Role DAO

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / ldap / RoleDaoLdap.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java
new file mode 100644 (file)
index 0000000..7a40a3f
--- /dev/null
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/RoleDaoLdap.java
@@ -0,0 +1,62 @@
+package org.argeo.security.ldap;
+
+import java.util.List;
+
+import javax.naming.Name;
+
+import org.argeo.security.dao.RoleDao;
+import org.springframework.ldap.core.ContextMapper;
+import org.springframework.ldap.core.ContextSource;
+import org.springframework.ldap.core.DirContextAdapter;
+import org.springframework.ldap.core.DistinguishedName;
+import org.springframework.ldap.core.LdapTemplate;
+
+public class RoleDaoLdap implements RoleDao {
+
+       private ArgeoLdapAuthoritiesPopulator authoritiesPopulator;
+       private final LdapTemplate ldapTemplate;
+
+       public RoleDaoLdap(ContextSource contextSource) {
+               ldapTemplate = new LdapTemplate(contextSource);
+       }
+
+       public void create(String role) {
+               Name dn = buildDn(role);
+               DirContextAdapter context = new DirContextAdapter();
+               context.setAttributeValues("objectClass", new String[] { "top",
+                               "groupOfUniqueNames" });
+               context.setAttributeValue("cn", role);
+               ldapTemplate.bind(dn, context, null);
+       }
+
+       @SuppressWarnings("unchecked")
+       public List<String> listEditableRoles() {
+               return (List<String>) ldapTemplate.listBindings(authoritiesPopulator
+                               .getGroupSearchBase(), new ContextMapper() {
+                       public Object mapFromContext(Object ctxArg) {
+                               String groupName = ((DirContextAdapter) ctxArg)
+                                               .getStringAttribute(authoritiesPopulator
+                                                               .getGroupRoleAttribute());
+                               String roleName = authoritiesPopulator
+                                               .convertGroupToRole(groupName);
+                               return roleName;
+                       }
+               });
+       }
+
+       public void delete(String role) {
+               // TODO Auto-generated method stub
+
+       }
+
+       public void setAuthoritiesPopulator(
+                       ArgeoLdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
+               this.authoritiesPopulator = ldapAuthoritiesPopulator;
+       }
+
+       protected Name buildDn(String name) {
+               return new DistinguishedName("cn=" + name + ","
+                               + authoritiesPopulator.getGroupSearchBase());
+       }
+
+}