String EVENT_TOPICS = "event.topics";
/*
- * INIT FRAMEWORK PROPERTIES
+ * FILE SYSTEM
*/
-// String NODE_INIT = "argeo.node.init";
-// String I18N_DEFAULT_LOCALE = "argeo.i18n.defaultLocale";
-// String I18N_LOCALES = "argeo.i18n.locales";
- // Node Security
-// String ROLES_URI = "argeo.node.roles.uri";
-// String TOKENS_URI = "argeo.node.tokens.uri";
-// /** URI to an LDIF file or LDAP server used as initialization or backend */
-// String USERADMIN_URIS = "argeo.node.useradmin.uris";
- // Transaction manager
-// String TRANSACTION_MANAGER = "argeo.node.transaction.manager";
-// String TRANSACTION_MANAGER_SIMPLE = "simple";
-// String TRANSACTION_MANAGER_BITRONIX = "bitronix";
- // Node
-// /** Properties configuring the node repository */
-// String NODE_REPO_PROP_PREFIX = "argeo.node.repo.";
-// /** Additional standalone repositories, related to data models. */
-// String NODE_REPOS_PROP_PREFIX = "argeo.node.repos.";
- // HTTP
-// String HTTP_PORT = "org.osgi.service.http.port";
-// String HTTP_PORT_SECURE = "org.osgi.service.http.port.secure";
-// /**
-// * The HTTP header used to convey the DN of a client verified by a reverse
-// * proxy. Typically SSL_CLIENT_S_DN for Apache.
-// */
-// String HTTP_PROXY_SSL_DN = "argeo.http.proxy.ssl.dn";
+ String CMS_FS_SCHEME = "cms";
/*
* PIDs
if (entry == null)
throw new IllegalArgumentException("No entry provider found for " + path);
String mountPath = entry.getKey();
+ if (!path.startsWith(mountPath))
+ throw new IllegalArgumentException("Path " + path + " doesn't have a content provider");
ContentProvider contentProvider = entry.getValue();
assert mountPath.equals(contentProvider.getMountPath());
return contentProvider;
import org.argeo.api.acr.Content;
import org.argeo.api.acr.ContentNotFoundException;
+import org.argeo.api.acr.CrName;
import org.argeo.api.acr.NamespaceUtils;
import org.argeo.api.acr.spi.ContentProvider;
import org.argeo.api.acr.spi.ProvidedContent;
throw new IllegalArgumentException("Relative path cannot start with /");
String xPathExpression = '/' + relativePath;
if ("/".equals(mountPath))
- xPathExpression = "/cr:root" + xPathExpression;
+ xPathExpression = "/" + CrName.root.qName() + xPathExpression;
try {
NodeList nodes = (NodeList) xPath.get().evaluate(xPathExpression, document, XPathConstants.NODESET);
return nodes;
import java.lang.management.ManagementFactory;
import java.util.ArrayList;
import java.util.HashMap;
-import java.util.IdentityHashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
package org.argeo.cms.internal.runtime;
-import java.io.File;
-import java.io.FileFilter;
import java.io.IOException;
import java.io.Reader;
import java.net.URL;
import javax.security.auth.login.Configuration;
-import org.apache.commons.io.FileUtils;
import org.argeo.api.cms.CmsConstants;
import org.argeo.api.cms.CmsLog;
import org.argeo.api.cms.CmsState;
import org.argeo.api.uuid.UuidFactory;
import org.argeo.cms.CmsDeployProperty;
import org.argeo.cms.auth.ident.IdentClient;
+import org.argeo.util.FsUtils;
/**
* Implementation of a {@link CmsState}, initialising the required services.
deployPropertyDefaults.put(CmsDeployProperty.SSL_KEYSTORETYPE, PkiUtils.PKCS12);
deployPropertyDefaults.put(CmsDeployProperty.SSL_PASSWORD, PkiUtils.DEFAULT_KEYSTORE_PASSWORD);
Path keyStorePath = getDataPath(PkiUtils.DEFAULT_KEYSTORE_PATH);
- deployPropertyDefaults.put(CmsDeployProperty.SSL_KEYSTORE, keyStorePath.toAbsolutePath().toString());
+ if (keyStorePath != null) {
+ deployPropertyDefaults.put(CmsDeployProperty.SSL_KEYSTORE, keyStorePath.toAbsolutePath().toString());
+ }
Path trustStorePath = getDataPath(PkiUtils.DEFAULT_TRUSTSTORE_PATH);
+ if (trustStorePath != null) {
+ deployPropertyDefaults.put(CmsDeployProperty.SSL_TRUSTSTORE, trustStorePath.toAbsolutePath().toString());
+ }
deployPropertyDefaults.put(CmsDeployProperty.SSL_TRUSTSTORETYPE, PkiUtils.PKCS12);
deployPropertyDefaults.put(CmsDeployProperty.SSL_TRUSTSTOREPASSWORD, PkiUtils.DEFAULT_KEYSTORE_PASSWORD);
- deployPropertyDefaults.put(CmsDeployProperty.SSL_TRUSTSTORE, trustStorePath.toAbsolutePath().toString());
this.deployPropertyDefaults = Collections.unmodifiableMap(deployPropertyDefaults);
}
log.debug("## CMS starting... (" + uuid + ")\n" + sb + "\n");
}
-// initI18n();
-// initServices();
- if (!Files.exists(getDataPath(CmsConstants.NODE))) {// first init
+ Path nodeBase = getDataPath(CmsConstants.NODE);
+ if (nodeBase != null && !Files.exists(nodeBase)) {// first init
firstInit();
}
public static void prepareFirstInitInstanceArea(List<String> nodeInits) {
for (String nodeInit : nodeInits) {
- if(nodeInit==null)
+ if (nodeInit == null)
continue;
if (nodeInit.startsWith("http")) {
} else {
// TODO use java.nio.file
- File initDir;
+ Path initDir;
if (nodeInit.startsWith("."))
initDir = KernelUtils.getExecutionDir(nodeInit);
else
- initDir = new File(nodeInit);
+ initDir = Paths.get(nodeInit);
// TODO also uncompress archives
- if (initDir.exists())
- try {
- // TODO use NIO utilities
- FileUtils.copyDirectory(initDir, KernelUtils.getOsgiInstancePath("").toFile(),
- new FileFilter() {
-
- @Override
- public boolean accept(File pathname) {
- if (pathname.getName().equals(".svn") || pathname.getName().equals(".git"))
- return false;
- return true;
- }
- });
- log.info("CMS initialized from " + initDir.getCanonicalPath());
- } catch (IOException e) {
- throw new RuntimeException("Cannot initialize from " + initDir, e);
- }
+ if (Files.exists(initDir)) {
+ Path dataPath = KernelUtils.getOsgiInstancePath("");
+ FsUtils.copyDirectory(initDir, dataPath);
+ log.info("CMS initialized from " + initDir);
+ }
}
}
}
package org.argeo.cms.internal.runtime;
-import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URI;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
+import java.nio.file.Paths;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Dictionary;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import org.apache.commons.io.FileUtils;
import org.argeo.api.cms.CmsAuth;
import org.argeo.api.cms.CmsConstants;
import org.argeo.api.cms.CmsLog;
protected List<Dictionary<String, Object>> getUserDirectoryConfigs() {
List<Dictionary<String, Object>> res = new ArrayList<>();
- File nodeBaseDir = cmsState.getDataPath(KernelConstants.DIR_NODE).toFile();
+ Path nodeBase = cmsState.getDataPath(KernelConstants.DIR_NODE);
List<String> uris = new ArrayList<>();
// node roles
String nodeRolesUri = null;// getFrameworkProp(CmsConstants.ROLES_URI);
String baseNodeRoleDn = CmsConstants.ROLES_BASEDN;
- if (nodeRolesUri == null) {
+ if (nodeRolesUri == null && nodeBase != null) {
nodeRolesUri = baseNodeRoleDn + ".ldif";
- File nodeRolesFile = new File(nodeBaseDir, nodeRolesUri);
- if (!nodeRolesFile.exists())
+ Path nodeRolesFile = nodeBase.resolve(nodeRolesUri);
+ if (!Files.exists(nodeRolesFile))
try {
- FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(baseNodeRoleDn + ".ldif"),
- nodeRolesFile);
+ Files.copy(CmsUserAdmin.class.getResourceAsStream(baseNodeRoleDn + ".ldif"), nodeRolesFile);
} catch (IOException e) {
throw new RuntimeException("Cannot copy demo resource", e);
}
// nodeRolesUri = nodeRolesFile.toURI().toString();
}
- uris.add(nodeRolesUri);
+ if (nodeRolesUri != null)
+ uris.add(nodeRolesUri);
// node tokens
String nodeTokensUri = null;// getFrameworkProp(CmsConstants.TOKENS_URI);
String baseNodeTokensDn = CmsConstants.TOKENS_BASEDN;
- if (nodeTokensUri == null) {
+ if (nodeTokensUri == null && nodeBase != null) {
nodeTokensUri = baseNodeTokensDn + ".ldif";
- File nodeTokensFile = new File(nodeBaseDir, nodeTokensUri);
- if (!nodeTokensFile.exists())
+ Path nodeTokensFile = nodeBase.resolve(nodeTokensUri);
+ if (!Files.exists(nodeTokensFile))
try {
- FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(baseNodeTokensDn + ".ldif"),
- nodeTokensFile);
+ Files.copy(CmsUserAdmin.class.getResourceAsStream(baseNodeTokensDn + ".ldif"), nodeTokensFile);
} catch (IOException e) {
throw new RuntimeException("Cannot copy demo resource", e);
}
// nodeRolesUri = nodeRolesFile.toURI().toString();
}
- uris.add(nodeTokensUri);
+ if (nodeTokensUri != null)
+ uris.add(nodeTokensUri);
// Business roles
// String userAdminUris = getFrameworkProp(CmsConstants.USERADMIN_URIS);
uris.add(userAdminUri);
}
- if (uris.size() == 0) {
+ if (uris.size() == 0 && nodeBase != null) {
// TODO put this somewhere else
String demoBaseDn = "dc=example,dc=com";
String userAdminUri = demoBaseDn + ".ldif";
- File businessRolesFile = new File(nodeBaseDir, userAdminUri);
- File systemRolesFile = new File(nodeBaseDir, "ou=roles,ou=node.ldif");
- if (!businessRolesFile.exists())
+ Path businessRolesFile = nodeBase.resolve(userAdminUri);
+ Path systemRolesFile = nodeBase.resolve("ou=roles,ou=node.ldif");
+ if (!Files.exists(businessRolesFile))
try {
- FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(demoBaseDn + ".ldif"),
- businessRolesFile);
- if (!systemRolesFile.exists())
- FileUtils.copyInputStreamToFile(
- CmsUserAdmin.class.getResourceAsStream("example-ou=roles,ou=node.ldif"),
+ Files.copy(CmsUserAdmin.class.getResourceAsStream(demoBaseDn + ".ldif"), businessRolesFile);
+ if (!Files.exists(systemRolesFile))
+ Files.copy(CmsUserAdmin.class.getResourceAsStream("example-ou=roles,ou=node.ldif"),
systemRolesFile);
} catch (IOException e) {
throw new RuntimeException("Cannot copy demo resources", e);
"URI " + uri + " must have a path in order to determine base DN");
if (u.getScheme() == null) {
if (uri.startsWith("/") || uri.startsWith("./") || uri.startsWith("../"))
- u = new File(uri).getCanonicalFile().toURI();
+ u = Paths.get(uri).toRealPath().toUri();
else if (!uri.contains("/")) {
// u = KernelUtils.getOsgiInstanceUri(KernelConstants.DIR_NODE + '/' + uri);
u = new URI(uri);
} else
throw new IllegalArgumentException("Cannot interpret " + uri + " as an uri");
} else if (u.getScheme().equals(DirectoryConf.SCHEME_FILE)) {
- u = new File(u).getCanonicalFile().toURI();
+ u = Paths.get(u).toRealPath().toUri();
}
} catch (Exception e) {
throw new RuntimeException("Cannot interpret " + uri + " as an uri", e);
// run dir
Path runDirPath = KernelUtils.getOsgiInstancePath(CmsContentRepository.RUN_BASE);
- Files.createDirectories(runDirPath);
