]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
1 package org
.argeo
.osgi
.useradmin
;
3 import java
.io
.InputStream
;
5 import java
.net
.URISyntaxException
;
6 import java
.util
.ArrayList
;
7 import java
.util
.Arrays
;
8 import java
.util
.Dictionary
;
9 import java
.util
.LinkedHashMap
;
10 import java
.util
.List
;
12 import java
.util
.SortedMap
;
13 import java
.util
.TreeMap
;
15 import javax
.naming
.InvalidNameException
;
16 import javax
.naming
.NamingEnumeration
;
17 import javax
.naming
.directory
.Attributes
;
18 import javax
.naming
.ldap
.LdapName
;
20 import org
.osgi
.framework
.InvalidSyntaxException
;
21 import org
.osgi
.service
.useradmin
.Authorization
;
22 import org
.osgi
.service
.useradmin
.Role
;
23 import org
.osgi
.service
.useradmin
.User
;
24 import org
.osgi
.service
.useradmin
.UserAdmin
;
26 /** User admin implementation using LDIF file(s) as backend. */
27 public class LdifUserAdmin
implements UserAdmin
{
28 SortedMap
<LdapName
, LdifUser
> users
= new TreeMap
<LdapName
, LdifUser
>();
29 SortedMap
<LdapName
, LdifGroup
> groups
= new TreeMap
<LdapName
, LdifGroup
>();
31 private final boolean isReadOnly
;
32 private final URI uri
;
34 private List
<String
> indexedUserProperties
= Arrays
.asList(new String
[] {
35 "uid", "mail", "cn" });
36 private Map
<String
, Map
<String
, LdifUser
>> userIndexes
= new LinkedHashMap
<String
, Map
<String
, LdifUser
>>();
38 public LdifUserAdmin(String uri
) {
42 public LdifUserAdmin(String uri
, boolean isReadOnly
) {
43 this.isReadOnly
= isReadOnly
;
45 this.uri
= new URI(uri
);
46 } catch (URISyntaxException e
) {
47 throw new ArgeoUserAdminException("Invalid URI " + uri
, e
);
50 if (!isReadOnly
&& !this.uri
.getScheme().equals("file:"))
51 throw new UnsupportedOperationException(this.uri
.getScheme()
52 + "not supported read-write.");
55 load(this.uri
.toURL().openStream());
56 } catch (Exception e
) {
57 throw new ArgeoUserAdminException("Cannot open URL " + this.uri
, e
);
61 public LdifUserAdmin(InputStream in
) {
67 protected void load(InputStream in
) {
69 LdifParser ldifParser
= new LdifParser();
70 SortedMap
<LdapName
, Attributes
> allEntries
= ldifParser
.read(in
);
71 for (LdapName key
: allEntries
.keySet()) {
72 Attributes attributes
= allEntries
.get(key
);
73 NamingEnumeration
<?
> objectClasses
= attributes
.get(
74 "objectClass").getAll();
75 objectClasses
: while (objectClasses
.hasMore()) {
76 String objectClass
= objectClasses
.next().toString();
77 if (objectClass
.equals("inetOrgPerson")) {
78 users
.put(key
, new LdifUser(key
, attributes
));
80 } else if (objectClass
.equals("groupOfNames")) {
81 groups
.put(key
, new LdifGroup(key
, attributes
));
88 for (LdifGroup group
: groups
.values())
89 group
.loadMembers(this);
92 for (String attr
: indexedUserProperties
)
93 userIndexes
.put(attr
, new TreeMap
<String
, LdifUser
>());
95 for (LdifUser user
: users
.values()) {
96 Dictionary
<String
, Object
> properties
= user
.getProperties();
97 for (String attr
: indexedUserProperties
) {
98 Object value
= properties
.get(attr
);
100 LdifUser otherUser
= userIndexes
.get(attr
).put(
101 value
.toString(), user
);
102 if (otherUser
!= null)
103 throw new ArgeoUserAdminException("User " + user
104 + " and user " + otherUser
105 + " both habe property " + attr
106 + " set to " + value
);
110 } catch (Exception e
) {
111 throw new ArgeoUserAdminException(
112 "Cannot load user admin service from LDIF", e
);
116 public void destroy() {
124 public Role
getRole(String name
) {
127 key
= new LdapName(name
);
128 } catch (InvalidNameException e
) {
129 // TODO implements default base DN
130 throw new IllegalArgumentException("Badly formatted role name: "
134 if (groups
.containsKey(key
))
135 return groups
.get(key
);
136 if (users
.containsKey(key
))
137 return users
.get(key
);
142 public Authorization
getAuthorization(User user
) {
143 return new LdifAuthorization((LdifUser
) user
);
147 public Role
createRole(String name
, int type
) {
148 throw new UnsupportedOperationException();
152 public boolean removeRole(String name
) {
153 throw new UnsupportedOperationException();
157 public Role
[] getRoles(String filter
) throws InvalidSyntaxException
{
158 throw new UnsupportedOperationException();
162 public User
getUser(String key
, String value
) {
163 // TODO check value null or empty
165 if (!userIndexes
.containsKey(key
))
167 return userIndexes
.get(key
).get(value
);
171 List
<LdifUser
> collectedUsers
= new ArrayList
<LdifUser
>(
172 indexedUserProperties
.size());
174 LdifUser user
= null;
176 user
= (LdifUser
) getRole(value
);
178 collectedUsers
.add(user
);
179 } catch (Exception e
) {
182 for (String attr
: userIndexes
.keySet()) {
183 user
= userIndexes
.get(attr
).get(value
);
185 collectedUsers
.add(user
);
188 if (collectedUsers
.size() == 1)
189 return collectedUsers
.get(0);
191 // throw new UnsupportedOperationException();
194 public boolean getIsReadOnly() {