Make user/anonymous semantics more consistent with Authorization

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / kernel / NodeUserAdmin.java

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
index 436d30058839cb330d6471e67f277180cbbb8b19..077a1f8a7286bf76568fb3547ab53e791e75d258 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
@@ -14,6 +14,7 @@ import java.util.HashMap;
 import java.util.Hashtable;
 import java.util.Iterator;
 import java.util.Map;
+import java.util.Set;
 
 import javax.naming.ldap.LdapName;
 import javax.security.auth.Subject;
@@ -58,6 +59,7 @@ import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.ServiceRegistration;
 import org.osgi.service.cm.ConfigurationException;
 import org.osgi.service.cm.ManagedServiceFactory;
+import org.osgi.service.useradmin.Authorization;
 import org.osgi.service.useradmin.UserAdmin;
 import org.osgi.util.tracker.ServiceTracker;
 
@@ -161,6 +163,17 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor
        public String getName() {
                return "Node User Admin";
        }
+       
+       
+
+       @Override
+       protected void addAbstractSystemRoles(Authorization rawAuthorization, Set<String> sysRoles) {
+               if(rawAuthorization.getName()==null) {
+                       sysRoles.add(NodeConstants.ROLE_ANONYMOUS);
+               }else {
+                       sysRoles.add(NodeConstants.ROLE_USER);
+               }
+       }
 
        protected void postAdd(AbstractUserDirectory userDirectory) {
                // JTA