import org.argeo.util.transaction.WorkingCopyXaResource;
import org.argeo.util.transaction.XAResourceProvider;
+/** A {@link Directory} based either on LDAP or LDIF. */
public abstract class AbstractLdapDirectory implements Directory, XAResourceProvider {
protected static final String SHARED_STATE_USERNAME = "javax.security.auth.login.name";
protected static final String SHARED_STATE_PASSWORD = "javax.security.auth.login.password";
}
/*
- * ABSTRACT METHODS
- */
-
-// public abstract HierarchyUnit doGetHierarchyUnit(LdapName dn);
-//
-// public abstract Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly);
-//
-// protected abstract Boolean daoHasEntry(LdapName dn);
-//
-// protected abstract LdapEntry daoGetEntry(LdapName key) throws NameNotFoundException;
-//
-// protected abstract List<LdapEntry> doGetEntries(LdapName searchBase, Filter f, boolean deep);
-//
-// /** Returns the groups this user is a direct member of. */
-// protected abstract List<LdapName> getDirectGroups(LdapName dn);
- /*
- * INITIALIZATION
+ * INITIALISATION
*/
public void init() {
/*
* CREATION
*/
- protected abstract LdapEntry newUser(LdapName name, Attributes attrs);
+ protected abstract LdapEntry newUser(LdapName name);
- protected abstract LdapEntry newGroup(LdapName name, Attributes attrs);
+ protected abstract LdapEntry newGroup(LdapName name);
/*
* EDITION
} else {
// user doesn't have the right to retrieve role, but we know it exists
// otherwise memberOf would not work
- Attributes a = new BasicAttributes();
- a.put(LdapNameUtils.getLastRdn(groupDn).getType(),
- LdapNameUtils.getLastRdn(groupDn).getValue());
- a.put(LdapAttrs.objectClass.name(), LdapObjs.groupOfNames.name());
- group = newGroup(groupDn, a);
+ group = newGroup(groupDn);
allRoles.add(group);
}
}
throw new IllegalStateException("Cannot get memberOf groups for " + user, e);
}
} else {
- for (LdapName groupDn : getDirectoryDao().getDirectGroups(user.getDn())) {
- // TODO check for loops
+ directGroups: for (LdapName groupDn : getDirectoryDao().getDirectGroups(user.getDn())) {
LdapEntry group = doGetRole(groupDn);
if (group != null) {
+ if (allRoles.contains(group)) {
+ // important in order to avoi loops
+ continue directGroups;
+ }
allRoles.add(group);
collectGroups(group, allRoles);
}
return this;
}
+ @Override
+ public HierarchyUnit createHierarchyUnit(String path) {
+ checkEdit();
+ LdapEntryWorkingCopy wc = getWorkingCopy();
+ LdapName dn = pathToName(path);
+ if ((getDirectoryDao().entryExists(dn) && !wc.getDeletedData().containsKey(dn))
+ || wc.getNewData().containsKey(dn))
+ throw new IllegalArgumentException("Already a hierarchy unit " + path);
+ BasicAttributes attrs = new BasicAttributes(true);
+ attrs.put(LdapAttrs.objectClass.name(), LdapObjs.organizationalUnit.name());
+ Rdn nameRdn = dn.getRdn(dn.size() - 1);
+ // TODO deal with multiple attr RDN
+ attrs.put(nameRdn.getType(), nameRdn.getValue());
+ wc.getModifiedData().put(dn, attrs);
+ LdapHierarchyUnit newHierarchyUnit = new LdapHierarchyUnit(this, dn);
+ wc.getNewData().put(dn, newHierarchyUnit);
+ return newHierarchyUnit;
+ }
+
/*
* PATHS
*/
@Override
- public String getContext() {
+ public String getBase() {
return getBaseDn().toString();
}
projects / lgpl / argeo-commons.git / blobdiff