Change group ownership to be another group
Instead of marking individual group members as owning that group we designate another group whose members can manage this group. The reference can be a self-reference, permitting a group to control its own membership, or it can be to another group, so the management is delegated away from the members. With this pattern it may be common to see "foo" and "foo-owners" or "foo-managers" be created, with the latter group having the ownership status over the former group. When a group is initially created it manages itself, so the user who created the group can be made a member of it and may control access to the group, even if they are not a site admin. Signed-off-by: Shawn O. Pearce <sop@google.com>
This commit is contained in:
Shawn O. Pearce
@@ -74,12 +74,23 @@ public final class AccountGroup {
|
||||
}
|
||||
}
|
||||
|
||||
/** Unique name of this group within the system. */
|
||||
@Column
|
||||
protected NameKey name;
|
||||
|
||||
/** Unique identity, to link entities as {@link #name} can change. */
|
||||
@Column
|
||||
protected Id groupId;
|
||||
|
||||
/**
|
||||
* Identity of the group whose members can manage this group.
|
||||
* <p>
|
||||
* This can be a self-reference to indicate the group's members manage itself.
|
||||
*/
|
||||
@Column
|
||||
protected Id ownerGroupId;
|
||||
|
||||
/** A textual description of the group's purpose. */
|
||||
@Column(length = Integer.MAX_VALUE, notNull = false)
|
||||
protected String description;
|
||||
|
||||
@@ -90,6 +101,7 @@ public final class AccountGroup {
|
||||
final AccountGroup.Id newId) {
|
||||
name = newName;
|
||||
groupId = newId;
|
||||
ownerGroupId = groupId;
|
||||
}
|
||||
|
||||
public AccountGroup.Id getId() {
|
||||
@@ -115,4 +127,12 @@ public final class AccountGroup {
|
||||
public void setDescription(final String d) {
|
||||
description = d;
|
||||
}
|
||||
|
||||
public AccountGroup.Id getOwnerGroupId() {
|
||||
return ownerGroupId;
|
||||
}
|
||||
|
||||
public void setOwnerGroupId(final AccountGroup.Id id) {
|
||||
ownerGroupId = id;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -31,4 +31,12 @@ public interface AccountGroupAccess extends
|
||||
|
||||
@Query("ORDER BY name")
|
||||
ResultSet<AccountGroup> all() throws OrmException;
|
||||
|
||||
@Query("WHERE ownerGroupId = ?")
|
||||
ResultSet<AccountGroup> ownedByGroup(AccountGroup.Id groupId)
|
||||
throws OrmException;
|
||||
|
||||
@Query("WHERE name.name >= ? AND name.name <= ? ORDER BY name LIMIT ?")
|
||||
ResultSet<AccountGroup> suggestByName(String nameA, String nameB, int limit)
|
||||
throws OrmException;
|
||||
}
|
||||
|
||||
@@ -41,7 +41,7 @@ public final class AccountGroupMember {
|
||||
return accountId;
|
||||
}
|
||||
|
||||
public AccountGroup.Id getAccountGroupId(){
|
||||
public AccountGroup.Id getAccountGroupId() {
|
||||
return groupId;
|
||||
}
|
||||
|
||||
@@ -54,10 +54,6 @@ public final class AccountGroupMember {
|
||||
@Column(name = Column.NONE)
|
||||
protected Key key;
|
||||
|
||||
/** If true, this user owns this group and can edit the membership. */
|
||||
@Column
|
||||
protected boolean owner;
|
||||
|
||||
protected AccountGroupMember() {
|
||||
}
|
||||
|
||||
@@ -76,12 +72,4 @@ public final class AccountGroupMember {
|
||||
public AccountGroup.Id getAccountGroupId() {
|
||||
return key.groupId;
|
||||
}
|
||||
|
||||
public boolean isGroupOwner() {
|
||||
return owner;
|
||||
}
|
||||
|
||||
public void setGroupOwner(final boolean o) {
|
||||
owner = o;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,9 +28,6 @@ public interface AccountGroupMemberAccess extends
|
||||
@Query("WHERE key.accountId = ?")
|
||||
ResultSet<AccountGroupMember> byAccount(Account.Id id) throws OrmException;
|
||||
|
||||
@Query("WHERE key.accountId = ? AND owner = 'Y'")
|
||||
ResultSet<AccountGroupMember> owned(Account.Id id) throws OrmException;
|
||||
|
||||
@Query("WHERE key.groupId = ?")
|
||||
ResultSet<AccountGroupMember> byGroup(AccountGroup.Id id) throws OrmException;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user