Use the sample code snippet and data graphs to get nested groups by using the get() method and GroupMembershipControl.
The sample code snippet and data graphs cover the following steps:
Ensure that you have read the information and completed the steps described in the topic, Programming prerequisites.
Add the following code snippet to your application code and replace the variables with the actual values that you want to use.
/** * testNestedGroupsSnippet * This test does the following: * Creates two groups * Creates a user * Adds the user to group1 * Adds group1 as member of group2 * Gets the membership of the user */ public static void testNestedGroupsSnippet() { // Create two groups addGroup("group1"); addGroup("group2"); // Add a user addPersonAccount("user1","user1cn","user1sn"); // Add the member user1 to the group group1 addMemberToGroup(user1Dn,group1Dn); // Add group1 as member of group2 addMemberToGroup(group1Dn,group2Dn); // Get the user membership of the member user1 to check if it is member of both the groups 1 and 2 getGroupMembership(user1Dn); } /** * addGroup Adds an entity of type Group * @param cn value to be set */ public static void addGroup(String cn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the cn of the group entity.set("cn", cn); System.out.println("Input data graph before creating group"+ printDO(root)); // Create the group entity root = service.create(root); System.out.println("Output data graph after creating group"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * addPersonAccount * Adds an entity of PersonAccount entity type * @param uid value to be set * @param cn value to be set * @param sn value to be set */ public static void addPersonAccount(String uid, String cn, String sn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT); // Set the properties of the person entity.set("uid", uid); entity.set("cn", cn); entity.set("sn", sn); System.out.println("Input data graph before creating user"+ printDO(root)); // Create the PersonAccount entity root = service.create(root); System.out.println("Output data graph after creating user"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * addMemberToGroup adds a user to the group * @param memberDn uniqueName of the group * @param groupDn uniqueName of the group */ public static void addMemberToGroup(String memberDn, String groupDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the group uniqueName entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME, groupDn); DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI, SchemaConstants.DO_ENTITY); // Set the member uniqueName member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, memberDn); // Add the member to the group entity.getList(SchemaConstants.DO_MEMBERS).add(member1); System.out.println("Input datagraph before adding member to group"+ printDO(root)); // Update the group root = service.update(root); System.out.println("Output datagraph after adding member to group"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * getGroupMembership gets the nested groups * @param memberDn uniqueName of the group */ public static void getGroupMembership(String memberDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT); // Set the uniqueName of the group entity.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, memberDn); // Set the Group membership control DataObject grpMbrshipCtrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_GROUP_MEMBERSHIP_CONTROL); // Set the property of level to retrieve all the nested entities grpMbrshipCtrl.setInt(SchemaConstants.PROP_LEVEL, SchemaConstants.PROP_LEVEL_NESTED); // Retrieve cn attribute for all groups grpMbrshipCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn"); System.out.println("Input data graph before getting group membership of user"+ printDO(root)); // Get the members of the group root = service.get(root); System.out.println("Output data graph after getting group membership of user"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } }
Input data graph for creating group1:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:cn>group1</wim:cn> </wim:entities> </wim:Root> </sdo:datagraph>
Output data graph after creating group1:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="30a09674-ec3b-449b-ab80-6090bcf5b9c4" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
Input data graph for creating group2:
Input datagraph before creating group <?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:cn>group2</wim:cn> </wim:entities> </wim:Root> </sdo:datagraph>
Output data graph after creating group2:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="95f83f2c-f477-4273-badd-acb7cf1773fe" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:uid>user1</wim:uid> <wim:cn>user1cn</wim:cn> <wim:sn>user1sn</wim:sn> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:members> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:members> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
Input data graph for adding group1 as a member of group2:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/> <wim:members> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:members> </wim:entities> </wim:Root> </sdo:datagraph>
Output data graph after adding group1 as member of group2:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="95f83f2c-f477-4273-badd-acb7cf1773fe" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
Input data graph for getting the group membership of a user:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> <wim:controls xsi:type="wim:GroupMembershipControl" level="0"> <wim:properties>cn</wim:properties> </wim:controls> </wim:Root> </sdo:datagraph>
Output data graph after getting the group membership of a user, showing the groups to which the user belongs:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="d8b05414-6965-456f-8284-3971515f8d32" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> <wim:groups> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="f882e5f4-083c-41b2-9475-232881df1933" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:cn>group1</wim:cn> </wim:groups> <wim:groups> <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="385759ea-cc55-47c6-a788-0f15bcc1c011" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/> <wim:cn>group2</wim:cn> </wim:groups> </wim:entities> </wim:Root> </sdo:datagraph>