projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Make aggregation authorization more robust.
[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / AggregatingUserAdmin.java
diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
index 85a44708204312646d30b7db4f235599231957a3..f3e51804a78e12760f0ee3720f5ad76aa3e2a0e3 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AggregatingUserAdmin.java
@@ -110,7 +110,12 @@ public class AggregatingUserAdmin implements UserAdmin {
                Set<String> sysRoles = new HashSet<String>();
                for (String role : rawAuthorization.getRoles()) {
                        Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
-                       sysRoles.addAll(Arrays.asList(auth.getRoles()));
+                       systemRoles:for(String systemRole:auth.getRoles()) {
+                               if(role.equals(systemRole))
+                                       continue systemRoles;
+                               sysRoles.add(systemRole);
+                       }
+//                     sysRoles.addAll(Arrays.asList(auth.getRoles()));
                }
                addAbstractSystemRoles(rawAuthorization, sysRoles);
                Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
Argeo Commons - Lightweight integration framework in pure Java/OSGi