X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifUserAdmin.java;h=ef487594c409a059f622cf2080268a3821ed4788;hb=cceead8a279e8630f63cc9e8213bdcdca39955a5;hp=f9163d7e2af20dfd43caa759443241ee464b74c3;hpb=e168383bac50637131fef8c41e119db7eb2284a7;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java index f9163d7e2..ef487594c 100644 --- a/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java +++ b/org.argeo.util/src/org/argeo/osgi/useradmin/LdifUserAdmin.java @@ -16,6 +16,7 @@ import java.util.Dictionary; import java.util.HashSet; import java.util.Hashtable; import java.util.List; +import java.util.NavigableMap; import java.util.Objects; import java.util.Set; import java.util.SortedMap; @@ -23,6 +24,7 @@ import java.util.TreeMap; import javax.naming.NameNotFoundException; import javax.naming.NamingEnumeration; +import javax.naming.NamingException; import javax.naming.directory.Attributes; import javax.naming.ldap.LdapName; @@ -35,11 +37,11 @@ import org.osgi.service.useradmin.User; /** A user admin based on a LDIF files. */ public class LdifUserAdmin extends AbstractUserDirectory { - private SortedMap users = new TreeMap<>(); - private SortedMap groups = new TreeMap<>(); + private NavigableMap users = new TreeMap<>(); + private NavigableMap groups = new TreeMap<>(); - private SortedMap hierarchy = new TreeMap<>(); - private List rootHierarchyUnits = new ArrayList<>(); + private NavigableMap hierarchy = new TreeMap<>(); +// private List rootHierarchyUnits = new ArrayList<>(); public LdifUserAdmin(String uri, String baseDn) { this(fromUri(uri, baseDn), false); @@ -69,15 +71,15 @@ public class LdifUserAdmin extends AbstractUserDirectory { char[] password = DigestUtils.bytesToChars(pwd); User directoryUser = (User) getRole(username); if (!directoryUser.hasCredential(null, password)) - throw new UserDirectoryException("Invalid credentials"); + throw new IllegalStateException("Invalid credentials"); } else { - throw new UserDirectoryException("Password is required"); + throw new IllegalStateException("Password is required"); } Dictionary properties = cloneProperties(); properties.put(UserAdminConf.readOnly.name(), "true"); LdifUserAdmin scopedUserAdmin = new LdifUserAdmin(properties, true); - scopedUserAdmin.groups = Collections.unmodifiableSortedMap(groups); - scopedUserAdmin.users = Collections.unmodifiableSortedMap(users); + scopedUserAdmin.groups = Collections.unmodifiableNavigableMap(groups); + scopedUserAdmin.users = Collections.unmodifiableNavigableMap(users); return scopedUserAdmin; } @@ -98,20 +100,20 @@ public class LdifUserAdmin extends AbstractUserDirectory { return; } load(u.toURL().openStream()); - } catch (Exception e) { - throw new UserDirectoryException("Cannot open URL " + getUri(), e); + } catch (IOException | URISyntaxException e) { + throw new IllegalStateException("Cannot open URL " + getUri(), e); } } public void save() { if (getUri() == null) - throw new UserDirectoryException("Cannot save LDIF user admin: no URI is set"); + throw new IllegalStateException("Cannot save LDIF user admin: no URI is set"); if (isReadOnly()) - throw new UserDirectoryException("Cannot save LDIF user admin: " + getUri() + " is read-only"); + throw new IllegalStateException("Cannot save LDIF user admin: " + getUri() + " is read-only"); try (FileOutputStream out = new FileOutputStream(new File(new URI(getUri())))) { save(out); } catch (IOException | URISyntaxException e) { - throw new UserDirectoryException("Cannot save user admin to " + getUri(), e); + throw new IllegalStateException("Cannot save user admin to " + getUri(), e); } } @@ -145,7 +147,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { while (ids.hasMoreElements()) { String id = ids.nextElement().toLowerCase(); if (lowerCase.contains(id)) - throw new UserDirectoryException(key + " has duplicate id " + id); + throw new IllegalStateException(key + " has duplicate id " + id); lowerCase.add(id); } @@ -156,47 +158,47 @@ public class LdifUserAdmin extends AbstractUserDirectory { String objectClass = objectClasses.next().toString(); // System.out.println(" " + objectClass); if (objectClass.toLowerCase().equals(inetOrgPerson.name().toLowerCase())) { - users.put(key, new LdifUser(this, key, attributes)); + users.put(key, newUser(key, attributes)); break objectClasses; } else if (objectClass.toLowerCase().equals(getGroupObjectClass().toLowerCase())) { - groups.put(key, new LdifGroup(this, key, attributes)); - break objectClasses; - } else if (objectClass.equalsIgnoreCase(LdapObjs.organization.name())) { - // we only consider organizations which are not groups - hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.ORGANIZATION, attributes)); + groups.put(key, newGroup(key, attributes)); break objectClasses; +// } else if (objectClass.equalsIgnoreCase(LdapObjs.organization.name())) { +// // we