001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * André Justo 018 */ 019 020package org.nuxeo.ecm.user.center; 021 022import org.apache.commons.lang.StringUtils; 023import org.jboss.seam.ScopeType; 024import org.jboss.seam.annotations.In; 025import org.jboss.seam.annotations.Name; 026import org.jboss.seam.annotations.Scope; 027import org.nuxeo.ecm.admin.oauth.DirectoryBasedEditor; 028import org.nuxeo.ecm.core.api.DocumentModel; 029import org.nuxeo.ecm.core.api.DocumentModelList; 030import org.nuxeo.ecm.core.api.NuxeoGroup; 031import org.nuxeo.ecm.core.api.NuxeoPrincipal; 032import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl; 033import org.nuxeo.ecm.directory.DirectoryException; 034import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider; 035import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider; 036import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry; 037import org.nuxeo.ecm.platform.oauth2.tokens.OAuth2TokenStore; 038import org.nuxeo.runtime.api.Framework; 039 040import java.io.Serializable; 041import java.util.HashMap; 042import java.util.Map; 043import java.util.List; 044import java.util.Arrays; 045import java.util.ArrayList; 046 047/** 048 * 049 * @since 7.3 050 */ 051@Name("oauthUserTokens") 052@Scope(ScopeType.CONVERSATION) 053public class OAuth2UserTokensActions extends DirectoryBasedEditor implements Serializable { 054 055 private static final long serialVersionUID = 1L; 056 057 private Map<String, Serializable> filter = new HashMap<String, Serializable>(); 058 059 @In(create = true) 060 protected NuxeoPrincipal currentUser; 061 062 @Override 063 protected String getDirectoryName() { 064 return OAuth2TokenStore.DIRECTORY_NAME; 065 } 066 067 @Override 068 protected String getSchemaName() { 069 return "oauth2Token"; 070 } 071 072 @Override 073 protected Map<String, Serializable> getQueryFilter() { 074 return filter; 075 } 076 077 public DocumentModelList getProviderAccounts(String provider, boolean includeShared) { 078 079 NuxeoOAuth2ServiceProvider serviceProvider = (NuxeoOAuth2ServiceProvider) Framework.getService( 080 OAuth2ServiceProviderRegistry.class).getProvider(provider); 081 OAuth2TokenStore tokenStore = serviceProvider.getCredentialDataStore(); 082 083 DocumentModelList filteredEntries = new DocumentModelListImpl(); 084 085 if (includeShared) { 086 DocumentModelList tokens = tokenStore.query(); 087 List<String> currentUserGroups = currentUser.getAllGroups(); 088 089 for (DocumentModel entry : tokens) { 090 String tokenOwner = (String) entry.getProperty(getSchemaName(), "nuxeoLogin"); 091 boolean isShared = (boolean) entry.getProperty(getSchemaName(), "isShared"); 092 String sharedWith = (String) entry.getProperty(getSchemaName(), "sharedWith"); 093 094 if (tokenOwner.equals(currentUser.getName()) || (isShared && sharedWith == null)) { 095 filteredEntries.add(entry); 096 continue; 097 } 098 099 if (!isShared || (sharedWith == null)) { 100 continue; 101 } 102 103 List<String> sharedWithList = Arrays.asList(sharedWith.split(",")); 104 105 // Iterate list of allowed groups/users 106 for (String item : sharedWithList) { 107 if (item.contains(NuxeoGroup.PREFIX)) { 108 item = item.replace(NuxeoGroup.PREFIX, ""); 109 if (currentUserGroups.contains(item)) { 110 filteredEntries.add(entry); 111 break; 112 } 113 } 114 115 if (item.contains(NuxeoPrincipal.PREFIX)) { 116 item = item.replace(NuxeoPrincipal.PREFIX, ""); 117 if (item.equals(currentUser.getName())) { 118 filteredEntries.add(entry); 119 break; 120 } 121 } 122 } 123 } 124 } else { 125 filter.put("nuxeoLogin", currentUser.getName()); 126 filteredEntries = tokenStore.query(filter); 127 } 128 return filteredEntries; 129 } 130 131 public DocumentModelList getCurrentUserTokens() { 132 filter.clear(); 133 filter.put("nuxeoLogin", currentUser.getName()); 134 refresh(); 135 return getEntries(); 136 } 137 138 public List<String> getSharedWith() { 139 List<String> sharedWith = new ArrayList<>(); 140 String sharedWithProperty = (String) editableEntry.getProperty(getSchemaName(), "sharedWith"); 141 if (sharedWithProperty != null) { 142 sharedWith = Arrays.asList(sharedWithProperty.split(",")); 143 } 144 return sharedWith; 145 } 146 147 public void setSharedWith(List<String> sharedWith) { 148 String list = StringUtils.join(sharedWith, ","); 149 editableEntry.setProperty(getSchemaName(), "sharedWith", list); 150 } 151}