X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FAggregatingUserAdmin.java;h=79d2bd3cbc2f21142f1801a1df5c5fbc307c2095;hb=336930c69f0cd3e1242e518479624c6366541275;hp=c274ed97e581c934515d11adce2bf19b82e2661a;hpb=f4da6777015da3fc392138f0c01cea2f2add9ed3;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java index c274ed97e..79d2bd3cb 100644 --- a/org.argeo.util/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java +++ b/org.argeo.util/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java @@ -1,5 +1,7 @@ package org.argeo.osgi.useradmin; +import static org.argeo.osgi.useradmin.DirectoryUserAdmin.toLdapName; + import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -7,6 +9,7 @@ import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; +import java.util.TreeSet; import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; @@ -27,9 +30,9 @@ public class AggregatingUserAdmin implements UserAdmin { private final LdapName tokensBaseDn; // DAOs - private AbstractUserDirectory systemRoles = null; - private AbstractUserDirectory tokens = null; - private Map businessRoles = new HashMap(); + private DirectoryUserAdmin systemRoles = null; + private DirectoryUserAdmin tokens = null; + private Map businessRoles = new HashMap(); // TODO rather use an empty constructor and an init method public AggregatingUserAdmin(String systemRolesBaseDn, String tokensBaseDn) { @@ -40,7 +43,7 @@ public class AggregatingUserAdmin implements UserAdmin { else this.tokensBaseDn = null; } catch (InvalidNameException e) { - throw new UserDirectoryException("Cannot initialize " + AggregatingUserAdmin.class, e); + throw new IllegalStateException("Cannot initialize " + AggregatingUserAdmin.class, e); } } @@ -75,9 +78,9 @@ public class AggregatingUserAdmin implements UserAdmin { public User getUser(String key, String value) { List res = new ArrayList(); for (UserAdmin userAdmin : businessRoles.values()) { - User u = userAdmin.getUser(key, value); - if (u != null) - res.add(u); + User u = userAdmin.getUser(key, value); + if (u != null) + res.add(u); } // Note: node roles cannot contain users, so it is not searched return res.size() == 1 ? res.get(0) : null; @@ -88,7 +91,7 @@ public class AggregatingUserAdmin implements UserAdmin { if (user == null) {// anonymous return systemRoles.getAuthorization(null); } - AbstractUserDirectory userReferentialOfThisUser = findUserAdmin(user.getName()); + DirectoryUserAdmin userReferentialOfThisUser = findUserAdmin(user.getName()); Authorization rawAuthorization = userReferentialOfThisUser.getAuthorization(user); String usernameToUse; String displayNameToUse; @@ -110,11 +113,11 @@ public class AggregatingUserAdmin implements UserAdmin { } // gather roles from other referentials - final AbstractUserDirectory userAdminToUse;// possibly scoped when authenticating + final DirectoryUserAdmin userAdminToUse;// possibly scoped when authenticating if (user instanceof DirectoryUser) { userAdminToUse = userReferentialOfThisUser; } else if (user instanceof AuthenticatingUser) { - userAdminToUse = userReferentialOfThisUser.scope(user); + userAdminToUse = (DirectoryUserAdmin) userReferentialOfThisUser.scope(user); } else { throw new IllegalArgumentException("Unsupported user type " + user.getClass()); } @@ -153,17 +156,21 @@ public class AggregatingUserAdmin implements UserAdmin { // // USER ADMIN AGGREGATOR // - protected void addUserDirectory(AbstractUserDirectory userDirectory) { - LdapName baseDn = userDirectory.getBaseDn(); - if (isSystemRolesBaseDn(baseDn)) { + protected void addUserDirectory(UserDirectory ud) { + if (!(ud instanceof DirectoryUserAdmin)) + throw new IllegalArgumentException("Only " + DirectoryUserAdmin.class.getName() + " is supported"); + DirectoryUserAdmin userDirectory = (DirectoryUserAdmin) ud; + String basePath = userDirectory.getContext(); + if (isSystemRolesBaseDn(basePath)) { this.systemRoles = userDirectory; systemRoles.setExternalRoles(this); - } else if (isTokensBaseDn(baseDn)) { + } else if (isTokensBaseDn(basePath)) { this.tokens = userDirectory; tokens.setExternalRoles(this); } else { + LdapName baseDn = toLdapName(basePath); if (businessRoles.containsKey(baseDn)) - throw new UserDirectoryException("There is already a user admin for " + baseDn); + throw new IllegalStateException("There is already a user admin for " + baseDn); businessRoles.put(baseDn, userDirectory); } userDirectory.init(); @@ -171,36 +178,25 @@ public class AggregatingUserAdmin implements UserAdmin { } /** Called after a new user directory has been added */ - protected void