]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Refactor naming packages
[lgpl/argeo-commons.git] / org.argeo.util / src / org / argeo / osgi / useradmin / LdapUserAdmin.java
diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index cd28748f583c70cbd6553fde16bd3d3a092ed369..52fa38b110a68c1616eb046be0a93dcf69e51a19 100644 (file)
--- a/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -1,6 +1,6 @@
 package org.argeo.osgi.useradmin;
 
-import static org.argeo.naming.LdapAttrs.objectClass;
+import static org.argeo.util.naming.LdapAttrs.objectClass;
 
 import java.util.ArrayList;
 import java.util.Dictionary;
@@ -19,6 +19,7 @@ import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.LdapName;
 
+import org.argeo.util.naming.LdapObjs;
 import org.osgi.framework.Filter;
 import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.User;
@@ -79,13 +80,13 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                        if (attrs.size() == 0)
                                return null;
                        int roleType = roleType(name);
-                       LdifUser res;
+                       DirectoryUser res;
                        if (roleType == Role.GROUP)
-                               res = new LdifGroup(this, name, attrs);
+                               res = newGroup(name, attrs);
                        else if (roleType == Role.USER)
-                               res = new LdifUser(this, name, attrs);
+                               res = newUser(name, attrs);
                        else
-                               throw new UserDirectoryException("Unsupported LDAP type for " + name);
+                               throw new IllegalArgumentException("Unsupported LDAP type for " + name);
                        return res;
                } catch (NameNotFoundException e) {
                        throw e;
@@ -95,16 +96,17 @@ public class LdapUserAdmin extends AbstractUserDirectory {
        }
 
        @Override
-       protected List<DirectoryUser> doGetRoles(Filter f) {
+       protected List<DirectoryUser> doGetRoles(LdapName searchBase, Filter f, boolean deep) {
                ArrayList<DirectoryUser> res = new ArrayList<DirectoryUser>();
                try {
                        String searchFilter = f != null ? f.toString()
                                        : "(|(" + objectClass + "=" + getUserObjectClass() + ")(" + objectClass + "="
                                                        + getGroupObjectClass() + "))";
                        SearchControls searchControls = new SearchControls();
-                       searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+                       // FIXME make one level consistent with deep
+                       searchControls.setSearchScope(deep ? SearchControls.SUBTREE_SCOPE : SearchControls.ONELEVEL_SCOPE);
 
-                       LdapName searchBase = getBaseDn();
+                       // LdapName searchBase = getBaseDn();
                        NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
 
                        results: while (results.hasMoreElements()) {
@@ -112,13 +114,13 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                                Attributes attrs = searchResult.getAttributes();
                                Attribute objectClassAttr = attrs.get(objectClass.name());
                                LdapName dn = toDn(searchBase, searchResult);
-                               LdifUser role;
+                               DirectoryUser role;
                                if (objectClassAttr.contains(getGroupObjectClass())
                                                || objectClassAttr.contains(getGroupObjectClass().toLowerCase()))
-                                       role = new LdifGroup(this, dn, attrs);
+                                       role = newGroup(dn, attrs);
                                else if (objectClassAttr.contains(getUserObjectClass())
                                                || objectClassAttr.contains(getUserObjectClass().toLowerCase()))
-                                       role = new LdifUser(this, dn, attrs);
+                                       role = newUser(dn, attrs);
                                else {
 //                                     log.warn("Unsupported LDAP type for " + searchResult.getName());
                                        continue results;
@@ -130,9 +132,8 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                        // ignore (typically an unsupported anonymous bind)
                        // TODO better logging
                        return res;
-               } catch (Exception e) {
-                       e.printStackTrace();
-                       throw new UserDirectoryException("Cannot get roles for filter " + f, e);
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot get roles for filter " + f, e);
                }
        }
 
@@ -158,8 +159,8 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                                directGroups.add(toDn(searchBase, searchResult));
                        }
                        return directGroups;
-               } catch (Exception e) {
-                       throw new UserDirectoryException("Cannot populate direct members of " + dn, e);
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot populate direct members of " + dn, e);
                }
        }
 
@@ -168,7 +169,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                try {
                        ldapConnection.prepareChanges(wc);
                } catch (NamingException e) {
-                       throw new UserDirectoryException("Cannot prepare LDAP", e);
+                       throw new IllegalStateException("Cannot prepare LDAP", e);
                }
        }
 
@@ -177,7 +178,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                try {
                        ldapConnection.commitChanges(wc);
                } catch (NamingException e) {
-                       throw new UserDirectoryException("Cannot commit LDAP", e);
+                       throw new IllegalStateException("Cannot commit LDAP", e);
                }
        }
 
@@ -186,4 +187,44 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                // prepare not impacting
        }
 
+       /*
+        * HIERARCHY
+        */
+
+       @Override
+       protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+               List<HierarchyUnit> res = new ArrayList<>();
+               try {
+                       String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+                                       + "=" + LdapObjs.organization.name() + "))";
+
+                       SearchControls searchControls = new SearchControls();
+                       searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+
+                       NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
+
+                       while (results.hasMoreElements()) {
+                               SearchResult searchResult = (SearchResult) results.nextElement();
+                               LdapName dn = toDn(searchBase, searchResult);
+                               Attributes attrs = searchResult.getAttributes();
+                               LdifHierarchyUnit hierarchyUnit = new LdifHierarchyUnit(this, dn, attrs);
+                               if (hierarchyUnit.isFunctional())
+                                       res.add(hierarchyUnit);
+                       }
+                       return res;
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot get direct hierarchy units ", e);
+               }
+       }
+
+       @Override
+       protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
+               try {
+                       Attributes attrs = ldapConnection.getAttributes(dn);
+                       return new LdifHierarchyUnit(this, dn, attrs);
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
+               }
+       }
+
 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi