import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
+import org.argeo.cms.KernelHeader;
import org.argeo.osgi.useradmin.ArgeoUserAdminException;
import org.argeo.osgi.useradmin.UserAdminAggregator;
import org.osgi.framework.InvalidSyntaxException;
final static LdapName ROLES_BASE;
static {
try {
- ROLES_BASE = new LdapName(KernelConstants.ROLES_BASEDN);
+ ROLES_BASE = new LdapName(KernelHeader.ROLES_BASEDN);
} catch (InvalidNameException e) {
throw new ArgeoUserAdminException("Cannot initialize "
+ NodeUserAdmin.class, e);
@Override
public Authorization getAuthorization(User user) {
UserAdmin userAdmin = findUserAdmin(user.getName());
- // FIXME clarify assumptions
- return userAdmin.getAuthorization(user);
- // String[] roles = auth.getRoles();
- // // Gather system roles
- // Set<String> systemRoles = new HashSet<String>();
- // for(String businessRole:roles){
- //
- // }
- // return null;
+ Authorization rawAuthorization = userAdmin.getAuthorization(user);
+ // gather system roles
+ Set<String> systemRoles = new HashSet<String>();
+ for (String role : rawAuthorization.getRoles()) {
+ Authorization auth = nodeRoles.getAuthorization((User) userAdmin
+ .getRole(role));
+ systemRoles.addAll(Arrays.asList(auth.getRoles()));
+ }
+ return new NodeAuthorization(rawAuthorization.getName(),
+ rawAuthorization.toString(), systemRoles,
+ rawAuthorization.getRoles());
}
//
//
@Override
public synchronized void addUserAdmin(String baseDn, UserAdmin userAdmin) {
- if (baseDn.equals(KernelConstants.ROLES_BASEDN)) {
+ if (baseDn.equals(KernelHeader.ROLES_BASEDN)) {
nodeRoles = userAdmin;
return;
}
@Override
public synchronized void removeUserAdmin(String baseDn) {
- if (baseDn.equals(KernelConstants.ROLES_BASEDN))
+ if (baseDn.equals(KernelHeader.ROLES_BASEDN))
throw new ArgeoUserAdminException("Node roles cannot be removed.");
LdapName base;
try {
projects / lgpl / argeo-commons.git / blobdiff