Adapt to changes in Argeo TP

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / kernel / CmsDeployment.java

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/CmsDeployment.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/CmsDeployment.java
index 4d5b68e647f225b195fc924286cc30d8418b7b81..3d8a389efd13bbe1b3c56765bc3e0aa192bc0db2 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/CmsDeployment.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/CmsDeployment.java
@@ -17,6 +17,7 @@ import java.util.Set;
 import javax.jcr.Repository;
 import javax.jcr.Session;
 import javax.security.auth.callback.CallbackHandler;
+import javax.transaction.UserTransaction;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -44,6 +45,8 @@ import org.osgi.framework.wiring.BundleWiring;
 import org.osgi.service.cm.Configuration;
 import org.osgi.service.cm.ConfigurationAdmin;
 import org.osgi.service.cm.ManagedService;
+import org.osgi.service.useradmin.Group;
+import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.UserAdmin;
 import org.osgi.util.tracker.ServiceTracker;
 
@@ -103,9 +106,11 @@ public class CmsDeployment implements NodeDeployment {
                ServiceTracker<?, ?> userAdminSt = new ServiceTracker<UserAdmin, UserAdmin>(bc, UserAdmin.class, null) {
                        @Override
                        public UserAdmin addingService(ServiceReference<UserAdmin> reference) {
+                               UserAdmin userAdmin = super.addingService(reference);
+                               addStandardSystemRoles(userAdmin);
                                userAdminAvailable = true;
                                checkReadiness();
-                               return super.addingService(reference);
+                               return userAdmin;
                        }
                };
                // userAdminSt.open();
@@ -151,6 +156,30 @@ public class CmsDeployment implements NodeDeployment {
                KernelUtils.asyncOpen(confAdminSt);
        }
 
+       private void addStandardSystemRoles(UserAdmin userAdmin) {
+               // we assume UserTransaction is already available (TODO make it more robust)
+               UserTransaction userTransaction = bc.getService(bc.getServiceReference(UserTransaction.class));
+               try {
+                       userTransaction.begin();
+                       Role adminRole = userAdmin.getRole(NodeConstants.ROLE_ADMIN);
+                       if (adminRole == null) {
+                               adminRole = userAdmin.createRole(NodeConstants.ROLE_ADMIN, Role.GROUP);
+                       }
+                       if (userAdmin.getRole(NodeConstants.ROLE_USER_ADMIN) == null) {
+                               Group userAdminRole = (Group) userAdmin.createRole(NodeConstants.ROLE_USER_ADMIN, Role.GROUP);
+                               userAdminRole.addMember(adminRole);
+                       }
+                       userTransaction.commit();
+               } catch (Exception e) {
+                       try {
+                               userTransaction.rollback();
+                       } catch (Exception e1) {
+                               // silent
+                       }
+                       throw new CmsException("Cannot add standard system roles", e);
+               }
+       }
+
        private void loadIpaJaasConfiguration() {
                if (System.getProperty(KernelConstants.JAAS_CONFIG_PROP) == null) {
                        String jaasConfig = KernelConstants.JAAS_CONFIG_IPA;
@@ -163,8 +192,9 @@ public class CmsDeployment implements NodeDeployment {
        public void shutdown() {
                if (nodeHttp != null)
                        nodeHttp.destroy();
-               if (deployConfig != null)
-                       deployConfig.save();
+               if (deployConfig != null) {
+                       new Thread(() -> deployConfig.save(), "Save Argeo Deploy Config").start();
+               }
        }
 
        private void checkReadiness() {