X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fauth%2FImpliedByPrincipal.java;h=7472908cd565656d09692d23370d2c8a51f2629d;hb=54df376a9c2dd458a82eaa09bfbb718fe699dd0d;hp=6f83a9a28171d4f8d7d8ae3a97f1ca3d03891e87;hpb=088c1b517a543e935d8ab65c3b2fd2d0269b551d;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java index 6f83a9a28..7472908cd 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/ImpliedByPrincipal.java @@ -1,69 +1,107 @@ package org.argeo.cms.internal.auth; +import static org.argeo.api.acr.RuntimeNamespaceContext.getNamespaceContext; + import java.security.Principal; -import java.security.acl.Group; -import java.util.Collections; -import java.util.Enumeration; import java.util.HashSet; import java.util.Set; -import javax.naming.InvalidNameException; -import javax.naming.ldap.LdapName; +import javax.xml.namespace.QName; -import org.argeo.cms.CmsException; +import org.argeo.api.acr.ArgeoNamespace; +import org.argeo.api.acr.NamespaceUtils; +import org.argeo.cms.auth.RoleNameUtils; import org.osgi.service.useradmin.Authorization; /** * A {@link Principal} which has been implied by an {@link Authorization}. If it - * is empty it meeans this is an additional identity, otherwise it lists the + * is empty it means this is an additional identity, otherwise it lists the * users (typically the logged in user but possibly empty * {@link ImpliedByPrincipal}s) which have implied it. When an additional - * identityx is removed, the related {@link ImpliedByPrincipal}s can thus be + * identity is removed, the related {@link ImpliedByPrincipal}s can thus be * removed. */ -public final class ImpliedByPrincipal implements Group { - private final LdapName name; +public final class ImpliedByPrincipal implements Principal { + private final String name; private Set causes = new HashSet(); + private QName roleName; +// private int type = Role.ROLE; + + private boolean systemRole = false; + private String context; + public ImpliedByPrincipal(String name, Principal userPrincipal) { - try { - this.name = new LdapName(name); - } catch (InvalidNameException e) { - throw new CmsException("Badly formatted role name", e); + this.name = name; + String cn = RoleNameUtils.getLastRdnValue(name); + roleName = NamespaceUtils.parsePrefixedName(getNamespaceContext(), cn); + if (roleName.getNamespaceURI().equals(ArgeoNamespace.ROLE_NAMESPACE_URI)) { + systemRole = true; } + context = RoleNameUtils.getContext(name); +// try { +// this.name = new LdapName(name); +// } catch (InvalidNameException e) { +// throw new IllegalArgumentException("Badly formatted role name", e); +// } if (userPrincipal != null) causes.add(userPrincipal); } - public ImpliedByPrincipal(LdapName name, Principal userPrincipal) { - this.name = name; - if (userPrincipal != null) - causes.add(userPrincipal); - } +// public ImpliedByPrincipal(LdapName name, Principal userPrincipal) { +// this.name = name; +// if (userPrincipal != null) +// causes.add(userPrincipal); +// } - @Override public String getName() { - return name.toString(); + return name; } - @Override - public boolean addMember(Principal user) { - throw new UnsupportedOperationException(); - } + /* + * USER ADMIN + */ +// public boolean addMember(Principal user) { +// throw new UnsupportedOperationException(); +// } +// +// public boolean removeMember(Principal user) { +// throw new UnsupportedOperationException(); +// } +// +// public boolean isMember(Principal member) { +// return causes.contains(member); +// } +// +// public Enumeration members() { +// return Collections.enumeration(causes); +// } +// +// +// /** Type of {@link Role}, if known. */ +// public int getType() { +// return type; +// } +// +// /** Not supported for the time being. */ +// public Dictionary getProperties() { +// throw new UnsupportedOperationException(); +// } - @Override - public boolean removeMember(Principal user) { - throw new UnsupportedOperationException(); + /* + * OBJECT + */ + + public QName getRoleName() { + return roleName; } - @Override - public boolean isMember(Principal member) { - return causes.contains(member); + public String getContext() { + return context; } - @Override - public Enumeration members() { - return Collections.enumeration(causes); + public boolean isSystemRole() { + return systemRole; } @Override