1 package org
.argeo
.cms
.internal
.kernel
;
3 import java
.util
.ArrayList
;
4 import java
.util
.Arrays
;
5 import java
.util
.HashMap
;
6 import java
.util
.HashSet
;
11 import javax
.naming
.InvalidNameException
;
12 import javax
.naming
.ldap
.LdapName
;
13 import javax
.transaction
.Transaction
;
14 import javax
.transaction
.TransactionManager
;
15 import javax
.transaction
.TransactionSynchronizationRegistry
;
17 import org
.argeo
.cms
.KernelHeader
;
18 import org
.argeo
.osgi
.useradmin
.AbstractUserDirectory
;
19 import org
.argeo
.osgi
.useradmin
.UserAdminAggregator
;
20 import org
.argeo
.osgi
.useradmin
.UserDirectoryException
;
21 import org
.osgi
.framework
.InvalidSyntaxException
;
22 import org
.osgi
.service
.useradmin
.Authorization
;
23 import org
.osgi
.service
.useradmin
.Role
;
24 import org
.osgi
.service
.useradmin
.User
;
25 import org
.osgi
.service
.useradmin
.UserAdmin
;
27 public class NodeUserAdmin
implements UserAdmin
, UserAdminAggregator
{
28 final static LdapName ROLES_BASE
;
31 ROLES_BASE
= new LdapName(KernelHeader
.ROLES_BASEDN
);
32 } catch (InvalidNameException e
) {
33 throw new UserDirectoryException("Cannot initialize "
34 + NodeUserAdmin
.class, e
);
38 private UserAdmin nodeRoles
= null;
39 private Map
<LdapName
, UserAdmin
> userAdmins
= new HashMap
<LdapName
, UserAdmin
>();
41 private TransactionSynchronizationRegistry syncRegistry
;
42 private TransactionManager transactionManager
;
45 public Role
createRole(String name
, int type
) {
46 return findUserAdmin(name
).createRole(name
, type
);
50 public boolean removeRole(String name
) {
51 return findUserAdmin(name
).removeRole(name
);
55 public Role
getRole(String name
) {
56 return findUserAdmin(name
).getRole(name
);
60 public Role
[] getRoles(String filter
) throws InvalidSyntaxException
{
61 List
<Role
> res
= new ArrayList
<Role
>();
62 for (UserAdmin userAdmin
: userAdmins
.values()) {
63 res
.addAll(Arrays
.asList(userAdmin
.getRoles(filter
)));
65 res
.addAll(Arrays
.asList(nodeRoles
.getRoles(filter
)));
66 return res
.toArray(new Role
[res
.size()]);
70 public User
getUser(String key
, String value
) {
71 List
<User
> res
= new ArrayList
<User
>();
72 for (UserAdmin userAdmin
: userAdmins
.values()) {
73 User u
= userAdmin
.getUser(key
, value
);
77 // Note: node roles cannot contain users, so it is not searched
78 return res
.size() == 1 ? res
.get(0) : null;
82 public Authorization
getAuthorization(User user
) {
83 UserAdmin userAdmin
= findUserAdmin(user
.getName());
84 Authorization rawAuthorization
= userAdmin
.getAuthorization(user
);
85 // gather system roles
86 Set
<String
> systemRoles
= new HashSet
<String
>();
87 for (String role
: rawAuthorization
.getRoles()) {
88 Authorization auth
= nodeRoles
.getAuthorization((User
) userAdmin
90 systemRoles
.addAll(Arrays
.asList(auth
.getRoles()));
92 return new NodeAuthorization(rawAuthorization
.getName(),
93 rawAuthorization
.toString(), systemRoles
,
94 rawAuthorization
.getRoles());
98 // USER ADMIN AGGREGATOR
101 public synchronized void addUserAdmin(String baseDn
, UserAdmin userAdmin
) {
102 if (userAdmin
instanceof AbstractUserDirectory
)
103 ((AbstractUserDirectory
) userAdmin
).setSyncRegistry(syncRegistry
);
105 if (baseDn
.equals(KernelHeader
.ROLES_BASEDN
)) {
106 nodeRoles
= userAdmin
;
110 if (userAdmins
.containsKey(baseDn
))
111 throw new UserDirectoryException(
112 "There is already a user admin for " + baseDn
);
114 userAdmins
.put(new LdapName(baseDn
), userAdmin
);
115 } catch (InvalidNameException e
) {
116 throw new UserDirectoryException("Badly formatted base DN "
122 public synchronized void removeUserAdmin(String baseDn
) {
123 if (baseDn
.equals(KernelHeader
.ROLES_BASEDN
))
124 throw new UserDirectoryException("Node roles cannot be removed.");
127 base
= new LdapName(baseDn
);
128 } catch (InvalidNameException e
) {
129 throw new UserDirectoryException("Badly formatted base DN "
132 if (!userAdmins
.containsKey(base
))
133 throw new UserDirectoryException("There is no user admin for "
135 UserAdmin userAdmin
= userAdmins
.remove(base
);
136 if (userAdmin
instanceof AbstractUserDirectory
)
137 ((AbstractUserDirectory
) userAdmin
).setSyncRegistry(null);
140 private UserAdmin
findUserAdmin(String name
) {
142 return findUserAdmin(new LdapName(name
));
143 } catch (InvalidNameException e
) {
144 throw new UserDirectoryException("Badly formatted name " + name
, e
);
148 private UserAdmin
findUserAdmin(LdapName name
) {
149 if (name
.startsWith(ROLES_BASE
))
151 List
<UserAdmin
> res
= new ArrayList
<UserAdmin
>(1);
152 for (LdapName baseDn
: userAdmins
.keySet()) {
153 if (name
.startsWith(baseDn
))
154 res
.add(userAdmins
.get(baseDn
));
157 throw new UserDirectoryException("Cannot find user admin for "
160 throw new UserDirectoryException("Multiple user admin found for "
165 public void setTransactionManager(TransactionManager transactionManager
) {
166 this.transactionManager
= transactionManager
;
167 if (nodeRoles
instanceof AbstractUserDirectory
)
168 ((AbstractUserDirectory
) nodeRoles
)
169 .setTransactionManager(transactionManager
);
170 for (UserAdmin userAdmin
: userAdmins
.values()) {
171 if (userAdmin
instanceof AbstractUserDirectory
)
172 ((AbstractUserDirectory
) userAdmin
)
173 .setTransactionManager(transactionManager
);
177 public void setSyncRegistry(TransactionSynchronizationRegistry syncRegistry
) {
178 this.syncRegistry
= syncRegistry
;
179 if (nodeRoles
instanceof AbstractUserDirectory
)
180 ((AbstractUserDirectory
) nodeRoles
).setSyncRegistry(syncRegistry
);
181 for (UserAdmin userAdmin
: userAdmins
.values()) {
182 if (userAdmin
instanceof AbstractUserDirectory
)
183 ((AbstractUserDirectory
) userAdmin
)
184 .setSyncRegistry(syncRegistry
);