Node registration

git-svn-id: https://svn.argeo.org/commons/trunk@8406 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java b/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java
index aa8a5f06e2bb23b447921e4ea19b085fa66dfe61..4d107dabb263d073da7bf7e8b7421340a5fdde67 100644 (file)
--- a/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java
+++ b/org.argeo.security.core/src/org/argeo/security/core/SimpleRoleRegistration.java
@@ -3,11 +3,16 @@ package org.argeo.security.core;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
-import java.util.Set;
+
+import javax.naming.InvalidNameException;
+import javax.naming.ldap.LdapName;
+import javax.transaction.UserTransaction;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.argeo.security.UserAdminService;
+import org.argeo.ArgeoException;
+import org.osgi.service.useradmin.Role;
+import org.osgi.service.useradmin.UserAdmin;
 
 /**
  * Register one or many roles via a user admin service. Does nothing if the role
@@ -19,29 +24,52 @@ public class SimpleRoleRegistration implements Runnable {
 
        private String role;
        private List<String> roles = new ArrayList<String>();
-       private UserAdminService userAdminService;
+       private UserAdmin userAdmin;
+       private UserTransaction userTransaction;
 
        @Override
        public void run() {
-               Set<String> existingRoles = userAdminService.listEditableRoles();
-               if (role != null && !existingRoles.contains(role))
-                       newRole(role);
-               for (String r : roles) {
-                       if (!existingRoles.contains(r))
-                               newRole(r);
+               try {
+                       userTransaction.begin();
+                       if (role != null && !roleExists(role))
+                               newRole(toDn(role));
+
+                       for (String r : roles)
+                               if (!roleExists(r))
+                                       newRole(toDn(r));
+                       userTransaction.commit();
+               } catch (Exception e) {
+                       try {
+                               userTransaction.rollback();
+                       } catch (Exception e1) {
+                               log.error("Cannot rollback", e1);
+                       }
+                       throw new ArgeoException("Cannot add roles", e);
                }
        }
 
-       protected void newRole(String r) {
-               userAdminService.newRole(r);
+       private boolean roleExists(String role) {
+               return userAdmin.getRole(toDn(role).toString()) != null;
+       }
+
+       protected void newRole(LdapName r) {
+               userAdmin.createRole(r.toString(), Role.GROUP);
                log.info("Added role " + r + " required by application.");
        }
 
-       public void register(UserAdminService userAdminService, Map<?, ?> properties) {
-               this.userAdminService = userAdminService;
+       public void register(UserAdmin userAdminService, Map<?, ?> properties) {
+               this.userAdmin = userAdminService;
                run();
        }
 
+       protected LdapName toDn(String name) {
+               try {
+                       return new LdapName("cn=" + name + ",ou=roles,ou=node");
+               } catch (InvalidNameException e) {
+                       throw new ArgeoException("Badly formatted role name " + name, e);
+               }
+       }
+
        public void setRole(String role) {
                this.role = role;
        }
@@ -50,8 +78,12 @@ public class SimpleRoleRegistration implements Runnable {
                this.roles = roles;
        }
 
-       public void setUserAdminService(UserAdminService userAdminService) {
-               this.userAdminService = userAdminService;
+       public void setUserAdmin(UserAdmin userAdminService) {
+               this.userAdmin = userAdminService;
+       }
+
+       public void setUserTransaction(UserTransaction userTransaction) {
+               this.userTransaction = userTransaction;
        }
 
 }