X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAbstractLdapUserAdmin.java;h=8dcd6c216bff7c3963d01a7879bfe258877de4fd;hb=d8b62960ec3c9d991840348c63dc0c8ce980233e;hp=df2ad4e8ad86d4402341d99051780dc590b06aeb;hpb=40c3800ea57d5de136137e3fb0ff07cf54f2df48;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
index df2ad4e8a..8dcd6c216 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractLdapUserAdmin.java
@@ -1,15 +1,23 @@
 package org.argeo.osgi.useradmin;
 
 import java.net.URI;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import org.osgi.service.useradmin.Group;
+import org.osgi.service.useradmin.Role;
+import org.osgi.service.useradmin.User;
 import org.osgi.service.useradmin.UserAdmin;
 
 public abstract class AbstractLdapUserAdmin implements UserAdmin {
 	private boolean isReadOnly;
 	private URI uri;
 
+	private UserAdmin externalRoles;
+	private List<String> indexedUserProperties = Arrays.asList(new String[] {
+			"uid", "mail", "cn" });
+
 	public AbstractLdapUserAdmin() {
 	}
 
@@ -18,8 +26,38 @@ public abstract class AbstractLdapUserAdmin implements UserAdmin {
 		this.isReadOnly = isReadOnly;
 	}
 
-	private List<String> indexedUserProperties = Arrays.asList(new String[] {
-			"uid", "mail", "cn" });
+	public void init() {
+
+	}
+
+	public void destroy() {
+
+	}
+
+	/** Returns the {@link Group}s this user is a direct member of. */
+	protected abstract List<? extends Group> getDirectGroups(User user);
+
+	List<Role> getAllRoles(User user) {
+		List<Role> allRoles = new ArrayList<Role>();
+		if (user != null) {
+			collectRoles(user, allRoles);
+			allRoles.add(user);
+		} else
+			collectAnonymousRoles(allRoles);
+		return allRoles;
+	}
+
+	private void collectRoles(User user, List<Role> allRoles) {
+		for (Group group : getDirectGroups(user)) {
+			// TODO check for loops
+			allRoles.add(group);
+			collectRoles(group, allRoles);
+		}
+	}
+
+	private void collectAnonymousRoles(List<Role> allRoles) {
+		// TODO gather anonymous roles
+	}
 
 	protected URI getUri() {
 		return uri;
@@ -45,8 +83,12 @@ public abstract class AbstractLdapUserAdmin implements UserAdmin {
 		return isReadOnly;
 	}
 
-	public void destroy() {
+	UserAdmin getExternalRoles() {
+		return externalRoles;
+	}
 
+	public void setExternalRoles(UserAdmin externalRoles) {
+		this.externalRoles = externalRoles;
 	}
 
 }