X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAggregatingUserAdmin.java;h=f7a7c6e478ba8197e9ef414e5c7fce8e5a20f8aa;hb=57e34e0482e03cea9a6a34326c22c7c969ad07c8;hp=2b2ca0c513ba6028e76679f505b63637ccdc76d8;hpb=a5459b7f0a4ce0463b950efd5c776368fe169256;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index 2b2ca0c51..f7a7c6e47 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -90,11 +90,20 @@ public class AggregatingUserAdmin implements UserAdmin {
 			Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
 			sysRoles.addAll(Arrays.asList(auth.getRoles()));
 		}
+		addAbstractSystemRoles(rawAuthorization, sysRoles);
 		Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
 				rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
 		return authorization;
 	}
 
+	/**
+	 * Enrich with application-specific roles which are strictly programmatic, such
+	 * as anonymous/user semantics.
+	 */
+	protected void addAbstractSystemRoles(Authorization rawAuthorization, Set<String> sysRoles) {
+
+	}
+
 	//
 	// USER ADMIN AGGREGATOR
 	//
@@ -130,8 +139,11 @@ public class AggregatingUserAdmin implements UserAdmin {
 			return systemRoles;
 		List<UserAdmin> res = new ArrayList<UserAdmin>(1);
 		for (LdapName baseDn : businessRoles.keySet()) {
-			if (name.startsWith(baseDn))
-				res.add(businessRoles.get(baseDn));
+			if (name.startsWith(baseDn)) {
+				AbstractUserDirectory ud = businessRoles.get(baseDn);
+				if (!ud.isDisabled())
+					res.add(ud);
+			}
 		}
 		if (res.size() == 0)
 			throw new UserDirectoryException("Cannot find user admin for " + name);
@@ -181,8 +193,8 @@ public class AggregatingUserAdmin implements UserAdmin {
 	}
 
 	/**
-	 * Called before each user directory is destroyed, so that additional
-	 * actions can be performed.
+	 * Called before each user directory is destroyed, so that additional actions
+	 * can be performed.
 	 */
 	protected void preDestroy(AbstractUserDirectory userDirectory) {
 	}