Source code

001/*
002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *      André Justo
018 */
019
020package org.nuxeo.ecm.user.center;
021
022import org.apache.commons.lang.StringUtils;
023import org.jboss.seam.ScopeType;
024import org.jboss.seam.annotations.In;
025import org.jboss.seam.annotations.Name;
026import org.jboss.seam.annotations.Scope;
027import org.nuxeo.ecm.admin.oauth.DirectoryBasedEditor;
028import org.nuxeo.ecm.core.api.DocumentModel;
029import org.nuxeo.ecm.core.api.DocumentModelList;
030import org.nuxeo.ecm.core.api.NuxeoGroup;
031import org.nuxeo.ecm.core.api.NuxeoPrincipal;
032import org.nuxeo.ecm.core.api.impl.DocumentModelListImpl;
033import org.nuxeo.ecm.directory.DirectoryException;
034import org.nuxeo.ecm.platform.oauth2.providers.NuxeoOAuth2ServiceProvider;
035import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProvider;
036import org.nuxeo.ecm.platform.oauth2.providers.OAuth2ServiceProviderRegistry;
037import org.nuxeo.ecm.platform.oauth2.tokens.OAuth2TokenStore;
038import org.nuxeo.runtime.api.Framework;
039
040import java.io.Serializable;
041import java.util.HashMap;
042import java.util.Map;
043import java.util.List;
044import java.util.Arrays;
045import java.util.ArrayList;
046
047/**
048 *
049 * @since 7.3
050 */
051@Name("oauthUserTokens")
052@Scope(ScopeType.CONVERSATION)
053public class OAuth2UserTokensActions extends DirectoryBasedEditor implements Serializable {
054
055    private static final long serialVersionUID = 1L;
056
057    private Map<String, Serializable> filter = new HashMap<String, Serializable>();
058
059    @In(create = true)
060    protected NuxeoPrincipal currentUser;
061
062    @Override
063    protected String getDirectoryName() {
064        return OAuth2TokenStore.DIRECTORY_NAME;
065    }
066
067    @Override
068    protected String getSchemaName() {
069        return "oauth2Token";
070    }
071
072    @Override
073    protected Map<String, Serializable> getQueryFilter() {
074        return filter;
075    }
076
077    public DocumentModelList getProviderAccounts(String provider, boolean includeShared) {
078
079        NuxeoOAuth2ServiceProvider serviceProvider = (NuxeoOAuth2ServiceProvider) Framework.getLocalService(
080            OAuth2ServiceProviderRegistry.class).getProvider(provider);
081        OAuth2TokenStore tokenStore = serviceProvider.getCredentialDataStore();
082
083        DocumentModelList filteredEntries = new DocumentModelListImpl();
084
085        if (includeShared) {
086            DocumentModelList tokens = tokenStore.query();
087            List<String> currentUserGroups = currentUser.getAllGroups();
088
089            for (DocumentModel entry : tokens) {
090                String tokenOwner = (String) entry.getProperty(getSchemaName(), "nuxeoLogin");
091                boolean isShared = (boolean) entry.getProperty(getSchemaName(), "isShared");
092                String sharedWith = (String) entry.getProperty(getSchemaName(), "sharedWith");
093
094                if (tokenOwner.equals(currentUser.getName()) || (isShared && sharedWith == null)) {
095                    filteredEntries.add(entry);
096                    continue;
097                }
098
099                if (!isShared || (sharedWith == null)) {
100                    continue;
101                }
102
103                List<String> sharedWithList = Arrays.asList(sharedWith.split(","));
104
105                // Iterate list of allowed groups/users
106                for (String item : sharedWithList) {
107                    if (item.contains(NuxeoGroup.PREFIX)) {
108                        item = item.replace(NuxeoGroup.PREFIX, "");
109                        if (currentUserGroups.contains(item)) {
110                            filteredEntries.add(entry);
111                            break;
112                        }
113                    }
114
115                    if (item.contains(NuxeoPrincipal.PREFIX)) {
116                        item = item.replace(NuxeoPrincipal.PREFIX, "");
117                        if (item.equals(currentUser.getName())) {
118                            filteredEntries.add(entry);
119                            break;
120                        }
121                    }
122                }
123            }
124        } else {
125            filter.put("nuxeoLogin", currentUser.getName());
126            filteredEntries = tokenStore.query(filter);
127        }
128        return filteredEntries;
129    }
130
131    public DocumentModelList getCurrentUserTokens() {
132        filter.clear();
133        filter.put("nuxeoLogin", currentUser.getName());
134        refresh();
135        return getEntries();
136    }
137
138    public List<String> getSharedWith() {
139        List<String> sharedWith = new ArrayList<>();
140        String sharedWithProperty = (String) editableEntry.getProperty(getSchemaName(), "sharedWith");
141        if (sharedWithProperty != null) {
142            sharedWith = Arrays.asList(sharedWithProperty.split(","));
143        }
144        return sharedWith;
145    }
146
147    public void setSharedWith(List<String> sharedWith) {
148        String list = StringUtils.join(sharedWith, ",");
149        editableEntry.setProperty(getSchemaName(), "sharedWith", list);
150    }
151}