用于获取嵌套组的样本代码

使用样本代码片段和数据图,通过使用 get() 方法和 GroupMembershipControl 来获取嵌套组。

样本代码片段和数据图涵盖以下步骤:

  1. 创建两个组。
  2. 创建用户。
  3. 将该用户添加为其中一个新组的成员。
  4. 将该组添加为另一个新组的成员。
  5. 通过使用 get() 方法和 GroupMembershipControl 来获取用户的组成员资格。

必备条件

确保您已阅读了“编程先决条件”主题中的信息并完成了其中描述的步骤。

您必须具有检索和管理嵌套组所需的配置。 有关这些配置设置的信息,请参阅以下主题:

样本代码

请将以下代码片段添加到您的应用程序代码,并将变量替换为您要使用的实际值。

/**
 *  testNestedGroupsSnippet 
 *  This test does the following:
 *  Creates two groups
 *  Creates a user
 *  Adds the user to group1
 *  Adds group1 as member of group2
 *  Gets the membership of the user
 */
public static void testNestedGroupsSnippet()
{
    // Create two groups
    addGroup("group1");
    addGroup("group2");
    // Add a user 
    addPersonAccount("user1","user1cn","user1sn");
    // Add the member user1 to the group group1
    addMemberToGroup(user1Dn,group1Dn);
    // Add group1 as member of group2
    addMemberToGroup(group1Dn,group2Dn);
    // Get the user membership of the member user1 to check if it is member of both the groups 1 and 2
    getGroupMembership(user1Dn);
}

/**
 *  addGroup Adds an entity of type Group
 *  @param cn value to be set
 */
public static void addGroup(String cn)
{
    try
    {
        DataObject root = SDOHelper.createRootDataObject();        DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
        // Set the cn of the group
        entity.set("cn", cn);
        System.out.println("Input data graph before creating group"+ printDO(root));
        // Create the group entity
        root = service.create(root); 
        System.out.println("Output data graph after creating group"+ printDO(root));
    }
    catch (Exception e) {
        e.printStackTrace();
    }
}

/** 
 *  addPersonAccount 
 *  Adds an entity of PersonAccount entity type
 *  @param uid value to be set
 *  @param cn value to be set
 *  @param sn value to be set
 */
public static void addPersonAccount(String uid, String cn, String sn)
{
    try
    {
        DataObject root = SDOHelper.createRootDataObject();        DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT);
        // Set the properties of the person
        entity.set("uid", uid);
        entity.set("cn", cn);
        entity.set("sn", sn);
        System.out.println("Input data graph before creating user"+ printDO(root));
        // Create the PersonAccount entity
        root = service.create(root); 
        System.out.println("Output data graph after creating user"+ printDO(root));
    }
    catch (Exception e) {
        e.printStackTrace();
    }
}

/**
 *  addMemberToGroup adds a user to the group	
 *  @param memberDn uniqueName of the group
 *  @param groupDn uniqueName of the group
 */
public static void addMemberToGroup(String memberDn, String groupDn)
{
    try
    {
        DataObject root = SDOHelper.createRootDataObject();        DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
        // Set the group uniqueName
        entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME,
                groupDn);
        DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI, SchemaConstants.DO_ENTITY);
        // Set the member uniqueName
        member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME,
                memberDn);
        // Add the member to the group
        entity.getList(SchemaConstants.DO_MEMBERS).add(member1);
        System.out.println("Input datagraph before adding member to group"+ printDO(root));
        // Update the group
        root = service.update(root);        System.out.println("Output datagraph after adding member to group"+ printDO(root));
    }
    catch (Exception e) {
        e.printStackTrace();
    }
}

/**
 *  getGroupMembership gets the nested groups
 *  @param memberDn uniqueName of the group
 */
public static void getGroupMembership(String memberDn)
{
    try
    {
        DataObject root = SDOHelper.createRootDataObject();        DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT);
        // Set the uniqueName of the group
        entity.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, 
                memberDn);
        // Set the Group membership control
        DataObject grpMbrshipCtrl = SDOHelper.createControlDataObject(root, null, 
                SchemaConstants.DO_GROUP_MEMBERSHIP_CONTROL);
        // Set the property of level to retrieve all the nested entities
        grpMbrshipCtrl.setInt(SchemaConstants.PROP_LEVEL, SchemaConstants.PROP_LEVEL_NESTED);
        // Retrieve cn attribute for all groups
        grpMbrshipCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn");
        System.out.println("Input data graph before getting group membership of user"+ printDO(root));
        // Get the members of the group
        root = service.get(root);		        System.out.println("Output data graph after getting group membership of user"+ printDO(root));
    }
    catch (Exception e) {
        e.printStackTrace();
    }
}

输入和输出数据图

用于创建 group1 的输入数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:cn>group1</wim:cn>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

创建 group1 之后的输出数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="30a09674-ec3b-449b-ab80-6090bcf5b9c4" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

用于创建 group2 的输入数据图:

创建组之前的输入数据图
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:cn>group2</wim:cn>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

创建 group2 之后的输出数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="95f83f2c-f477-4273-badd-acb7cf1773fe" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>
用于创建用户的输入数据图:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:PersonAccount">
      <wim:uid>user1</wim:uid>
      <wim:cn>user1cn</wim:cn>
      <wim:sn>user1sn</wim:sn>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>
创建用户之后的输出数据图:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:PersonAccount">
      <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>
用于将用户添加到组的输入数据图:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
      <wim:members>
        <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
      </wim:members>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>
将用户添加到组之后的输出数据图:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

用于将 group1 添加为 group2 成员的输入数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/>
      <wim:members>
        <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
      </wim:members>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

将 group1 添加为 group2 成员之后的输出数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:Group">
      <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="95f83f2c-f477-4273-badd-acb7cf1773fe" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>

用于获取用户的组成员资格的输入数据图:

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:PersonAccount">
      <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
    </wim:entities>
    <wim:controls xsi:type="wim:GroupMembershipControl" level="0">
      <wim:properties>cn</wim:properties>
    </wim:controls>
  </wim:Root>
</sdo:datagraph>

获取用户的组成员资格之后的输出数据图(显示了用户所属于的组):

<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
  <wim:Root>
    <wim:entities xsi:type="wim:PersonAccount">
      <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
          uniqueId="d8b05414-6965-456f-8284-3971515f8d32" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
      <wim:groups>
        <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
            uniqueId="f882e5f4-083c-41b2-9475-232881df1933" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
        <wim:cn>group1</wim:cn>
      </wim:groups>
      <wim:groups>
        <wim:identifier externalName="cn=group2,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
            uniqueId="385759ea-cc55-47c6-a788-0f15bcc1c011" uniqueName="cn=group2,o=defaultWIMFileBasedRealm"/>
        <wim:cn>group2</wim:cn>
      </wim:groups>
    </wim:entities>
  </wim:Root>
</sdo:datagraph>


使用条款 | 反馈