X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=879d5da04991b0113383771ee43ae8aee4ac0829;hb=d74f9b604d0132a6b66c7a2dc189be2c2798b7c4;hp=138eb39e9a49dc03ec7c02b7fbda001703c6e7a7;hpb=ddc70245fe7413b7341205914c91015600726b4a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index 138eb39e9..879d5da04 100644
--- a/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.util/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -19,6 +19,7 @@ import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.LdapName;
 
+import org.argeo.util.naming.LdapObjs;
 import org.osgi.framework.Filter;
 import org.osgi.service.useradmin.Role;
 import org.osgi.service.useradmin.User;
@@ -81,11 +82,11 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			int roleType = roleType(name);
 			DirectoryUser res;
 			if (roleType == Role.GROUP)
-				res = newGroup( name, attrs);
+				res = newGroup(name, attrs);
 			else if (roleType == Role.USER)
-				res = newUser( name, attrs);
+				res = newUser(name, attrs);
 			else
-				throw new UserDirectoryException("Unsupported LDAP type for " + name);
+				throw new IllegalArgumentException("Unsupported LDAP type for " + name);
 			return res;
 		} catch (NameNotFoundException e) {
 			throw e;
@@ -116,10 +117,10 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 				DirectoryUser role;
 				if (objectClassAttr.contains(getGroupObjectClass())
 						|| objectClassAttr.contains(getGroupObjectClass().toLowerCase()))
-					role = newGroup( dn, attrs);
+					role = newGroup(dn, attrs);
 				else if (objectClassAttr.contains(getUserObjectClass())
 						|| objectClassAttr.contains(getUserObjectClass().toLowerCase()))
-					role = newUser( dn, attrs);
+					role = newUser(dn, attrs);
 				else {
 //					log.warn("Unsupported LDAP type for " + searchResult.getName());
 					continue results;
@@ -131,9 +132,8 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			// ignore (typically an unsupported anonymous bind)
 			// TODO better logging
 			return res;
-		} catch (Exception e) {
-			e.printStackTrace();
-			throw new UserDirectoryException("Cannot get roles for filter " + f, e);
+		} catch (NamingException e) {
+			throw new IllegalStateException("Cannot get roles for filter " + f, e);
 		}
 	}
 
@@ -159,39 +159,76 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 				directGroups.add(toDn(searchBase, searchResult));
 			}
 			return directGroups;
-		} catch (Exception e) {
-			throw new UserDirectoryException("Cannot populate direct members of " + dn, e);
+		} catch (NamingException e) {
+			throw new IllegalStateException("Cannot populate direct members of " + dn, e);
 		}
 	}
 
 	@Override
-	protected void prepare(UserDirectoryWorkingCopy wc) {
+	public void prepare(DirectoryUserWorkingCopy wc) {
 		try {
 			ldapConnection.prepareChanges(wc);
 		} catch (NamingException e) {
-			throw new UserDirectoryException("Cannot prepare LDAP", e);
+			throw new IllegalStateException("Cannot prepare LDAP", e);
 		}
 	}
 
 	@Override
-	protected void commit(UserDirectoryWorkingCopy wc) {
+	public void commit(DirectoryUserWorkingCopy wc) {
 		try {
 			ldapConnection.commitChanges(wc);
 		} catch (NamingException e) {
-			throw new UserDirectoryException("Cannot commit LDAP", e);
+			throw new IllegalStateException("Cannot commit LDAP", e);
 		}
 	}
 
 	@Override
-	protected void rollback(UserDirectoryWorkingCopy wc) {
+	public void rollback(DirectoryUserWorkingCopy wc) {
 		// prepare not impacting
 	}
 
-//	@Override
-//	public HierarchyUnit getHierarchyUnit(String path) {
-//		LdapName dn = LdapNameUtils.toLdapName(path);
-//		Attributes attrs = ldapConnection.getAttributes(dn);
-//		
-//	}
+	/*
+	 * HIERARCHY
+	 */
+
+	@Override
+	protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+		List<HierarchyUnit> res = new ArrayList<>();
+		try {
+			String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+					+ "=" + LdapObjs.organization.name() + "))";
+
+			SearchControls searchControls = new SearchControls();
+			searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+
+			NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
+
+			while (results.hasMoreElements()) {
+				SearchResult searchResult = (SearchResult) results.nextElement();
+				LdapName dn = toDn(searchBase, searchResult);
+				Attributes attrs = searchResult.getAttributes();
+				LdifHierarchyUnit hierarchyUnit = new LdifHierarchyUnit(this, dn, attrs);
+				if (functionalOnly) {
+					if (hierarchyUnit.isFunctional())
+						res.add(hierarchyUnit);
+				} else {
+					res.add(hierarchyUnit);
+				}
+			}
+			return res;
+		} catch (NamingException e) {
+			throw new IllegalStateException("Cannot get direct hierarchy units ", e);
+		}
+	}
+
+	@Override
+	protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
+		try {
+			Attributes attrs = ldapConnection.getAttributes(dn);
+			return new LdifHierarchyUnit(this, dn, attrs);
+		} catch (NamingException e) {
+			throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
+		}
+	}
 
 }