Better deal with multiple user directories.

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / AggregatingUserAdmin.java
diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java

index 75ca9ae884605a81ac07a219455030e5f5990172..66d46d4e94c2acfe3cdb1807bea2ac0b00e018fd 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -2,10 +2,8 @@ package org.argeo.osgi.useradmin;
  
  import java.util.ArrayList;
  import java.util.Arrays;
-import java.util.Dictionary;
  import java.util.HashMap;
  import java.util.HashSet;
-import java.util.Hashtable;
  import java.util.List;
  import java.util.Map;
  import java.util.Set;
@@ -112,7 +110,12 @@ public class AggregatingUserAdmin implements UserAdmin {
                 Set<String> sysRoles = new HashSet<String>();
                 for (String role : rawAuthorization.getRoles()) {
                         Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
-                       sysRoles.addAll(Arrays.asList(auth.getRoles()));
+                       systemRoles: for (String systemRole : auth.getRoles()) {
+                               if (role.equals(systemRole))
+                                       continue systemRoles;
+                               sysRoles.add(systemRole);
+                       }
+//                     sysRoles.addAll(Arrays.asList(auth.getRoles()));
                 }
                 addAbstractSystemRoles(rawAuthorization, sysRoles);
                 Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
@@ -166,12 +169,22 @@ public class AggregatingUserAdmin implements UserAdmin {
                         return systemRoles;
                 if (tokensBaseDn != null && name.startsWith(tokensBaseDn))
                         return tokens;
-               List<UserAdmin> res = new ArrayList<UserAdmin>(1);
-               for (LdapName baseDn : businessRoles.keySet()) {
+               List<AbstractUserDirectory> res = new ArrayList<>(1);
+               userDirectories: for (LdapName baseDn : businessRoles.keySet()) {
+                       AbstractUserDirectory userDirectory = businessRoles.get(baseDn);
                         if (name.startsWith(baseDn)) {
-                               AbstractUserDirectory ud = businessRoles.get(baseDn);
-                               if (!ud.isDisabled())
-                                       res.add(ud);
+                               if (userDirectory.isDisabled())
+                                       continue userDirectories;
+//                             if (res.isEmpty()) {
+                               res.add(userDirectory);
+//                             } else {
+//                                     for (AbstractUserDirectory ud : res) {
+//                                             LdapName bd = ud.getBaseDn();
+//                                             if (userDirectory.getBaseDn().startsWith(bd)) {
+//                                                     // child user directory
+//                                             }
+//                                     }
+//                             }
                         }
                 }
                 if (res.size() == 0)
@@ -189,16 +202,16 @@ public class AggregatingUserAdmin implements UserAdmin {
                 return tokensBaseDn != null && baseDn.equals(tokensBaseDn);
         }
  
-       protected Dictionary<String, Object> currentState() {
-               Dictionary<String, Object> res = new Hashtable<String, Object>();
-               // res.put(NodeConstants.CN, NodeConstants.DEFAULT);
-               for (LdapName name : businessRoles.keySet()) {
-                       AbstractUserDirectory userDirectory = businessRoles.get(name);
-                       String uri = UserAdminConf.propertiesAsUri(userDirectory.getProperties()).toString();
-                       res.put(uri, "");
-               }
-               return res;
-       }
+//     protected Dictionary<String, Object> currentState() {
+//             Dictionary<String, Object> res = new Hashtable<String, Object>();
+//             // res.put(NodeConstants.CN, NodeConstants.DEFAULT);
+//             for (LdapName name : businessRoles.keySet()) {
+//                     AbstractUserDirectory userDirectory = businessRoles.get(name);
+//                     String uri = UserAdminConf.propertiesAsUri(userDirectory.getProperties()).toString();
+//                     res.put(uri, "");
+//             }
+//             return res;
+//     }
  
         public void destroy() {
                 for (LdapName name : businessRoles.keySet()) {