From: Mathieu Baudier Date: Tue, 15 Sep 2015 21:12:38 +0000 (+0000) Subject: Node registration X-Git-Tag: argeo-commons-2.1.30~146 X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=d3e77dcb818509f8d3e4ea428f7f479bec53ba30;p=lgpl%2Fargeo-commons.git Node registration git-svn-id: https://svn.argeo.org/commons/trunk@8406 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- diff --git a/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java b/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java index aa8a5f06e..4d107dabb 100644 --- a/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java +++ b/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java @@ -3,11 +3,16 @@ package org.argeo.security.core; import java.util.ArrayList; import java.util.List; import java.util.Map; -import java.util.Set; + +import javax.naming.InvalidNameException; +import javax.naming.ldap.LdapName; +import javax.transaction.UserTransaction; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.argeo.security.UserAdminService; +import org.argeo.ArgeoException; +import org.osgi.service.useradmin.Role; +import org.osgi.service.useradmin.UserAdmin; /** * Register one or many roles via a user admin service. Does nothing if the role @@ -19,29 +24,52 @@ public class SimpleRoleRegistration implements Runnable { private String role; private List roles = new ArrayList(); - private UserAdminService userAdminService; + private UserAdmin userAdmin; + private UserTransaction userTransaction; @Override public void run() { - Set existingRoles = userAdminService.listEditableRoles(); - if (role != null && !existingRoles.contains(role)) - newRole(role); - for (String r : roles) { - if (!existingRoles.contains(r)) - newRole(r); + try { + userTransaction.begin(); + if (role != null && !roleExists(role)) + newRole(toDn(role)); + + for (String r : roles) + if (!roleExists(r)) + newRole(toDn(r)); + userTransaction.commit(); + } catch (Exception e) { + try { + userTransaction.rollback(); + } catch (Exception e1) { + log.error("Cannot rollback", e1); + } + throw new ArgeoException("Cannot add roles", e); } } - protected void newRole(String r) { - userAdminService.newRole(r); + private boolean roleExists(String role) { + return userAdmin.getRole(toDn(role).toString()) != null; + } + + protected void newRole(LdapName r) { + userAdmin.createRole(r.toString(), Role.GROUP); log.info("Added role " + r + " required by application."); } - public void register(UserAdminService userAdminService, Map properties) { - this.userAdminService = userAdminService; + public void register(UserAdmin userAdminService, Map properties) { + this.userAdmin = userAdminService; run(); } + protected LdapName toDn(String name) { + try { + return new LdapName("cn=" + name + ",ou=roles,ou=node"); + } catch (InvalidNameException e) { + throw new ArgeoException("Badly formatted role name " + name, e); + } + } + public void setRole(String role) { this.role = role; } @@ -50,8 +78,12 @@ public class SimpleRoleRegistration implements Runnable { this.roles = roles; } - public void setUserAdminService(UserAdminService userAdminService) { - this.userAdminService = userAdminService; + public void setUserAdmin(UserAdmin userAdminService) { + this.userAdmin = userAdminService; + } + + public void setUserTransaction(UserTransaction userTransaction) { + this.userTransaction = userTransaction; } }