001/* 002 * (C) Copyright 2011 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Thomas Roger 018 */ 019package org.nuxeo.ecm.webapp.security; 020 021import static org.nuxeo.ecm.platform.ui.web.api.WebActions.SUBTAB_CATEGORY_SUFFIX; 022 023import java.security.Principal; 024import java.util.ArrayList; 025import java.util.List; 026 027import org.jboss.seam.annotations.In; 028import org.jboss.seam.faces.FacesMessages; 029import org.nuxeo.ecm.platform.contentview.seam.ContentViewActions; 030import org.nuxeo.ecm.platform.ui.web.api.NavigationContext; 031import org.nuxeo.ecm.platform.ui.web.api.WebActions; 032import org.nuxeo.ecm.platform.usermanager.UserManager; 033import org.nuxeo.ecm.webapp.helpers.ResourcesAccessor; 034 035/** 036 * Common properties and methods for Users and Groups management. 037 * 038 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a> 039 * @since 5.4.2 040 */ 041public abstract class AbstractUserGroupManagement { 042 043 public static final String VIEW_HOME = "view_home"; 044 045 public static final String MAIN_TABS_CATEGORY = "MAIN_TABS"; 046 047 public static final String MAIN_TAB_HOME = MAIN_TABS_CATEGORY + ":home"; 048 049 public static final String NUXEO_ADMIN_CATEGORY = "NUXEO_ADMIN"; 050 051 public static final String USER_CENTER_CATEGORY = "USER_CENTER"; 052 053 public static final String USERS_GROUPS_MANAGER = "UsersGroupsManager"; 054 055 public static final String USERS_GROUPS_MANAGER_SUB_TAB = USERS_GROUPS_MANAGER + SUBTAB_CATEGORY_SUFFIX; 056 057 public static final String USERS_GROUPS_HOME = "UsersGroupsHome"; 058 059 public static final String USERS_GROUPS_HOME_SUB_TAB = USERS_GROUPS_HOME + SUBTAB_CATEGORY_SUFFIX; 060 061 public static final String VALID_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-0123456789.@"; 062 063 public static final String DEFAULT_LISTING_MODE = "search_only"; 064 065 public static final String DETAILS_VIEW_MODE = "view"; 066 067 public static final String USERS_GROUPS_MANAGEMENT_ACCESS_FILTER = "usersGroupsManagementAccess"; 068 069 @In(create = true) 070 protected Principal currentUser; 071 072 @In(create = true) 073 protected transient UserManager userManager; 074 075 @In(create = true) 076 protected ContentViewActions contentViewActions; 077 078 @In(create = true) 079 protected WebActions webActions; 080 081 @In(create = true) 082 protected transient NavigationContext navigationContext; 083 084 @In(create = true, required = false) 085 protected FacesMessages facesMessages; 086 087 @In(create = true) 088 protected ResourcesAccessor resourcesAccessor; 089 090 protected String searchString = ""; 091 092 protected String listingMode; 093 094 protected String detailsMode; 095 096 protected boolean showCreateForm; 097 098 protected boolean showUserOrGroup; 099 100 protected boolean shouldResetStateOnTabChange = true; 101 102 public String getSearchString() { 103 return searchString; 104 } 105 106 public void setSearchString(String searchString) { 107 this.searchString = searchString; 108 } 109 110 public String getListingMode() { 111 if (listingMode == null) { 112 listingMode = computeListingMode(); 113 if (listingMode == null || listingMode.trim().isEmpty()) { 114 listingMode = DEFAULT_LISTING_MODE; 115 } 116 } 117 return listingMode; 118 } 119 120 protected abstract String computeListingMode(); 121 122 public void setListingMode(String listingMode) { 123 this.listingMode = listingMode; 124 } 125 126 public String getDetailsMode() { 127 if (detailsMode == null) { 128 detailsMode = DETAILS_VIEW_MODE; 129 } 130 return detailsMode; 131 } 132 133 public void setDetailsMode(String mode) { 134 detailsMode = mode; 135 } 136 137 public boolean isShowCreateForm() { 138 return showCreateForm; 139 } 140 141 public void toggleShowCreateForm() { 142 showCreateForm = !showCreateForm; 143 detailsMode = null; 144 } 145 146 public boolean isShowUserOrGroup() { 147 return showUserOrGroup; 148 } 149 150 public void toggleShowUserOrGroup() { 151 showUserOrGroup = !showUserOrGroup; 152 detailsMode = null; 153 } 154 155 /** 156 * Retrieve recursively the list of all groups that are admins. 157 * 158 * @return 159 * @since 5.9.3 160 */ 161 protected List<String> getAllAdminGroups() { 162 List<String> adminGroups = new ArrayList<>(); 163 for (String adminGroup : userManager.getAdministratorsGroups()) { 164 adminGroups.add(adminGroup); 165 adminGroups.addAll(getAllSubGroups(adminGroup)); 166 } 167 return adminGroups; 168 } 169 170 /** 171 * Recursively lookup all the sub groups of a given group. 172 * 173 * @param groupName 174 * @return 175 * @since 5.9.3 176 */ 177 private List<String> getAllSubGroups(String groupName) { 178 return getAllSubGroups(groupName, new ArrayList<String>()); 179 } 180 181 /** 182 * Recursively accumulate all the sub groups a a given group. 183 * 184 * @param groupName 185 * @param accumulator 186 * @return 187 * @since 5.9.3 188 */ 189 private List<String> getAllSubGroups(String groupName, List<String> accumulator) { 190 List<String> subGroups = userManager.getGroupsInGroup(groupName); 191 if (!subGroups.isEmpty()) { 192 accumulator.addAll(subGroups); 193 for (String name : subGroups) { 194 getAllSubGroups(name, accumulator); 195 } 196 } 197 return accumulator; 198 } 199 200}