- FsContentProvider runContentProvider = new FsContentProvider(CmsContentRepository.RUN_BASE, runDirPath);
- addProvider(runContentProvider);
+ if (runDirPath != null) {
+ Files.createDirectories(runDirPath);
+ FsContentProvider runContentProvider = new FsContentProvider(CmsContentRepository.RUN_BASE, runDirPath);
+ addProvider(runContentProvider);
+ }
// users
DirectoryContentProvider directoryContentProvider = new DirectoryContentProvider(
package org.argeo.cms.internal.runtime;
-import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.URI;
return asDictionary(props);
}
- static File getExecutionDir(String relativePath) {
- File executionDir = new File(getFrameworkProp("user.dir"));
+ static Path getExecutionDir(String relativePath) {
+ Path executionDir = Paths.get(getFrameworkProp("user.dir"));
if (relativePath == null)
return executionDir;
try {
- return new File(executionDir, relativePath).getCanonicalFile();
+ return executionDir.resolve(relativePath).toRealPath();
} catch (IOException e) {
throw new IllegalArgumentException("Cannot get canonical file", e);
}
// }
public static Path getOsgiInstancePath(String relativePath) {
- return Paths.get(getOsgiInstanceUri(relativePath));
+ URI uri = getOsgiInstanceUri(relativePath);
+ if (uri == null) // no data area available
+ return null;
+ return Paths.get(uri);
}
public static URI getOsgiInstanceUri(String relativePath) {
String osgiInstanceBaseUri = getFrameworkProp(OSGI_INSTANCE_AREA);
+ if (osgiInstanceBaseUri == null) // no data area available
+ return null;
+
if (!osgiInstanceBaseUri.endsWith("/"))
osgiInstanceBaseUri = osgiInstanceBaseUri + "/";
- if (osgiInstanceBaseUri != null)
- return safeUri(osgiInstanceBaseUri + (relativePath != null ? relativePath : ""));
- else
- return Paths.get(System.getProperty("user.dir"), (relativePath != null ? relativePath : "")).toUri();
+// if (osgiInstanceBaseUri != null)
+ return safeUri(osgiInstanceBaseUri + (relativePath != null ? relativePath : ""));
+// else
+// return Paths.get(System.getProperty("user.dir"), (relativePath != null ? relativePath : "")).toUri();
}
- static File getOsgiConfigurationFile(String relativePath) {
- try {
- return new File(
- new URI(CmsActivator.getBundleContext().getProperty(OSGI_CONFIGURATION_AREA) + relativePath))
- .getCanonicalFile();
- } catch (Exception e) {
- throw new IllegalArgumentException("Cannot get configuration file for " + relativePath, e);
- }
- }
+// static File getOsgiConfigurationFile(String relativePath) {
+// try {
+// return new File(
+// new URI(CmsActivator.getBundleContext().getProperty(OSGI_CONFIGURATION_AREA) + relativePath))
+// .getCanonicalFile();
+// } catch (Exception e) {
+// throw new IllegalArgumentException("Cannot get configuration file for " + relativePath, e);
+// }
+// }
static String getFrameworkProp(String key, String def) {
String value;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URL;
-import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.TreeSet;
import java.util.stream.Collectors;
-import org.apache.commons.io.IOUtils;
import org.argeo.api.cms.ux.CmsTheme;
+import org.argeo.util.StreamUtils;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
void loadBodyHtml(URL url) {
try (BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream(), UTF_8))) {
- bodyHtml = IOUtils.toString(url, StandardCharsets.UTF_8);
+ bodyHtml = StreamUtils.toString(in);
} catch (IOException e) {
throw new IllegalArgumentException("Cannot load URL " + url, e);
}
* deployment. Useful for testing or AOT compilation.
