Make user/anonymous semantics more consistent with Authorization

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / AggregatingUserAdmin.java

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index 2b2ca0c513ba6028e76679f505b63637ccdc76d8..d2054416bba2703e1a1a4aeebff261da9d87beee 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -90,11 +90,20 @@ public class AggregatingUserAdmin implements UserAdmin {
                        Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
                        sysRoles.addAll(Arrays.asList(auth.getRoles()));
                }
+               addAbstractSystemRoles(rawAuthorization, sysRoles);
                Authorization authorization = new AggregatingAuthorization(rawAuthorization.getName(),
                                rawAuthorization.toString(), sysRoles, rawAuthorization.getRoles());
                return authorization;
        }
 
+       /**
+        * Enrich with application-specific roles which are strictly programmatic, such
+        * as anonymous/user semantics.
+        */
+       protected void addAbstractSystemRoles(Authorization rawAuthorization, Set<String> sysRoles) {
+
+       }
+
        //
        // USER ADMIN AGGREGATOR
        //
@@ -181,8 +190,8 @@ public class AggregatingUserAdmin implements UserAdmin {
        }
 
        /**
-        * Called before each user directory is destroyed, so that additional
-        * actions can be performed.
+        * Called before each user directory is destroyed, so that additional actions
+        * can be performed.
         */
        protected void preDestroy(AbstractUserDirectory userDirectory) {
        }