From: Mathieu Baudier <mbaudier@argeo.org>
Date: Thu, 2 Jan 2020 10:41:58 +0000 (+0100)
Subject: Role registration utility
X-Git-Tag: argeo-commons-2.1.85~50
X-Git-Url: http://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=27bfd18d689c7d48e9fa8bd251598d3ba497f38e

Role registration utility
---

diff --git a/org.argeo.maintenance/src/org/argeo/maintenance/SimpleRoleRegistration.java b/org.argeo.maintenance/src/org/argeo/maintenance/SimpleRoleRegistration.java
new file mode 100644
index 000000000..a30fe9796
--- /dev/null
+++ b/org.argeo.maintenance/src/org/argeo/maintenance/SimpleRoleRegistration.java
@@ -0,0 +1,87 @@
+package org.argeo.maintenance;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.InvalidNameException;
+import javax.naming.ldap.LdapName;
+import javax.transaction.UserTransaction;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.service.useradmin.Role;
+import org.osgi.service.useradmin.UserAdmin;
+
+/**
+ * Register one or many roles via a user admin service. Does nothing if the role
+ * is already registered.
+ */
+public class SimpleRoleRegistration implements Runnable {
+	private final static Log log = LogFactory.getLog(SimpleRoleRegistration.class);
+
+	private String role;
+	private List<String> roles = new ArrayList<String>();
+	private UserAdmin userAdmin;
+	private UserTransaction userTransaction;
+
+	@Override
+	public void run() {
+		try {
+			userTransaction.begin();
+			if (role != null && !roleExists(role))
+				newRole(toDn(role));
+
+			for (String r : roles)
+				if (!roleExists(r))
+					newRole(toDn(r));
+			userTransaction.commit();
+		} catch (Exception e) {
+			try {
+				userTransaction.rollback();
+			} catch (Exception e1) {
+				log.error("Cannot rollback", e1);
+			}
+			throw new IllegalArgumentException("Cannot add roles", e);
+		}
+	}
+
+	private boolean roleExists(String role) {
+		return userAdmin.getRole(toDn(role).toString()) != null;
+	}
+
+	protected void newRole(LdapName r) {
+		userAdmin.createRole(r.toString(), Role.GROUP);
+		log.info("Added role " + r + " required by application.");
+	}
+
+	public void register(UserAdmin userAdminService, Map<?, ?> properties) {
+		this.userAdmin = userAdminService;
+		run();
+	}
+
+	protected LdapName toDn(String name) {
+		try {
+			return new LdapName("cn=" + name + ",ou=roles,ou=node");
+		} catch (InvalidNameException e) {
+			throw new IllegalArgumentException("Badly formatted role name " + name, e);
+		}
+	}
+
+	public void setRole(String role) {
+		this.role = role;
+	}
+
+	public void setRoles(List<String> roles) {
+		this.roles = roles;
+	}
+
+	public void setUserAdmin(UserAdmin userAdminService) {
+		this.userAdmin = userAdminService;
+	}
+
+	public void setUserTransaction(UserTransaction userTransaction) {
+		this.userTransaction = userTransaction;
+	}
+
+}