org.argeo.cms/src/org/argeo/cms/util/useradmin/UserAdminUtils.java

   1 package org.argeo.cms.util.useradmin;
   2
   3 import java.security.AccessController;
   4 import java.util.List;
   5 import java.util.Set;
   6
   7 import javax.naming.InvalidNameException;
   8 import javax.naming.ldap.LdapName;
   9 import javax.naming.ldap.Rdn;
  10 import javax.security.auth.Subject;
  11 import javax.security.auth.x500.X500Principal;
  12
  13 import org.argeo.ArgeoException;
  14 import org.argeo.cms.CmsView;
  15 import org.argeo.cms.auth.AuthConstants;
  16 import org.argeo.cms.auth.CurrentUser;
  17 import org.argeo.cms.util.CmsUtils;
  18 import org.argeo.eclipse.ui.EclipseUiUtils;
  19 import org.argeo.jcr.JcrUtils;
  20 import org.argeo.osgi.useradmin.LdifName;
  21 import org.osgi.service.useradmin.Group;
  22 import org.osgi.service.useradmin.Role;
  23 import org.osgi.service.useradmin.User;
  24 import org.osgi.service.useradmin.UserAdmin;
  25
  26 /** Centralise common patterns to manage roles with a user admin */
  27 public class UserAdminUtils {
  28
  29         /** Retrieves a {@link Role} given a LDAP name */
  30         public final static Role getRole(UserAdmin userAdmin, LdapName dn) {
  31                 Role role = userAdmin.getRole(dn.toString());
  32                 return role;
  33         }
  34
  35         /** Retrieves the unique local username given a {@link User}. */
  36         public final static String getUsername(User user) {
  37                 String username = null;
  38                 if (user instanceof Group)
  39                         username = getProperty(user, LdifName.cn.name());
  40                 else
  41                         username = getProperty(user, LdifName.uid.name());
  42                 return username;
  43         }
  44
  45         /**
  46          * Easily retrieves one of the {@link Role}'s property or an empty String if
  47          * the requested property is not defined
  48          */
  49         public final static String getProperty(Role role, String key) {
  50                 Object obj = role.getProperties().get(key);
  51                 if (obj != null)
  52                         return (String) obj;
  53                 else
  54                         return "";
  55         }
  56
  57         // CENTRALIZE SOME METHODS UNTIL API IS STABLE
  58         /** Simply checks if current user is registered */
  59         public static boolean isRegistered() {
  60                 return !CurrentUser.isAnonymous();
  61         }
  62
  63         /** Simply checks if current user as a home */
  64         public static boolean hasHome() {
  65                 return isRegistered();
  66         }
  67
  68         // SELF HELPERS
  69         /** Simply retrieves the current logged-in user display name. */
  70         public static User getCurrentUser(UserAdmin userAdmin) {
  71                 return (User) getRole(userAdmin, getCurrentUserLdapName());
  72         }
  73
  74         /** Simply retrieves the current logged-in user display name. */
  75         public static String getCurrentUserDisplayName(UserAdmin userAdmin) {
  76                 String username = getCurrentUsername();
  77                 return getUserDisplayName(userAdmin, username);
  78         }
  79
  80         /** Simply retrieves the current logged-in user display name. */
  81         public static String getCurrentUserMail(UserAdmin userAdmin) {
  82                 String username = getCurrentUsername();
  83                 return getUserMail(userAdmin, username);
  84         }
  85
  86         /** Returns the local name of the current connected user */
  87         public final static String getUsername(UserAdmin userAdmin) {
  88                 LdapName dn = getCurrentUserLdapName();
  89                 return getUsername((User) getRole(userAdmin, dn));
  90         }
  91
  92         /** Returns true if the current user is in the specified role */
  93         public static boolean isUserInRole(String role) {
  94                 Set<String> roles = CurrentUser.roles();
  95                 return roles.contains(role);
  96         }
  97
  98         /** Simply checks if current user is the same as the passed one */
  99         public static boolean isCurrentUser(User user) {
 100                 String userName = getProperty(user, LdifName.dn.name());
 101                 try {
 102                         LdapName selfUserName = getCurrentUserLdapName();
 103                         LdapName userLdapName = new LdapName(userName);
 104                         if (userLdapName.equals(selfUserName))
 105                                 return true;
 106                         else
 107                                 return false;
 108                 } catch (InvalidNameException e) {
 109                         throw new ArgeoException("User " + user + " has an unvalid dn: "
 110                                         + userName, e);
 111                 }
 112         }
 113
 114         public final static LdapName getCurrentUserLdapName() {
 115                 String name = getCurrentUsername();
 116                 return getLdapName(name);
 117         }
 118
 119         /** Simply retrieves username for current user, generally a LDAP dn */
 120         public static String getCurrentUsername() {
 121                 Subject subject = currentSubject();
 122                 String name = subject.getPrincipals(X500Principal.class).iterator()
 123                                 .next().toString();
 124                 return name;
 125         }
 126
 127         /**
 128          * Fork of the {@link CurrentUser#currentSubject} method that is private.
