LdifGroup.java

   1 package org.argeo.osgi.useradmin;
   2
   3 import java.util.ArrayList;
   4 import java.util.List;
   5
   6 import javax.naming.InvalidNameException;
   7 import javax.naming.NamingEnumeration;
   8 import javax.naming.NamingException;
   9 import javax.naming.directory.Attribute;
  10 import javax.naming.directory.Attributes;
  11 import javax.naming.ldap.LdapName;
  12
  13 import org.argeo.util.directory.FunctionalGroup;
  14 import org.argeo.util.directory.Organization;
  15 import org.argeo.util.directory.SystemPermissions;
  16 import org.osgi.service.useradmin.Role;
  17
  18 /** Directory group implementation */
  19 abstract class LdifGroup extends LdifUser implements DirectoryGroup {
  20         private final String memberAttributeId;
  21
  22         LdifGroup(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) {
  23                 super(userAdmin, dn, attributes);
  24                 memberAttributeId = userAdmin.getMemberAttributeId();
  25         }
  26
  27         @Override
  28         public boolean addMember(Role role) {
  29                 try {
  30                         Role foundRole = findRole(new LdapName(role.getName()));
  31                         if (foundRole == null)
  32                                 throw new UnsupportedOperationException(
  33                                                 "Adding role " + role.getName() + " is unsupported within this context.");
  34                 } catch (InvalidNameException e) {
  35                         throw new IllegalArgumentException("Role name" + role.getName() + " is badly formatted");
  36                 }
  37
  38                 getUserAdmin().checkEdit();
  39                 if (!isEditing())
  40                         startEditing();
  41
  42                 Attribute member = getAttributes().get(memberAttributeId);
  43                 if (member != null) {
  44                         if (member.contains(role.getName()))
  45                                 return false;
  46                         else
  47                                 member.add(role.getName());
  48                 } else
  49                         getAttributes().put(memberAttributeId, role.getName());
  50                 return true;
  51         }
  52
  53         @Override
  54         public boolean addRequiredMember(Role role) {
  55                 throw new UnsupportedOperationException();
  56         }
  57
  58         @Override
  59         public boolean removeMember(Role role) {
  60                 getUserAdmin().checkEdit();
  61                 if (!isEditing())
  62                         startEditing();
  63
  64                 Attribute member = getAttributes().get(memberAttributeId);
  65                 if (member != null) {
  66                         if (!member.contains(role.getName()))
  67                                 return false;
  68                         member.remove(role.getName());
  69                         return true;
  70                 } else
  71                         return false;
  72         }
  73
  74         @Override
  75         public Role[] getMembers() {
  76                 List<Role> directMembers = new ArrayList<Role>();
  77                 for (LdapName ldapName : getMemberNames()) {
  78                         Role role = findRole(ldapName);
  79                         if (role == null) {
  80                                 throw new IllegalStateException("Role " + ldapName + " not found.");
  81                         }
  82                         directMembers.add(role);
  83                 }
  84                 return directMembers.toArray(new Role[directMembers.size()]);
  85         }
  86
  87         /**
  88          * Whether a role with this name can be found from this context.
  89          *
  90          * @return The related {@link Role} or <code>null</code>.
  91          */
  92         protected Role findRole(LdapName ldapName) {
  93                 Role role = getUserAdmin().getRole(ldapName.toString());
  94                 if (role == null) {
  95                         if (getUserAdmin().getExternalRoles() != null)
  96                                 role = getUserAdmin().getExternalRoles().getRole(ldapName.toString());
  97                 }
  98                 return role;
  99         }
 100
 101         @Override
 102         public List<LdapName> getMemberNames() {
 103                 Attribute memberAttribute = getAttributes().get(memberAttributeId);
 104                 if (memberAttribute == null)
 105                         return new ArrayList<LdapName>();
 106                 try {
 107                         List<LdapName> roles = new ArrayList<LdapName>();
 108                         NamingEnumeration<?> values = memberAttribute.getAll();
 109                         while (values.hasMore()) {
 110                                 LdapName dn = new LdapName(values.next().toString());
 111                                 roles.add(dn);
 112                         }
 113                         return roles;
 114                 } catch (NamingException e) {
 115                         throw new IllegalStateException("Cannot get members", e);
 116                 }
 117         }
 118
 119         @Override
 120         public Role[] getRequiredMembers() {
 121                 throw new UnsupportedOperationException();
 122         }
 123
 124         @Override
 125         public int getType() {
 126                 return GROUP;
 127         }
 128
 129         /*
 130          * KIND
 131          */
 132         static class LdifFunctionalGroup extends LdifGroup implements FunctionalGroup {
 133
 134                 public LdifFunctionalGroup(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) {
 135                         super(userAdmin, dn, attributes);
 136                 }
 137
 138         }
 139
 140         static class LdifOrganization extends LdifGroup implements Organization {
 141
 142                 public LdifOrganization(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) {
 143                         super(userAdmin, dn, attributes);
 144                 }
 145
 146         }
 147
 148         static class LdifSystemPermissions extends LdifGroup implements SystemPermissions {
 149
 150                 public LdifSystemPermissions(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) {
 151                         super(userAdmin, dn, attributes);
 152                 }
 153
 154         }
 155 }