X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Futil%2Fdirectory%2Fldap%2FAbstractLdapDirectory.java;h=54d9776b5fd15106bf6de8b560ef81f863f1d470;hb=285c23f26c4d634cd139d393ebcb708187d5e960;hp=71a87887b85c7fd066d0230b341a312315caa1c7;hpb=4d675e1c871cfd8e4481e03cd496ab975b8b367d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java b/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
index 71a87887b..54d9776b5 100644
--- a/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
+++ b/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
@@ -34,6 +34,7 @@ import org.argeo.util.transaction.WorkControl;
 import org.argeo.util.transaction.WorkingCopyXaResource;
 import org.argeo.util.transaction.XAResourceProvider;
 
+/** A {@link Directory} based either on LDAP or LDIF. */
 public abstract class AbstractLdapDirectory implements Directory, XAResourceProvider {
 	protected static final String SHARED_STATE_USERNAME = "javax.security.auth.login.name";
 	protected static final String SHARED_STATE_PASSWORD = "javax.security.auth.login.password";
@@ -66,7 +67,11 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 			String key = keys.nextElement();
 			configProperties.put(key, props.get(key));
 		}
-		baseDn = toLdapName(DirectoryConf.baseDn.getValue(configProperties));
+
+		String baseDnStr = DirectoryConf.baseDn.getValue(configProperties);
+		if (baseDnStr == null)
+			throw new IllegalArgumentException("Base DN must be specified: " + configProperties);
+		baseDn = toLdapName(baseDnStr);
 		this.scoped = scoped;
 
 		if (uriArg != null) {
@@ -119,39 +124,30 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 			// TODO manage generic redundant LDAP case
 			directoryDao = new LdapDao(this);
 		} else {
-			URI u = URI.create(uri);
-			if (DirectoryConf.SCHEME_LDAP.equals(u.getScheme()) || DirectoryConf.SCHEME_LDAPS.equals(u.getScheme())) {
-				directoryDao = new LdapDao(this);
-			} else if (DirectoryConf.SCHEME_FILE.equals(u.getScheme())) {
-				directoryDao = new LdifDao(this);
-			} else if (DirectoryConf.SCHEME_OS.equals(u.getScheme())) {
-				directoryDao = new OsUserDirectory(this);
-				// singleUser = true;
+			if (uri != null) {
+				URI u = URI.create(uri);
+				if (DirectoryConf.SCHEME_LDAP.equals(u.getScheme())
+						|| DirectoryConf.SCHEME_LDAPS.equals(u.getScheme())) {
+					directoryDao = new LdapDao(this);
+				} else if (DirectoryConf.SCHEME_FILE.equals(u.getScheme())) {
+					directoryDao = new LdifDao(this);
+				} else if (DirectoryConf.SCHEME_OS.equals(u.getScheme())) {
+					directoryDao = new OsUserDirectory(this);
+					// singleUser = true;
+				} else {
+					throw new IllegalArgumentException("Unsupported scheme " + u.getScheme());
+				}
 			} else {
-				throw new IllegalArgumentException("Unsupported scheme " + u.getScheme());
+				// in memory
+				directoryDao = new LdifDao(this);
 			}
 		}
-		xaResource = new WorkingCopyXaResource<>(directoryDao);
+		if (directoryDao != null)
+			xaResource = new WorkingCopyXaResource<>(directoryDao);
 	}
 
 	/*
-	 * ABSTRACT METHODS
-	 */
-
-//	public abstract HierarchyUnit doGetHierarchyUnit(LdapName dn);
-//
-//	public abstract Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly);
-//
-//	protected abstract Boolean daoHasEntry(LdapName dn);
-//
-//	protected abstract LdapEntry daoGetEntry(LdapName key) throws NameNotFoundException;
-//
-//	protected abstract List<LdapEntry> doGetEntries(LdapName searchBase, Filter f, boolean deep);
-//
-//	/** Returns the groups this user is a direct member of. */
-//	protected abstract List<LdapName> getDirectGroups(LdapName dn);
-	/*
-	 * INITIALIZATION
+	 * INITIALISATION
 	 */
 
 	public void init() {
@@ -165,9 +161,9 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 	/*
 	 * CREATION
 	 */
-	protected abstract LdapEntry newUser(LdapName name, Attributes attrs);
+	protected abstract LdapEntry newUser(LdapName name);
 
