- @Override
- public Authorization getAuthorization(User user) {
- return new LdifAuthorization((LdifUser) user,
- getAllRoles((LdifUser) user));
- }
-
- @Override
- public Role createRole(String name, int type) {
- try {
- LdapName dn = new LdapName(name);
- if (users.containsKey(dn) || groups.containsKey(dn))
- throw new UserDirectoryException("Already a role " + name);
-
- BasicAttributes attrs = new BasicAttributes();
- attrs.put("dn", dn.toString());
- Rdn nameRdn = dn.getRdn(dn.size() - 1);
- // TODO deal with multiple attr RDN
- attrs.put(nameRdn.getType(), nameRdn.getValue());
- LdifUser newRole;
- if (type == Role.USER) {
- newRole = new LdifUser(this, dn, attrs);
- users.put(dn, newRole);
- } else if (type == Role.GROUP) {
- newRole = new LdifGroup(this, dn, attrs);
- groups.put(dn, (LdifGroup) newRole);
- } else
- throw new UserDirectoryException("Unsupported type " + type);
- return newRole;
- } catch (InvalidNameException e) {
- throw new UserDirectoryException("Cannot create role " + name, e);
- }
- }
-
- @Override
- public boolean removeRole(String name) {
- try {
- LdapName dn = new LdapName(name);
- LdifUser role = null;
- if (users.containsKey(dn))
- role = users.remove(dn);
- else if (groups.containsKey(dn))
- role = groups.remove(dn);
- else
- throw new UserDirectoryException("There is no role " + name);
- if (role == null)
- return false;
- for (LdifGroup group : getDirectGroups(role)) {
- // group.directMembers.remove(role);
- group.getAttributes().get(getMemberAttributeId())
- .remove(dn.toString());
- }
- if (role instanceof LdifGroup) {
- LdifGroup group = (LdifGroup) role;
- // for (Role user : group.directMembers) {
- // if (user instanceof LdifUser)
- // directMemberOf.get(((LdifUser) user).getDn()).remove(
- // group);
- // }
- }
- return true;
- } catch (InvalidNameException e) {
- throw new UserDirectoryException("Cannot create role " + name, e);
- }