X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifGroup.java;h=bd129119b2592366a49fdba8582fa892d9795e0c;hb=8260f4470f514ea347ca53f5b4dfc632c4a4de66;hp=c2c666700710c994aa6af93c080c066854ba2cca;hpb=e96c7f26228b70f604e41b7a56ce6c5836da9e12;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifGroup.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifGroup.java index c2c666700..bd129119b 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifGroup.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifGroup.java @@ -8,18 +8,33 @@ import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; import javax.naming.ldap.LdapName; -import org.osgi.service.useradmin.Group; import org.osgi.service.useradmin.Role; -public class LdifGroup extends LdifUser implements Group { +/** Directory group implementation */ +class LdifGroup extends LdifUser implements DirectoryGroup { + private final String memberAttributeId; - public LdifGroup(LdapName dn, Attributes attributes) { - super(dn, attributes); + LdifGroup(AbstractUserDirectory userAdmin, LdapName dn, + Attributes attributes) { + super(userAdmin, dn, attributes); + memberAttributeId = userAdmin.getMemberAttributeId(); } @Override public boolean addMember(Role role) { - throw new UnsupportedOperationException(); + getUserAdmin().checkEdit(); + if (!isEditing()) + startEditing(); + + Attribute member = getAttributes().get(memberAttributeId); + if (member != null) { + if (member.contains(role.getName())) + return false; + else + member.add(role.getName()); + } else + getAttributes().put(memberAttributeId, role.getName()); + return true; } @Override @@ -29,24 +44,53 @@ public class LdifGroup extends LdifUser implements Group { @Override public boolean removeMember(Role role) { - throw new UnsupportedOperationException(); + getUserAdmin().checkEdit(); + if (!isEditing()) + startEditing(); + + Attribute member = getAttributes().get(memberAttributeId); + if (member != null) { + if (!member.contains(role.getName())) + return false; + member.remove(role.getName()); + return true; + } else + return false; } @Override public Role[] getMembers() { - Attribute memberAttribute = getAttributes().get("member"); + List directMembers = new ArrayList(); + for (LdapName ldapName : getMemberNames()) { + Role role = getUserAdmin().getRole(ldapName.toString()); + if (role == null) { + if (getUserAdmin().getExternalRoles() != null) + role = getUserAdmin().getExternalRoles().getRole( + ldapName.toString()); + } + if (role == null) + throw new UserDirectoryException("No role found for " + + ldapName); + directMembers.add(role); + } + return directMembers.toArray(new Role[directMembers.size()]); + } + + @Override + public List getMemberNames() { + Attribute memberAttribute = getAttributes().get(memberAttributeId); if (memberAttribute == null) - return new Role[0]; + return new ArrayList(); try { - List roles = new ArrayList(); - NamingEnumeration values = memberAttribute.getAll(); + List roles = new ArrayList(); + NamingEnumeration values = memberAttribute.getAll(); while (values.hasMore()) { LdapName dn = new LdapName(values.next().toString()); - roles.add(new LdifUser(dn, null)); + roles.add(dn); } - return roles.toArray(new Role[roles.size()]); + return roles; } catch (Exception e) { - throw new ArgeoUserAdminException("Cannot get members", e); + throw new UserDirectoryException("Cannot get members", e); } } @@ -59,5 +103,4 @@ public class LdifGroup extends LdifUser implements Group { public int getType() { return GROUP; } - }