X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAggregatingUserAdmin.java;h=01254b985a64302b84dd22db5e789040143b6461;hb=f9ee9620626e471a99f25e84175e27380d902957;hp=f7a7c6e478ba8197e9ef414e5c7fce8e5a20f8aa;hpb=57e34e0482e03cea9a6a34326c22c7c969ad07c8;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index f7a7c6e47..01254b985 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -13,8 +13,10 @@ import java.util.Set;
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 
+import org.argeo.naming.LdapAttrs;
 import org.osgi.framework.InvalidSyntaxException;
 import org.osgi.service.useradmin.Authorization;
+import org.osgi.service.useradmin.Group;
 import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.User;
 import org.osgi.service.useradmin.UserAdmin;
@@ -84,6 +86,23 @@ public class AggregatingUserAdmin implements UserAdmin {
 		}
 		UserAdmin userAdmin = findUserAdmin(user.getName());
 		Authorization rawAuthorization = userAdmin.getAuthorization(user);
+		String usernameToUse;
+		String displayNameToUse;
+		if (user instanceof Group) {// tokens
+			String ownerDn = (String) user.getProperties().get(LdapAttrs.owner.name());
+			if (ownerDn != null) {
+				UserAdmin ownerUserAdmin = findUserAdmin(ownerDn);
+				User ownerUser = (User) ownerUserAdmin.getRole(ownerDn);
+				usernameToUse = ownerDn;
+				displayNameToUse = LdifAuthorization.extractDisplayName(ownerUser);
+			} else {
+				throw new UserDirectoryException(
+						"Cannot get authorization for group " + user.getName() + " without owner");
+			}
+		} else {// regular users
+			usernameToUse = rawAuthorization.getName();
+			displayNameToUse = rawAuthorization.toString();
+		}
 		// gather system roles
 		Set<String> sysRoles = new HashSet<String>();
 		for (String role : rawAuthorization.getRoles()) {
@@ -91,8 +110,8 @@ public class AggregatingUserAdmin implements UserAdmin {
 			sysRoles.addAll(Arrays.asList(auth.getRoles()));
 		}
 		addAbstractSystemRoles(rawAuthorization, sysRoles);
-		Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
-				rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
+		Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
+				rawAuthorization.getRoles());
 		return authorization;
 	}