Improve tokens management

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / AggregatingUserAdmin.java

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index d2054416bba2703e1a1a4aeebff261da9d87beee..b09c8df5eee20cb633d3fbe602352202a4ac7ecf 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -15,6 +15,7 @@ import javax.naming.ldap.LdapName;
 
 import org.osgi.framework.InvalidSyntaxException;
 import org.osgi.service.useradmin.Authorization;
+import org.osgi.service.useradmin.Group;
 import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.User;
 import org.osgi.service.useradmin.UserAdmin;
@@ -84,6 +85,23 @@ public class AggregatingUserAdmin implements UserAdmin {
                }
                UserAdmin userAdmin = findUserAdmin(user.getName());
                Authorization rawAuthorization = userAdmin.getAuthorization(user);
+               String usernameToUse;
+               String displayNameToUse;
+               if (user instanceof Group) {
+                       String ownerDn = TokenUtils.userDn((Group) user);
+                       if (ownerDn != null) {// tokens
+                               UserAdmin ownerUserAdmin = findUserAdmin(ownerDn);
+                               User ownerUser = (User) ownerUserAdmin.getRole(ownerDn);
+                               usernameToUse = ownerDn;
+                               displayNameToUse = LdifAuthorization.extractDisplayName(ownerUser);
+                       } else {
+                               usernameToUse = rawAuthorization.getName();
+                               displayNameToUse = rawAuthorization.toString();
+                       }
+               } else {// regular users
+                       usernameToUse = rawAuthorization.getName();
+                       displayNameToUse = rawAuthorization.toString();
+               }
                // gather system roles
                Set<String> sysRoles = new HashSet<String>();
                for (String role : rawAuthorization.getRoles()) {
@@ -91,8 +109,8 @@ public class AggregatingUserAdmin implements UserAdmin {
                        sysRoles.addAll(Arrays.asList(auth.getRoles()));
                }
                addAbstractSystemRoles(rawAuthorization, sysRoles);
-               Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
-                               rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
+               Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
+                               rawAuthorization.getRoles());
                return authorization;
        }
 
@@ -139,8 +157,11 @@ public class AggregatingUserAdmin implements UserAdmin {
                        return systemRoles;
                List<UserAdmin> res = new ArrayList<UserAdmin>(1);
                for (LdapName baseDn : businessRoles.keySet()) {
-                       if (name.startsWith(baseDn))
-                               res.add(businessRoles.get(baseDn));
+                       if (name.startsWith(baseDn)) {
+                               AbstractUserDirectory ud = businessRoles.get(baseDn);
+                               if (!ud.isDisabled())
+                                       res.add(ud);
+                       }
                }
                if (res.size() == 0)
                        throw new UserDirectoryException("Cannot find user admin for " + name);