001/* 002 * (C) Copyright 2006-2012 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Thomas Roger <troger@nuxeo.com> 016 */ 017 018package org.nuxeo.ecm.multi.tenant; 019 020import static org.nuxeo.ecm.multi.tenant.Constants.POWER_USERS_GROUP; 021import static org.nuxeo.ecm.multi.tenant.Constants.TENANT_ADMINISTRATORS_PROPERTY; 022import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantAdministratorsGroup; 023import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantMembersGroup; 024 025import java.util.ArrayList; 026import java.util.List; 027 028import org.apache.commons.lang.StringUtils; 029import org.nuxeo.ecm.core.api.DocumentModel; 030import org.nuxeo.ecm.core.api.UnrestrictedSessionRunner; 031import org.nuxeo.ecm.core.api.repository.RepositoryManager; 032import org.nuxeo.ecm.platform.computedgroups.AbstractGroupComputer; 033import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl; 034import org.nuxeo.runtime.api.Framework; 035import org.nuxeo.runtime.transaction.TransactionHelper; 036 037/** 038 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a> 039 * @since 5.6 040 */ 041public class MultiTenantGroupComputer extends AbstractGroupComputer { 042 043 @Override 044 public List<String> getGroupsForUser(final NuxeoPrincipalImpl nuxeoPrincipal) { 045 final List<String> groups = new ArrayList<String>(); 046 final String tenantId = (String) nuxeoPrincipal.getModel().getPropertyValue("user:tenantId"); 047 if (!StringUtils.isBlank(tenantId)) { 048 String defaultRepositoryName = Framework.getLocalService(RepositoryManager.class).getDefaultRepositoryName(); 049 050 boolean transactionStarted = false; 051 if (!TransactionHelper.isTransactionActive()) { 052 TransactionHelper.startTransaction(); 053 transactionStarted = true; 054 } 055 try { 056 new UnrestrictedSessionRunner(defaultRepositoryName) { 057 @Override 058 public void run() { 059 060 String query = String.format("SELECT * FROM Document WHERE tenantconfig:tenantId = '%s'", 061 tenantId); 062 List<DocumentModel> docs = session.query(query); 063 if (!docs.isEmpty()) { 064 DocumentModel tenant = docs.get(0); 065 List<String> tenantAdministrators = (List<String>) tenant.getPropertyValue(TENANT_ADMINISTRATORS_PROPERTY); 066 if (tenantAdministrators.contains(nuxeoPrincipal.getName())) { 067 groups.add(computeTenantAdministratorsGroup(tenantId)); 068 groups.add(POWER_USERS_GROUP); 069 } 070 groups.add(computeTenantMembersGroup(tenantId)); 071 } 072 } 073 }.runUnrestricted(); 074 } finally { 075 if (transactionStarted) { 076 TransactionHelper.commitOrRollbackTransaction(); 077 } 078 } 079 } 080 return groups; 081 } 082 083 @Override 084 public List<String> getAllGroupIds() { 085 return null; 086 } 087 088 @Override 089 public List<String> getGroupMembers(String s) { 090 return null; 091 } 092 093 @Override 094 public List<String> getParentsGroupNames(String s) { 095 return null; 096 } 097 098 @Override 099 public List<String> getSubGroupsNames(String s) { 100 return null; 101 } 102 103}