[commits] [Wiki] changed: HordeGroupAPI

Ben Klang ben at alkaloid.net
Sun Jan 30 01:14:36 UTC 2011 

bklang  Sat, 29 Jan 2011 20:14:35 -0500

Modified page: http://wiki.horde.org/HordeGroupAPI
New Revision:  1.9
Change log:  New proposed group structure (work in progress)

@@ -9,99 +9,74 @@
  ++ Abstract

  In its simplest terms a group consists of an ID and a Name.  The ID  
is unique to that group and is unchanging.  The name is a  
human-friendly name that can be changed as desired.  The source and/or  
format of the group ID should not be of concern to the application  
using it, and should always be obtained/modified/stored through the  
group API calls.  The group ID is the **only** acceptable method as to  
refer to a group, as it is guaranteed to be unique (uniqueness being  
the job of the driver).  The group name is strictly for interface use.

-A group can also have a parent and multiple children.  All references  
to parents and children are to be made through API calls.  Again, it  
is of no concern to the application //how// these relationships are  
maintained, but only that they exist and are free to be used.
+++ Functional Changes
+Horde 4 will deviate from Horde 3 in these key ways:

-For Horde4, we will move away from the object-oriented method of  
managing groups in favor of a Horde_Groups class which will act as a  
group manager.  This should alleviate some of the confusion between  
the different drivers, and eliminate some of the OO overhead.
-
-Also for Horde4, the way we handle saving groups to the backend will  
change.  Instead of keeping track of the changes and committing them  
to storage when updateGroup() is called, all changes should be stored  
on the fly.  There is a bit of a performance hit for this, but it  
simplifies the API, and group modifications are rare enough and  
deliberate enough that this should not be an issue.
-
-++ Open Questions
-
-+++ Flatten Group Structure?
-
-Today the Group subsystem allows for nested groups like this:
-
-
-  !ParentA
-   -> Child1
-   -> Child2
-  !ParentB
-   -> Child3
-   -> Child4
-
-This structure can be seen in Horde's administration screens.
-
-However what is not clear is how those groups relate.  This brings up  
difficult-to-answer questions like:
-* Is a member of the group Child1 automatically a member of ParentA?
-* If permissions are granted to ParentA, do they automatically apply  
to Child1 and Child2?
-
-If you answer "yes" to both questions above then an Administrator  
does not have a convenient way to view all of the group memberships or  
security settings in effect for a given user.  It also complicates  
things like sending notification messages to a group (like in the  
ticketing system or the wiki) because there is no immediate way to  
view all of the users in the group.  The more recursion we allow, the  
more abstract this becomes and the harder to manage.
+* The groups collection will be flat.  Groups cannot be created as  
children of existing groups.

+* Groups can belong to other groups.  In this way complex collections  
of users can be expressed without duplication.
  ----

  ++ Standards

  In order to help keep concepts straight, the following standards  
should be used

  * **$gid** -- Group ID
  * **$group** -- Group Object
+* **$grp_drv** -- Group backend driver
  * **$name** -- Group Name
  * **$parent** -- ID of Group's Parent

  ----

-++ Group:: (Horde_Groups:: for Horde4)
+++ Horde_Group_Backend
+This is the class that does the work of reading from/saving to the  
group storage backend.

-+++ addGroup(@@--- $group +++ $name, $parent@@)
++++ create($name)

-Adds a group to the groups system. @@--- The group must first be created with
-Group::newGroup(), and have any initial users added to it, before this
-function is called. @@
+Creates a new group and returns a new Horde_Group object.

  * Add handlers for $name and $parent parameters from newGroup()

-+++ renameGroup(@@--- $group +++ $gid@@, $newName)
++++ renameGroup($gid, $newName)

-Changes the name of a group without changing its contents or where it
-is in the groups hierarchy.
+Changes the name of a group without affecting its membership list

-+++ removeGroup(@@--- $group +++ $gid@@ @@---, $force = false@@)
++++ removeGroup($gid)

  Removes a group from the groups system permanently.

-+++ getGroupName($gid)
++++ getByName($name)

-Retrieves the name of a group.
+Returns a Horde_Group object based on $name

-+++ getGUID(@@--- $group +++ $gid@@)
+If the name does not match exactly 1 group (too few or too many) it  
will raise Horde_Group_Exception with an appropriate error message

-Returns a globally unique ID for a group.
++++ getById($gid)

-+++ exists(@@--- $group +++ $gid@@)
+Returns Horde_Group object based on the $gid.

-Check if a group exists in the system.
++++ exists($gid)

-+++ getGroupParent($gid@@+++, $deep = false@@)
+Boolean: Check if a group exists in the system.

-Returns the single parent ID @@+++ or a list of parent IDs@@ of the  
given group.
++++ listGroups()

-* Add support to take over getGroupParentList()
+Returns an array of all groups, in the format gid => name.

-+++ listGroups($refresh = false)
++++ listUsers($gid, $recurse = false)

-Returns a list of all groups, in the format gid => name.
+Get a list of every user that is a part of this group ONLY.

-+++ listUsers($gid@@+++, @all = false@@)
-
-Get a list of every user that is a part of this group ONLY.
+If $recurse is true then also check member groups' user list.

  * Add support to take over listAllUsers()

  +++ getGroupMembership($user, $parentGroups = false)

-Get a list of every group that $user is in.
+Returns an array of Horde_Group objects representing the user's membership

  +++ userIsInGroup($user, $gid, $subgroups = true)

  Say if a user is a member of a group or not.

More information about the commits mailing list