]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.security.core/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove unused classes
[lgpl/argeo-commons.git] / org.argeo.security.core / src / org / argeo / osgi / useradmin / AggregatingUserAdmin.java
1 package org.argeo.osgi.useradmin;
2
3 import java.util.ArrayList;
4 import java.util.Arrays;
5 import java.util.Dictionary;
6 import java.util.HashMap;
7 import java.util.HashSet;
8 import java.util.Hashtable;
9 import java.util.List;
10 import java.util.Map;
11 import java.util.Set;
12
13 import javax.naming.InvalidNameException;
14 import javax.naming.ldap.LdapName;
15
16 import org.osgi.framework.InvalidSyntaxException;
17 import org.osgi.service.useradmin.Authorization;
18 import org.osgi.service.useradmin.Role;
19 import org.osgi.service.useradmin.User;
20 import org.osgi.service.useradmin.UserAdmin;
21
22 /**
23 * Aggregates multiple {@link UserDirectory} and integrates them with system
24 * roles.
25 */
26 public class AggregatingUserAdmin implements UserAdmin {
27 private final LdapName systemRolesBaseDn;
28
29 // DAOs
30 private AbstractUserDirectory systemRoles = null;
31 private Map<LdapName, AbstractUserDirectory> businessRoles = new HashMap<LdapName, AbstractUserDirectory>();
32
33 public AggregatingUserAdmin(String systemRolesBaseDn) {
34 try {
35 this.systemRolesBaseDn = new LdapName(systemRolesBaseDn);
36 } catch (InvalidNameException e) {
37 throw new UserDirectoryException("Cannot initialize " + AggregatingUserAdmin.class, e);
38 }
39 }
40
41 @Override
42 public Role createRole(String name, int type) {
43 return findUserAdmin(name).createRole(name, type);
44 }
45
46 @Override
47 public boolean removeRole(String name) {
48 boolean actuallyDeleted = findUserAdmin(name).removeRole(name);
49 systemRoles.removeRole(name);
50 return actuallyDeleted;
51 }
52
53 @Override
54 public Role getRole(String name) {
55 return findUserAdmin(name).getRole(name);
56 }
57
58 @Override
59 public Role[] getRoles(String filter) throws InvalidSyntaxException {
60 List<Role> res = new ArrayList<Role>();
61 for (UserAdmin userAdmin : businessRoles.values()) {
62 res.addAll(Arrays.asList(userAdmin.getRoles(filter)));
63 }
64 res.addAll(Arrays.asList(systemRoles.getRoles(filter)));
65 return res.toArray(new Role[res.size()]);
66 }
67
68 @Override
69 public User getUser(String key, String value) {
70 List<User> res = new ArrayList<User>();
71 for (UserAdmin userAdmin : businessRoles.values()) {
72 User u = userAdmin.getUser(key, value);
73 if (u != null)
74 res.add(u);
75 }
76 // Note: node roles cannot contain users, so it is not searched
77 return res.size() == 1 ? res.get(0) : null;
78 }
79
80 @Override
81 public Authorization getAuthorization(User user) {
82 if (user == null) {// anonymous
83 return systemRoles.getAuthorization(null);
84 }
85 UserAdmin userAdmin = findUserAdmin(user.getName());
86 Authorization rawAuthorization = userAdmin.getAuthorization(user);
87 // gather system roles
88 Set<String> sysRoles = new HashSet<String>();
89 for (String role : rawAuthorization.getRoles()) {
90 Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
91 sysRoles.addAll(Arrays.asList(auth.getRoles()));
92 }
93 Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
94 rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
95 return authorization;
96 }
97
98 //
99 // USER ADMIN AGGREGATOR
100 //
101 protected void addUserDirectory(AbstractUserDirectory userDirectory) {
102 LdapName baseDn = userDirectory.getBaseDn();
103 if (isSystemRolesBaseDn(baseDn)) {
104 this.systemRoles = userDirectory;
105 systemRoles.setExternalRoles(this);
106 } else {
107 if (businessRoles.containsKey(baseDn))
108 throw new UserDirectoryException("There is already a user admin for " + baseDn);
109 businessRoles.put(baseDn, userDirectory);
110 }
111 userDirectory.init();
112 postAdd(userDirectory);
113 }
114
115 /** Called after a new user directory has been added */
116 protected void postAdd(AbstractUserDirectory userDirectory) {
117 }
118
119 private UserAdmin findUserAdmin(String name) {
120 try {
121 return findUserAdmin(new LdapName(name));
122 } catch (InvalidNameException e) {
123 throw new UserDirectoryException("Badly formatted name " + name, e);
124 }
125 }
126
127 private UserAdmin findUserAdmin(LdapName name) {
128 if (name.startsWith(systemRolesBaseDn))
129 return systemRoles;
130 List<UserAdmin> res = new ArrayList<UserAdmin>(1);
131 for (LdapName baseDn : businessRoles.keySet()) {
132 if (name.startsWith(baseDn))
133 res.add(businessRoles.get(baseDn));
134 }
135 if (res.size() == 0)
136 throw new UserDirectoryException("Cannot find user admin for " + name);
137 if (res.size() > 1)
138 throw new UserDirectoryException("Multiple user admin found for " + name);
139 return res.get(0);
140 }
141
142 protected boolean isSystemRolesBaseDn(LdapName baseDn) {
143 return baseDn.equals(systemRolesBaseDn);
144 }
145
146 protected Dictionary<String, Object> currentState() {
147 Dictionary<String, Object> res = new Hashtable<String, Object>();
148 // res.put(NodeConstants.CN, NodeConstants.DEFAULT);
149 for (LdapName name : businessRoles.keySet()) {
150 AbstractUserDirectory userDirectory = businessRoles.get(name);
151 String uri = UserAdminConf.propertiesAsUri(userDirectory.getProperties()).toString();
152 res.put(uri, "");
153 }
154 return res;
155 }
156
157 public void destroy() {
158 for (LdapName name : businessRoles.keySet()) {
159 AbstractUserDirectory userDirectory = businessRoles.get(name);
160 destroy(userDirectory);
161 }
162 businessRoles.clear();
163 businessRoles = null;
164 destroy(systemRoles);
165 systemRoles = null;
166 }
167
168 private void destroy(AbstractUserDirectory userDirectory) {
169 preDestroy(userDirectory);
170 userDirectory.destroy();
171 }
172
173 protected void removeUserDirectory(LdapName baseDn) {
174 if (isSystemRolesBaseDn(baseDn))
175 throw new UserDirectoryException("System roles cannot be removed ");
176 if (!businessRoles.containsKey(baseDn))
177 throw new UserDirectoryException("No user directory registered for " + baseDn);
178 AbstractUserDirectory userDirectory = businessRoles.remove(baseDn);
179 destroy(userDirectory);
180 }
181
182 /**
183 * Called before each user directory is destroyed, so that additional
184 * actions can be performed.
185 */
186 protected void preDestroy(UserDirectory userDirectory) {
187 }
188
189 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi