X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fruntime%2FCmsUserManagerImpl.java;h=9a05d2b59cc2a2ab27cfb8f7a7750ff78473b524;hb=382fc65f3707295c281ef5a764c6227b48fa5919;hp=6c6001563ba198c6239a8f856451b9bb0ec25c99;hpb=de8f04a41db19968896b15cd7f43c819a28e7158;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserManagerImpl.java b/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserManagerImpl.java index 6c6001563..9a05d2b59 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserManagerImpl.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserManagerImpl.java @@ -1,8 +1,8 @@ package org.argeo.cms.internal.runtime; -import static org.argeo.api.acr.ldap.LdapAttrs.cn; -import static org.argeo.api.acr.ldap.LdapAttrs.description; -import static org.argeo.api.acr.ldap.LdapAttrs.owner; +import static org.argeo.api.acr.ldap.LdapAttr.cn; +import static org.argeo.api.acr.ldap.LdapAttr.description; +import static org.argeo.api.acr.ldap.LdapAttr.owner; import java.time.ZoneOffset; import java.time.ZonedDateTime; @@ -26,7 +26,7 @@ import javax.security.auth.Subject; import javax.xml.namespace.QName; import org.argeo.api.acr.NamespaceUtils; -import org.argeo.api.acr.ldap.LdapAttrs; +import org.argeo.api.acr.ldap.LdapAttr; import org.argeo.api.acr.ldap.NamingUtils; import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; @@ -36,7 +36,7 @@ import org.argeo.api.cms.directory.CmsUserManager; import org.argeo.api.cms.directory.HierarchyUnit; import org.argeo.api.cms.directory.UserDirectory; import org.argeo.api.cms.transaction.WorkTransaction; -import org.argeo.cms.auth.CurrentUser; +import org.argeo.cms.CurrentUser; import org.argeo.cms.auth.UserAdminUtils; import org.argeo.cms.directory.ldap.LdapEntry; import org.argeo.cms.directory.ldap.SharedSecret; @@ -69,8 +69,8 @@ public class CmsUserManagerImpl implements CmsUserManager { // private Map serviceProperties; private WorkTransaction userTransaction; - private final String[] knownProps = { LdapAttrs.cn.name(), LdapAttrs.sn.name(), LdapAttrs.givenName.name(), - LdapAttrs.uid.name() }; + private final String[] knownProps = { LdapAttr.cn.name(), LdapAttr.sn.name(), LdapAttr.givenName.name(), + LdapAttr.uid.name() }; // private Map> userDirectories = Collections // .synchronizedMap(new LinkedHashMap<>()); @@ -222,9 +222,9 @@ public class CmsUserManagerImpl implements CmsUserManager { @Override public CmsUser getUserFromLocalId(String localId) { - CmsUser user = (CmsUser) getUserAdmin().getUser(LdapAttrs.uid.name(), localId); + CmsUser user = (CmsUser) getUserAdmin().getUser(LdapAttr.uid.name(), localId); if (user == null) - user = (CmsUser) getUserAdmin().getUser(LdapAttrs.cn.name(), localId); + user = (CmsUser) getUserAdmin().getUser(LdapAttr.cn.name(), localId); return user; } @@ -264,10 +264,30 @@ public class CmsUserManagerImpl implements CmsUserManager { } } + @Override + public CmsGroup createGroup(String dn) { + try { + userTransaction.begin(); + CmsGroup group = (CmsGroup) userAdmin.createRole(dn, Role.GROUP); + userTransaction.commit(); + return group; + } catch (Exception e) { + try { + userTransaction.rollback(); + } catch (Exception e1) { + log.error("Could not roll back", e1); + } + if (e instanceof RuntimeException) + throw (RuntimeException) e; + else + throw new RuntimeException("Cannot create group " + dn, e); + } + } + @Override public CmsGroup getOrCreateGroup(HierarchyUnit groups, String commonName) { try { - String dn = LdapAttrs.cn.name() + "=" + commonName + "," + groups.getBase(); + String dn = LdapAttr.cn.name() + "=" + commonName + "," + groups.getBase(); CmsGroup group = (CmsGroup) getUserAdmin().getRole(dn); if (group != null) return group; @@ -291,7 +311,7 @@ public class CmsUserManagerImpl implements CmsUserManager { @Override public CmsGroup getOrCreateSystemRole(HierarchyUnit roles, QName systemRole) { try { - String dn = LdapAttrs.cn.name() + "=" + NamespaceUtils.toPrefixedName(systemRole) + "," + roles.getBase(); + String dn = LdapAttr.cn.name() + "=" + NamespaceUtils.toPrefixedName(systemRole) + "," + roles.getBase(); CmsGroup group = (CmsGroup) getUserAdmin().getRole(dn); if (group != null) return group; @@ -410,7 +430,25 @@ public class CmsUserManagerImpl implements CmsUserManager { if (log.isTraceEnabled()) log.trace("Cannot rollback transaction", e2); } - throw new RuntimeException("Cannot add object classes " + role + " to group " + group, e1); + throw new RuntimeException("Cannot add member " + role + " to group " + group, e1); + } + } + + @Override + public void removeMember(CmsGroup group, Role role) { + try { + userTransaction.begin(); + group.removeMember(role); + userTransaction.commit(); + } catch (Exception e1) { + try { + if (!userTransaction.isNoTransactionStatus()) + userTransaction.rollback(); + } catch (Exception e2) { + if (log.isTraceEnabled()) + log.trace("Cannot rollback transaction", e2); + } + throw new RuntimeException("Cannot remove member " + role + " from group " + group, e1); } } @@ -453,9 +491,9 @@ public class CmsUserManagerImpl implements CmsUserManager { Dictionary props = DirectoryConf.uriAsProperties(dns.get(baseDn)); String dn = null; if (Role.GROUP == type) - dn = LdapAttrs.cn.name() + "=" + localId + "," + DirectoryConf.groupBase.getValue(props) + "," + baseDn; + dn = LdapAttr.cn.name() + "=" + localId + "," + DirectoryConf.groupBase.getValue(props) + "," + baseDn; else if (Role.USER == type) - dn = LdapAttrs.uid.name() + "=" + localId + "," + DirectoryConf.userBase.getValue(props) + "," + baseDn; + dn = LdapAttr.uid.name() + "=" + localId + "," + DirectoryConf.userBase.getValue(props) + "," + baseDn; else throw new IllegalStateException("Unknown role type. " + "Cannot deduce dn for " + localId); return dn; @@ -520,7 +558,7 @@ public class CmsUserManagerImpl implements CmsUserManager { } public String addSharedSecret(String email, int hours) { - User user = (User) userAdmin.getUser(LdapAttrs.mail.name(), email); + User user = (User) userAdmin.getUser(LdapAttr.mail.name(), email); try { userTransaction.begin(); String uuid = UUID.randomUUID().toString();