Defining own hooks
Step 1: Copying & pasting grouper hooks to own java package
The original grouper hooks are located in [grouper api installation directory]/src/grouper/edu/internet2/middleware/grouper/hooks. The root is the edu level, thus having edu.internet2.middleware.grouper.hooks as the package name.
We have introduced an additional class hierarchy [grouper api installation directory]/src/grouper/newLevel1/newLevel2/hooks.
Now copy & paste all original grouper hooks, rename the class names to "MyXXXHook.java" (or anything) and modify the package name of each class to newLevel1.newLevel2.hooks..
Step 2: Make sure the new hooks are found
Open the file [grouper api installation directory]/conf/grouper.base.properties and copy all of the
hooks.xxx.class=edu.yourSchool.it.YourSchoolxxxHooks,edu.yourSchool.it.YourSchoolxxxHooks2
lines into grouper.properties configuration file.
Now register the new classes by modifying the new entries:
hooks.attribute.class=newLevel1.newLevel2.hooks.MyAttributeHook
hooks.attributeAssign.class=newLevel1.newLevel2.hooks.MyAttributeAssignHook
(and so on for all hooks)
Step 3: Customize your hooks
Sending mails if important member groups are deleted
We want to be notified if source groups that are direct members of target groups are deleted. For this the MyMembershipHook class is the right choice. Here edit the membershipPostDelete() method.
public void membershipPostDelete(HooksContext hooksContext, HooksMembershipBean postDeleteBean) { HooksMembershipChangeBean membershipChangeBean = new HooksMembershipChangeBean (postDeleteBean.getMembership()); // get membership informations Properties properties = System.getProperties(); properties.setProperty("mail.smtp.host", "yourHost"); // smtp host Session session = Session.getDefaultInstance(properties); if (postDeleteBean.getMembership().getOwnerGroupId() != null ) { if ( membershipChangeBean.getGroup().getName().startsWith ("targets:") && // owner group is in target folder membershipChangeBean.getMember().getName().startsWith ("sources:") && // member is in source folder membershipChangeBean.getMember().getSubjectSourceIdDb().equals ("g:gsa") ) { // member is a group try { MimeMessage message = new MimeMessage(session); message.setFrom(new InternetAddress("sender@yourEdu.xx")); // sender message.addRecipient(Message.RecipientType.TO, new InternetAddress("recipient@yourEdu.xx")); // recipient message.setSubject( "Grouper Group Removal Notification"); // subject message.setText ("---------------------------------------------\n" + // message body " Grouper Group Removal Notification \n" + "---------------------------------------------\n\n" + membershipChangeBean.getMember().getName() + // name of member group "\n\nwas removed from\n\n" + membershipChangeBean.getGroup().getName() + // name of owner group "\n\n"); Transport.send(message); } catch (MessagingException mex) { mex.printStackTrace(); } } } }
Setting privileges if groups are created within a certain stem
If groups are created within a certain stem some privileges are to be set automatically. This is done with the groupPostCommitInsert() method in MyGroupHook.
public void groupPostCommitInsert(HooksContext hooksContext, HooksGroupBean postCommitInsertBean) { Group beanGroup = postCommitInsertBean.getGroup(); // get group informations /* Read-Privilege for staff for all target groups */ if ( beanGroup.getName().startsWith("targets:")) { // all target groups String employersGroupId = GroupFinder.findByName (GrouperSession.startRootSession(), "stem:group_of_employees", false).getId(); // id of staff group beanGroup.grantPriv ( SubjectFinder.findById ( employersGroupId, false) , AccessPrivilege.READ ); // granting read privilege } /* Admin Privileges for xGroup for all myNet groups (i.e. groups that contain the string "myNet" in their full name */ if ( beanGroup.getName().contains( "myNet" )) { // all groups that contain "myNet" String xGroupId = GroupFinder.findByName (GrouperSession.startRootSession(), "stem:xGroup", false).getId(); // id of xGroup beanGroup.grantPriv ( SubjectFinder.findById ( xGroupId, true), AccessPrivilege.ADMIN ); // granting admin privilege } }