001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * André Justo 016 */ 017 018package org.nuxeo.ecm.user.center; 019 020import org.apache.commons.lang.StringUtils; 021import org.jboss.seam.ScopeType; 022import org.jboss.seam.annotations.In; 023import org.jboss.seam.annotations.Name; 024import org.jboss.seam.annotations.Scope; 025import org.nuxeo.ecm.admin.oauth.DirectoryBasedEditor; 026import org.nuxeo.ecm.core.api.DocumentModel; 027import org.nuxeo.ecm.core.api.DocumentModelList; 028import org.nuxeo.ecm.core.api.NuxeoGroup; 029import org.nuxeo.ecm.core.api.NuxeoPrincipal; 030import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl; 031import org.nuxeo.ecm.directory.DirectoryException; 032import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider; 033import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider; 034import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry; 035import org.nuxeo.ecm.platform.oauth2.tokens.OAuth2TokenStore; 036import org.nuxeo.runtime.api.Framework; 037 038import java.io.Serializable; 039import java.util.HashMap; 040import java.util.Map; 041import java.util.List; 042import java.util.Arrays; 043import java.util.ArrayList; 044 045/** 046 * 047 * @since 7.3 048 */ 049@Name("oauthUserTokens") 050@Scope(ScopeType.CONVERSATION) 051public class OAuth2UserTokensActions extends DirectoryBasedEditor implements Serializable { 052 053 private static final long serialVersionUID = 1L; 054 055 private Map<String, Serializable> filter = new HashMap<String, Serializable>(); 056 057 @In(create = true) 058 protected NuxeoPrincipal currentUser; 059 060 @Override 061 protected String getDirectoryName() { 062 return OAuth2TokenStore.DIRECTORY_NAME; 063 } 064 065 @Override 066 protected String getSchemaName() { 067 return "oauth2Token"; 068 } 069 070 @Override 071 protected Map<String, Serializable> getQueryFilter() { 072 return filter; 073 } 074 075 public DocumentModelList getProviderAccounts(String provider, boolean includeShared) { 076 077 NuxeoOAuth2ServiceProvider serviceProvider = (NuxeoOAuth2ServiceProvider) Framework.getLocalService( 078 OAuth2ServiceProviderRegistry.class).getProvider(provider); 079 OAuth2TokenStore tokenStore = serviceProvider.getCredentialDataStore(); 080 081 DocumentModelList filteredEntries = new DocumentModelListImpl(); 082 083 if (includeShared) { 084 DocumentModelList tokens = tokenStore.query(); 085 List<String> currentUserGroups = currentUser.getAllGroups(); 086 087 for (DocumentModel entry : tokens) { 088 String tokenOwner = (String) entry.getProperty(getSchemaName(), "nuxeoLogin"); 089 boolean isShared = (boolean) entry.getProperty(getSchemaName(), "isShared"); 090 String sharedWith = (String) entry.getProperty(getSchemaName(), "sharedWith"); 091 092 if (tokenOwner.equals(currentUser.getName()) || (isShared && sharedWith == null)) { 093 filteredEntries.add(entry); 094 continue; 095 } 096 097 if (!isShared || (sharedWith == null)) { 098 continue; 099 } 100 101 List<String> sharedWithList = Arrays.asList(sharedWith.split(",")); 102 103 // Iterate list of allowed groups/users 104 for (String item : sharedWithList) { 105 if (item.contains(NuxeoGroup.PREFIX)) { 106 item = item.replace(NuxeoGroup.PREFIX, ""); 107 if (currentUserGroups.contains(item)) { 108 filteredEntries.add(entry); 109 break; 110 } 111 } 112 113 if (item.contains(NuxeoPrincipal.PREFIX)) { 114 item = item.replace(NuxeoPrincipal.PREFIX, ""); 115 if (item.equals(currentUser.getName())) { 116 filteredEntries.add(entry); 117 break; 118 } 119 } 120 } 121 } 122 } else { 123 filter.put("nuxeoLogin", currentUser.getName()); 124 filteredEntries = tokenStore.query(filter); 125 } 126 return filteredEntries; 127 } 128 129 public DocumentModelList getCurrentUserTokens() { 130 filter.clear(); 131 filter.put("nuxeoLogin", currentUser.getName()); 132 refresh(); 133 return getEntries(); 134 } 135 136 public List<String> getSharedWith() { 137 List<String> sharedWith = new ArrayList<>(); 138 String sharedWithProperty = (String) editableEntry.getProperty(getSchemaName(), "sharedWith"); 139 if (sharedWithProperty != null) { 140 sharedWith = Arrays.asList(sharedWithProperty.split(",")); 141 } 142 return sharedWith; 143 } 144 145 public void setSharedWith(List<String> sharedWith) { 146 String list = StringUtils.join(sharedWith, ","); 147 editableEntry.setProperty(getSchemaName(), "sharedWith", list); 148 } 149}