001package org.nuxeo.ecm.webapp.security; 002 003import static org.nuxeo.ecm.platform.ui.web.api.WebActions.SUBTAB_CATEGORY_SUFFIX; 004 005import java.security.Principal; 006import java.util.ArrayList; 007import java.util.List; 008 009import org.jboss.seam.annotations.In; 010import org.jboss.seam.faces.FacesMessages; 011import org.nuxeo.ecm.platform.contentview.seam.ContentViewActions; 012import org.nuxeo.ecm.platform.ui.web.api.NavigationContext; 013import org.nuxeo.ecm.platform.ui.web.api.WebActions; 014import org.nuxeo.ecm.platform.usermanager.UserManager; 015import org.nuxeo.ecm.webapp.helpers.ResourcesAccessor; 016 017/** 018 * Common properties and methods for Users and Groups management. 019 * 020 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a> 021 * @since 5.4.2 022 */ 023public abstract class AbstractUserGroupManagement { 024 025 public static final String VIEW_HOME = "view_home"; 026 027 public static final String MAIN_TABS_CATEGORY = "MAIN_TABS"; 028 029 public static final String MAIN_TAB_HOME = MAIN_TABS_CATEGORY + ":home"; 030 031 public static final String NUXEO_ADMIN_CATEGORY = "NUXEO_ADMIN"; 032 033 public static final String USER_CENTER_CATEGORY = "USER_CENTER"; 034 035 public static final String USERS_GROUPS_MANAGER = "UsersGroupsManager"; 036 037 public static final String USERS_GROUPS_MANAGER_SUB_TAB = USERS_GROUPS_MANAGER + SUBTAB_CATEGORY_SUFFIX; 038 039 public static final String USERS_GROUPS_HOME = "UsersGroupsHome"; 040 041 public static final String USERS_GROUPS_HOME_SUB_TAB = USERS_GROUPS_HOME + SUBTAB_CATEGORY_SUFFIX; 042 043 public static final String VALID_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-0123456789.@"; 044 045 public static final String DEFAULT_LISTING_MODE = "search_only"; 046 047 public static final String DETAILS_VIEW_MODE = "view"; 048 049 public static final String USERS_GROUPS_MANAGEMENT_ACCESS_FILTER = "usersGroupsManagementAccess"; 050 051 @In(create = true) 052 protected Principal currentUser; 053 054 @In(create = true) 055 protected transient UserManager userManager; 056 057 @In(create = true) 058 protected ContentViewActions contentViewActions; 059 060 @In(create = true) 061 protected WebActions webActions; 062 063 @In(create = true) 064 protected transient NavigationContext navigationContext; 065 066 @In(create = true, required = false) 067 protected FacesMessages facesMessages; 068 069 @In(create = true) 070 protected ResourcesAccessor resourcesAccessor; 071 072 protected String searchString = ""; 073 074 protected String listingMode; 075 076 protected String detailsMode; 077 078 protected boolean showCreateForm; 079 080 protected boolean showUserOrGroup; 081 082 protected boolean shouldResetStateOnTabChange = true; 083 084 public String getSearchString() { 085 return searchString; 086 } 087 088 public void setSearchString(String searchString) { 089 this.searchString = searchString; 090 } 091 092 public String getListingMode() { 093 if (listingMode == null) { 094 listingMode = computeListingMode(); 095 if (listingMode == null || listingMode.trim().isEmpty()) { 096 listingMode = DEFAULT_LISTING_MODE; 097 } 098 } 099 return listingMode; 100 } 101 102 protected abstract String computeListingMode(); 103 104 public void setListingMode(String listingMode) { 105 this.listingMode = listingMode; 106 } 107 108 public String getDetailsMode() { 109 if (detailsMode == null) { 110 detailsMode = DETAILS_VIEW_MODE; 111 } 112 return detailsMode; 113 } 114 115 public void setDetailsMode(String mode) { 116 detailsMode = mode; 117 } 118 119 public boolean isShowCreateForm() { 120 return showCreateForm; 121 } 122 123 public void toggleShowCreateForm() { 124 showCreateForm = !showCreateForm; 125 detailsMode = null; 126 } 127 128 public boolean isShowUserOrGroup() { 129 return showUserOrGroup; 130 } 131 132 public void toggleShowUserOrGroup() { 133 showUserOrGroup = !showUserOrGroup; 134 detailsMode = null; 135 } 136 137 /** 138 * Retrieve recursively the list of all groups that are admins. 139 * 140 * @return 141 * @since 5.9.3 142 */ 143 protected List<String> getAllAdminGroups() { 144 List<String> adminGroups = new ArrayList<>(); 145 for (String adminGroup : userManager.getAdministratorsGroups()) { 146 adminGroups.add(adminGroup); 147 adminGroups.addAll(getAllSubGroups(adminGroup)); 148 } 149 return adminGroups; 150 } 151 152 /** 153 * Recursively lookup all the sub groups of a given group. 154 * 155 * @param groupName 156 * @return 157 * @since 5.9.3 158 */ 159 private List<String> getAllSubGroups(String groupName) { 160 return getAllSubGroups(groupName, new ArrayList<String>()); 161 } 162 163 /** 164 * Recursively accumulate all the sub groups a a given group. 165 * 166 * @param groupName 167 * @param accumulator 168 * @return 169 * @since 5.9.3 170 */ 171 private List<String> getAllSubGroups(String groupName, List<String> accumulator) { 172 List<String> subGroups = userManager.getGroupsInGroup(groupName); 173 if (!subGroups.isEmpty()) { 174 accumulator.addAll(subGroups); 175 for (String name : subGroups) { 176 getAllSubGroups(name, accumulator); 177 } 178 } 179 return accumulator; 180 } 181 182}