*/
public class StaticCms {
- private static SimpleRegister register = new SimpleRegister();
+ private SimpleRegister register = new SimpleRegister();
private CompletableFuture<Void> stopped = new CompletableFuture<Void>();
.addDependency(uuidFactoryC.getType(UuidFactory.class), cmsState::setUuidFactory, null) //
.build(register);
- // Deployment Configuration
-// DeployConfig deployConfig = new DeployConfig();
-// Component<DeployConfig> deployConfigC = new Component.Builder<>(deployConfig) //
-// .addType(DeployConfig.class) //
-// .addActivation(deployConfig::start) //
-// .addDeactivation(deployConfig::stop) //
-// .build(register);
-
// Transaction manager
SimpleTransactionManager transactionManager = new SimpleTransactionManager();
Component<SimpleTransactionManager> transactionManagerC = new Component.Builder<>(transactionManager) //
.addDependency(cmsStateC.getType(CmsState.class), userAdmin::setCmsState, null) //
.addDependency(transactionManagerC.getType(WorkControl.class), userAdmin::setTransactionManager, null) //
.addDependency(transactionManagerC.getType(WorkTransaction.class), userAdmin::setUserTransaction, null) //
-// .addDependency(deployConfigC.getType(DeployConfig.class), (d) -> {
-// for (Dictionary<String, Object> userDirectoryConfig : d.getUserDirectoryConfigs())
-// userAdmin.enableUserDirectory(userDirectoryConfig);
-// }, null) //
.build(register);
// User manager
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import org.apache.commons.io.IOUtils;
import org.argeo.api.cms.CmsAuth;
import org.argeo.util.CurrentSubject;
+import org.argeo.util.StreamUtils;
/** username / password based keyring. TODO internationalize */
public abstract class AbstractKeyring implements Keyring, CryptoKeyring {
try (InputStream in = getAsStream(path);
CharArrayWriter writer = new CharArrayWriter();
Reader reader = new InputStreamReader(in, charset);) {
- IOUtils.copy(reader, writer);
+ StreamUtils.copy(reader, writer);
return writer.toCharArray();
} catch (IOException e) {
throw new IllegalStateException("Cannot decrypt to char array", e);
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
+import org.argeo.util.directory.DirectoryConf;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.service.useradmin.Authorization;
import org.osgi.service.useradmin.Group;
// }
public void start() {
-
+ if (systemRoles == null) {
+ // TODO do we really need separate system roles?
+ Hashtable<String, Object> properties = new Hashtable<>();
+ properties.put(DirectoryConf.baseDn.name(), "ou=roles,ou=system");
+ systemRoles = new DirectoryUserAdmin(properties);
+ }
}
public void stop() {
/** Utilities around the standard Java file abstractions. */
public class FsUtils {
+
+ /**
+ * Deletes this path, recursively if needed. Does nothing if the path does not
+ * exist.
+ */
+ public static void copyDirectory(Path source, Path target) {
+ if (!Files.exists(source) || !Files.isDirectory(source))
+ throw new IllegalArgumentException(source + " is not a directory");
+ if (Files.exists(target) && !Files.isDirectory(target))
+ throw new IllegalArgumentException(target + " is not a directory");
+ try {
+ Files.createDirectories(target);
+ Files.walkFileTree(source, new SimpleFileVisitor<Path>() {
+ @Override
+ public FileVisitResult postVisitDirectory(Path directory, IOException e) throws IOException {
+ if (e != null)
+ throw e;
+ Path relativePath = source.relativize(directory);
+ Path targetDirectory = target.resolve(relativePath);
+ Files.createDirectory(targetDirectory);
+ return FileVisitResult.CONTINUE;
+ }
+
+ @Override
+ public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
+ Path relativePath = source.relativize(file);
+ Path targetFile = target.resolve(relativePath);
+ Files.copy(file, targetFile);
+ return FileVisitResult.CONTINUE;
+ }
+ });
+ } catch (IOException e) {
+ throw new RuntimeException("Cannot copy " + source + " to " + target, e);
+ }
+
+ }
+
/**
* Deletes this path, recursively if needed. Does nothing if the path does not
* exist.
