Skip to content
Permalink
Browse files

Merge pull request #1088 from stephenc/master

[FIXED JENKINS-21371] Enhance SecurityRealm API to support queries of the group membership
  • Loading branch information
stephenc committed Jan 14, 2014
2 parents b01ad4d + ec12c07 commit 4ace130e3b9c4145cc639eb07032d6cc0a0ea84d
@@ -25,6 +25,8 @@

import org.acegisecurity.userdetails.UserDetails;

import java.util.Set;

/**
* Represents the details of a group.
*
@@ -51,4 +53,21 @@
public String getDisplayName() {
return getName();
}

/**
* Returns the members of the group, or {@code null} if the members were not retrieved. The results of this method
* are not live, they represent the membership at the time the {@link GroupDetails} was instantiated. As fetching
* the membership of a group can be an expensive operation, it is preferential to use the
* {@link SecurityRealm#loadGroupByGroupname(String, boolean)} method to retrieve {@link GroupDetails} in those
* cases where you want to try and retrieve the members of the group, though even that method does not guarantee
* to retrieve the members of a group as the backing {@link SecurityRealm} implementation may not support such
* a query.
*
* @return the members of the group at the point in time when the {@link GroupDetails} were retrieved, or
* {@code null} if the members were not retrieved.
* @since 1.549
*/
public Set<String> getMembers() {
return null;
}
}
@@ -317,6 +317,28 @@ public GroupDetails loadGroupByGroupname(String groupname) throws UsernameNotFou
throw new UserMayOrMayNotExistException(groupname);
}

/**
* If this {@link SecurityRealm} supports a look up of {@link GroupDetails} by their names, override this method
* to provide the look up.
* <p/>
* <p/>
* This information, when available, can be used by {@link AuthorizationStrategy}s to improve the UI and
* error diagnostics for the user.
*
* @param groupname the name of the group to fetch
* @param fetchMembers if {@code true} then try and fetch the members of the group if it exists. Trying does not
* imply that the members will be fetched and {@link hudson.security.GroupDetails#getMembers()}
* may still return {@code null}
* @throws UserMayOrMayNotExistException if no conclusive result could be determined regarding the group existance.
* @throws UsernameNotFoundException if the group does not exist.
* @throws DataAccessException if the backing security realm could not be connected to.
* @since 1.549
*/
public GroupDetails loadGroupByGroupname(String groupname, boolean fetchMembers)
throws UsernameNotFoundException, DataAccessException {
return loadGroupByGroupname(groupname);
}

/**
* Starts the user registration process for a new user that has the given verified identity.
*

0 comments on commit 4ace130

Please sign in to comment.
You can’t perform that action at this time.