From 0f2889aee2c958af5eef278c414873b394ab4c39 Mon Sep 17 00:00:00 2001
From: Mathieu Baudier <mbaudier@argeo.org>
Date: Wed, 14 Oct 2020 09:22:36 +0200
Subject: [PATCH] Improve single user login.

---
 .../cms/auth/SingleUserAuthorization.java     | 27 +++++++++++++++++++
 .../argeo/cms/auth/SingleUserLoginModule.java |  5 ++++
 2 files changed, 32 insertions(+)
 create mode 100644 org.argeo.cms/src/org/argeo/cms/auth/SingleUserAuthorization.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserAuthorization.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserAuthorization.java
new file mode 100644
index 000000000..c82394850
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserAuthorization.java
@@ -0,0 +1,27 @@
+package org.argeo.cms.auth;
+
+import org.osgi.service.useradmin.Authorization;
+
+public class SingleUserAuthorization implements Authorization {
+
+	@Override
+	public String getName() {
+		return System.getProperty("user.name");
+	}
+
+	@Override
+	public boolean hasRole(String name) {
+		return true;
+	}
+
+	@Override
+	public String[] getRoles() {
+		return new String[] {};
+	}
+
+	@Override
+	public String toString() {
+		return getName();
+	}
+
+}
diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
index e3da327e6..8583bc194 100644
--- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
@@ -21,6 +21,7 @@ import org.argeo.api.security.DataAdminPrincipal;
 import org.argeo.cms.internal.auth.ImpliedByPrincipal;
 import org.argeo.naming.LdapAttrs;
 import org.argeo.osgi.useradmin.IpaUtils;
+import org.osgi.service.useradmin.Authorization;
 
 public class SingleUserLoginModule implements LoginModule {
 	private final static Log log = LogFactory.getLog(SingleUserLoginModule.class);
@@ -69,6 +70,10 @@ public class SingleUserLoginModule implements LoginModule {
 		principals.add(principal);
 		principals.add(new ImpliedByPrincipal(NodeConstants.ROLE_ADMIN, principal));
 		principals.add(new DataAdminPrincipal());
+		
+		Authorization authorization = new SingleUserAuthorization();
+		subject.getPrivateCredentials().add(authorization);
+
 		return true;
 	}
 
-- 
2.30.2