 129          * TODO Enhance and factorize
 130          */
 131         private static Subject currentSubject() {
 132                 CmsView cmsView = CmsUtils.getCmsView();
 133                 if (cmsView != null)
 134                         return cmsView.getSubject();
 135                 Subject subject = Subject.getSubject(AccessController.getContext());
 136                 if (subject != null)
 137                         return subject;
 138                 throw new RuntimeException("Cannot find related subject");
 139         }
 140
 141         // HOME MANAGEMENT
 142         /**
 143          * Simply retrieves the *relative* path to the current user home node from
 144          * the base home node
 145          */
 146         public static String getCurrentUserHomeRelPath() {
 147                 return getHomeRelPath(getCurrentUsername());
 148         }
 149
 150         /**
 151          * Simply retrieves the *relative* path to the home node of a user given its
 152          * userName
 153          */
 154         public static String getHomeRelPath(String userName) {
 155                 String id = getUserUid(userName);
 156                 String currHomePath = JcrUtils.firstCharsToPath(id, 2) + "/" + id;
 157                 return currHomePath;
 158         }
 159
 160         // HELPERS TO RETRIEVE REMARKABLE PROPERTIES
 161         /** Simply retrieves the user uid from his dn with no useradmin */
 162         public static String getUserUid(String dn) {
 163                 LdapName ldapName = getLdapName(dn);
 164                 Rdn last = ldapName.getRdn(ldapName.size() - 1);
 165                 if (last.getType().toLowerCase().equals(LdifName.uid.name())
 166                                 || last.getType().toLowerCase().equals(LdifName.cn.name()))
 167                         return (String) last.getValue();
 168                 else
 169                         throw new ArgeoException("Cannot retrieve user uid, "
 170                                         + "non valid dn: " + dn);
 171         }
 172
 173         /**
 174          * Returns the local username if no user with this dn is found or if the
 175          * found user has no defined display name
 176          */
 177         public static String getUserDisplayName(UserAdmin userAdmin, String dn) {
 178                 Role user = getRole(userAdmin, getLdapName(dn));
 179                 if (user == null)
 180                         return getUserUid(dn);
 181                 String displayName = getProperty(user, LdifName.displayName.name());
 182                 if (EclipseUiUtils.isEmpty(displayName))
 183                         displayName = getProperty(user, LdifName.cn.name());
 184                 if (EclipseUiUtils.isEmpty(displayName))
 185                         return getUserUid(dn);
 186                 else
 187                         return displayName;
 188         }
 189
 190         /**
 191          * Returns null if no user with this dn is found or if the found user has no
 192          * defined mail
 193          */
 194         public static String getUserMail(UserAdmin userAdmin, String dn) {
 195                 Role user = getRole(userAdmin, getLdapName(dn));
 196                 if (user == null)
 197                         return null;
 198                 else
 199                         return getProperty(user, LdifName.mail.name());
 200         }
 201
 202         // VARIOUS UI HELPERS
 203         public final static String buildDefaultCn(String firstName, String lastName) {
 204                 return (firstName.trim() + " " + lastName.trim() + " ").trim();
 205         }
 206
 207         /** Simply retrieves a display name of the relevant domain */
 208         public final static String getDomainName(User user) {
 209                 String dn = user.getName();
 210                 if (dn.endsWith(AuthConstants.ROLES_BASEDN))
 211                         return "System roles";
 212                 try {
 213                         LdapName name = new LdapName(dn);
 214                         List<Rdn> rdns = name.getRdns();
 215                         String dname = null;
 216                         int i = 0;
 217                         loop: while (i < rdns.size()) {
 218                                 Rdn currrRdn = rdns.get(i);
 219                                 if (!LdifName.dc.name().equals(currrRdn.getType()))
 220                                         break loop;
 221                                 else {
 222                                         String currVal = (String) currrRdn.getValue();
 223                                         dname = dname == null ? currVal : currVal + "." + dname;
 224                                 }
 225                                 i++;
 226                         }
 227                         return dname;
 228                 } catch (InvalidNameException e) {
 229                         throw new ArgeoException("Unable to get domain name for " + dn, e);
 230                 }
 231         }
 232
 233         // Local Helpers
 234         /** Simply retrieves a LDAP name from a dn with no exception */
 235         public static LdapName getLdapName(String dn) {
 236                 try {
 237                         return new LdapName(dn);
 238                 } catch (InvalidNameException e) {
 239                         throw new ArgeoException("Cannot parse LDAP name " + dn, e);
 240                 }
 241         }
 242 }