Source code

001/*
002 * (C) Copyright 2015-2018 Nuxeo (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *      André Justo
018 */
019
020package org.nuxeo.ecm.user.center;
021
022import java.io.Serializable;
023import java.util.ArrayList;
024import java.util.Arrays;
025import java.util.HashMap;
026import java.util.List;
027import java.util.Map;
028
029import org.apache.commons.lang3.StringUtils;
030import org.jboss.seam.ScopeType;
031import org.jboss.seam.annotations.In;
032import org.jboss.seam.annotations.Name;
033import org.jboss.seam.annotations.Scope;
034import org.nuxeo.ecm.admin.oauth.DirectoryBasedEditor;
035import org.nuxeo.ecm.core.api.DocumentModel;
036import org.nuxeo.ecm.core.api.DocumentModelList;
037import org.nuxeo.ecm.core.api.NuxeoGroup;
038import org.nuxeo.ecm.core.api.NuxeoPrincipal;
039import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl;
040import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider;
041import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry;
042import org.nuxeo.ecm.platform.oauth2.tokens.OAuth2TokenStore;
043import org.nuxeo.runtime.api.Framework;
044
045/**
046 * @since 7.3
047 */
048@Name("oauthUserTokens")
049@Scope(ScopeType.CONVERSATION)
050public class OAuth2UserTokensActions extends DirectoryBasedEditor implements Serializable {
051
052    private static final long serialVersionUID = 1L;
053
054    private Map<String, Serializable> filter = new HashMap<String, Serializable>();
055
056    @In(create = true)
057    protected NuxeoPrincipal currentUser;
058
059    @Override
060    protected String getDirectoryName() {
061        return OAuth2TokenStore.DIRECTORY_NAME;
062    }
063
064    @Override
065    protected String getSchemaName() {
066        return "oauth2Token";
067    }
068
069    @Override
070    protected Map<String, Serializable> getQueryFilter() {
071        return filter;
072    }
073
074    public DocumentModelList getProviderAccounts(String provider, boolean includeShared) {
075
076        NuxeoOAuth2ServiceProvider serviceProvider = (NuxeoOAuth2ServiceProvider) Framework.getService(
077                OAuth2ServiceProviderRegistry.class).getProvider(provider);
078        OAuth2TokenStore tokenStore = serviceProvider.getCredentialDataStore();
079
080        DocumentModelList filteredEntries = new DocumentModelListImpl();
081
082        if (includeShared) {
083            DocumentModelList tokens = tokenStore.query();
084            List<String> currentUserGroups = currentUser.getAllGroups();
085
086            for (DocumentModel entry : tokens) {
087                String tokenOwner = (String) entry.getProperty(getSchemaName(), "nuxeoLogin");
088                boolean isShared = (boolean) entry.getProperty(getSchemaName(), "isShared");
089                String sharedWith = (String) entry.getProperty(getSchemaName(), "sharedWith");
090
091                if (tokenOwner.equals(currentUser.getName()) || (isShared && sharedWith == null)) {
092                    filteredEntries.add(entry);
093                    continue;
094                }
095
096                if (!isShared || (sharedWith == null)) {
097                    continue;
098                }
099
100                List<String> sharedWithList = Arrays.asList(sharedWith.split(","));
101
102                // Iterate list of allowed groups/users
103                for (String item : sharedWithList) {
104                    if (item.contains(NuxeoGroup.PREFIX)) {
105                        item = item.replace(NuxeoGroup.PREFIX, "");
106                        if (currentUserGroups.contains(item)) {
107                            filteredEntries.add(entry);
108                            break;
109                        }
110                    }
111
112                    if (item.contains(NuxeoPrincipal.PREFIX)) {
113                        item = item.replace(NuxeoPrincipal.PREFIX, "");
114                        if (item.equals(currentUser.getName())) {
115                            filteredEntries.add(entry);
116                            break;
117                        }
118                    }
119                }
120            }
121        } else {
122            filter.put("nuxeoLogin", currentUser.getName());
123            filteredEntries = tokenStore.query(filter);
124        }
125        return filteredEntries;
126    }
127
128    public DocumentModelList getCurrentUserTokens() {
129        filter.clear();
130        filter.put("nuxeoLogin", currentUser.getName());
131        refresh();
132        return getEntries();
133    }
134
135    public List<String> getSharedWith() {
136        List<String> sharedWith = new ArrayList<>();
137        String sharedWithProperty = (String) editableEntry.getProperty(getSchemaName(), "sharedWith");
138        if (sharedWithProperty != null) {
139            sharedWith = Arrays.asList(sharedWithProperty.split(","));
140        }
141        return sharedWith;
142    }
143
144    public void setSharedWith(List<String> sharedWith) {
145        String list = StringUtils.join(sharedWith, ",");
146        editableEntry.setProperty(getSchemaName(), "sharedWith", list);
147    }
148}