X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.ui.admin%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fui%2Fadmin%2Finternal%2FUiAdminUtils.java;h=cb1396c957537527c40d7b5db4f4f29082b6270e;hb=25e98954db6faeec4ba9950f651e81fbea595b0c;hp=1cd9c0e3a5f7da528e35a4d0b4dd833651b7c337;hpb=15c69c8b17d393d554f95d7945e379133d6488fd;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java index 1cd9c0e3a..cb1396c95 100644 --- a/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java +++ b/org.argeo.security.ui.admin/src/org/argeo/security/ui/admin/internal/UiAdminUtils.java @@ -1,19 +1,117 @@ package org.argeo.security.ui.admin.internal; import java.security.AccessController; -import java.security.Principal; +import java.util.List; +import java.util.Set; +import javax.naming.InvalidNameException; +import javax.naming.ldap.LdapName; +import javax.naming.ldap.Rdn; import javax.security.auth.Subject; import javax.security.auth.x500.X500Principal; +import javax.transaction.Status; +import javax.transaction.UserTransaction; + +import org.argeo.ArgeoException; +import org.argeo.cms.auth.AuthConstants; +import org.argeo.cms.auth.CurrentUser; +import org.argeo.osgi.useradmin.LdifName; +import org.argeo.security.ui.admin.internal.providers.UserTransactionProvider; +import org.eclipse.ui.IWorkbenchWindow; +import org.eclipse.ui.PlatformUI; +import org.eclipse.ui.services.ISourceProviderService; +import org.osgi.service.useradmin.Role; +import org.osgi.service.useradmin.User; +import org.osgi.service.useradmin.UserAdmin; /** First effort to centralize back end methods used by the user admin UI */ public class UiAdminUtils { - public final static String getUsername() { + + /** returns the local name of the current connected user */ + public final static String getUsername(UserAdmin userAdmin) { + LdapName dn = getLdapName(); + return getUsername(getUser(userAdmin, dn)); + } + + /** Returns true if the current user is in the specified role */ + public static boolean isUserInRole(String role) { + Set roles = CurrentUser.roles(); + return roles.contains(role); + } + + public final static boolean isCurrentUser(User user) { + String userName = getProperty(user, LdifName.dn.name()); + try { + LdapName selfUserName = UiAdminUtils.getLdapName(); + LdapName userLdapName = new LdapName(userName); + if (userLdapName.equals(selfUserName)) + return true; + else + return false; + } catch (InvalidNameException e) { + throw new ArgeoException("User " + user + " has an unvalid dn: " + + userName, e); + } + } + + public final static LdapName getLdapName() { Subject subject = Subject.getSubject(AccessController.getContext()); - Principal principal = subject.getPrincipals(X500Principal.class) - .iterator().next(); - return principal.getName(); + String name = subject.getPrincipals(X500Principal.class).iterator() + .next().toString(); + LdapName dn; + try { + dn = new LdapName(name); + } catch (InvalidNameException e) { + throw new ArgeoException("Invalid user dn " + name, e); + } + return dn; + } + public final static User getUser(UserAdmin userAdmin, LdapName dn) { + User user = userAdmin.getUser(LdifName.dn.name(), dn.toString()); + return user; + } + + public final static String getUsername(User user) { + String cn = getProperty(user, LdifName.dn.name()); + if (isEmpty(cn)) + cn = getProperty(user, LdifName.uid.name()); + return cn; + } + + /** Simply retrieves a display name of the relevant domain */ + public final static String getDomainName(User user) { + String dn = (String) user.getProperties().get(LdifName.dn.name()); + if (dn.endsWith(AuthConstants.ROLES_BASEDN)) + return "System roles"; + try { + LdapName name; + name = new LdapName(dn); + List rdns = name.getRdns(); + String dname = null; + int i = 0; + loop: while (i < rdns.size()) { + Rdn currrRdn = rdns.get(i); + if (!"dc".equals(currrRdn.getType())) + break loop; + else { + String currVal = (String) currrRdn.getValue(); + dname = dname == null ? currVal : currVal + "." + dname; + } + i++; + } + return dname; + } catch (InvalidNameException e) { + throw new ArgeoException("Unable to get domain name for " + dn, e); + } + } + + public final static String getProperty(Role role, String key) { + Object obj = role.getProperties().get(key); + if (obj != null) + return (String) obj; + else + return ""; } public final static String getDefaultCn(String firstName, String lastName) { @@ -31,4 +129,39 @@ public class UiAdminUtils { return !"".equals(string.trim()); } + public final static boolean isEmpty(String string) { + if (string == null) + return true; + else + return "".equals(string.trim()); + } + + /** Must be called from the UI Thread. */ + public final static void beginTransactionIfNeeded( + UserTransaction userTransaction) { + try { + if (userTransaction.getStatus() == Status.STATUS_NO_TRANSACTION) { + userTransaction.begin(); + notifyTransactionStateChange(userTransaction); + } + } catch (Exception e) { + throw new ArgeoException("Unable to begin transaction", e); + } + } + + /** Easily notify the ActiveWindow that the transaction had a state change */ + public final static void notifyTransactionStateChange( + UserTransaction userTransaction) { + try { + IWorkbenchWindow aww = PlatformUI.getWorkbench() + .getActiveWorkbenchWindow(); + ISourceProviderService sourceProviderService = (ISourceProviderService) aww + .getService(ISourceProviderService.class); + UserTransactionProvider esp = (UserTransactionProvider) sourceProviderService + .getSourceProvider(UserTransactionProvider.TRANSACTION_STATE); + esp.fireTransactionStateChange(); + } catch (Exception e) { + throw new ArgeoException("Unable to begin transaction", e); + } + } } \ No newline at end of file