package org.argeo.util;
+import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Reader;
import java.io.Writer;
+import java.util.StringJoiner;
-/** Utilities to be used when Apache Commons IO is not available. */
-class StreamUtils {
+/** Stream utilities to be used when Apache Commons IO is not available. */
+public class StreamUtils {
private static final int DEFAULT_BUFFER_SIZE = 1024 * 4;
/*
*/
/** @return the number of bytes */
- public static Long copy(InputStream in, OutputStream out)
- throws IOException {
+ public static Long copy(InputStream in, OutputStream out) throws IOException {
Long count = 0l;
byte[] buf = new byte[DEFAULT_BUFFER_SIZE];
while (true) {
//
}
}
+
+ public static String toString(BufferedReader reader) throws IOException {
+ StringJoiner sn = new StringJoiner("\n");
+ String line = null;
+ while ((line = reader.readLine()) != null)
+ sn.add(line);
+ return sn.toString();
+ }
}
/** Properties used to configure user admins. */
public enum DirectoryConf {
/** Base DN (cannot be configured externally) */
- baseDn("dc=example,dc=com"),
+ baseDn(null),
/** URI of the underlying resource (cannot be configured externally) */
- uri("ldap://localhost:10389"),
+ uri(null),
/** User objectClass */
userObjectClass("inetOrgPerson"),
String key = keys.nextElement();
configProperties.put(key, props.get(key));
}
- baseDn = toLdapName(DirectoryConf.baseDn.getValue(configProperties));
+
+ String baseDnStr = DirectoryConf.baseDn.getValue(configProperties);
+ if (baseDnStr == null)
+ throw new IllegalArgumentException("Base DN must be specified: " + configProperties);
+ baseDn = toLdapName(baseDnStr);
this.scoped = scoped;
if (uriArg != null) {
// TODO manage generic redundant LDAP case
directoryDao = new LdapDao(this);
} else {
- URI u = URI.create(uri);
- if (DirectoryConf.SCHEME_LDAP.equals(u.getScheme()) || DirectoryConf.SCHEME_LDAPS.equals(u.getScheme())) {
- directoryDao = new LdapDao(this);
- } else if (DirectoryConf.SCHEME_FILE.equals(u.getScheme())) {
- directoryDao = new LdifDao(this);
- } else if (DirectoryConf.SCHEME_OS.equals(u.getScheme())) {
- directoryDao = new OsUserDirectory(this);
- // singleUser = true;
+ if (uri != null) {
+ URI u = URI.create(uri);
+ if (DirectoryConf.SCHEME_LDAP.equals(u.getScheme())
+ || DirectoryConf.SCHEME_LDAPS.equals(u.getScheme())) {
+ directoryDao = new LdapDao(this);
+ } else if (DirectoryConf.SCHEME_FILE.equals(u.getScheme())) {
+ directoryDao = new LdifDao(this);
+ } else if (DirectoryConf.SCHEME_OS.equals(u.getScheme())) {
+ directoryDao = new OsUserDirectory(this);
+ // singleUser = true;
+ } else {
+ throw new IllegalArgumentException("Unsupported scheme " + u.getScheme());
+ }
} else {
- throw new IllegalArgumentException("Unsupported scheme " + u.getScheme());
+ // in memory
+ directoryDao = new LdifDao(this);
}
}
- xaResource = new WorkingCopyXaResource<>(directoryDao);
+ if (directoryDao != null)
+ xaResource = new WorkingCopyXaResource<>(directoryDao);
}
/*
LdapEntry group = doGetRole(groupDn);
if (group != null) {
allRoles.add(group);
- }else {
+ } else {
// user doesn't have the right to retrieve role, but we know it exists
// otherwise memberOf would not work
Attributes a = new BasicAttributes();
- a.put(LdapNameUtils.getLastRdn(groupDn).getType(), LdapNameUtils.getLastRdn(groupDn).getValue());
+ a.put(LdapNameUtils.getLastRdn(groupDn).getType(),
+ LdapNameUtils.getLastRdn(groupDn).getValue());
a.put(LdapAttrs.objectClass.name(), LdapObjs.groupOfNames.name());
group = newGroup(groupDn, a);
allRoles.add(group);
protected boolean isExternal(LdapName name) {
return !name.startsWith(baseDn);
}
-
+
protected static boolean hasObjectClass(Attributes attrs, LdapObjs objectClass) {