postAdd(AbstractUserDirectory userDirectory) { + protected void postAdd(UserDirectory userDirectory) { } -// private UserAdmin findUserAdmin(User user) { -// if (user == null) -// throw new IllegalArgumentException("User should not be null"); -// AbstractUserDirectory userAdmin = findUserAdmin(user.getName()); -// if (user instanceof DirectoryUser) { -// return userAdmin; -// } else { -// return userAdmin.scope(user); -// } -// } - - private AbstractUserDirectory findUserAdmin(String name) { + private DirectoryUserAdmin findUserAdmin(String name) { try { return findUserAdmin(new LdapName(name)); } catch (InvalidNameException e) { - throw new UserDirectoryException("Badly formatted name " + name, e); + throw new IllegalArgumentException("Badly formatted name " + name, e); } } - private AbstractUserDirectory findUserAdmin(LdapName name) { + private DirectoryUserAdmin findUserAdmin(LdapName name) { if (name.startsWith(systemRolesBaseDn)) return systemRoles; if (tokensBaseDn != null && name.startsWith(tokensBaseDn)) return tokens; - List res = new ArrayList<>(1); + List res = new ArrayList<>(1); userDirectories: for (LdapName baseDn : businessRoles.keySet()) { - AbstractUserDirectory userDirectory = businessRoles.get(baseDn); + DirectoryUserAdmin userDirectory = businessRoles.get(baseDn); if (name.startsWith(baseDn)) { if (userDirectory.isDisabled()) continue userDirectories; @@ -217,18 +213,18 @@ public class AggregatingUserAdmin implements UserAdmin { } } if (res.size() == 0) - throw new UserDirectoryException("Cannot find user admin for " + name); + throw new IllegalStateException("Cannot find user admin for " + name); if (res.size() > 1) - throw new UserDirectoryException("Multiple user admin found for " + name); + throw new IllegalStateException("Multiple user admin found for " + name); return res.get(0); } - protected boolean isSystemRolesBaseDn(LdapName baseDn) { - return baseDn.equals(systemRolesBaseDn); + protected boolean isSystemRolesBaseDn(String basePath) { + return toLdapName(basePath).equals(systemRolesBaseDn); } - protected boolean isTokensBaseDn(LdapName baseDn) { - return tokensBaseDn != null && baseDn.equals(tokensBaseDn); + protected boolean isTokensBaseDn(String basePath) { + return tokensBaseDn != null && toLdapName(basePath).equals(tokensBaseDn); } // protected Dictionary currentState() { @@ -242,9 +238,13 @@ public class AggregatingUserAdmin implements UserAdmin { // return res; // } - public void destroy() { + public void start() { + + } + + public void stop() { for (LdapName name : businessRoles.keySet()) { - AbstractUserDirectory userDirectory = businessRoles.get(name); + DirectoryUserAdmin userDirectory = businessRoles.get(name); destroy(userDirectory); } businessRoles.clear(); @@ -253,17 +253,26 @@ public class AggregatingUserAdmin implements UserAdmin { systemRoles = null; } - private void destroy(AbstractUserDirectory userDirectory) { + private void destroy(DirectoryUserAdmin userDirectory) { preDestroy(userDirectory); userDirectory.destroy(); } - protected void removeUserDirectory(LdapName baseDn) { - if (isSystemRolesBaseDn(baseDn)) - throw new UserDirectoryException("System roles cannot be removed "); +// protected void removeUserDirectory(UserDirectory userDirectory) { +// LdapName baseDn = toLdapName(userDirectory.getContext()); +// businessRoles.remove(baseDn); +// if (userDirectory instanceof DirectoryUserAdmin) +// destroy((DirectoryUserAdmin) userDirectory); +// } + + @Deprecated + protected void removeUserDirectory(String basePath) { + if (isSystemRolesBaseDn(basePath)) + throw new IllegalArgumentException("System roles cannot be removed "); + LdapName baseDn = toLdapName(basePath); if (!businessRoles.containsKey(baseDn)) - throw new UserDirectoryException("No user directory registered for " + baseDn); - AbstractUserDirectory userDirectory = businessRoles.remove(baseDn); + throw new IllegalStateException("No user directory registered for " + baseDn); + DirectoryUserAdmin userDirectory = businessRoles.remove(baseDn); destroy(userDirectory); } @@ -271,7 +280,14 @@ public class AggregatingUserAdmin implements UserAdmin { * Called before each user directory is destroyed, so that additional actions * can be performed. */ - protected void preDestroy(AbstractUserDirectory userDirectory) { + protected void preDestroy(UserDirectory userDirectory) { + } + + public Set getUserDirectories() { + TreeSet res = new TreeSet<>((o1, o2) -> o1.getContext().compareTo(o2.getContext())); + res.addAll(businessRoles.values()); + res.add(systemRoles); + return res; } }