X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifUserAdmin.java;h=7b87a4b6e7fbd497cf8786c853cb7616589e8171;hb=6342d1d28f8338866c876f8b6364ce3f1eac28aa;hp=a03a25f09e5ce58fc21208f9817608d75df54fdb;hpb=268e023a9de5db2549431a4415e584ac68a4f98b;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java index a03a25f09..7b87a4b6e 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java @@ -1,5 +1,8 @@ package org.argeo.osgi.useradmin; +import static org.argeo.osgi.useradmin.LdifName.inetOrgPerson; +import static org.argeo.osgi.useradmin.LdifName.objectClass; + import java.io.File; import java.io.FileOutputStream; import java.io.IOException; @@ -7,8 +10,10 @@ import java.io.InputStream; import java.io.OutputStream; import java.util.ArrayList; import java.util.Dictionary; +import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import java.util.Set; import java.util.SortedMap; import java.util.TreeMap; @@ -40,8 +45,6 @@ public class LdifUserAdmin extends AbstractUserDirectory { public LdifUserAdmin(InputStream in) { super(new Hashtable()); load(in); - setReadOnly(true); - setUri(null); } private static Dictionary fromUri(String uri, String baseDn) { @@ -65,8 +68,12 @@ public class LdifUserAdmin extends AbstractUserDirectory { } public void save() { - if (getUri() == null || isReadOnly()) - throw new UserDirectoryException("Cannot save LDIF user admin"); + if (getUri() == null) + throw new UserDirectoryException( + "Cannot save LDIF user admin: no URI is set"); + if (isReadOnly()) + throw new UserDirectoryException("Cannot save LDIF user admin: " + + getUri() + " is read-only"); try (FileOutputStream out = new FileOutputStream(new File(getUri()))) { save(out); } catch (IOException e) { @@ -96,14 +103,28 @@ public class LdifUserAdmin extends AbstractUserDirectory { SortedMap allEntries = ldifParser.read(in); for (LdapName key : allEntries.keySet()) { Attributes attributes = allEntries.get(key); + // check for inconsistency + Set lowerCase = new HashSet(); + NamingEnumeration ids = attributes.getIDs(); + while (ids.hasMoreElements()) { + String id = ids.nextElement().toLowerCase(); + if (lowerCase.contains(id)) + throw new UserDirectoryException(key + + " has duplicate id " + id); + lowerCase.add(id); + } + + // analyse object classes NamingEnumeration objectClasses = attributes.get( - "objectClass").getAll(); + objectClass.name()).getAll(); + // System.out.println(key); objectClasses: while (objectClasses.hasMore()) { String objectClass = objectClasses.next().toString(); - if (objectClass.equals("inetOrgPerson")) { + // System.out.println(" " + objectClass); + if (objectClass.equals(inetOrgPerson.name())) { users.put(key, new LdifUser(this, key, attributes)); break objectClasses; - } else if (objectClass.equals("groupOfNames")) { + } else if (objectClass.equals(getGroupObjectClass())) { groups.put(key, new LdifGroup(this, key, attributes)); break objectClasses; } @@ -141,10 +162,17 @@ public class LdifUserAdmin extends AbstractUserDirectory { res.addAll(users.values()); res.addAll(groups.values()); } else { - // Filter f = FrameworkUtil.createFilter(filter); - for (DirectoryUser user : users.values()) + for (DirectoryUser user : users.values()) { + // System.out.println("\n" + user.getName()); + // Dictionary props = user.getProperties(); + // for (Enumeration keys = props.keys(); keys + // .hasMoreElements();) { + // String key = keys.nextElement(); + // System.out.println(" " + key + "=" + props.get(key)); + // } if (f.match(user.getProperties())) res.add(user); + } for (DirectoryUser group : groups.values()) if (f.match(group.getProperties())) res.add(group); @@ -164,7 +192,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { } @Override - protected void prepare(WorkingCopy wc) { + protected void prepare(UserDirectoryWorkingCopy wc) { // delete for (LdapName dn : wc.getDeletedUsers().keySet()) { if (users.containsKey(dn)) @@ -172,13 +200,15 @@ public class LdifUserAdmin extends AbstractUserDirectory { else if (groups.containsKey(dn)) groups.remove(dn); else - throw new UserDirectoryException("User to delete no found " + throw new UserDirectoryException("User to delete not found " + dn); } // add for (LdapName dn : wc.getNewUsers().keySet()) { DirectoryUser user = wc.getNewUsers().get(dn); - if (Role.USER == user.getType()) + if (users.containsKey(dn) || groups.containsKey(dn)) + throw new UserDirectoryException("User to create found " + dn); + else if (Role.USER == user.getType()) users.put(dn, user); else if (Role.GROUP == user.getType()) groups.put(dn, (DirectoryGroup) user); @@ -202,12 +232,12 @@ public class LdifUserAdmin extends AbstractUserDirectory { } @Override - protected void commit(WorkingCopy wc) { + protected void commit(UserDirectoryWorkingCopy wc) { save(); } @Override - protected void rollback(WorkingCopy wc) { + protected void rollback(UserDirectoryWorkingCopy wc) { init(); }