return hasObjectClass(attrs, objectClass.name());
}
/** A user admin based on a LDIF files. */
public class LdifDao extends AbstractLdapDirectoryDao {
-// private NavigableMap<LdapName, LdapEntry> users = new TreeMap<>();
-// private NavigableMap<LdapName, LdapEntry> groups = new TreeMap<>();
private NavigableMap<LdapName, LdapEntry> entries = new TreeMap<>();
private NavigableMap<LdapName, LdapHierarchyUnit> hierarchy = new TreeMap<>();
-// private List<HierarchyUnit> rootHierarchyUnits = new ArrayList<>();
-
-// public LdifUserAdmin(String uri, String baseDn) {
-// this(fromUri(uri, baseDn), false);
-// }
public LdifDao(AbstractLdapDirectory directory) {
super(directory);
}
-// protected LdifUserAdmin(Hashtable<String, ?> properties, boolean scoped) {
-// super( properties, scoped);
-// }
-
-// public LdifUserAdmin(URI uri, Dictionary<String, ?> properties) {
-// super(uri, properties, false);
-// }
-
-// @Override
-// protected AbstractUserDirectory scope(User user) {
-// Dictionary<String, Object> credentials = user.getCredentials();
-// String username = (String) credentials.get(SHARED_STATE_USERNAME);
-// if (username == null)
-// username = user.getName();
-// Object pwdCred = credentials.get(SHARED_STATE_PASSWORD);
-// byte[] pwd = (byte[]) pwdCred;
-// if (pwd != null) {
-// char[] password = DirectoryDigestUtils.bytesToChars(pwd);
-// User directoryUser = (User) getRole(username);
-// if (!directoryUser.hasCredential(null, password))
-// throw new IllegalStateException("Invalid credentials");
-// } else {
-// throw new IllegalStateException("Password is required");
-// }
-// Dictionary<String, Object> properties = cloneProperties();
-// properties.put(DirectoryConf.readOnly.name(), "true");
-// LdifUserAdmin scopedUserAdmin = new LdifUserAdmin(properties, true);
-//// scopedUserAdmin.groups = Collections.unmodifiableNavigableMap(groups);
-//// scopedUserAdmin.users = Collections.unmodifiableNavigableMap(users);
-// scopedUserAdmin.entries = Collections.unmodifiableNavigableMap(entries);
-// return scopedUserAdmin;
-// }
-
-// private static Dictionary<String, Object> fromUri(String uri, String baseDn) {
-// Hashtable<String, Object> res = new Hashtable<String, Object>();
-// res.put(DirectoryConf.uri.name(), uri);
-// res.put(DirectoryConf.baseDn.name(), baseDn);
-// return res;
-// }
-
public void init() {
-
+ String uri = getDirectory().getUri();
+ if (uri == null)
+ return;
try {
- URI u = new URI(getDirectory().getUri());
+ URI u = new URI(uri);
if (u.getScheme().equals("file")) {
File file = new File(u);
if (!file.exists())
public void save() {
if (getDirectory().getUri() == null)
- throw new IllegalStateException("Cannot save LDIF user admin: no URI is set");
+ return; // ignore
if (getDirectory().isReadOnly())
throw new IllegalStateException(
"Cannot save LDIF user admin: " + getDirectory().getUri() + " is read-only");
LdifWriter ldifWriter = new LdifWriter(out);
for (LdapName name : hierarchy.keySet())
ldifWriter.writeEntry(name, hierarchy.get(name).getAttributes());
-// for (LdapName name : groups.keySet())
-// ldifWriter.writeEntry(name, groups.get(name).getAttributes());
-// for (LdapName name : users.keySet())
-// ldifWriter.writeEntry(name, users.get(name).getAttributes());
for (LdapName name : entries.keySet())
ldifWriter.writeEntry(name, entries.get(name).getAttributes());
} finally {
public void load(InputStream in) {
try {
-// users.clear();
-// groups.clear();
entries.clear();
hierarchy.clear();
} else if (objectClass.toLowerCase().equals(getDirectory().getGroupObjectClass().toLowerCase())) {
entries.put(key, newGroup(key, attributes));
