X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FJackrabbitSecurityModel.java;h=4d7dbc935e9360d7589c8ae0e30cbf33bbb62535;hb=a39a9b0e7ad6a44b4fab9db2d2a2224badd4062d;hp=d6cd1b1b417eb0f171a1e75898ff887826e1a8a1;hpb=5c83877a10b02faf5bc065c59250f31a0befe0f6;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/JackrabbitSecurityModel.java b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/JackrabbitSecurityModel.java
index d6cd1b1b4..4d7dbc935 100644
--- a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/JackrabbitSecurityModel.java
+++ b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/JackrabbitSecurityModel.java
@@ -4,30 +4,55 @@ import javax.jcr.Node;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.jackrabbit.api.JackrabbitSession;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
 import org.argeo.ArgeoException;
+import org.argeo.jcr.ArgeoNames;
 import org.argeo.security.jcr.JcrSecurityModel;
 
 /** Make sure that user authorizable exists before syncing user directories. */
 public class JackrabbitSecurityModel extends JcrSecurityModel {
+	private final static Log log = LogFactory
+			.getLog(JackrabbitSecurityModel.class);
 
 	@Override
 	public Node sync(Session session, String username) {
+		User user = null;
 		try {
 			if (session instanceof JackrabbitSession) {
 				UserManager userManager = ((JackrabbitSession) session)
 						.getUserManager();
-				User user = (User) userManager.getAuthorizable(username);
-				if (user == null)
+				user = (User) userManager.getAuthorizable(username);
+				if (user != null) {
+					String principalName = user.getPrincipal().getName();
+					if (!principalName.equals(username)) {
+						log.warn("Jackrabbit principal is '" + principalName
+								+ "' but username is '" + username
+								+ "'. Recreating...");
+						user.remove();
+						user = userManager.createUser(username, "");
+					}
+				} else {
+					// create new principal
 					userManager.createUser(username, "");
+				}
 			}
+			Node userProfile = super.sync(session, username);
+			if (user != null && userProfile != null) {
+				Boolean enabled = userProfile.getProperty(
+						ArgeoNames.ARGEO_ENABLED).getBoolean();
+				if (enabled && user.isDisabled())
+					user.disable(null);
+				else if (!enabled && !user.isDisabled())
+					user.disable(userProfile.getPath() + " is disabled");
+			}
+			return userProfile;
 		} catch (RepositoryException e) {
 			throw new ArgeoException(
-					"Cannot perform Jackrabbit specific operaitons", e);
+					"Cannot perform Jackrabbit specific operations", e);
 		}
-		return super.sync(session, username);
 	}
-
 }