X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FImpliedByPrincipal.java;h=7472908cd565656d09692d23370d2c8a51f2629d;hb=54df376a9c2dd458a82eaa09bfbb718fe699dd0d;hp=5afacf69db134c522274dbe812a0291bd40c5efa;hpb=a940a66aca249a1ce7dea66d43b0e2816845d7d1;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java index 5afacf69d..7472908cd 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java @@ -1,18 +1,17 @@ package org.argeo.cms.internal.auth; +import static org.argeo.api.acr.RuntimeNamespaceContext.getNamespaceContext; + import java.security.Principal; -import java.util.Collections; -import java.util.Dictionary; -import java.util.Enumeration; import java.util.HashSet; import java.util.Set; -import javax.naming.InvalidNameException; -import javax.naming.ldap.LdapName; +import javax.xml.namespace.QName; -import org.argeo.cms.CmsException; +import org.argeo.api.acr.ArgeoNamespace; +import org.argeo.api.acr.NamespaceUtils; +import org.argeo.cms.auth.RoleNameUtils; import org.osgi.service.useradmin.Authorization; -import org.osgi.service.useradmin.Role; /** * A {@link Principal} which has been implied by an {@link Authorization}. If it @@ -22,67 +21,88 @@ import org.osgi.service.useradmin.Role; * identity is removed, the related {@link ImpliedByPrincipal}s can thus be * removed. */ -public final class ImpliedByPrincipal implements Principal, Role { - private final LdapName name; +public final class ImpliedByPrincipal implements Principal { + private final String name; private Set causes = new HashSet(); - private int type = Role.ROLE; + private QName roleName; +// private int type = Role.ROLE; + + private boolean systemRole = false; + private String context; public ImpliedByPrincipal(String name, Principal userPrincipal) { - try { - this.name = new LdapName(name); - } catch (InvalidNameException e) { - throw new CmsException("Badly formatted role name", e); + this.name = name; + String cn = RoleNameUtils.getLastRdnValue(name); + roleName = NamespaceUtils.parsePrefixedName(getNamespaceContext(), cn); + if (roleName.getNamespaceURI().equals(ArgeoNamespace.ROLE_NAMESPACE_URI)) { + systemRole = true; } + context = RoleNameUtils.getContext(name); +// try { +// this.name = new LdapName(name); +// } catch (InvalidNameException e) { +// throw new IllegalArgumentException("Badly formatted role name", e); +// } if (userPrincipal != null) causes.add(userPrincipal); } - public ImpliedByPrincipal(LdapName name, Principal userPrincipal) { - this.name = name; - if (userPrincipal != null) - causes.add(userPrincipal); - } +// public ImpliedByPrincipal(LdapName name, Principal userPrincipal) { +// this.name = name; +// if (userPrincipal != null) +// causes.add(userPrincipal); +// } public String getName() { - return name.toString(); - } - - public boolean addMember(Principal user) { - throw new UnsupportedOperationException(); - } - - public boolean removeMember(Principal user) { - throw new UnsupportedOperationException(); - } - - public boolean isMember(Principal member) { - return causes.contains(member); - } - - public Enumeration members() { - return Collections.enumeration(causes); + return name; } /* * USER ADMIN */ +// public boolean addMember(Principal user) { +// throw new UnsupportedOperationException(); +// } +// +// public boolean removeMember(Principal user) { +// throw new UnsupportedOperationException(); +// } +// +// public boolean isMember(Principal member) { +// return causes.contains(member); +// } +// +// public Enumeration members() { +// return Collections.enumeration(causes); +// } +// +// +// /** Type of {@link Role}, if known. */ +// public int getType() { +// return type; +// } +// +// /** Not supported for the time being. */ +// public Dictionary getProperties() { +// throw new UnsupportedOperationException(); +// } - @Override - /** Type of {@link Role}, if known. */ - public int getType() { - return type; + /* + * OBJECT + */ + + public QName getRoleName() { + return roleName; } - @Override - /** Not supported for the time being. */ - public Dictionary getProperties() { - throw new UnsupportedOperationException(); + public String getContext() { + return context; } - /* - * OBJECT - */ + public boolean isSystemRole() { + return systemRole; + } @Override public int hashCode() {