001/* 002 * (C) Copyright 2006-2018 Nuxeo (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Thomas Roger <troger@nuxeo.com> 018 */ 019 020package org.nuxeo.ecm.multi.tenant; 021 022import static org.nuxeo.ecm.multi.tenant.Constants.POWER_USERS_GROUP; 023import static org.nuxeo.ecm.multi.tenant.Constants.TENANT_ADMINISTRATORS_PROPERTY; 024import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantAdministratorsGroup; 025import static org.nuxeo.ecm.multi.tenant.MultiTenantHelper.computeTenantMembersGroup; 026 027import java.util.ArrayList; 028import java.util.List; 029 030import org.apache.commons.lang3.StringUtils; 031import org.nuxeo.ecm.core.api.DocumentModel; 032import org.nuxeo.ecm.core.api.UnrestrictedSessionRunner; 033import org.nuxeo.ecm.core.api.repository.RepositoryManager; 034import org.nuxeo.ecm.platform.computedgroups.AbstractGroupComputer; 035import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl; 036import org.nuxeo.runtime.api.Framework; 037import org.nuxeo.runtime.transaction.TransactionHelper; 038 039/** 040 * @author <a href="mailto:troger@nuxeo.com">Thomas Roger</a> 041 * @since 5.6 042 */ 043public class MultiTenantGroupComputer extends AbstractGroupComputer { 044 045 @Override 046 public List<String> getGroupsForUser(final NuxeoPrincipalImpl nuxeoPrincipal) { 047 final List<String> groups = new ArrayList<>(); 048 final String tenantId = (String) nuxeoPrincipal.getModel().getPropertyValue("user:tenantId"); 049 if (!StringUtils.isBlank(tenantId)) { 050 String defaultRepositoryName = Framework.getService(RepositoryManager.class).getDefaultRepositoryName(); 051 TransactionHelper.runInTransaction(() -> { 052 new UnrestrictedSessionRunner(defaultRepositoryName) { 053 @Override 054 public void run() { 055 056 String query = String.format("SELECT * FROM Document WHERE tenantconfig:tenantId = '%s'", 057 tenantId); 058 List<DocumentModel> docs = session.query(query); 059 if (!docs.isEmpty()) { 060 DocumentModel tenant = docs.get(0); 061 List<String> tenantAdministrators = (List<String>) tenant.getPropertyValue( 062 TENANT_ADMINISTRATORS_PROPERTY); 063 if (tenantAdministrators.contains(nuxeoPrincipal.getName())) { 064 groups.add(computeTenantAdministratorsGroup(tenantId)); 065 groups.add(POWER_USERS_GROUP); 066 } 067 groups.add(computeTenantMembersGroup(tenantId)); 068 } 069 } 070 }.runUnrestricted(); 071 }); 072 } 073 return groups; 074 } 075 076 @Override 077 public List<String> getAllGroupIds() { 078 return null; 079 } 080 081 @Override 082 public List<String> getGroupMembers(String s) { 083 return null; 084 } 085 086 @Override 087 public List<String> getParentsGroupNames(String s) { 088 return null; 089 } 090 091 @Override 092 public List<String> getSubGroupsNames(String s) { 093 return null; 094 } 095 096}