Access rights and permissions are assigned to a grantee, which can be a user or a group. Access rights can be assigned to a group regardless of whether the group has any members. Users can be added to the group later. When a user is added to a group, the user automatically gains the access rights assigned to the group to which it belongs. A group can also have subgroups.
Security on objects, such as folders and documents, can pertain to particular groups. These groups, and the users and subgroups that make up the group's membership, are defined and created using tools provided by your directory service product (for example, Windows Active Directory, Novell eDirectory, or Sun Java System Directory Server). Creating user accounts and the groups to which they belong are administrative tasks (typically performed by a system administrator) that are outside the scope of the Content Engine API.
You cannot create a new
object, but you can instantiate one that has been persisted in your directory service by:
- Calling
orGetInstance
on theFetchInstance
class.Factory.Group - Retrieving an individual
object from aGroup
collection object.GroupSet
You can call methods on the
object to retrieve information about the group, such as its name and ID, or to get references to other objects. References to other objects may include the users who are members of the group and the subgroups or parent groups of the group.
The following tables list the members exposed by IGroup.
Public Properties
Name | Description | |
---|---|---|
![]() | DisplayName | The user-readable, provider-specific name of an object. This property is usually the designated Name property of the object's class. |
![]() | DistinguishedName | The name that uniquely identifies a given group or user. The distinguished name (DN) consists of a group or user's short name and the name of the domain to which it belongs. For example, for a group with the short name "Managers", the distinguished name might be "CN=Managers,DC=example,DC=com". |
![]() | Groups | A collection of objects belonging to a given realm or group. |
![]() | Id | A representation of the Globally Unique Identifier (GUID), a unique 128-bit number, that is assigned to this Content Engine object when the object is created. When converted to a string, the Id property is typically depicted as 32 hexadecimal characters enclosed by brackets in the following format: {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}. For example, {3F2504E0-4F89-11D3-9A0C-0305E82C3301}. For For a given property representation, the Id property has the following characteristics:
For a newly created document object, you can override the Id property of its associated |
![]() | MemberOfGroups | Returns a collection containing the groups of which a given group or user is a member. |
![]() | Name | The name for this object. For most classes, this property is read-only and returns the value of the designated name property for the object, or its ID if there is no name property. If For a |
![]() | ShortName | The short name of a given group or user. An example of a user's short name is "test1", or a group's short name might be "Managers". The short name format does not require any other qualifying information, such as domain. See the |
![]() | Users | A collection of objects belonging to a given realm. |