org.argeo.cms/src/org/argeo/cms/util/useradmin/UserAdminUtils.java

   1 package org.argeo.cms.util.useradmin;
   2
   3 import java.security.AccessController;
   4 import java.util.List;
   5 import java.util.Set;
   6
   7 import javax.naming.InvalidNameException;
   8 import javax.naming.ldap.LdapName;
   9 import javax.naming.ldap.Rdn;
  10 import javax.security.auth.Subject;
  11 import javax.security.auth.x500.X500Principal;
  12
  13 import org.argeo.ArgeoException;
  14 import org.argeo.cms.CmsException;
  15 import org.argeo.cms.CmsView;
  16 import org.argeo.cms.auth.AuthConstants;
  17 import org.argeo.cms.auth.CurrentUser;
  18 import org.argeo.cms.util.CmsUtils;
  19 import org.argeo.eclipse.ui.EclipseUiUtils;
  20 import org.argeo.jcr.JcrUtils;
  21 import org.argeo.osgi.useradmin.LdifName;
  22 import org.osgi.service.useradmin.Group;
  23 import org.osgi.service.useradmin.Role;
  24 import org.osgi.service.useradmin.User;
  25 import org.osgi.service.useradmin.UserAdmin;
  26
  27 /** Centralise common patterns to manage roles with a user admin */
  28 public class UserAdminUtils {
  29
  30         /** Retrieves a {@link Role} given a LDAP name */
  31         public final static Role getRole(UserAdmin userAdmin, LdapName dn) {
  32                 Role role = userAdmin.getRole(dn.toString());
  33                 return role;
  34         }
  35
  36         /** Retrieves the unique local username given a {@link User}. */
  37         public final static String getUsername(User user) {
  38                 String username = null;
  39                 if (user instanceof Group)
  40                         username = getProperty(user, LdifName.cn.name());
  41                 else
  42                         username = getProperty(user, LdifName.uid.name());
  43                 return username;
  44         }
  45
  46         /**
  47          * Easily retrieves one of the {@link Role}'s property or an empty String if
  48          * the requested property is not defined
  49          */
  50         public final static String getProperty(Role role, String key) {
  51                 Object obj = role.getProperties().get(key);
  52                 if (obj != null)
  53                         return (String) obj;
  54                 else
  55                         return "";
  56         }
  57
  58         // CENTRALIZE SOME METHODS UNTIL API IS STABLE
  59         /** Simply checks if current user is registered */
  60         public static boolean isRegistered() {
  61                 return !CurrentUser.isAnonymous();
  62         }
  63
  64         /** Simply checks if current user as a home */
  65         public static boolean hasHome() {
  66                 return isRegistered();
  67         }
  68
  69         // SELF HELPERS
  70         /** Simply retrieves the current logged-in user display name. */
  71         public static User getCurrentUser(UserAdmin userAdmin) {
  72                 return (User) getRole(userAdmin, getCurrentUserLdapName());
  73         }
  74
  75         /** Simply retrieves the current logged-in user display name. */
  76         public static String getCurrentUserDisplayName(UserAdmin userAdmin) {
  77                 String username = getCurrentUsername();
  78                 return getUserDisplayName(userAdmin, username);
  79         }
  80
  81         /** Simply retrieves the current logged-in user display name. */
  82         public static String getCurrentUserMail(UserAdmin userAdmin) {
  83                 String username = getCurrentUsername();
  84                 return getUserMail(userAdmin, username);
  85         }
  86
  87         /** Returns the local name of the current connected user */
  88         public final static String getUsername(UserAdmin userAdmin) {
  89                 LdapName dn = getCurrentUserLdapName();
  90                 return getUsername((User) getRole(userAdmin, dn));
  91         }
  92
  93         /** Returns true if the current user is in the specified role */
  94         public static boolean isUserInRole(String role) {
  95                 Set<String> roles = CurrentUser.roles();
  96                 return roles.contains(role);
  97         }
  98
  99         /** Simply checks if current user is the same as the passed one */
 100         public static boolean isCurrentUser(User user) {
 101                 String userName = getProperty(user, LdifName.dn.name());
 102                 try {
 103                         LdapName selfUserName = getCurrentUserLdapName();
 104                         LdapName userLdapName = new LdapName(userName);
 105                         if (userLdapName.equals(selfUserName))
 106                                 return true;
 107                         else
 108                                 return false;
 109                 } catch (InvalidNameException e) {
 110                         throw new ArgeoException("User " + user + " has an unvalid dn: "
 111                                         + userName, e);
 112                 }
 113         }
 114
 115         public final static LdapName getCurrentUserLdapName() {
 116                 String name = getCurrentUsername();
 117                 return getLdapName(name);
 118         }
 119
 120         /** Simply retrieves username for current user, generally a LDAP dn */
 121         public static String getCurrentUsername() {
 122                 Subject subject = currentSubject();
 123                 String name = subject.getPrincipals(X500Principal.class).iterator()
 124                                 .next().toString();
 125                 return name;
 126         }
 127
 128         /**
 129          * Fork of the {@link CurrentUser#currentSubject} method that is private.
