X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FDirectoryUserAdmin.java;h=6f3bd1a6865695cbdbc48729c10a7fda745fc156;hb=25316bb35087da302a0916c1e0bdf2fc09e8feb0;hp=9f6d62d7a64600e85224c717786c0379335868fe;hpb=dc27b57704278684e72efcaf72b01c5b91df39f8;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java index 9f6d62d7a..6f3bd1a68 100644 --- a/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java +++ b/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java @@ -26,11 +26,11 @@ import org.argeo.util.directory.DirectoryConf; import org.argeo.util.directory.DirectoryDigestUtils; import org.argeo.util.directory.HierarchyUnit; import org.argeo.util.directory.ldap.AbstractLdapDirectory; +import org.argeo.util.directory.ldap.LdapDao; import org.argeo.util.directory.ldap.LdapEntry; import org.argeo.util.directory.ldap.LdapEntryWorkingCopy; import org.argeo.util.directory.ldap.LdapNameUtils; import org.argeo.util.directory.ldap.LdifDao; -import org.argeo.util.naming.LdapObjs; import org.osgi.framework.Filter; import org.osgi.framework.FrameworkUtil; import org.osgi.framework.InvalidSyntaxException; @@ -66,7 +66,13 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm */ protected AbstractLdapDirectory scope(User user) { - throw new UnsupportedAddressTypeException(); + if (getDirectoryDao() instanceof LdapDao) { + return scopeLdap(user); + } else if (getDirectoryDao() instanceof LdifDao) { + return scopeLdif(user); + } else { + throw new IllegalStateException("Unsupported DAO " + getDirectoryDao().getClass()); + } } protected DirectoryUserAdmin scopeLdap(User user) { @@ -74,7 +80,7 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm String username = (String) credentials.get(SHARED_STATE_USERNAME); if (username == null) username = user.getName(); - Dictionary properties = cloneProperties(); + Dictionary properties = cloneConfigProperties(); properties.put(Context.SECURITY_PRINCIPAL, username.toString()); Object pwdCred = credentials.get(SHARED_STATE_PASSWORD); byte[] pwd = (byte[]) pwdCred; @@ -84,7 +90,9 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm } else { properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI"); } - return new DirectoryUserAdmin(null, properties, true); + DirectoryUserAdmin scopedDirectory = new DirectoryUserAdmin(null, properties, true); + scopedDirectory.init(); + return scopedDirectory; } protected DirectoryUserAdmin scopeLdif(User user) { @@ -102,13 +110,14 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm } else { throw new IllegalStateException("Password is required"); } - Dictionary properties = cloneProperties(); + Dictionary properties = cloneConfigProperties(); properties.put(DirectoryConf.readOnly.name(), "true"); DirectoryUserAdmin scopedUserAdmin = new DirectoryUserAdmin(null, properties, true); // scopedUserAdmin.groups = Collections.unmodifiableNavigableMap(groups); // scopedUserAdmin.users = Collections.unmodifiableNavigableMap(users); // FIXME do it better ((LdifDao) getDirectoryDao()).scope((LdifDao) scopedUserAdmin.getDirectoryDao()); + scopedUserAdmin.init(); return scopedUserAdmin; } @@ -126,7 +135,12 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm @Override public Role getRoleByPath(String path) { - return (Role) doGetRole(pathToName(path)); + LdapEntry entry = doGetRole(pathToName(path)); + if (!(entry instanceof Role)) { + throw new IllegalStateException("Path must be a UserAdmin Role."); + } else { + return (Role) entry; + } } protected List getAllRoles(DirectoryUser user) { @@ -144,7 +158,8 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm LdapEntry entry = (LdapEntry) user; collectGroups(entry, allEntries); for (LdapEntry e : allEntries) { - allRoles.add((Role) e); + if (e instanceof Role) + allRoles.add((Role) e); } // Attributes attrs = user.getAttributes(); // // TODO centralize attribute name @@ -283,7 +298,7 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm checkEdit(); LdapEntryWorkingCopy wc = getWorkingCopy(); LdapName dn = toLdapName(name); - if ((getDirectoryDao().daoHasEntry(dn) && !wc.getDeletedData().containsKey(dn)) + if ((getDirectoryDao().entryExists(dn) && !wc.getDeletedData().containsKey(dn)) || wc.getNewData().containsKey(dn)) throw new IllegalArgumentException("Already a role " + name); BasicAttributes attrs = new BasicAttributes(true); @@ -380,17 +395,11 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm */ protected LdapEntry newUser(LdapName name, Attributes attrs) { // TODO support devices, applications, etc. - return new LdifUser.LdifPerson(this, name, attrs); + return new LdifUser(this, name, attrs); } protected LdapEntry newGroup(LdapName name, Attributes attrs) { - if (LdapNameUtils.getParentRdn(name).equals(getSystemRoleBaseRdn())) - return new LdifGroup.LdifSystemPermissions(this, name, attrs); - - if (hasObjectClass(attrs, LdapObjs.organization)) - return new LdifGroup.LdifOrganization(this, name, attrs); - else - return new LdifGroup.LdifFunctionalGroup(this, name, attrs); + return new LdifGroup(this, name, attrs); }