import org.argeo.api.acr.Content;
import org.argeo.api.acr.QNamed;
-import org.argeo.api.acr.ldap.LdapAttrs;
-import org.argeo.api.acr.ldap.LdapObjs;
+import org.argeo.api.acr.ldap.LdapAttr;
+import org.argeo.api.acr.ldap.LdapObj;
+import org.argeo.api.cms.directory.CmsUser;
+import org.argeo.api.cms.directory.CmsUserManager;
import org.argeo.app.api.SuiteRole;
import org.argeo.app.ui.SuiteMsg;
import org.argeo.app.ui.SuiteStyle;
import org.argeo.app.ui.SuiteUiUtils;
import org.argeo.cms.CmsMsg;
-import org.argeo.cms.CmsUserManager;
+import org.argeo.cms.CurrentUser;
import org.argeo.cms.Localized;
+import org.argeo.cms.RoleNameUtils;
+import org.argeo.cms.SystemRole;
import org.argeo.cms.auth.CmsRole;
-import org.argeo.cms.auth.CurrentUser;
-import org.argeo.cms.auth.RoleNameUtils;
-import org.argeo.cms.auth.SystemRole;
import org.argeo.cms.swt.CmsSwtUtils;
import org.argeo.cms.swt.Selected;
import org.argeo.cms.swt.acr.SwtSection;
import org.eclipse.swt.widgets.Control;
import org.eclipse.swt.widgets.Label;
import org.eclipse.swt.widgets.Text;
-import org.osgi.service.useradmin.User;
/** Edit a suite user. */
public class PersonUiProvider implements SwtUiProvider {
main.setLayout(new GridLayout(2, false));
- User user = context.adapt(User.class);
+ CmsUser user = context.adapt(CmsUser.class);
+
+ Content hierarchyUnitContent = context.getParent().getParent();
String roleContext = RoleNameUtils.getContext(user.getName());
- if (context.hasContentClass(LdapObjs.person.qName())) {
+ if (context.hasContentClass(LdapObj.person.qName())) {
- addFormLine(main, SuiteMsg.firstName, context, LdapAttrs.givenName);
- addFormLine(main, SuiteMsg.lastName, context, LdapAttrs.sn);
- addFormLine(main, SuiteMsg.email, context, LdapAttrs.mail);
+ addFormLine(main, SuiteMsg.firstName, context, LdapAttr.givenName);
+ addFormLine(main, SuiteMsg.lastName, context, LdapAttr.sn);
+ addFormLine(main, SuiteMsg.email, context, LdapAttr.mail);
}
- if (context.hasContentClass(LdapObjs.posixAccount.qName())) {
-
- SwtSection rolesSection = new SwtSection(main, SWT.NONE);
- rolesSection.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false, 2, 1));
- rolesSection.setLayout(new GridLayout(2, false));
- List<String> roles = Arrays.asList(cmsUserManager.getUserRoles(user.getName()));
- addRoleCheckBox(rolesSection, SuiteMsg.coworkerRole, SuiteRole.coworker, roleContext, roles);
- addRoleCheckBox(rolesSection, SuiteMsg.publisherRole, SuiteRole.publisher, roleContext, roles);
- addRoleCheckBox(rolesSection, SuiteMsg.userAdminRole, CmsRole.userAdmin, roleContext, roles);
-
+ if (context.hasContentClass(LdapObj.posixAccount.qName())) {
+ if (hierarchyUnitContent.hasContentClass(LdapObj.organization)) {
+ SwtSection rolesSection = new SwtSection(main, SWT.NONE);
+ rolesSection.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false, 2, 1));
+ rolesSection.setLayout(new GridLayout(2, false));
+ List<String> roles = Arrays.asList(cmsUserManager.getUserRoles(user.getName()));
+ addRoleCheckBox(rolesSection, SuiteMsg.coworkerRole, SuiteRole.coworker, roleContext, roles);
+ addRoleCheckBox(rolesSection, SuiteMsg.publisherRole, SuiteRole.publisher, roleContext, roles);
+ addRoleCheckBox(rolesSection, SuiteMsg.userAdminRole, CmsRole.userAdmin, roleContext, roles);
+ }
// Composite facetsSection = new Composite(main, SWT.NONE);
// facetsSection.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true, 2, 1));
// facetsSection.setLayout(new GridLayout());
}
}
- if (systemRole.equals(CmsRole.userAdmin))
- radio.setEnabled(CurrentUser.implies(CmsRole.groupAdmin, roleContext));
- else
+ if (systemRole.equals(CmsRole.userAdmin)) {
+ if (!CurrentUser.isUserContext(roleContext) && CurrentUser.implies(CmsRole.userAdmin, roleContext)) {
+ // a user admin cannot modify the user admins of their own context
+ radio.setEnabled(true);
+ } else {
+ radio.setEnabled(false);
+ }
+ } else {
radio.setEnabled(CurrentUser.implies(CmsRole.userAdmin, roleContext));
-
+ }
new Label(parent, 0).setText(msg.lead());
}