 130          * TODO Enhance and factorize
 131          */
 132         private static Subject currentSubject() {
 133                 CmsView cmsView = CmsUtils.getCmsView();
 134                 if (cmsView != null)
 135                         return cmsView.getSubject();
 136                 Subject subject = Subject.getSubject(AccessController.getContext());
 137                 if (subject != null)
 138                         return subject;
 139                 throw new CmsException("Cannot find related subject");
 140         }
 141
 142         // HOME MANAGEMENT
 143         /**
 144          * Simply retrieves the *relative* path to the current user home node from
 145          * the base home node
 146          */
 147         public static String getCurrentUserHomeRelPath() {
 148                 return getHomeRelPath(getCurrentUsername());
 149         }
 150
 151         /**
 152          * Simply retrieves the *relative* path to the home node of a user given its
 153          * userName
 154          */
 155         public static String getHomeRelPath(String userName) {
 156                 String id = getUserUid(userName);
 157                 String currHomePath = JcrUtils.firstCharsToPath(id, 2) + "/" + id;
 158                 return currHomePath;
 159         }
 160
 161         // HELPERS TO RETRIEVE REMARKABLE PROPERTIES
 162         /** Simply retrieves the user uid from his dn with no useradmin */
 163         public static String getUserUid(String dn) {
 164                 LdapName ldapName = getLdapName(dn);
 165                 Rdn last = ldapName.getRdn(ldapName.size() - 1);
 166                 if (last.getType().toLowerCase().equals(LdifName.uid.name())
 167                                 || last.getType().toLowerCase().equals(LdifName.cn.name()))
 168                         return (String) last.getValue();
 169                 else
 170                         throw new ArgeoException("Cannot retrieve user uid, "
 171                                         + "non valid dn: " + dn);
 172         }
 173
 174         /**
 175          * Returns the local username if no user with this dn is found or if the
 176          * found user has no defined display name
 177          */
 178         public static String getUserDisplayName(UserAdmin userAdmin, String dn) {
 179                 Role user = getRole(userAdmin, getLdapName(dn));
 180                 if (user == null)
 181                         return getUserUid(dn);
 182                 String displayName = getProperty(user, LdifName.displayName.name());
 183                 if (EclipseUiUtils.isEmpty(displayName))
 184                         displayName = getProperty(user, LdifName.cn.name());
 185                 if (EclipseUiUtils.isEmpty(displayName))
 186                         return getUserUid(dn);
 187                 else
 188                         return displayName;
 189         }
 190
 191         /**
 192          * Returns null if no user with this dn is found or if the found user has no
 193          * defined mail
 194          */
 195         public static String getUserMail(UserAdmin userAdmin, String dn) {
 196                 Role user = getRole(userAdmin, getLdapName(dn));
 197                 if (user == null)
 198                         return null;
 199                 else
 200                         return getProperty(user, LdifName.mail.name());
 201         }
 202
 203         // VARIOUS UI HELPERS
 204         public final static String buildDefaultCn(String firstName, String lastName) {
 205                 return (firstName.trim() + " " + lastName.trim() + " ").trim();
 206         }
 207
 208         /** Simply retrieves a display name of the relevant domain */
 209         public final static String getDomainName(User user) {
 210                 String dn = user.getName();
 211                 if (dn.endsWith(AuthConstants.ROLES_BASEDN))
 212                         return "System roles";
 213                 try {
 214                         LdapName name = new LdapName(dn);
 215                         List<Rdn> rdns = name.getRdns();
 216                         String dname = null;
 217                         int i = 0;
 218                         loop: while (i < rdns.size()) {
 219                                 Rdn currrRdn = rdns.get(i);
 220                                 if (!LdifName.dc.name().equals(currrRdn.getType()))
 221                                         break loop;
 222                                 else {
 223                                         String currVal = (String) currrRdn.getValue();
 224                                         dname = dname == null ? currVal : currVal + "." + dname;
 225                                 }
 226                                 i++;
 227                         }
 228                         return dname;
 229                 } catch (InvalidNameException e) {
 230                         throw new ArgeoException("Unable to get domain name for " + dn, e);
 231                 }
 232         }
 233
 234         // Local Helpers
 235         /** Simply retrieves a LDAP name from a dn with no exception */
 236         public static LdapName getLdapName(String dn) {
 237                 try {
 238                         return new LdapName(dn);
 239                 } catch (InvalidNameException e) {
 240                         throw new ArgeoException("Cannot parse LDAP name " + dn, e);
 241                 }
 242         }
 243 }