package org.argeo.osgi.useradmin;
+import static org.argeo.osgi.useradmin.LdifName.inetOrgPerson;
+import static org.argeo.osgi.useradmin.LdifName.objectClass;
+import static org.argeo.osgi.useradmin.LdifName.organizationalPerson;
+import static org.argeo.osgi.useradmin.LdifName.person;
+import static org.argeo.osgi.useradmin.LdifName.top;
+
+import java.io.File;
import java.net.URI;
+import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Dictionary;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.transaction.SystemException;
import javax.transaction.Transaction;
import javax.transaction.TransactionManager;
-import javax.transaction.TransactionSynchronizationRegistry;
import javax.transaction.xa.XAException;
import javax.transaction.xa.XAResource;
import javax.transaction.xa.Xid;
import org.osgi.service.useradmin.User;
import org.osgi.service.useradmin.UserAdmin;
-public abstract class AbstractUserDirectory implements UserAdmin {
+abstract class AbstractUserDirectory implements UserAdmin, UserDirectory {
private final static Log log = LogFactory
.getLog(AbstractUserDirectory.class);
+
+ private Dictionary<String, ?> properties;
+ private String baseDn = "dc=example,dc=com";
+ private String userObjectClass;
+ private String groupObjectClass;
+
private boolean isReadOnly;
private URI uri;
private UserAdmin externalRoles;
private List<String> indexedUserProperties = Arrays.asList(new String[] {
- "uid", "mail", "cn" });
+ LdifName.uid.name(), LdifName.mail.name(), LdifName.cn.name() });
private String memberAttributeId = "member";
private List<String> credentialAttributeIds = Arrays
- .asList(new String[] { "userpassword" });
+ .asList(new String[] { LdifName.userpassword.name() });
// private TransactionSynchronizationRegistry syncRegistry;
// private Object editingTransactionKey = null;
private ThreadLocal<WorkingCopy> workingCopy = new ThreadLocal<AbstractUserDirectory.WorkingCopy>();
private Xid editingTransactionXid = null;
- public AbstractUserDirectory() {
- }
+ AbstractUserDirectory(Dictionary<String, ?> properties) {
+ // TODO make a copy?
+ this.properties = properties;
- public AbstractUserDirectory(URI uri, boolean isReadOnly) {
- this.uri = uri;
- this.isReadOnly = isReadOnly;
+ String uriStr = UserAdminConf.uri.getValue(properties);
+ if (uriStr == null)
+ uri = null;
+ else
+ try {
+ uri = new URI(uriStr);
+ } catch (URISyntaxException e) {
+ throw new UserDirectoryException("Badly formatted URI", e);
+ }
+
+ baseDn = UserAdminConf.baseDn.getValue(properties).toString();
+ String isReadOnly = UserAdminConf.readOnly.getValue(properties);
+ if (isReadOnly == null)
+ this.isReadOnly = readOnlyDefault(uri);
+ else
+ this.isReadOnly = new Boolean(isReadOnly);
+
+ this.userObjectClass = UserAdminConf.userObjectClass
+ .getValue(properties);
+ this.groupObjectClass = UserAdminConf.groupObjectClass
+ .getValue(properties);
}
+ // public AbstractUserDirectory(URI uri, boolean isReadOnly) {
+ // this.uri = uri;
+ // this.isReadOnly = isReadOnly;
+ // }
+
/** Returns the {@link Group}s this user is a direct member of. */
protected abstract List<? extends DirectoryGroup> getDirectGroups(User user);
return user;
}
+ @SuppressWarnings("unchecked")
@Override
public Role[] getRoles(String filter) throws InvalidSyntaxException {
WorkingCopy wc = getWorkingCopy();
protected DirectoryUser newRole(LdapName dn, int type, Attributes attrs) {
LdifUser newRole;
- BasicAttribute objectClass = new BasicAttribute("objectClass");
+ BasicAttribute objClass = new BasicAttribute(objectClass.name());
if (type == Role.USER) {
+ String userObjClass = getUserObjectClass();
+ objClass.add(userObjClass);
+ if (inetOrgPerson.name().equals(userObjClass)) {
+ objClass.add(organizationalPerson.name());
+ objClass.add(person.name());
+ } else if (organizationalPerson.name().equals(userObjClass)) {
+ objClass.add(person.name());
+ }
+ objClass.add(top);
+ attrs.put(objClass);
newRole = new LdifUser(this, dn, attrs);
- objectClass.add("inetOrgPerson");
- objectClass.add("organizationalPerson");
- objectClass.add("person");
- objectClass.add("top");
} else if (type == Role.GROUP) {
+ objClass.add(getGroupObjectClass());
+ objClass.add(top);
+ attrs.put(objClass);
newRole = new LdifGroup(this, dn, attrs);
- objectClass.add("groupOfNames");
- objectClass.add("top");
} else
throw new UserDirectoryException("Unsupported type " + type);
- newRole.getAttributes().put(objectClass);
return newRole;
}
this.isReadOnly = isReadOnly;
}
+ private static boolean readOnlyDefault(URI uri) {
+ if (uri == null)
+ return true;
+ if (uri.getScheme().equals("file")) {
+ File file = new File(uri);
+ return !file.canWrite();
+ }
+ return true;
+ }
+
public boolean isReadOnly() {
return isReadOnly;
}
return externalRoles;
}
- public void setExternalRoles(UserAdmin externalRoles) {
- this.externalRoles = externalRoles;
+ public String getBaseDn() {
+ return baseDn;
+ }
+
+ protected String getUserObjectClass() {
+ return userObjectClass;
}
- public void setSyncRegistry(TransactionSynchronizationRegistry syncRegistry) {
- // this.syncRegistry = syncRegistry;
+ protected String getGroupObjectClass() {
+ return groupObjectClass;
+ }
+
+ public Dictionary<String, ?> getProperties() {
+ return properties;
+ }
+
+ public void setExternalRoles(UserAdmin externalRoles) {
+ this.externalRoles = externalRoles;
}
public void setTransactionManager(TransactionManager transactionManager) {