[[toc]] + Horde Group API This document is intended to clarify the Horde Group API, and to provide a solid target for applications to move toward for Horde4. Motivation for this document was spurred from the conversation between the Bens on IRC regarding the "proper" way to handle groups with LDAP. ---- ++ Abstract In its simplest terms a group consists of an ID and a Name. The ID is unique to that group and is unchanging. The name is a human-friendly name that can be changed as desired. The source and/or format of the group ID should not be of concern to the application using it, and should always be obtained/modified/stored through the group API calls. The group ID is the **only** acceptable method as to refer to a group, as it is guaranteed to be unique (uniqueness being the job of the driver). The group name is strictly for interface use. A group can also have a parent and multiple children. All references to parents and children are to be made through API calls. Again, it is of no concern to the application //how// these relationships are maintained, but only that they exist and are free to be used. For Horde4, we will move away from the object-oriented method of managing groups in favor of a Horde_Groups class which will act as a group manager. This should alleviate some of the confusion between the different drivers, and eliminate some of the OO overhead.
----++ Standards In order to help keep concepts straight, the following standards should be used * **$gid** -- Group ID * **$group** -- Group Object * **$name** -- Group Name * **$parent** -- ID of Group's Parent Adds a group to the groups system. @@--- The group must first be created with Group::newGroup(), and have any initial users added to it, before this function is called. @@ Changes the name of a group without changing its contents or where it is in the groups hierarchy. +++ removeGroup(@@--- $group +++ $gid@@,$force = false)Removes agroup from thegroups system permanently. * Is the $force parameter necessary? Can we automatically update the backend as updates are provided? Or, is it faster to get all of the updates, and then commit them to the backend all at once?+++ getGroupName($gid) Retrieves the name of a group. +++ getGUID(@@--- $group +++ $gid@@) Returns aglobally unique ID for a group. +++ exists(@@--- $group +++ $gid@@) Check if a group exists in the system. +++ getGroupParent($gid@@+++, $deep =false@@) Returns the single parent ID @@+++ or a list of parent IDs@@ of the given group. * Add support to take over getGroupParentList() +++ listGroups($refresh = false) Returns a list of all groups, in the format gid => name. +++ listUsers($gid@@+++, @all = false@@) Get alist of every user that is a part of this group ONLY. * Add support to take over listAllUsers() +++ getGroupMembership($user, $parentGroups = false) Get a list of every group that $user is in. +++ userIsInGroup($user, $gid, $subgroups = true) Say if a user is a member of a group or not. +++ @@+++ addUser($username, $gid) @@ Add a user to a group. * Should be able to handle arrays for both parameters. +++@@+++ removeUser($username, $gid) @@ Remove auser from a group. * Should be able to handle arrays for both parameters. +++ updateGroup($group) ##yellow|deprecated?## -- should we always update the backend? +++ getLevel($gid) ##yellow|deprecated## -- is this used? +++ getAuditLog($gid) ##yellow|new function## -- do we need this? +++ clearAuditLog($gid) ##yellow|new function## -- do we need this?+++ @@--- newGroup($name, $parent = DATATREE_ROOT) @@ deprecated in favor of using addGroup() +++ @@--- getGroup($gid) @@ deprecated -- no longer using group objects. +++ @@--- getGroupById($gid) @@ deprecated -- no longer using group objects. +++ @@--- getGroupShortName($group) @@ deprecated -- no need for short names...they're just confusing (K.I.S.S) +++ @@--- getGroupId($group) @@ deprecated -- no longer using group objects. +++ @@--- getGroupParents($gid) @@ deprecated in favor of always using flat lists. +++ @@--- getGroupParentList($gid) @@ deprecated in favor of getGroupParent() +++ @@--- listAllUsers($gid) @@ deprecated in favor of listUsers() ++ @@--- !DatatreeObject_Group @@ All !DatatreeObject_Group functionality has been moved to Group (Horde_Groups) to eliminate OO overhead. +++ setGroupOb(&$groupOb) +++ getId() +++ save() +++ addUser($username, $update = true) +++ removeUser($username, $update = true) +++ listUser() +++ listAllUsers() +++ getAuditLog() +++ clearAuditLog() ---- ++ Horde_Groups API This is a list of the methods that will be available in Horde_Groups to Horde4 applications: * addGroup($name, $parent) * removeGroup($gid) * renameGroup($gid, $newName) * getGroupname($gid) * getGUID($gid) * exists($gid) * getGroupParent($gid, $deep = false) * listGroups() * listUsers($gid, $subgroups = false) * getGroupMembership($username, $parentGroups= false) * userIsInGroup($username, $gid, $subgroups = true) * addUser($username, $gid) * removeUser($username, $gid)