break objectClasses;
-// } else if (objectClass.equalsIgnoreCase(LdapObjs.organization.name())) {
-// // we only consider organizations which are not groups
-// hierarchy.put(key, new LdifHierarchyUnit(this, key, HierarchyUnit.ORGANIZATION, attributes));
-// break objectClasses;
} else if (objectClass.equalsIgnoreCase(LdapObjs.organizationalUnit.name())) {
-// String name = key.getRdn(key.size() - 1).toStrindirectoryDaog();
-// if (getUserBase().equalsIgnoreCase(name) || getGroupBase().equalsIgnoreCase(name))
-// break objectClasses; // skip
// TODO skip if it does not contain groups or users
hierarchy.put(key, new LdapHierarchyUnit(getDirectory(), key, attributes));
break objectClasses;
}
}
- // link hierarchy
-// hierachyUnits: for (LdapName dn : hierarchy.keySet()) {
-// LdifHierarchyUnit unit = hierarchy.get(dn);
-// LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1);
-// LdifHierarchyUnit parent = hierarchy.get(parentDn);
-// if (parent == null) {
-// rootHierarchyUnits.add(unit);
-// unit.parent = null;
-// continue hierachyUnits;
-// }
-// parent.children.add(unit);
-// unit.parent = parent;
-// }
} catch (NamingException | IOException e) {
throw new IllegalStateException("Cannot load user admin service from LDIF", e);
}
@Override
public LdapEntry doGetEntry(LdapName key) throws NameNotFoundException {
-// if (groups.containsKey(key))
-// return groups.get(key);
-// if (users.containsKey(key))
-// return users.get(key);
if (entries.containsKey(key))
return entries.get(key);
throw new NameNotFoundException(key + " not persisted");
Objects.requireNonNull(searchBase);
ArrayList<LdapEntry> res = new ArrayList<>();
if (f == null && deep && getDirectory().getBaseDn().equals(searchBase)) {
-// res.addAll(users.values());
-// res.addAll(groups.values());
res.addAll(entries.values());
} else {
-// filterRoles(users, searchBase, f, deep, res);
-// filterRoles(groups, searchBase, f, deep, res);
filterRoles(entries, searchBase, f, deep, res);
}
return res;
for (LdapName dn : wc.getDeletedData().keySet()) {
if (entries.containsKey(dn))
entries.remove(dn);
-// if (users.containsKey(dn))
-// users.remove(dn);
-// else if (groups.containsKey(dn))
-// groups.remove(dn);
else
throw new IllegalStateException("User to delete not found " + dn);
}
// add
for (LdapName dn : wc.getNewData().keySet()) {
LdapEntry user = (LdapEntry) wc.getNewData().get(dn);
-// if (users.containsKey(dn) || groups.containsKey(dn))
if (entries.containsKey(dn))
throw new IllegalStateException("User to create found " + dn);
entries.put(dn, user);
-// else if (Role.USER == user.getType())
-// users.put(dn, user);
-// else if (Role.GROUP == user.getType())
-// groups.put(dn, (DirectoryGroup) user);
-// else
-// throw new IllegalStateException("Unsupported role type " + user.getType() + " for new user " + dn);
}
// modify
for (LdapName dn : wc.getModifiedData().keySet()) {
/*
* HIERARCHY
*/
-
-// @Override
-// public int getHierarchyChildCount() {
-// return rootHierarchyUnits.size();
-// }
-//
-// @Override
-// public HierarchyUnit getHierarchyChild(int i) {
-// return rootHierarchyUnits.get(i);
-// }
@Override
public HierarchyUnit doGetHierarchyUnit(LdapName dn) {
if (getDirectory().getBaseDn().equals(dn))
public void scope(LdifDao scoped) {
scoped.entries = Collections.unmodifiableNavigableMap(entries);
}
-
-// @Override
-// public Iterable<HierarchyUnit> getDirectHierarchyUnits(boolean functionalOnly) {
-// if (functionalOnly) {
-// List<HierarchyUnit> res = new ArrayList<>();
-// for (HierarchyUnit hu : rootHierarchyUnits) {
-// if (hu.isFunctional())
-// res.add(hu);
-// }
-// return res;
-//
-// } else {
-// return rootHierarchyUnits;
-// }
-// }
-
}