001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Arnaud Kervern 016 */ 017 018package org.nuxeo.ecm.platform.shibboleth.computedgroups; 019 020import java.util.ArrayList; 021import java.util.List; 022 023import org.nuxeo.ecm.core.api.DocumentModel; 024import org.nuxeo.ecm.core.api.DocumentModelList; 025import org.nuxeo.ecm.directory.Session; 026import org.nuxeo.ecm.directory.api.DirectoryService; 027import org.nuxeo.ecm.platform.computedgroups.AbstractGroupComputer; 028import org.nuxeo.ecm.platform.shibboleth.ShibbolethConstants; 029import org.nuxeo.ecm.platform.shibboleth.ShibbolethGroupHelper; 030import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl; 031import org.nuxeo.runtime.api.Framework; 032 033public class ShibbolethGroupComputer extends AbstractGroupComputer { 034 035 protected String getDirectoryName() { 036 return ShibbolethConstants.SHIBBOLETH_DIRECTORY; 037 } 038 039 @Override 040 public List<String> getAllGroupIds() { 041 List<String> groupsId = new ArrayList<String>(); 042 for (DocumentModel group : getAllGroups()) { 043 groupsId.add(group.getId()); 044 } 045 return groupsId; 046 } 047 048 @Override 049 public List<String> getGroupMembers(String arg0) { 050 // Cannot retrieve group member for a specific group, cause it's 051 // assigned at user login. 052 return null; 053 } 054 055 @Override 056 public List<String> getGroupsForUser(NuxeoPrincipalImpl nxPrincipal) { 057 List<String> groupsId = new ArrayList<String>(); 058 for (DocumentModel group : getAllGroups()) { 059 String el = (String) group.getPropertyValue(ShibbolethConstants.SHIBBOLETH_SCHEMA + ":" 060 + ShibbolethConstants.GROUP_EL_PROPERTY); 061 if (ELGroupComputerHelper.isUserInGroup(nxPrincipal.getModel(), el)) { 062 groupsId.add(group.getId()); 063 } 064 } 065 return groupsId; 066 } 067 068 @Override 069 public List<String> getParentsGroupNames(String arg0) { 070 return ShibbolethGroupHelper.getParentsGroups(arg0); 071 } 072 073 @Override 074 public List<String> getSubGroupsNames(String arg0) { 075 return null; 076 } 077 078 /** 079 * Get current Directory Service 080 * 081 * @return 082 */ 083 private DirectoryService getDS() { 084 return Framework.getService(DirectoryService.class); 085 } 086 087 /** 088 * List all Shibbolet Group in a DocumentModelList 089 * 090 * @return 091 */ 092 private DocumentModelList getAllGroups() { 093 try (Session shibGroupDirectory = getDS().open(getDirectoryName())) { 094 return shibGroupDirectory.getEntries(); 095 } 096 } 097}