X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.suite.core%2Fsrc%2Forg%2Fargeo%2Fsuite%2FSuiteUtils.java;h=e6d4960ccce1b76afc52f34131b54c3855762064;hb=41e9998f7f1c87c747c57f60c6bec65fa20757a6;hp=18c91a179a7bd0e090ff338d1d1313e5844015ba;hpb=5009609dcbe6e5b7ff1cea753b47205d3996726c;p=gpl%2Fargeo-suite.git

diff --git a/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java b/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java
index 18c91a1..e6d4960 100644
--- a/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java
+++ b/org.argeo.suite.core/src/org/argeo/suite/SuiteUtils.java
@@ -1,5 +1,8 @@
 package org.argeo.suite;
 
+import java.util.HashSet;
+import java.util.Set;
+
 import javax.jcr.Node;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
@@ -8,12 +11,13 @@ import javax.jcr.security.Privilege;
 import javax.naming.ldap.LdapName;
 import javax.security.auth.x500.X500Principal;
 
-import org.argeo.cms.auth.CmsSession;
+import org.argeo.api.cms.CmsSession;
+import org.argeo.api.cms.CmsConstants;
 import org.argeo.entity.EntityType;
 import org.argeo.jackrabbit.security.JackrabbitSecurityUtils;
 import org.argeo.jcr.JcrException;
 import org.argeo.jcr.JcrUtils;
-import org.argeo.naming.LdapAttrs;
+import org.argeo.util.naming.LdapAttrs;
 
 /** Utilities around the Argeo Suite APIs. */
 public class SuiteUtils {
@@ -38,6 +42,8 @@ public class SuiteUtils {
 				JackrabbitSecurityUtils.denyPrivilege(adminSession, userNode.getPath(), SuiteRole.coworker.dn(),
 						Privilege.JCR_READ);
 				JcrUtils.addPrivilege(adminSession, userNode.getPath(), new X500Principal(userDn.toString()).getName(),
+						Privilege.JCR_READ);
+				JcrUtils.addPrivilege(adminSession, userNode.getPath(), CmsConstants.ROLE_USER_ADMIN,
 						Privilege.JCR_ALL);
 			} else {
 				userNode = usersBase.getNode(uid);
@@ -93,4 +99,24 @@ public class SuiteUtils {
 
 	}
 
+	public static Set<String> extractRoles(String[] semiColArr) {
+		Set<String> res = new HashSet<>();
+		// TODO factorize and make it more robust
+		final String rolesPrefix = "roles:=\"";
+		// first one is layer id
+		for (int i = 1; i < semiColArr.length; i++) {
+			if (semiColArr[i].startsWith(rolesPrefix)) {
+				String rolesStr = semiColArr[i].substring(rolesPrefix.length());
+				// remove last "
+				rolesStr = rolesStr.substring(0, rolesStr.lastIndexOf('\"'));
+				// TODO support AND (&) as well
+				String[] roles = rolesStr.split("\\|");// OR (|)
+				for (String role : roles) {
+					res.add(role.trim());
+				}
+			}
+		}
+		return res;
+	}
+
 }