X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.app.core%2Fsrc%2Forg%2Fargeo%2Fapp%2Fcore%2FSuiteUtils.java;h=565c2d633febcea357ea099ef7de6c330d2de879;hb=302839c70d637be5a555290bd4542b9b1c63c17d;hp=6b63cdb4d30115e21db16267eb1afd2c5b191cbe;hpb=fabd973af0f3a08b55640a152526eaeba177b128;p=gpl%2Fargeo-suite.git

diff --git a/org.argeo.app.core/src/org/argeo/app/core/SuiteUtils.java b/org.argeo.app.core/src/org/argeo/app/core/SuiteUtils.java
index 6b63cdb..565c2d6 100644
--- a/org.argeo.app.core/src/org/argeo/app/core/SuiteUtils.java
+++ b/org.argeo.app.core/src/org/argeo/app/core/SuiteUtils.java
@@ -9,25 +9,30 @@ import javax.jcr.Session;
 import javax.jcr.nodetype.NodeType;
 import javax.jcr.security.Privilege;
 import javax.security.auth.x500.X500Principal;
+import javax.xml.namespace.QName;
 
+import org.argeo.api.acr.Content;
+import org.argeo.api.acr.ldap.LdapAttr;
+import org.argeo.api.acr.ldap.LdapObj;
 import org.argeo.api.cms.CmsConstants;
 import org.argeo.api.cms.CmsSession;
 import org.argeo.app.api.EntityType;
-import org.argeo.cms.auth.RoleNameUtils;
+import org.argeo.cms.RoleNameUtils;
 import org.argeo.jcr.JcrException;
 import org.argeo.jcr.JcrUtils;
-import org.argeo.util.naming.LdapAttrs;
 
 /** Utilities around the Argeo Suite APIs. */
 public class SuiteUtils {
-	@Deprecated
+	public final static String USER_STATE_NODE_NAME = "state";
+	public final static String USER_DEVICES_NODE_NAME = "devices";
+	public final static String USER_SESSIONS_NODE_NAME = "sessions";
+
 	public static String getUserNodePath(String userDn) {
 		String uid = RoleNameUtils.getLastRdnValue(userDn);
 		return EntityType.user.basePath() + '/' + uid;
 	}
 
-	@Deprecated
-	private static Node getOrCreateUserNode(Session adminSession, String userDn) {
+	public static Node getOrCreateUserNode(Session adminSession, String userDn) {
 		try {
 			Node usersBase = adminSession.getNode(EntityType.user.basePath());
 			String uid = RoleNameUtils.getLastRdnValue(userDn);
@@ -36,8 +41,13 @@ public class SuiteUtils {
 				userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED);
 				userNode.addMixin(EntityType.user.get());
 				userNode.addMixin(NodeType.MIX_CREATED);
-				userNode.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString());
-				userNode.setProperty(LdapAttrs.uid.property(), uid);
+				userNode.setProperty(LdapAttr.distinguishedName.get(), userDn.toString());
+				userNode.setProperty(LdapAttr.uid.get(), uid);
+
+				userNode.addNode(USER_SESSIONS_NODE_NAME, NodeType.NT_UNSTRUCTURED);
+				Node userStateNode = userNode.addNode(USER_STATE_NODE_NAME, NodeType.NT_UNSTRUCTURED);
+				Node userDevicesNode = userNode.addNode(USER_DEVICES_NODE_NAME, NodeType.NT_UNSTRUCTURED);
+
 				adminSession.save();
 //				JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(),
 //						Privilege.JCR_READ);
@@ -45,6 +55,10 @@ public class SuiteUtils {
 						Privilege.JCR_READ);
 				JcrUtils.addPrivilege(adminSession, userNode.getPath(), CmsConstants.ROLE_USER_ADMIN,
 						Privilege.JCR_ALL);
+
+				JcrUtils.addPrivilege(adminSession, userStateNode.getPath(), userDn, Privilege.JCR_ALL);
+				JcrUtils.addPrivilege(adminSession, userDevicesNode.getPath(), userDn, Privilege.JCR_ALL);
+
 			} else {
 				userNode = usersBase.getNode(uid);
 			}
@@ -54,41 +68,30 @@ public class SuiteUtils {
 		}
 	}
 
-	@Deprecated
 	public static Node getCmsSessionNode(Session session, CmsSession cmsSession) {
 		try {
-			return session.getNode(getUserNodePath(cmsSession.getUserDn()) + '/' + cmsSession.getUuid().toString());
+			return session.getNode(getUserNodePath(cmsSession.getUserDn()) + '/' + USER_SESSIONS_NODE_NAME + '/'
+					+ cmsSession.getUuid().toString());
 		} catch (RepositoryException e) {
 			throw new JcrException("Cannot get session dir for " + cmsSession, e);
 		}
 	}
 
-	@Deprecated
 	public static Node getOrCreateCmsSessionNode(Session adminSession, CmsSession cmsSession) {
 		try {
 			String userDn = cmsSession.getUserDn();
-//			String uid = userDn.get(userDn.size() - 1);
 			Node userNode = getOrCreateUserNode(adminSession, userDn);
-//			if (!usersBase.hasNode(uid)) {
-//				userNode = usersBase.addNode(uid, NodeType.NT_UNSTRUCTURED);
-//				userNode.addMixin(EntityType.user.get());
-//				userNode.addMixin(NodeType.MIX_CREATED);
-//				usersBase.setProperty(LdapAttrs.uid.property(), uid);
-//				usersBase.setProperty(LdapAttrs.distinguishedName.property(), userDn.toString());
-//				adminSession.save();
-//			} else {
-//				userNode = usersBase.getNode(uid);
-//			}
+			Node sessionsNode = userNode.getNode(USER_SESSIONS_NODE_NAME);
 			String cmsSessionUuid = cmsSession.getUuid().toString();
 			Node cmsSessionNode;
-			if (!userNode.hasNode(cmsSessionUuid)) {
-				cmsSessionNode = userNode.addNode(cmsSessionUuid, NodeType.NT_UNSTRUCTURED);
+			if (!sessionsNode.hasNode(cmsSessionUuid)) {
+				cmsSessionNode = sessionsNode.addNode(cmsSessionUuid, NodeType.NT_UNSTRUCTURED);
 				cmsSessionNode.addMixin(NodeType.MIX_CREATED);
 				adminSession.save();
 				JcrUtils.addPrivilege(adminSession, cmsSessionNode.getPath(), cmsSession.getUserRole(),
 						Privilege.JCR_ALL);
 			} else {
-				cmsSessionNode = userNode.getNode(cmsSessionUuid);
+				cmsSessionNode = sessionsNode.getNode(cmsSessionUuid);
 			}
 			return cmsSessionNode;
 		} catch (RepositoryException e) {
@@ -96,11 +99,6 @@ public class SuiteUtils {
 		}
 	}
 
-	/** Singleton. */
-	private SuiteUtils() {
-
-	}
-
 	public static Set<String> extractRoles(String[] semiColArr) {
 		Set<String> res = new HashSet<>();
 		// TODO factorize and make it more robust
@@ -121,4 +119,33 @@ public class SuiteUtils {
 		return res;
 	}
 
+	synchronized static public long findNextId(Content hierarchyUnit, QName cclass) {
+		if (!hierarchyUnit.hasContentClass(LdapObj.posixGroup.qName()))
+			throw new IllegalArgumentException(hierarchyUnit + " is not a POSIX group");
+
+		long min = hierarchyUnit.get(LdapAttr.gidNumber.qName(), Long.class).orElseThrow();
+		long currentMax = 0l;
+		for (Content childHu : hierarchyUnit) {
+			if (!childHu.hasContentClass(LdapObj.organizationalUnit.qName()))
+				continue;
+			// FIXME filter out functional hierarchy unit
+			for (Content role : childHu) {
+				if (role.hasContentClass(cclass)) {
+
+					if (LdapObj.posixAccount.qName().equals(cclass)) {
+						Long id = role.get(LdapAttr.uidNumber.qName(), Long.class).orElseThrow();
+						if (id > currentMax)
+							currentMax = id;
+					}
+				}
+			}
+		}
+		if (currentMax == 0l)
+			return min;
+		return currentMax + 1;
+	}
+
+	/** Singleton. */
+	private SuiteUtils() {
+	}
 }