-	protected abstract LdapEntry newGroup(LdapName name, Attributes attrs);
+	protected abstract LdapEntry newGroup(LdapName name);
 
 	/*
 	 * EDITION
@@ -256,13 +252,14 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 					LdapEntry group = doGetRole(groupDn);
 					if (group != null) {
 						allRoles.add(group);
-					}else {
+					} else {
 						// user doesn't have the right to retrieve role, but we know it exists
 						// otherwise memberOf would not work
-						Attributes a = new BasicAttributes();
-						a.put(LdapNameUtils.getLastRdn(groupDn).getType(), LdapNameUtils.getLastRdn(groupDn).getValue());
-						a.put(LdapAttrs.objectClass.name(), LdapObjs.groupOfNames.name());
-						group = newGroup(groupDn, a);
+//						Attributes a = new BasicAttributes();
+//						a.put(LdapNameUtils.getLastRdn(groupDn).getType(),
+//								LdapNameUtils.getLastRdn(groupDn).getValue());
+//						a.put(LdapAttrs.objectClass.name(), LdapObjs.groupOfNames.name());
+						group = newGroup(groupDn);
 						allRoles.add(group);
 					}
 				}
@@ -270,10 +267,13 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 				throw new IllegalStateException("Cannot get memberOf groups for " + user, e);
 			}
 		} else {
-			for (LdapName groupDn : getDirectoryDao().getDirectGroups(user.getDn())) {
-				// TODO check for loops
+			directGroups: for (LdapName groupDn : getDirectoryDao().getDirectGroups(user.getDn())) {
 				LdapEntry group = doGetRole(groupDn);
 				if (group != null) {
+					if (allRoles.contains(group)) {
+						// important in order to avoi loops
+						continue directGroups;
+					}
 					allRoles.add(group);
 					collectGroups(group, allRoles);
 				}
@@ -315,12 +315,31 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 		return this;
 	}
 
+	@Override
+	public HierarchyUnit createHierarchyUnit(String path) {
+		checkEdit();
+		LdapEntryWorkingCopy wc = getWorkingCopy();
+		LdapName dn = pathToName(path);
+		if ((getDirectoryDao().entryExists(dn) && !wc.getDeletedData().containsKey(dn))
+				|| wc.getNewData().containsKey(dn))
+			throw new IllegalArgumentException("Already a hierarchy unit " + path);
+		BasicAttributes attrs = new BasicAttributes(true);
+		attrs.put(LdapAttrs.objectClass.name(), LdapObjs.organizationalUnit.name());
+		Rdn nameRdn = dn.getRdn(dn.size() - 1);
+		// TODO deal with multiple attr RDN
+		attrs.put(nameRdn.getType(), nameRdn.getValue());
+		wc.getModifiedData().put(dn, attrs);
+		LdapHierarchyUnit newHierarchyUnit = new LdapHierarchyUnit(this, dn);
+		wc.getNewData().put(dn, newHierarchyUnit);
+		return newHierarchyUnit;
+	}
+
 	/*
 	 * PATHS
 	 */
 
 	@Override
-	public String getContext() {
+	public String getBase() {
 		return getBaseDn().toString();
 	}
 
@@ -378,7 +397,7 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 	protected boolean isExternal(LdapName name) {
 		return !name.startsWith(baseDn);
 	}
-	
+
 	protected static boolean hasObjectClass(Attributes attrs, LdapObjs objectClass) {
 		return hasObjectClass(attrs, objectClass.name());
 	}