only consider organizations which are not groups +// hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.ORGANIZATION, attributes)); +// break objectClasses; } else if (objectClass.equalsIgnoreCase(LdapObjs.organizationalUnit.name())) { - String name = key.getRdn(key.size() - 1).toString(); - if (getUserBase().equalsIgnoreCase(name) || getGroupBase().equalsIgnoreCase(name)) - break objectClasses; // skip +// String name = key.getRdn(key.size() - 1).toString(); +// if (getUserBase().equalsIgnoreCase(name) || getGroupBase().equalsIgnoreCase(name)) +// break objectClasses; // skip // TODO skip if it does not contain groups or users - hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.OU, attributes)); + hierarchy.put(key, new LdifHierarchyUnit(this, key, attributes)); break objectClasses; } } } // link hierarchy - hierachyUnits: for (LdapName dn : hierarchy.keySet()) { - LdifHierarchyUnit unit = hierarchy.get(dn); - LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1); - LdifHierarchyUnit parent = hierarchy.get(parentDn); - if (parent == null) { - rootHierarchyUnits.add(unit); - unit.parent = this; - continue hierachyUnits; - } - parent.children.add(unit); - unit.parent = parent; - } - } catch (Exception e) { - throw new UserDirectoryException("Cannot load user admin service from LDIF", e); +// hierachyUnits: for (LdapName dn : hierarchy.keySet()) { +// LdifHierarchyUnit unit = hierarchy.get(dn); +// LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1); +// LdifHierarchyUnit parent = hierarchy.get(parentDn); +// if (parent == null) { +// rootHierarchyUnits.add(unit); +// unit.parent = null; +// continue hierachyUnits; +// } +// parent.children.add(unit); +// unit.parent = parent; +// } + } catch (NamingException | IOException e) { + throw new IllegalStateException("Cannot load user admin service from LDIF", e); } } public void destroy() { if (users == null || groups == null) - throw new UserDirectoryException("User directory " + getBaseDn() + " is already destroyed"); + throw new IllegalStateException("User directory " + getBaseDn() + " is already destroyed"); users = null; groups = null; } @@ -270,19 +272,19 @@ public class LdifUserAdmin extends AbstractUserDirectory { else if (groups.containsKey(dn)) groups.remove(dn); else - throw new UserDirectoryException("User to delete not found " + dn); + throw new IllegalStateException("User to delete not found " + dn); } // add for (LdapName dn : wc.getNewUsers().keySet()) { DirectoryUser user = wc.getNewUsers().get(dn); if (users.containsKey(dn) || groups.containsKey(dn)) - throw new UserDirectoryException("User to create found " + dn); + throw new IllegalStateException("User to create found " + dn); else if (Role.USER == user.getType()) users.put(dn, user); else if (Role.GROUP == user.getType()) groups.put(dn, (DirectoryGroup) user); else - throw new UserDirectoryException("Unsupported role type " + user.getType() + " for new user " + dn); + throw new IllegalStateException("Unsupported role type " + user.getType() + " for new user " + dn); } // modify for (LdapName dn : wc.getModifiedUsers().keySet()) { @@ -293,7 +295,7 @@ public class LdifUserAdmin extends AbstractUserDirectory { else if (groups.containsKey(dn)) user = groups.get(dn); else - throw new UserDirectoryException("User to modify no found " + dn); + throw new IllegalStateException("User to modify no found " + dn); user.publishAttributes(modifiedAttrs); } } @@ -308,18 +310,56 @@ public class LdifUserAdmin extends AbstractUserDirectory { init(); } + /* + * HIERARCHY + */ + +// @Override +// public int getHierarchyChildCount() { +// return rootHierarchyUnits.size(); +// } +// +// @Override +// public HierarchyUnit getHierarchyChild(int i) { +// return rootHierarchyUnits.get(i); +// } @Override - public int getHierarchyChildCount() { - return rootHierarchyUnits.size(); + protected HierarchyUnit doGetHierarchyUnit(LdapName dn) { + return hierarchy.get(dn); } @Override - public HierarchyUnit getHierarchyChild(int i) { - return rootHierarchyUnits.get(i); + protected Iterable doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) { + List res = new ArrayList<>(); + for (LdapName n : hierarchy.keySet()) { + if (n.size() == searchBase.size() + 1) { + if (n.startsWith(searchBase)) { + HierarchyUnit hu = hierarchy.get(n); + if (functionalOnly) { + if (hu.isFunctional()) + res.add(hu); + } else { + res.add(hu); + } + } + } + } + return res; } - /* - * HIERARCHY - */ +// @Override +// public Iterable getDirectHierarchyUnits(boolean functionalOnly) { +// if (functionalOnly) { +// List res = new ArrayList<>(); +// for (HierarchyUnit hu : rootHierarchyUnits) { +// if (hu.isFunctional()) +// res.add(hu); +// } +// return res; +// +// } else { +// return rootHierarchyUnits; +// } +// } }