001/*
002 * (C) Copyright 2006-2018 Nuxeo (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Thomas Roger <troger@nuxeo.com>
018 */
019
020package org.nuxeo.ecm.multi.tenant;
021
022import static org.nuxeo.ecm.multi.tenant.Constants.POWER_USERS_GROUP;
023import static org.nuxeo.ecm.multi.tenant.Constants.TENANT_ADMINISTRATORS_PROPERTY;
024import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantAdministratorsGroup;
025import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantMembersGroup;
026
027import java.util.ArrayList;
028import java.util.List;
029
030import org.apache.commons.lang3.StringUtils;
031import org.nuxeo.ecm.core.api.DocumentModel;
032import org.nuxeo.ecm.core.api.UnrestrictedSessionRunner;
033import org.nuxeo.ecm.core.api.repository.RepositoryManager;
034import org.nuxeo.ecm.platform.computedgroups.AbstractGroupComputer;
035import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl;
036import org.nuxeo.runtime.api.Framework;
037import org.nuxeo.runtime.transaction.TransactionHelper;
038
039/**
040 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a>
041 * @since 5.6
042 */
043public class MultiTenantGroupComputer extends AbstractGroupComputer {
044
045    @Override
046    public List<String> getGroupsForUser(final NuxeoPrincipalImpl nuxeoPrincipal) {
047        final List<String> groups = new ArrayList<>();
048        final String tenantId = (String) nuxeoPrincipal.getModel().getPropertyValue("user:tenantId");
049        if (!StringUtils.isBlank(tenantId)) {
050            String defaultRepositoryName = Framework.getService(RepositoryManager.class).getDefaultRepositoryName();
051            TransactionHelper.runInTransaction(() -> {
052                new UnrestrictedSessionRunner(defaultRepositoryName) {
053                    @Override
054                    public void run() {
055
056                        String query = String.format("SELECT * FROM Document WHERE tenantconfig:tenantId = '%s'",
057                                tenantId);
058                        List<DocumentModel> docs = session.query(query);
059                        if (!docs.isEmpty()) {
060                            DocumentModel tenant = docs.get(0);
061                            List<String> tenantAdministrators = (List<String>) tenant.getPropertyValue(
062                                    TENANT_ADMINISTRATORS_PROPERTY);
063                            if (tenantAdministrators.contains(nuxeoPrincipal.getName())) {
064                                groups.add(computeTenantAdministratorsGroup(tenantId));
065                                groups.add(POWER_USERS_GROUP);
066                            }
067                            groups.add(computeTenantMembersGroup(tenantId));
068                        }
069                    }
070                }.runUnrestricted();
071            });
072        }
073        return groups;
074    }
075
076    @Override
077    public List<String> getAllGroupIds() {
078        return null;
079    }
080
081    @Override
082    public List<String> getGroupMembers(String s) {
083        return null;
084    }
085
086    @Override
087    public List<String> getParentsGroupNames(String s) {
088        return null;
089    }
090
091    @Override
092    public List<String> getSubGroupsNames(String s) {
093        return null;
094    }
095
096}