DefaultLdapUserRoleListService.java

/*
 * This program is free software; you can redistribute it and/or modify it under the 
 * terms of the GNU Lesser General Public License, version 2.1 as published by the Free Software 
 * Foundation.
 *
 * You should have received a copy of the GNU Lesser General Public License along with this 
 * program; if not, you can obtain a copy at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html 
 * or from the Free Software Foundation, Inc., 
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; 
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * Copyright 2007 - 2009 Pentaho Corporation.  All rights reserved.
 *
 */
package org.pentaho.platform.plugin.services.security.userrole.ldap;

import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.List;

import org.pentaho.platform.api.engine.IUserRoleListService;
import org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearch;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.ldap.LdapUserDetailsService;
import org.springframework.util.Assert;

public class DefaultLdapUserRoleListService implements IUserRoleListService, InitializingBean {

  // ~ Static fields/initializers ======================================================================================

  // ~ Instance fields =================================================================================================

  private LdapSearch allUsernamesSearch;

  private LdapSearch allAuthoritiesSearch;

  private LdapSearch usernamesInRoleSearch;

  /**
   * Case-sensitive by default.
   */
  private Comparator<GrantedAuthority> grantedAuthorityComparator;

  /**
   * Case-sensitive by default.
   */
  private Comparator<String> usernameComparator;

  /**
   * Used only for <code>getAuthoritiesForUser</code>. This is preferred
   * over an <code>LdapSearch</code> in
   * <code>authoritiesForUserSearch</code> as it keeps roles returned by
   * <code>UserDetailsService</code> and roles returned by
   * <code>DefaultLdapUserRoleListService</code> consistent.
   */
  private LdapUserDetailsService userDetailsService;

  // ~ Constructors ====================================================================================================

  public DefaultLdapUserRoleListService() {
    super();
  }
  
  public DefaultLdapUserRoleListService(final Comparator<String> usernameComparator, final Comparator<GrantedAuthority> grantedAuthorityComparator) {
    super();
    this.usernameComparator = usernameComparator;
    this.grantedAuthorityComparator = grantedAuthorityComparator;
  }
  
  // ~ Methods =========================================================================================================

  public void afterPropertiesSet() throws Exception {
  }

  public GrantedAuthority[] getAllAuthorities() {
    List<GrantedAuthority> results = allAuthoritiesSearch.search(new Object[0]);
    if (null != grantedAuthorityComparator) {
      Collections.sort(results, grantedAuthorityComparator);
    }
    return results.toArray(new GrantedAuthority[0]);
  }

  public String[] getAllUsernames() {
    List<String> results = allUsernamesSearch.search(new Object[0]);
    if (null != usernameComparator) {
      Collections.sort(results, usernameComparator);
    }
    return results.toArray(new String[0]);
  }

  public String[] getUsernamesInRole(final GrantedAuthority authority) {
    List<String> results = usernamesInRoleSearch.search(new Object[] { authority });
    if (null != usernameComparator) {
      Collections.sort(results, usernameComparator);
    }
    return results.toArray(new String[0]);
  }

  public GrantedAuthority[] getAuthoritiesForUser(final String username) {
    UserDetails user = userDetailsService.loadUserByUsername(username);
    List<GrantedAuthority> results = Arrays.asList(user.getAuthorities());
    if (null != grantedAuthorityComparator) {
      Collections.sort(results, grantedAuthorityComparator);
    }
    return results.toArray(new GrantedAuthority[0]);
  }

  public void setAllUsernamesSearch(final LdapSearch allUsernamesSearch) {
    this.allUsernamesSearch = allUsernamesSearch;
  }

  public void setAllAuthoritiesSearch(final LdapSearch allAuthoritiesSearch) {
    this.allAuthoritiesSearch = allAuthoritiesSearch;
  }

  public void setUsernamesInRoleSearch(final LdapSearch usernamesInRoleSearch) {
    this.usernamesInRoleSearch = usernamesInRoleSearch;
  }

  public void setUserDetailsService(final LdapUserDetailsService userDetailsService) {
    this.userDetailsService = userDetailsService;
  }

  public void setGrantedAuthorityComparator(final Comparator<GrantedAuthority> grantedAuthorityComparator) {
    Assert.notNull(grantedAuthorityComparator);
    this.grantedAuthorityComparator = grantedAuthorityComparator;
  }

  public void setUsernameComparator(final Comparator<String> usernameComparator) {
    Assert.notNull(usernameComparator);
    this.usernameComparator = usernameComparator;
  }

}