X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAbstractLdapUserAdmin.java;h=8dcd6c216bff7c3963d01a7879bfe258877de4fd;hb=d8b62960ec3c9d991840348c63dc0c8ce980233e;hp=254e5423c272e2972ceb98eeb9961cf81eb747e7;hpb=e86e3691db8b4a426a6d5fd3cf255dc82fe05fc1;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
index 254e5423c..8dcd6c216 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
@@ -1,9 +1,13 @@
 package org.argeo.osgi.useradmin;
 
 import java.net.URI;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import org.osgi.service.useradmin.Group;
+import org.osgi.service.useradmin.Role;
+import org.osgi.service.useradmin.User;
 import org.osgi.service.useradmin.UserAdmin;
 
 public abstract class AbstractLdapUserAdmin implements UserAdmin {
@@ -11,6 +15,8 @@ public abstract class AbstractLdapUserAdmin implements UserAdmin {
 	private URI uri;
 
 	private UserAdmin externalRoles;
+	private List<String> indexedUserProperties = Arrays.asList(new String[] {
+			"uid", "mail", "cn" });
 
 	public AbstractLdapUserAdmin() {
 	}
@@ -20,8 +26,38 @@ public abstract class AbstractLdapUserAdmin implements UserAdmin {
 		this.isReadOnly = isReadOnly;
 	}
 
-	private List<String> indexedUserProperties = Arrays.asList(new String[] {
-			"uid", "mail", "cn" });
+	public void init() {
+
+	}
+
+	public void destroy() {
+
+	}
+
+	/** Returns the {@link Group}s this user is a direct member of. */
+	protected abstract List<? extends Group> getDirectGroups(User user);
+
+	List<Role> getAllRoles(User user) {
+		List<Role> allRoles = new ArrayList<Role>();
+		if (user != null) {
+			collectRoles(user, allRoles);
+			allRoles.add(user);
+		} else
+			collectAnonymousRoles(allRoles);
+		return allRoles;
+	}
+
+	private void collectRoles(User user, List<Role> allRoles) {
+		for (Group group : getDirectGroups(user)) {
+			// TODO check for loops
+			allRoles.add(group);
+			collectRoles(group, allRoles);
+		}
+	}
+
+	private void collectAnonymousRoles(List<Role> allRoles) {
+		// TODO gather anonymous roles
+	}
 
 	protected URI getUri() {
 		return uri;
@@ -47,14 +83,6 @@ public abstract class AbstractLdapUserAdmin implements UserAdmin {
 		return isReadOnly;
 	}
 
-	public void init() {
-
-	}
-
-	public void destroy() {
-
-	}
-
 	UserAdmin getExternalRoles() {
 		return externalRoles;
 	}