001/* 002 * (C) Copyright 2006-2012 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Thomas Roger <troger@nuxeo.com> 018 */ 019 020package org.nuxeo.ecm.multi.tenant; 021 022import static org.nuxeo.ecm.multi.tenant.Constants.POWER_USERS_GROUP; 023import static org.nuxeo.ecm.multi.tenant.Constants.TENANT_ADMINISTRATORS_PROPERTY; 024import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantAdministratorsGroup; 025import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantMembersGroup; 026 027import java.util.ArrayList; 028import java.util.List; 029 030import org.apache.commons.lang.StringUtils; 031import org.nuxeo.ecm.core.api.DocumentModel; 032import org.nuxeo.ecm.core.api.UnrestrictedSessionRunner; 033import org.nuxeo.ecm.core.api.repository.RepositoryManager; 034import org.nuxeo.ecm.platform.computedgroups.AbstractGroupComputer; 035import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl; 036import org.nuxeo.runtime.api.Framework; 037import org.nuxeo.runtime.transaction.TransactionHelper; 038 039/** 040 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a> 041 * @since 5.6 042 */ 043public class MultiTenantGroupComputer extends AbstractGroupComputer { 044 045 @Override 046 public List<String> getGroupsForUser(final NuxeoPrincipalImpl nuxeoPrincipal) { 047 final List<String> groups = new ArrayList<String>(); 048 final String tenantId = (String) nuxeoPrincipal.getModel().getPropertyValue("user:tenantId"); 049 if (!StringUtils.isBlank(tenantId)) { 050 String defaultRepositoryName = Framework.getLocalService(RepositoryManager.class).getDefaultRepositoryName(); 051 052 boolean transactionStarted = false; 053 if (!TransactionHelper.isTransactionActive()) { 054 TransactionHelper.startTransaction(); 055 transactionStarted = true; 056 } 057 try { 058 new UnrestrictedSessionRunner(defaultRepositoryName) { 059 @Override 060 public void run() { 061 062 String query = String.format("SELECT * FROM Document WHERE tenantconfig:tenantId = '%s'", 063 tenantId); 064 List<DocumentModel> docs = session.query(query); 065 if (!docs.isEmpty()) { 066 DocumentModel tenant = docs.get(0); 067 List<String> tenantAdministrators = (List<String>) tenant.getPropertyValue(TENANT_ADMINISTRATORS_PROPERTY); 068 if (tenantAdministrators.contains(nuxeoPrincipal.getName())) { 069 groups.add(computeTenantAdministratorsGroup(tenantId)); 070 groups.add(POWER_USERS_GROUP); 071 } 072 groups.add(computeTenantMembersGroup(tenantId)); 073 } 074 } 075 }.runUnrestricted(); 076 } finally { 077 if (transactionStarted) { 078 TransactionHelper.commitOrRollbackTransaction(); 079 } 080 } 081 } 082 return groups; 083 } 084 085 @Override 086 public List<String> getAllGroupIds() { 087 return null; 088 } 089 090 @Override 091 public List<String> getGroupMembers(String s) { 092 return null; 093 } 094 095 @Override 096 public List<String> getParentsGroupNames(String s) { 097 return null; 098 } 099 100 @Override 101 public List<String> getSubGroupsNames(String s) { 102 return null; 103 } 104 105}