org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java

   1 package org.argeo.osgi.useradmin;
   2
   3 import java.io.InputStream;
   4 import java.net.URI;
   5 import java.net.URISyntaxException;
   6 import java.util.SortedMap;
   7 import java.util.TreeMap;
   8
   9 import javax.naming.InvalidNameException;
  10 import javax.naming.NamingEnumeration;
  11 import javax.naming.directory.Attributes;
  12 import javax.naming.ldap.LdapName;
  13
  14 import org.osgi.framework.InvalidSyntaxException;
  15 import org.osgi.service.useradmin.Authorization;
  16 import org.osgi.service.useradmin.Role;
  17 import org.osgi.service.useradmin.User;
  18 import org.osgi.service.useradmin.UserAdmin;
  19
  20 /** User admin implementation using LDIF file(s) as backend. */
  21 public class LdifUserAdmin implements UserAdmin {
  22         SortedMap<LdapName, LdifUser> users = new TreeMap<LdapName, LdifUser>();
  23         SortedMap<LdapName, LdifGroup> groups = new TreeMap<LdapName, LdifGroup>();
  24
  25         private final boolean isReadOnly;
  26         private final URI uri;
  27
  28         public LdifUserAdmin(String uri) {
  29                 this(uri, true);
  30         }
  31
  32         public LdifUserAdmin(String uri, boolean isReadOnly) {
  33                 this.isReadOnly = isReadOnly;
  34                 try {
  35                         this.uri = new URI(uri);
  36                 } catch (URISyntaxException e) {
  37                         throw new ArgeoUserAdminException("Invalid URI " + uri, e);
  38                 }
  39
  40                 if (!isReadOnly && !this.uri.getScheme().equals("file:"))
  41                         throw new UnsupportedOperationException(this.uri.getScheme()
  42                                         + "not supported read-write.");
  43
  44                 try {
  45                         load(this.uri.toURL().openStream());
  46                 } catch (Exception e) {
  47                         throw new ArgeoUserAdminException("Cannot open URL " + this.uri, e);
  48                 }
  49         }
  50
  51         public LdifUserAdmin(InputStream in) {
  52                 load(in);
  53                 isReadOnly = true;
  54                 this.uri = null;
  55         }
  56
  57         protected void load(InputStream in) {
  58                 try {
  59                         LdifParser ldifParser = new LdifParser();
  60                         SortedMap<LdapName, Attributes> allEntries = ldifParser.read(in);
  61                         for (LdapName key : allEntries.keySet()) {
  62                                 Attributes attributes = allEntries.get(key);
  63                                 NamingEnumeration<?> objectClasses = attributes.get(
  64                                                 "objectClass").getAll();
  65                                 objectClasses: while (objectClasses.hasMore()) {
  66                                         String objectClass = objectClasses.next().toString();
  67                                         if (objectClass.equals("inetOrgPerson")) {
  68                                                 users.put(key, new LdifUser(key, attributes));
  69                                                 break objectClasses;
  70                                         } else if (objectClass.equals("groupOfNames")) {
  71                                                 groups.put(key, new LdifGroup(key, attributes));
  72                                                 break objectClasses;
  73                                         }
  74                                 }
  75                         }
  76
  77                         // optimise
  78                         for (LdifGroup group : groups.values()) {
  79                                 group.loadMembers(this);
  80                         }
  81                 } catch (Exception e) {
  82                         throw new ArgeoUserAdminException(
  83                                         "Cannot load user admin service from LDIF", e);
  84                 }
  85         }
  86
  87         public void destroy() {
  88                 users.clear();
  89                 users = null;
  90                 groups.clear();
  91                 groups = null;
  92         }
  93
  94         @Override
  95         public Role getRole(String name) {
  96                 LdapName key;
  97                 try {
  98                         key = new LdapName(name);
  99                 } catch (InvalidNameException e) {
 100                         // TODO implements default base DN
 101                         throw new IllegalArgumentException("Badly formatted role name: "
 102                                         + name, e);
 103                 }
 104
 105                 if (groups.containsKey(key))
 106                         return groups.get(key);
 107                 if (users.containsKey(key))
 108                         return users.get(key);
 109                 return null;
 110         }
 111
 112         @Override
 113         public Authorization getAuthorization(User user) {
 114                 return new LdifAuthorization((LdifUser) user);
 115         }
 116
 117         @Override
 118         public Role createRole(String name, int type) {
 119                 throw new UnsupportedOperationException();
 120         }
 121
 122         @Override
 123         public boolean removeRole(String name) {
 124                 throw new UnsupportedOperationException();
 125         }
 126
 127         @Override
 128         public Role[] getRoles(String filter) throws InvalidSyntaxException {
 129                 throw new UnsupportedOperationException();
 130         }
 131
 132         @Override
 133         public User getUser(String key, String value) {
 134                 throw new UnsupportedOperationException();
 135         }
 136
 137         public boolean getIsReadOnly() {
 138                 return isReadOnly;
 139         }
 140
 141 }