From: Mathieu Baudier <mbaudier@argeo.org>
Date: Mon, 10 Feb 2020 09:49:14 +0000 (+0100)
Subject: Make group editing more robust.
X-Git-Tag: argeo-commons-2.1.86~32
X-Git-Url: https://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=abc0a7e5f6ba57050bdf682cf5c2cdd0b5a383c5

Make group editing more robust.
---

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifGroup.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifGroup.java
index bd129119b..f4e558348 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifGroup.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifGroup.java
@@ -3,6 +3,7 @@ package org.argeo.osgi.useradmin;
 import java.util.ArrayList;
 import java.util.List;
 
+import javax.naming.InvalidNameException;
 import javax.naming.NamingEnumeration;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
@@ -14,14 +15,22 @@ import org.osgi.service.useradmin.Role;
 class LdifGroup extends LdifUser implements DirectoryGroup {
 	private final String memberAttributeId;
 
-	LdifGroup(AbstractUserDirectory userAdmin, LdapName dn,
-			Attributes attributes) {
+	LdifGroup(AbstractUserDirectory userAdmin, LdapName dn, Attributes attributes) {
 		super(userAdmin, dn, attributes);
 		memberAttributeId = userAdmin.getMemberAttributeId();
 	}
 
 	@Override
 	public boolean addMember(Role role) {
+		try {
+			Role foundRole = findRole(new LdapName(role.getName()));
+			if (foundRole == null)
+				throw new UnsupportedOperationException(
+						"Adding role " + role.getName() + " is unsupported within this context.");
+		} catch (InvalidNameException e) {
+			throw new IllegalArgumentException("Role name" + role.getName() + " is badly formatted");
+		}
+
 		getUserAdmin().checkEdit();
 		if (!isEditing())
 			startEditing();
@@ -62,20 +71,29 @@ class LdifGroup extends LdifUser implements DirectoryGroup {
 	public Role[] getMembers() {
 		List<Role> directMembers = new ArrayList<Role>();
 		for (LdapName ldapName : getMemberNames()) {
-			Role role = getUserAdmin().getRole(ldapName.toString());
+			Role role = findRole(ldapName);
 			if (role == null) {
-				if (getUserAdmin().getExternalRoles() != null)
-					role = getUserAdmin().getExternalRoles().getRole(
-							ldapName.toString());
+				throw new UserDirectoryException("Role " + ldapName + " cannot be added.");
 			}
-			if (role == null)
-				throw new UserDirectoryException("No role found for "
-						+ ldapName);
 			directMembers.add(role);
 		}
 		return directMembers.toArray(new Role[directMembers.size()]);
 	}
 
+	/**
+	 * Whether a role with this name can be found from this context.
+	 * 
+	 * @return The related {@link Role} or <code>null</code>.
+	 */
+	protected Role findRole(LdapName ldapName) {
+		Role role = getUserAdmin().getRole(ldapName.toString());
+		if (role == null) {
+			if (getUserAdmin().getExternalRoles() != null)
+				role = getUserAdmin().getExternalRoles().getRole(ldapName.toString());
+		}
+		return role;
+	}
+
 	@Override
 	public List<LdapName> getMemberNames() {
 		Attribute memberAttribute = getAttributes().get(memberAttributeId);