/* * JBoss, Home of Professional Open Source * Copyright 2005, JBoss Inc., and individual contributors as indicated * by the @authors tag. See the copyright.txt in the distribution for a * full listing of individual contributors. * * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ package org.jbpm.pvm.internal.identity.impl; import java.util.ArrayList; import java.util.Collection; import java.util.List; import java.util.StringTokenizer; import org.jboss.identity.idm.api.Attribute; import org.jboss.identity.idm.api.AttributesManager; import org.jboss.identity.idm.api.IdentitySearchCriteria; import org.jboss.identity.idm.api.IdentitySession; import org.jboss.identity.idm.api.RoleType; import org.jboss.identity.idm.common.exception.FeatureNotSupportedException; import org.jboss.identity.idm.common.exception.IdentityException; import org.jboss.identity.idm.common.p3p.P3PConstants; import org.jboss.identity.idm.impl.api.SimpleAttribute; import org.jboss.identity.idm.impl.api.model.GroupId; import org.jbpm.api.JbpmException; import org.jbpm.api.identity.Group; import org.jbpm.api.identity.User; /** * @author Tom Baeyens * @author Jeff Yu */ public class JBossIdmIdentitySessionImpl implements org.jbpm.pvm.internal.identity.spi.IdentitySession { protected IdentitySession identitySession; public String DEFAULT_JBPM_MEMBER_ROLE = "default_jBPM_member_role"; public String DEFAUL_JBPM_GROUP_TYPE = "default_jBPM_Group_Type"; public JBossIdmIdentitySessionImpl(IdentitySession identitySession) { this.identitySession = identitySession; } public String createUser(String userName, String givenName, String familyName, String businessEmail) { try { org.jboss.identity.idm.api.User idUser= identitySession.getPersistenceManager().createUser(userName); List attrs = new ArrayList(); if (givenName != null) { attrs.add(new SimpleAttribute(P3PConstants.INFO_USER_NAME_GIVEN, givenName)); } if (familyName != null) { attrs.add(new SimpleAttribute(P3PConstants.INFO_USER_NAME_FAMILY, familyName)); } if (businessEmail != null) { attrs.add(new SimpleAttribute(P3PConstants.INFO_USER_BUSINESS_INFO_ONLINE_EMAIL, businessEmail)); } identitySession.getAttributesManager().addAttributes(idUser, attrs.toArray(new Attribute[attrs.size()])); return idUser.getId(); } catch (IdentityException e) { throw new JbpmException("couldn't create user "+userName, e); } } public List findUsers() { try { Collection idUsers = identitySession.getPersistenceManager().findUser((IdentitySearchCriteria)null); List users = new ArrayList(); for (org.jboss.identity.idm.api.User idUser : idUsers) { users.add(getUserInfo(idUser)); } return users; } catch (IdentityException e) { throw new JbpmException("couldn't get users from identity component", e); } } public User findUserById(String userId) { try { org.jboss.identity.idm.api.User idUser = identitySession.getPersistenceManager().findUser(userId); if (idUser != null) { return getUserInfo(idUser); } return null; } catch (IdentityException e) { throw new JbpmException("couldn't get user from id of " + userId, e); } } private User getUserInfo(org.jboss.identity.idm.api.User idUser) throws IdentityException { String name = idUser.getId(); String givenName = getAttributeString(idUser, P3PConstants.INFO_USER_NAME_GIVEN); String familyName = getAttributeString(idUser, P3PConstants.INFO_USER_NAME_FAMILY); String businessEmail = getAttributeString(idUser, P3PConstants.INFO_USER_BUSINESS_INFO_ONLINE_EMAIL); UserImpl user = new UserImpl(name, givenName, familyName); user.setBusinessEmail(businessEmail); return user; } public List findUsersById(String... userIds) { List users = new ArrayList(); for (String userId : userIds){ User user = findUserById(userId); if (user != null) { users.add(user); } } return users; } public List findUsersByGroup(String groupId) { try { List users = new ArrayList(); org.jboss.identity.idm.api.Group idGroup = findIdmGroupByIdmGroupId(convertjbpmGroupId2IdmGroupId(groupId)); if (idGroup == null){ return users; } Collection idusers = identitySession.getRoleManager().findUsersWithRelatedRole(idGroup, null); for (org.jboss.identity.idm.api.User iduser : idusers) { users.add(findUserById(iduser.getId())); } return users; } catch (IdentityException e) { throw new JbpmException("couldn't find users by groupid: " + groupId, e); } catch (FeatureNotSupportedException e) { throw new JbpmException("couldn't find users by groupid: " + groupId, e); } } public void deleteUser(String userName) { try { identitySession.getPersistenceManager().removeUser(userName, true); } catch (IdentityException e) { throw new JbpmException("couldn't delete user ["+userName + "]", e); } } public String createGroup(String groupName, String groupType, String parentGroupId) { try { String gtype = groupType; if (gtype == null) { gtype = DEFAUL_JBPM_GROUP_TYPE; } org.jboss.identity.idm.api.Group group = identitySession.getPersistenceManager().createGroup(groupName, gtype); String groupId = group.getId(); if (parentGroupId!=null) { org.jboss.identity.idm.api.Group parentGroup = findIdmGroupByIdmGroupId(convertjbpmGroupId2IdmGroupId(parentGroupId)); if (parentGroup==null) { throw new JbpmException("parent group "+parentGroupId+" doesn't exist"); } identitySession.getRelationshipManager().associateGroups(parentGroup, group); } return convertIdmGroupId2jbpmGroupId(groupId); } catch (IdentityException e) { throw new JbpmException("couldn't create group "+groupName, e); } } public Group findGroupById(String groupId) { try { org.jboss.identity.idm.api.Group idGroup = findIdmGroupByIdmGroupId(convertjbpmGroupId2IdmGroupId(groupId)); if (idGroup == null) { return null; } GroupImpl group = new GroupImpl(); group.setId(convertIdmGroupId2jbpmGroupId(idGroup.getId())); group.setType(idGroup.getGroupType()); group.setName(idGroup.getName()); Collection idParentGroups = identitySession.getRelationshipManager().findAssociatedGroups(idGroup, null, false, false); if (idParentGroups.size() > 0) { org.jboss.identity.idm.api.Group idParent = idParentGroups.iterator().next(); GroupImpl parentGroup = new GroupImpl(); parentGroup.setId(convertIdmGroupId2jbpmGroupId(idParent.getId())); parentGroup.setType(idParent.getGroupType()); parentGroup.setName(idParent.getName()); group.setParent(parentGroup); } return group; } catch (IdentityException e) { throw new JbpmException("couldn't find group by id [" + groupId + "]", e); } } public List findGroupsByGroupType(String groupType) { try { Collection idGroups = identitySession.getPersistenceManager(). findGroup(groupType); List groups = new ArrayList(); for (org.jboss.identity.idm.api.Group idGroup: idGroups) { groups.add(findGroupById(convertIdmGroupId2jbpmGroupId(idGroup.getId()))); } return groups; } catch (IdentityException e) { throw new JbpmException("couldn't get groups from identity component, groupType [" + groupType + "]", e); } } public List findGroupsByUser(String userId) { try { Collection idGroups = identitySession.getRoleManager() .findGroupsWithRelatedRole(userId, null); List groups = new ArrayList(); for (org.jboss.identity.idm.api.Group idGroup : idGroups) { groups.add(findGroupById(convertIdmGroupId2jbpmGroupId(idGroup.getId()))); } return groups; } catch (Exception e) { throw new JbpmException("Couldn't get Groups by userId [" + userId + "]", e); } } public List findGroupsByUserAndGroupType(String userName, String groupType) { try { org.jboss.identity.idm.api.User idUser = identitySession.getPersistenceManager().findUser(userName); Collection idGroups = identitySession.getRoleManager() .findGroupsWithRelatedRole(idUser, groupType, null); List groups = new ArrayList(); for (org.jboss.identity.idm.api.Group idGroup : idGroups) { groups.add(findGroupById(convertIdmGroupId2jbpmGroupId(idGroup.getId()))); } return groups; } catch (Exception e) { throw new JbpmException("couldn't get groups for user "+userName+" and groupType "+groupType, e); } } public void deleteGroup(String groupId) { try { org.jboss.identity.idm.api.Group group = findIdmGroupByIdmGroupId(convertjbpmGroupId2IdmGroupId(groupId)); if (group==null) { return; } identitySession.getPersistenceManager().removeGroup(group, true); } catch (IdentityException e) { throw new JbpmException("couldn't delete group "+groupId, e); } } public void createMembership(String userId, String groupId, String role) { try { org.jboss.identity.idm.api.Group group = findIdmGroupByIdmGroupId(convertjbpmGroupId2IdmGroupId(groupId)); if (group==null) { throw new JbpmException("group "+groupId+" doesn't exist"); } org.jboss.identity.idm.api.User idUser = identitySession.getPersistenceManager().findUser(userId); if (idUser==null) { throw new JbpmException("user "+userId+" doesn't exist"); } if (role == null) { role = DEFAULT_JBPM_MEMBER_ROLE; } RoleType roleType = identitySession.getRoleManager().getRoleType(role); System.out.println("The Role Type is: " + roleType); if (roleType == null) { roleType = identitySession.getRoleManager().createRoleType(role); } identitySession.getRoleManager().createRole(roleType, idUser, group); } catch (Exception e) { throw new JbpmException("couldn't create membership "+userId+", "+groupId+", "+role, e); } } public void deleteMembership(String userId, String groupId, String role) { try { RoleType rtype = identitySession.getRoleManager().getRoleType(role); identitySession.getRoleManager().removeRole(rtype.getName(), userId, convertjbpmGroupId2IdmGroupId(groupId)); } catch (Exception e) { throw new JbpmException("couldn't delete the membership [" + userId + "," + groupId + "," + role + "]", e); } } protected org.jboss.identity.idm.api.Group findIdmGroupByIdmGroupId(String groupId) { try { return identitySession.getPersistenceManager().findGroupById(groupId); } catch (IdentityException e) { throw new JbpmException("couldn't find the group by groupId: " + groupId, e); } } protected String getAttributeString(org.jboss.identity.idm.api.User idUser, String attributeName) throws IdentityException { return getAttributeString(idUser, null, attributeName); } protected String getAttributeString(org.jboss.identity.idm.api.Group idGroup, String attributeName) throws IdentityException { return getAttributeString(null, idGroup, attributeName); } protected String getAttributeString(org.jboss.identity.idm.api.User idUser, org.jboss.identity.idm.api.Group idGroup, String attributeName) throws IdentityException { AttributesManager attributesManager = identitySession.getAttributesManager(); Attribute attribute = null; if (idUser !=null) { attribute = attributesManager.getAttribute(idUser, attributeName); } else { attribute = attributesManager.getAttribute(idGroup, attributeName); } if (attribute!=null) { return (String) attribute.getValue(); } return null; } /** * Return jBPM groupId, which is: GroupType.GroupName, from IDM GroupId * * @param groupId * @return */ private String convertIdmGroupId2jbpmGroupId(String groupId) { GroupId theGroupId = new GroupId(groupId); if (this.DEFAUL_JBPM_GROUP_TYPE.equals(theGroupId.getType()) || theGroupId.getType() == null) { return theGroupId.getName(); } return theGroupId.getType() + "." + theGroupId.getName(); } /** * Convert the jBPM GroupId to IDM GroupId. * * @param jbpmGroupId * @return */ private String convertjbpmGroupId2IdmGroupId(String jbpmGroupId) { StringTokenizer st = new StringTokenizer(jbpmGroupId, "."); String type = DEFAUL_JBPM_GROUP_TYPE; if (st.countTokens() > 1) { type = st.nextToken(); } String name = st.nextToken(); return new GroupId(name, type).getId(); } public IdentitySession getIdentitySession() { return identitySession; } public void setIdentitySession(IdentitySession identitySession) { this.identitySession = identitySession; } }