role, Role oldRole, Map<String,Serializable> oldExpandoAttributes) throws PortalException, SystemException
role
- the added or updated role to verifyoldRole
- the old roleoldExpandoAttributes
- the old expando attributes
PortalException
- if a portal exception occurred
SystemException
- if a system exception occurred
|
Liferay 6.2-ce-ga5 | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |