X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FCmsUserManagerImpl.java;h=b5ee9b306d1b65f9ec5738f8f2467a5ba33380eb;hb=feddb4be70a8304dd4a533efee6e14c22691b500;hp=a8a322356f45a52893a25af3c3c6c02be107d7d9;hpb=70f045c8ca8dbbd117d5a80ff57975069641079a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsUserManagerImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsUserManagerImpl.java
index a8a322356..b5ee9b306 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsUserManagerImpl.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/CmsUserManagerImpl.java
@@ -1,8 +1,8 @@
 package org.argeo.cms.internal.auth;
 
-import static org.argeo.util.naming.LdapAttrs.cn;
-import static org.argeo.util.naming.LdapAttrs.description;
-import static org.argeo.util.naming.LdapAttrs.owner;
+import static org.argeo.api.acr.ldap.LdapAttrs.cn;
+import static org.argeo.api.acr.ldap.LdapAttrs.description;
+import static org.argeo.api.acr.ldap.LdapAttrs.owner;
 
 import java.time.ZoneOffset;
 import java.time.ZonedDateTime;
@@ -14,6 +14,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.NavigableMap;
+import java.util.Objects;
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.TreeSet;
@@ -24,22 +25,24 @@ import javax.naming.ldap.LdapName;
 import javax.security.auth.Subject;
 
 import org.argeo.api.acr.NamespaceUtils;
+import org.argeo.api.acr.ldap.LdapAttrs;
+import org.argeo.api.acr.ldap.NamingUtils;
 import org.argeo.api.cms.CmsConstants;
 import org.argeo.api.cms.CmsLog;
+import org.argeo.api.cms.directory.CmsGroup;
+import org.argeo.api.cms.directory.CmsUser;
+import org.argeo.api.cms.directory.HierarchyUnit;
+import org.argeo.api.cms.directory.UserDirectory;
+import org.argeo.api.cms.transaction.WorkTransaction;
 import org.argeo.cms.CmsUserManager;
 import org.argeo.cms.auth.CurrentUser;
 import org.argeo.cms.auth.SystemRole;
 import org.argeo.cms.auth.UserAdminUtils;
-import org.argeo.osgi.useradmin.AggregatingUserAdmin;
-import org.argeo.osgi.useradmin.TokenUtils;
-import org.argeo.osgi.useradmin.UserDirectory;
-import org.argeo.util.directory.DirectoryConf;
-import org.argeo.util.directory.HierarchyUnit;
-import org.argeo.util.directory.ldap.LdapEntry;
-import org.argeo.util.directory.ldap.SharedSecret;
-import org.argeo.util.naming.LdapAttrs;
-import org.argeo.util.naming.NamingUtils;
-import org.argeo.util.transaction.WorkTransaction;
+import org.argeo.cms.directory.ldap.LdapEntry;
+import org.argeo.cms.directory.ldap.SharedSecret;
+import org.argeo.cms.osgi.useradmin.AggregatingUserAdmin;
+import org.argeo.cms.osgi.useradmin.TokenUtils;
+import org.argeo.cms.runtime.DirectoryConf;
 import org.osgi.framework.InvalidSyntaxException;
 import org.osgi.service.useradmin.Authorization;
 import org.osgi.service.useradmin.Group;
@@ -95,8 +98,8 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	// ALL USER: WARNING access to this will be later reduced
 
 	/** Retrieve a user given his dn, or <code>null</code> if it doesn't exist. */
-	public User getUser(String dn) {
-		return (User) getUserAdmin().getRole(dn);
+	public CmsUser getUser(String dn) {
+		return (CmsUser) getUserAdmin().getRole(dn);
 	}
 
 	/** Can be a group or a user */
@@ -131,11 +134,11 @@ public class CmsUserManagerImpl implements CmsUserManager {
 		return false;
 	}
 
-	public Set<User> listUsersInGroup(String groupDn, String filter) {
+	public Set<CmsUser> listUsersInGroup(String groupDn, String filter) {
 		Group group = (Group) userAdmin.getRole(groupDn);
 		if (group == null)
 			throw new IllegalArgumentException("Group " + groupDn + " not found");
-		Set<User> users = new HashSet<User>();
+		Set<CmsUser> users = new HashSet<>();
 		addUsers(users, group, filter);
 		return users;
 	}
@@ -157,21 +160,21 @@ public class CmsUserManagerImpl implements CmsUserManager {
 //	}
 
 	/** Recursively add users to list */
-	private void addUsers(Set<User> users, Group group, String filter) {
+	private void addUsers(Set<CmsUser> users, Group group, String filter) {
 		Role[] roles = group.getMembers();
 		for (Role role : roles) {
 			if (role.getType() == Role.GROUP) {
-				addUsers(users, (Group) role, filter);
+				addUsers(users, (CmsGroup) role, filter);
 			} else if (role.getType() == Role.USER) {
 				if (match(role, filter))
-					users.add((User) role);
+					users.add((CmsUser) role);
 			} else {
 				// ignore
 			}
 		}
 	}
 
-	public List<User> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles) {
+	public List<CmsUser> listGroups(String filter, boolean includeUsers, boolean includeSystemRoles) {
 		Role[] roles = null;
 		try {
 			roles = getUserAdmin().getRoles(filter);
@@ -179,13 +182,13 @@ public class CmsUserManagerImpl implements CmsUserManager {
 			throw new IllegalArgumentException("Unable to get roles with filter: " + filter, e);
 		}
 
-		List<User> users = new ArrayList<User>();
+		List<CmsUser> users = new ArrayList<>();
 		for (Role role : roles) {
 			if ((includeUsers && role.getType() == Role.USER || role.getType() == Role.GROUP) && !users.contains(role)
 					&& (includeSystemRoles
 							|| !role.getName().toLowerCase().endsWith(CmsConstants.SYSTEM_ROLES_BASEDN))) {
 				if (match(role, filter))
-					users.add((User) role);
+					users.add((CmsUser) role);
 			}
 		}
 		return users;
@@ -214,10 +217,10 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	}
 
 	@Override
-	public User getUserFromLocalId(String localId) {
-		User user = getUserAdmin().getUser(LdapAttrs.uid.name(), localId);
+	public CmsUser getUserFromLocalId(String localId) {
+		CmsUser user = (CmsUser) getUserAdmin().getUser(LdapAttrs.uid.name(), localId);
 		if (user == null)
-			user = getUserAdmin().getUser(LdapAttrs.cn.name(), localId);
+			user = (CmsUser) getUserAdmin().getUser(LdapAttrs.cn.name(), localId);
 		return user;
 	}
 
@@ -230,10 +233,10 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	 * EDITION
 	 */
 	@Override
-	public User createUser(String username, Map<String, Object> properties, Map<String, Object> credentials) {
+	public CmsUser createUser(String username, Map<String, Object> properties, Map<String, Object> credentials) {
 		try {
 			userTransaction.begin();
-			User user = (User) userAdmin.createRole(username, Role.USER);
+			CmsUser user = (CmsUser) userAdmin.createRole(username, Role.USER);
 			if (properties != null) {
 				for (String key : properties.keySet())
 					user.getProperties().put(key, properties.get(key));
@@ -258,14 +261,14 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	}
 
 	@Override
-	public Group getOrCreateGroup(HierarchyUnit groups, String commonName) {
+	public CmsGroup getOrCreateGroup(HierarchyUnit groups, String commonName) {
 		try {
 			String dn = LdapAttrs.cn.name() + "=" + commonName + "," + groups.getBase();
-			Group group = (Group) getUserAdmin().getRole(dn);
+			CmsGroup group = (CmsGroup) getUserAdmin().getRole(dn);
 			if (group != null)
 				return group;
 			userTransaction.begin();
-			group = (Group) userAdmin.createRole(dn, Role.GROUP);
+			group = (CmsGroup) userAdmin.createRole(dn, Role.GROUP);
 			userTransaction.commit();
 			return group;
 		} catch (Exception e) {
@@ -282,15 +285,15 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	}
 
 	@Override
-	public Group getOrCreateSystemRole(HierarchyUnit roles, SystemRole systemRole) {
+	public CmsGroup getOrCreateSystemRole(HierarchyUnit roles, SystemRole systemRole) {
 		try {
 			String dn = LdapAttrs.cn.name() + "=" + NamespaceUtils.toPrefixedName(systemRole.getName()) + ","
 					+ roles.getBase();
-			Group group = (Group) getUserAdmin().getRole(dn);
+			CmsGroup group = (CmsGroup) getUserAdmin().getRole(dn);
 			if (group != null)
 				return group;
 			userTransaction.begin();
-			group = (Group) userAdmin.createRole(dn, Role.GROUP);
+			group = (CmsGroup) userAdmin.createRole(dn, Role.GROUP);
 			userTransaction.commit();
 			return group;
 		} catch (Exception e) {
@@ -350,7 +353,48 @@ public class CmsUserManagerImpl implements CmsUserManager {
 	}
 
 	@Override
-	public void addMember(Group group, Role role) {
+	public void addObjectClasses(HierarchyUnit hierarchyUnit, Set<String> objectClasses,
+			Map<String, Object> additionalProperties) {
+		try {
+			userTransaction.begin();
+			LdapEntry.addObjectClasses(hierarchyUnit.getProperties(), objectClasses);
+			for (String key : additionalProperties.keySet()) {
+				hierarchyUnit.getProperties().put(key, additionalProperties.get(key));
+			}
+			userTransaction.commit();
+		} catch (Exception e1) {
+			try {
+				if (!userTransaction.isNoTransactionStatus())
+					userTransaction.rollback();
+			} catch (Exception e2) {
+				if (log.isTraceEnabled())
+					log.trace("Cannot rollback transaction", e2);
+			}
+			throw new RuntimeException("Cannot add object classes " + objectClasses + " to " + hierarchyUnit, e1);
+		}
+	}
+
+	@Override
+	public void edit(Runnable action) {
+		Objects.requireNonNull(action);
+		try {
+			userTransaction.begin();
+			action.run();
+			userTransaction.commit();
+		} catch (Exception e1) {
+			try {
+				if (!userTransaction.isNoTransactionStatus())
+					userTransaction.rollback();
+			} catch (Exception e2) {
+				if (log.isTraceEnabled())
+					log.trace("Cannot rollback transaction", e2);
+			}
+			throw new RuntimeException("Cannot edit", e1);
+		}
+	}
+
+	@Override
+	public void addMember(CmsGroup group, Role role) {
 		try {
 			userTransaction.begin();
 			group.addMember(role);