SimpleRoleRegistration.java

   1 package org.argeo.security.core;
   2
   3 import java.util.ArrayList;
   4 import java.util.List;
   5 import java.util.Map;
   6
   7 import javax.naming.InvalidNameException;
   8 import javax.naming.ldap.LdapName;
   9 import javax.transaction.UserTransaction;
  10
  11 import org.apache.commons.logging.Log;
  12 import org.apache.commons.logging.LogFactory;
  13 import org.argeo.ArgeoException;
  14 import org.osgi.service.useradmin.Role;
  15 import org.osgi.service.useradmin.UserAdmin;
  16
  17 /**
  18  * Register one or many roles via a user admin service. Does nothing if the role
  19  * is already registered.
  20  */
  21 public class SimpleRoleRegistration implements Runnable {
  22         private final static Log log = LogFactory
  23                         .getLog(SimpleRoleRegistration.class);
  24
  25         private String role;
  26         private List<String> roles = new ArrayList<String>();
  27         private UserAdmin userAdmin;
  28         private UserTransaction userTransaction;
  29
  30         @Override
  31         public void run() {
  32                 try {
  33                         userTransaction.begin();
  34                         if (role != null && !roleExists(role))
  35                                 newRole(toDn(role));
  36
  37                         for (String r : roles)
  38                                 if (!roleExists(r))
  39                                         newRole(toDn(r));
  40                         userTransaction.commit();
  41                 } catch (Exception e) {
  42                         try {
  43                                 userTransaction.rollback();
  44                         } catch (Exception e1) {
  45                                 log.error("Cannot rollback", e1);
  46                         }
  47                         throw new ArgeoException("Cannot add roles", e);
  48                 }
  49         }
  50
  51         private boolean roleExists(String role) {
  52                 return userAdmin.getRole(toDn(role).toString()) != null;
  53         }
  54
  55         protected void newRole(LdapName r) {
  56                 userAdmin.createRole(r.toString(), Role.GROUP);
  57                 log.info("Added role " + r + " required by application.");
  58         }
  59
  60         public void register(UserAdmin userAdminService, Map<?, ?> properties) {
  61                 this.userAdmin = userAdminService;
  62                 run();
  63         }
  64
  65         protected LdapName toDn(String name) {
  66                 try {
  67                         return new LdapName("cn=" + name + ",ou=roles,ou=node");
  68                 } catch (InvalidNameException e) {
  69                         throw new ArgeoException("Badly formatted role name " + name, e);
  70                 }
  71         }
  72
  73         public void setRole(String role) {
  74                 this.role = role;
  75         }
  76
  77         public void setRoles(List<String> roles) {
  78                 this.roles = roles;
  79         }
  80
  81         public void setUserAdmin(UserAdmin userAdminService) {
  82                 this.userAdmin = userAdminService;
  83         }
  84
  85         public void setUserTransaction(UserTransaction userTransaction) {
  86                 this.userTransaction = userTransaction;
  87         }
  88
  89 }