X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifUserAdmin.java;h=f9163d7e2af20dfd43caa759443241ee464b74c3;hb=e168383bac50637131fef8c41e119db7eb2284a7;hp=8b1206a72b1655b38c6f111e8bd335dc954222ff;hpb=b71546ddc74d6ca49d252806aafd491c75dfe1fb;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java index 8b1206a72..f9163d7e2 100644 --- a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java +++ b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java @@ -16,6 +16,7 @@ import java.util.Dictionary; import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import java.util.Objects; import java.util.Set; import java.util.SortedMap; import java.util.TreeMap; @@ -25,6 +26,7 @@ import javax.naming.NamingEnumeration; import javax.naming.directory.Attributes; import javax.naming.ldap.LdapName; +import org.argeo.util.naming.LdapObjs; import org.argeo.util.naming.LdifParser; import org.argeo.util.naming.LdifWriter; import org.osgi.framework.Filter; @@ -33,8 +35,11 @@ import org.osgi.service.useradmin.User; /** A user admin based on a LDIF files. */ public class LdifUserAdmin extends AbstractUserDirectory { - private SortedMap users = new TreeMap(); - private SortedMap groups = new TreeMap(); + private SortedMap users = new TreeMap<>(); + private SortedMap groups = new TreeMap<>(); + + private SortedMap hierarchy = new TreeMap<>(); + private List rootHierarchyUnits = new ArrayList<>(); public LdifUserAdmin(String uri, String baseDn) { this(fromUri(uri, baseDn), false); @@ -113,6 +118,8 @@ public class LdifUserAdmin extends AbstractUserDirectory { public void save(OutputStream out) throws IOException { try { LdifWriter ldifWriter = new LdifWriter(out); + for (LdapName name : hierarchy.keySet()) + ldifWriter.writeEntry(name, hierarchy.get(name).getAttributes()); for (LdapName name : groups.keySet()) ldifWriter.writeEntry(name, groups.get(name).getAttributes()); for (LdapName name : users.keySet()) @@ -126,6 +133,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { try { users.clear(); groups.clear(); + hierarchy.clear(); LdifParser ldifParser = new LdifParser(); SortedMap allEntries = ldifParser.read(in); @@ -153,9 +161,34 @@ public class LdifUserAdmin extends AbstractUserDirectory { } else if (objectClass.toLowerCase().equals(getGroupObjectClass().toLowerCase())) { groups.put(key, new LdifGroup(this, key, attributes)); break objectClasses; + } else if (objectClass.equalsIgnoreCase(LdapObjs.organization.name())) { + // we only consider organizations which are not groups + hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.ORGANIZATION, attributes)); + break objectClasses; + } else if (objectClass.equalsIgnoreCase(LdapObjs.organizationalUnit.name())) { + String name = key.getRdn(key.size() - 1).toString(); + if (getUserBase().equalsIgnoreCase(name) || getGroupBase().equalsIgnoreCase(name)) + break objectClasses; // skip + // TODO skip if it does not contain groups or users + hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.OU, attributes)); + break objectClasses; } } } + + // link hierarchy + hierachyUnits: for (LdapName dn : hierarchy.keySet()) { + LdifHierarchyUnit unit = hierarchy.get(dn); + LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1); + LdifHierarchyUnit parent = hierarchy.get(parentDn); + if (parent == null) { + rootHierarchyUnits.add(unit); + unit.parent = this; + continue hierachyUnits; + } + parent.children.add(unit); + unit.parent = parent; + } } catch (Exception e) { throw new UserDirectoryException("Cannot load user admin service from LDIF", e); } @@ -168,6 +201,10 @@ public class LdifUserAdmin extends AbstractUserDirectory { groups = null; } + /* + * USER ADMIN + */ + @Override protected DirectoryUser daoGetRole(LdapName key) throws NameNotFoundException { if (groups.containsKey(key)) @@ -182,21 +219,35 @@ public class LdifUserAdmin extends AbstractUserDirectory { return users.containsKey(dn) || groups.containsKey(dn); } - protected List doGetRoles(Filter f) { + @Override + protected List doGetRoles(LdapName searchBase, Filter f, boolean deep) { + Objects.requireNonNull(searchBase); ArrayList res = new ArrayList(); - if (f == null) { + if (f == null && deep && getBaseDn().equals(searchBase)) { res.addAll(users.values()); res.addAll(groups.values()); } else { - for (DirectoryUser user : users.values()) { - if (f.match(user.getProperties())) + filterRoles(users, searchBase, f, deep, res); + filterRoles(groups, searchBase, f, deep, res); + } + return res; + } + + private void filterRoles(SortedMap map, LdapName searchBase, Filter f, + boolean deep, List res) { + // TODO reduce map with search base ? + roles: for (DirectoryUser user : map.values()) { + LdapName dn = user.getDn(); + if (dn.startsWith(searchBase)) { + if (!deep && dn.size() != (searchBase.size() + 1)) + continue roles; + if (f == null) + res.add(user); + else if (f.match(user.getProperties())) res.add(user); } - for (DirectoryUser group : groups.values()) - if (f.match(group.getProperties())) - res.add(group); } - return res; + } @Override @@ -257,4 +308,18 @@ public class LdifUserAdmin extends AbstractUserDirectory { init(); } + @Override + public int getHierarchyChildCount() { + return rootHierarchyUnits.size(); + } + + @Override + public HierarchyUnit getHierarchyChild(int i) { + return rootHierarchyUnits.get(i); + } + + /* + * HIERARCHY + */ + }