Source code

001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl-2.1.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *      André Justo
016 */
017
018package org.nuxeo.ecm.user.center;
019
020import org.apache.commons.lang.StringUtils;
021import org.jboss.seam.ScopeType;
022import org.jboss.seam.annotations.In;
023import org.jboss.seam.annotations.Name;
024import org.jboss.seam.annotations.Scope;
025import org.nuxeo.ecm.admin.oauth.DirectoryBasedEditor;
026import org.nuxeo.ecm.core.api.DocumentModel;
027import org.nuxeo.ecm.core.api.DocumentModelList;
028import org.nuxeo.ecm.core.api.NuxeoGroup;
029import org.nuxeo.ecm.core.api.NuxeoPrincipal;
030import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl;
031import org.nuxeo.ecm.directory.DirectoryException;
032import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider;
033import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider;
034import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry;
035import org.nuxeo.ecm.platform.oauth2.tokens.OAuth2TokenStore;
036import org.nuxeo.runtime.api.Framework;
037
038import java.io.Serializable;
039import java.util.HashMap;
040import java.util.Map;
041import java.util.List;
042import java.util.Arrays;
043import java.util.ArrayList;
044
045/**
046 *
047 * @since 7.3
048 */
049@Name("oauthUserTokens")
050@Scope(ScopeType.CONVERSATION)
051public class OAuth2UserTokensActions extends DirectoryBasedEditor implements Serializable {
052
053    private static final long serialVersionUID = 1L;
054
055    private Map<String, Serializable> filter = new HashMap<String, Serializable>();
056
057    @In(create = true)
058    protected NuxeoPrincipal currentUser;
059
060    @Override
061    protected String getDirectoryName() {
062        return OAuth2TokenStore.DIRECTORY_NAME;
063    }
064
065    @Override
066    protected String getSchemaName() {
067        return "oauth2Token";
068    }
069
070    @Override
071    protected Map<String, Serializable> getQueryFilter() {
072        return filter;
073    }
074
075    public DocumentModelList getProviderAccounts(String provider, boolean includeShared) {
076
077        NuxeoOAuth2ServiceProvider serviceProvider = (NuxeoOAuth2ServiceProvider) Framework.getLocalService(
078            OAuth2ServiceProviderRegistry.class).getProvider(provider);
079        OAuth2TokenStore tokenStore = serviceProvider.getCredentialDataStore();
080
081        DocumentModelList filteredEntries = new DocumentModelListImpl();
082
083        if (includeShared) {
084            DocumentModelList tokens = tokenStore.query();
085            List<String> currentUserGroups = currentUser.getAllGroups();
086
087            for (DocumentModel entry : tokens) {
088                String tokenOwner = (String) entry.getProperty(getSchemaName(), "nuxeoLogin");
089                boolean isShared = (boolean) entry.getProperty(getSchemaName(), "isShared");
090                String sharedWith = (String) entry.getProperty(getSchemaName(), "sharedWith");
091
092                if (tokenOwner.equals(currentUser.getName()) || (isShared && sharedWith == null)) {
093                    filteredEntries.add(entry);
094                    continue;
095                }
096
097                if (!isShared || (sharedWith == null)) {
098                    continue;
099                }
100
101                List<String> sharedWithList = Arrays.asList(sharedWith.split(","));
102
103                // Iterate list of allowed groups/users
104                for (String item : sharedWithList) {
105                    if (item.contains(NuxeoGroup.PREFIX)) {
106                        item = item.replace(NuxeoGroup.PREFIX, "");
107                        if (currentUserGroups.contains(item)) {
108                            filteredEntries.add(entry);
109                            break;
110                        }
111                    }
112
113                    if (item.contains(NuxeoPrincipal.PREFIX)) {
114                        item = item.replace(NuxeoPrincipal.PREFIX, "");
115                        if (item.equals(currentUser.getName())) {
116                            filteredEntries.add(entry);
117                            break;
118                        }
119                    }
120                }
121            }
122        } else {
123            filter.put("nuxeoLogin", currentUser.getName());
124            filteredEntries = tokenStore.query(filter);
125        }
126        return filteredEntries;
127    }
128
129    public DocumentModelList getCurrentUserTokens() {
130        filter.clear();
131        filter.put("nuxeoLogin", currentUser.getName());
132        refresh();
133        return getEntries();
134    }
135
136    public List<String> getSharedWith() {
137        List<String> sharedWith = new ArrayList<>();
138        String sharedWithProperty = (String) editableEntry.getProperty(getSchemaName(), "sharedWith");
139        if (sharedWithProperty != null) {
140            sharedWith = Arrays.asList(sharedWithProperty.split(","));
141        }
142        return sharedWith;
143    }
144
145    public void setSharedWith(List<String> sharedWith) {
146        String list = StringUtils.join(sharedWith, ",");
147        editableEntry.setProperty(getSchemaName(), "sharedWith", list);
148    }
149}