Improve Directory framework.
[lgpl/argeo-commons.git] / org.argeo.util / src / org / argeo / util / directory / ldap / LdapDao.java
index c33b50f65fb9a1a781bb62de4535b63b25198c63..b1c0c9849a14cb6abdd5214ad239912e591d887f 100644 (file)
@@ -13,12 +13,14 @@ import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttributes;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
 
 import org.argeo.util.directory.HierarchyUnit;
+import org.argeo.util.naming.LdapAttrs;
 import org.argeo.util.naming.LdapObjs;
 
 /** A user admin based on a LDAP server. */
@@ -68,40 +70,52 @@ public class LdapDao extends AbstractLdapDirectoryDao {
        @Override
        public Boolean entryExists(LdapName dn) {
                try {
-                       return doGetEntry(dn) != null;
+                       return ldapConnection.entryExists(dn);
                } catch (NameNotFoundException e) {
                        return false;
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot check " + dn, e);
                }
        }
 
        @Override
        public LdapEntry doGetEntry(LdapName name) throws NameNotFoundException {
+//             if (!entryExists(name))
+//                     throw new NameNotFoundException(name + " was not found in " + getDirectory().getBaseDn());
                try {
                        Attributes attrs = ldapConnection.getAttributes(name);
-                       if (attrs.size() == 0)
-                               return null;
-//                     int roleType = roleType(name);
+
                        LdapEntry res;
                        Rdn technicalRdn = LdapNameUtils.getParentRdn(name);
-                       if (getDirectory().getGroupBaseRdn().equals(technicalRdn))
+                       if (getDirectory().getGroupBaseRdn().equals(technicalRdn)) {
+                               if (attrs.size() == 0) {// exists but not accessible
+                                       attrs = new BasicAttributes();
+                                       attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+                                       attrs.put(LdapAttrs.objectClass.name(), getDirectory().getGroupObjectClass());
+                               }
                                res = newGroup(name, attrs);
-                       else if (getDirectory().getSystemRoleBaseRdn().equals(technicalRdn))
+                       } else if (getDirectory().getSystemRoleBaseRdn().equals(technicalRdn)) {
+                               if (attrs.size() == 0) {// exists but not accessible
+                                       attrs = new BasicAttributes();
+                                       attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+                                       attrs.put(LdapAttrs.objectClass.name(), getDirectory().getGroupObjectClass());
+                               }
                                res = newGroup(name, attrs);
-                       else if (getDirectory().getUserBaseRdn().equals(technicalRdn))
+                       } else if (getDirectory().getUserBaseRdn().equals(technicalRdn)) {
+                               if (attrs.size() == 0) {// exists but not accessible
+                                       attrs = new BasicAttributes();
+                                       attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+                                       attrs.put(LdapAttrs.objectClass.name(), getDirectory().getUserObjectClass());
+                               }
                                res = newUser(name, attrs);
-                       else
+                       } else {
                                res = new DefaultLdapEntry(getDirectory(), name, attrs);
-//                     if (isGroup(name))
-//                             res = newGroup(name, attrs);
-//                     else
-//                             res = newUser(name, attrs);
-//                     else
-//                             throw new IllegalArgumentException("Unsupported LDAP type for " + name);
+                       }
                        return res;
                } catch (NameNotFoundException e) {
                        throw e;
                } catch (NamingException e) {
-                       return null;
+                       throw new IllegalStateException("Cannot retrieve entry " + name, e);
                }
        }
 
@@ -117,6 +131,16 @@ public class LdapDao extends AbstractLdapDirectoryDao {
 //                                     "Cannot find role type, " + technicalRdn + " is not a technical RDN for " + dn);
 //     }
 
+       @Override
+       public Attributes doGetAttributes(LdapName name) {
+               try {
+                       Attributes attrs = ldapConnection.getAttributes(name);
+                       return attrs;
+               } catch (NamingException e) {
+                       throw new IllegalStateException("Cannot get attributes for " + name);
+               }
+       }
+
        @Override
        public List<LdapEntry> doGetEntries(LdapName searchBase, String f, boolean deep) {
                ArrayList<LdapEntry> res = new ArrayList<>();
@@ -254,6 +278,8 @@ public class LdapDao extends AbstractLdapDirectoryDao {
                                throw new IllegalArgumentException(dn + " does not start with base DN " + getDirectory().getBaseDn());
                        Attributes attrs = ldapConnection.getAttributes(dn);
                        return new LdapHierarchyUnit(getDirectory(), dn, attrs);
+               } catch (NameNotFoundException e) {
+                       return null;
                } catch (NamingException e) {
                        throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
                }