View Javadoc
1   /*
2    * Licensed to The Apereo Foundation under one or more contributor license
3    * agreements. See the NOTICE file distributed with this work for additional
4    * information regarding copyright ownership.
5    *
6    *
7    * The Apereo Foundation licenses this file to you under the Educational
8    * Community License, Version 2.0 (the "License"); you may not use this file
9    * except in compliance with the License. You may obtain a copy of the License
10   * at:
11   *
12   *   http://opensource.org/licenses/ecl2.txt
13   *
14   * Unless required by applicable law or agreed to in writing, software
15   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
17   * License for the specific language governing permissions and limitations under
18   * the License.
19   *
20   */
21  
22  package org.opencastproject.userdirectory;
23  
24  import static org.opencastproject.security.api.SecurityConstants.GLOBAL_ADMIN_ROLE;
25  
26  import org.opencastproject.security.api.JaxbOrganization;
27  import org.opencastproject.security.api.JaxbRole;
28  import org.opencastproject.security.api.Organization;
29  import org.opencastproject.security.api.Role;
30  import org.opencastproject.security.api.Role.Type;
31  import org.opencastproject.security.api.RoleProvider;
32  import org.opencastproject.security.api.SecurityService;
33  import org.opencastproject.security.api.UserProvider;
34  
35  import org.osgi.service.component.annotations.Component;
36  import org.osgi.service.component.annotations.Reference;
37  
38  import java.util.ArrayList;
39  import java.util.Collections;
40  import java.util.HashSet;
41  import java.util.Iterator;
42  import java.util.List;
43  import java.util.regex.Pattern;
44  
45  /**
46   * The organization role provider returning the admin and anonymous role from the current organization.
47   */
48  @Component(
49      property = {
50          "service.description=Provides the organizations role"
51      },
52      immediate = true,
53      service = { RoleProvider.class }
54  )
55  public class OrganizationRoleProvider implements RoleProvider {
56  
57    /** The security service */
58    protected SecurityService securityService = null;
59  
60    /**
61     * @param securityService
62     *          the securityService to set
63     */
64    @Reference
65    public void setSecurityService(SecurityService securityService) {
66      this.securityService = securityService;
67    }
68  
69    private Iterator<Role> getRoles() {
70      Organization organization = securityService.getOrganization();
71      List<Role> roles = new ArrayList<Role>();
72      // The GLOBAL_ADMIN_ROLE is provided by the InMemoryUserAndRoleProvider
73      if (!GLOBAL_ADMIN_ROLE.equals(organization.getAdminRole())) {
74        roles.add(new JaxbRole(
75            organization.getAdminRole(),
76            JaxbOrganization.fromOrganization(organization),
77            "",
78            Type.INTERNAL
79        ));
80      }
81      roles.add(new JaxbRole(
82          organization.getAnonymousRole(),
83          JaxbOrganization.fromOrganization(organization),
84          "",
85          Type.SYSTEM
86      ));
87      return roles.iterator();
88    }
89  
90    /**
91     * @see org.opencastproject.security.api.RoleProvider#getRolesForUser(String)
92     */
93    @Override
94    public List<Role> getRolesForUser(String userName) {
95      return Collections.emptyList();
96    }
97  
98    /**
99     * @see org.opencastproject.security.api.RoleProvider#getOrganization()
100    */
101   @Override
102   public String getOrganization() {
103     return UserProvider.ALL_ORGANIZATIONS;
104   }
105 
106   /**
107    * @see org.opencastproject.security.api.RoleProvider#findRoles(String, Role.Target, int, int)
108    */
109   @Override
110   public Iterator<Role> findRoles(String query, Role.Target target, int offset, int limit) {
111     if (query == null) {
112       throw new IllegalArgumentException("Query must be set");
113     }
114     Organization organization = securityService.getOrganization();
115     HashSet<Role> foundRoles = new HashSet<Role>();
116     for (Iterator<Role> it = getRoles(); it.hasNext();) {
117       Role role = it.next();
118       // Anonymous roles are not relevant for adding to users or groups
119       if ((target == Role.Target.USER) && role.getName().equals(organization.getAnonymousRole())) {
120         continue;
121       }
122       if (like(role.getName(), query) || like(role.getDescription(), query)) {
123         foundRoles.add(role);
124       }
125     }
126     return offsetLimitCollection(offset, limit, foundRoles).iterator();
127   }
128 
129   private <T> HashSet<T> offsetLimitCollection(int offset, int limit, HashSet<T> entries) {
130     HashSet<T> result = new HashSet<T>();
131     int i = 0;
132     for (T entry : entries) {
133       if (limit != 0 && result.size() >= limit) {
134         break;
135       }
136       if (i >= offset) {
137         result.add(entry);
138       }
139       i++;
140     }
141     return result;
142   }
143 
144   private boolean like(String string, final String query) {
145     if (string == null) {
146       return false;
147     }
148     String regex = query.replace("_", ".").replace("%", ".*?");
149     Pattern p = Pattern.compile(regex, Pattern.CASE_INSENSITIVE | Pattern.DOTALL);
150     return p.matcher(string).matches();
151   }
152 
153 }