projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improve tokens management
[lgpl/argeo-commons.git] / org.argeo.cms.e4 / src / org / argeo / cms / e4 / users / GroupsView.java
diff --git a/org.argeo.cms.e4/src/org/argeo/cms/e4/users/GroupsView.java b/org.argeo.cms.e4/src/org/argeo/cms/e4/users/GroupsView.java
index 53937c9d773e8fe78a82348fa0c7a5f79e4ed179..7d36a95076234a7b95c6fc18412aab340c355a73 100644 (file)
--- a/org.argeo.cms.e4/src/org/argeo/cms/e4/users/GroupsView.java
+++ b/org.argeo.cms.e4/src/org/argeo/cms/e4/users/GroupsView.java
@@ -210,6 +210,10 @@ public class GroupsView implements ArgeoNames {
                                if (tmpBuilder.length() > 1) {
                                        builder.append("(&(").append(LdapAttrs.objectClass.name()).append("=")
                                                        .append(LdapObjs.groupOfNames.name()).append(")");
+                                       // hide tokens
+                                       builder.append("(!(").append(LdapAttrs.DN).append("=*").append(NodeConstants.TOKENS_BASEDN)
+                                                       .append("))");
+
                                        if (!showSystemRoles)
                                                builder.append("(!(").append(LdapAttrs.DN).append("=*").append(NodeConstants.ROLES_BASEDN)
                                                                .append("))");
@@ -220,10 +224,12 @@ public class GroupsView implements ArgeoNames {
                                        if (!showSystemRoles)
                                                builder.append("(&(").append(LdapAttrs.objectClass.name()).append("=")
                                                                .append(LdapObjs.groupOfNames.name()).append(")(!(").append(LdapAttrs.DN).append("=*")
-                                                               .append(NodeConstants.ROLES_BASEDN).append(")))");
+                                                               .append(NodeConstants.ROLES_BASEDN).append("))(!(").append(LdapAttrs.DN).append("=*")
+                                                               .append(NodeConstants.TOKENS_BASEDN).append(")))");
                                        else
-                                               builder.append("(").append(LdapAttrs.objectClass.name()).append("=")
-                                                               .append(LdapObjs.groupOfNames.name()).append(")");
+                                               builder.append("(&(").append(LdapAttrs.objectClass.name()).append("=")
+                                               .append(LdapObjs.groupOfNames.name()).append(")(!(").append(LdapAttrs.DN).append("=*")
+                                               .append(NodeConstants.TOKENS_BASEDN).append(")))");
 
                                }
                                roles = userAdminWrapper.getUserAdmin().getRoles(builder.toString());
Argeo Commons - Lightweight integration framework in pure Java/OSGi