X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAggregatingUserAdmin.java;h=75ca9ae884605a81ac07a219455030e5f5990172;hb=4e5217621733b3f8b9c2427a688a18c68dbc1e5d;hp=d2054416bba2703e1a1a4aeebff261da9d87beee;hpb=35507e18257f2e9f59842ba5120fcd3f19c4cf4d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index d2054416b..75ca9ae88 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -15,6 +15,7 @@ import javax.naming.ldap.LdapName;
 
 import org.osgi.framework.InvalidSyntaxException;
 import org.osgi.service.useradmin.Authorization;
+import org.osgi.service.useradmin.Group;
 import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.User;
 import org.osgi.service.useradmin.UserAdmin;
@@ -25,14 +26,20 @@ import org.osgi.service.useradmin.UserAdmin;
  */
 public class AggregatingUserAdmin implements UserAdmin {
 	private final LdapName systemRolesBaseDn;
+	private final LdapName tokensBaseDn;
 
 	// DAOs
 	private AbstractUserDirectory systemRoles = null;
+	private AbstractUserDirectory tokens = null;
 	private Map<LdapName, AbstractUserDirectory> businessRoles = new HashMap<LdapName, AbstractUserDirectory>();
 
-	public AggregatingUserAdmin(String systemRolesBaseDn) {
+	public AggregatingUserAdmin(String systemRolesBaseDn, String tokensBaseDn) {
 		try {
 			this.systemRolesBaseDn = new LdapName(systemRolesBaseDn);
+			if (tokensBaseDn != null)
+				this.tokensBaseDn = new LdapName(tokensBaseDn);
+			else
+				this.tokensBaseDn = null;
 		} catch (InvalidNameException e) {
 			throw new UserDirectoryException("Cannot initialize " + AggregatingUserAdmin.class, e);
 		}
@@ -84,6 +91,23 @@ public class AggregatingUserAdmin implements UserAdmin {
 		}
 		UserAdmin userAdmin = findUserAdmin(user.getName());
 		Authorization rawAuthorization = userAdmin.getAuthorization(user);
+		String usernameToUse;
+		String displayNameToUse;
+		if (user instanceof Group) {
+			String ownerDn = TokenUtils.userDn((Group) user);
+			if (ownerDn != null) {// tokens
+				UserAdmin ownerUserAdmin = findUserAdmin(ownerDn);
+				User ownerUser = (User) ownerUserAdmin.getRole(ownerDn);
+				usernameToUse = ownerDn;
+				displayNameToUse = LdifAuthorization.extractDisplayName(ownerUser);
+			} else {
+				usernameToUse = rawAuthorization.getName();
+				displayNameToUse = rawAuthorization.toString();
+			}
+		} else {// regular users
+			usernameToUse = rawAuthorization.getName();
+			displayNameToUse = rawAuthorization.toString();
+		}
 		// gather system roles
 		Set<String> sysRoles = new HashSet<String>();
 		for (String role : rawAuthorization.getRoles()) {
@@ -91,8 +115,8 @@ public class AggregatingUserAdmin implements UserAdmin {
 			sysRoles.addAll(Arrays.asList(auth.getRoles()));
 		}
 		addAbstractSystemRoles(rawAuthorization, sysRoles);
-		Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
-				rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
+		Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
+				rawAuthorization.getRoles());
 		return authorization;
 	}
 
@@ -112,6 +136,9 @@ public class AggregatingUserAdmin implements UserAdmin {
 		if (isSystemRolesBaseDn(baseDn)) {
 			this.systemRoles = userDirectory;
 			systemRoles.setExternalRoles(this);
+		} else if (isTokensBaseDn(baseDn)) {
+			this.tokens = userDirectory;
+			tokens.setExternalRoles(this);
 		} else {
 			if (businessRoles.containsKey(baseDn))
 				throw new UserDirectoryException("There is already a user admin for " + baseDn);
@@ -137,10 +164,15 @@ public class AggregatingUserAdmin implements UserAdmin {
 	private UserAdmin findUserAdmin(LdapName name) {
 		if (name.startsWith(systemRolesBaseDn))
 			return systemRoles;
+		if (tokensBaseDn != null && name.startsWith(tokensBaseDn))
+			return tokens;
 		List<UserAdmin> res = new ArrayList<UserAdmin>(1);
 		for (LdapName baseDn : businessRoles.keySet()) {
-			if (name.startsWith(baseDn))
-				res.add(businessRoles.get(baseDn));
+			if (name.startsWith(baseDn)) {
+				AbstractUserDirectory ud = businessRoles.get(baseDn);
+				if (!ud.isDisabled())
+					res.add(ud);
+			}
 		}
 		if (res.size() == 0)
 			throw new UserDirectoryException("Cannot find user admin for " + name);
@@ -153,6 +185,10 @@ public class AggregatingUserAdmin implements UserAdmin {
 		return baseDn.equals(systemRolesBaseDn);
 	}
 
+	protected boolean isTokensBaseDn(LdapName baseDn) {
+		return tokensBaseDn != null && baseDn.equals(tokensBaseDn);
+	}
+
 	protected Dictionary<String, Object> currentState() {
 		Dictionary<String, Object> res = new Hashtable<String, Object>();
 		// res.put(NodeConstants.CN, NodeConstants.DEFAULT);