X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FNodeUserAdmin.java;h=19e52937eed8f1dc401578b9ebc11ee3403e7ce3;hb=d8b62960ec3c9d991840348c63dc0c8ce980233e;hp=d8dcf0e361ae842a0e02c95885e36a58b79c276c;hpb=08fac35eeedb151c2fd1cc85ed4a36adf66e02fc;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
index d8dcf0e36..19e52937e 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
@@ -11,6 +11,7 @@ import java.util.Set;
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 
+import org.argeo.cms.KernelHeader;
 import org.argeo.osgi.useradmin.ArgeoUserAdminException;
 import org.argeo.osgi.useradmin.UserAdminAggregator;
 import org.osgi.framework.InvalidSyntaxException;
@@ -23,7 +24,7 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator {
 	final static LdapName ROLES_BASE;
 	static {
 		try {
-			ROLES_BASE = new LdapName(KernelConstants.ROLES_BASEDN);
+			ROLES_BASE = new LdapName(KernelHeader.ROLES_BASEDN);
 		} catch (InvalidNameException e) {
 			throw new ArgeoUserAdminException("Cannot initialize "
 					+ NodeUserAdmin.class, e);
@@ -73,15 +74,17 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator {
 	@Override
 	public Authorization getAuthorization(User user) {
 		UserAdmin userAdmin = findUserAdmin(user.getName());
-		// FIXME clarify assumptions
-		return userAdmin.getAuthorization(user);
-		// String[] roles = auth.getRoles();
-		// // Gather system roles
-		// Set<String> systemRoles = new HashSet<String>();
-		// for(String businessRole:roles){
-		//
-		// }
-		// return null;
+		Authorization rawAuthorization = userAdmin.getAuthorization(user);
+		// gather system roles
+		Set<String> systemRoles = new HashSet<String>();
+		for (String role : rawAuthorization.getRoles()) {
+			Authorization auth = nodeRoles.getAuthorization((User) userAdmin
+					.getRole(role));
+			systemRoles.addAll(Arrays.asList(auth.getRoles()));
+		}
+		return new NodeAuthorization(rawAuthorization.getName(),
+				rawAuthorization.toString(), systemRoles,
+				rawAuthorization.getRoles());
 	}
 
 	//
@@ -89,7 +92,7 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator {
 	//
 	@Override
 	public synchronized void addUserAdmin(String baseDn, UserAdmin userAdmin) {
-		if (baseDn.equals(KernelConstants.ROLES_BASEDN)) {
+		if (baseDn.equals(KernelHeader.ROLES_BASEDN)) {
 			nodeRoles = userAdmin;
 			return;
 		}
@@ -107,7 +110,7 @@ public class NodeUserAdmin implements UserAdmin, UserAdminAggregator {
 
 	@Override
 	public synchronized void removeUserAdmin(String baseDn) {
-		if (baseDn.equals(KernelConstants.ROLES_BASEDN))
+		if (baseDn.equals(KernelHeader.ROLES_BASEDN))
 			throw new ArgeoUserAdminException("Node roles cannot be removed.");
 		LdapName base;
 		try {