diff --git a/src/main/java/org/ligoj/app/plugin/id/resource/AbstractOrgResource.java b/src/main/java/org/ligoj/app/plugin/id/resource/AbstractOrgResource.java
index bc43cb1..10d602a 100644
--- a/src/main/java/org/ligoj/app/plugin/id/resource/AbstractOrgResource.java
+++ b/src/main/java/org/ligoj/app/plugin/id/resource/AbstractOrgResource.java
@@ -35,7 +35,7 @@ public abstract class AbstractOrgResource {
*
* @return User repository provider.
*/
- protected IUserRepository getUser() {
+ public IUserRepository getUserRepository() {
return iamProvider[0].getConfiguration().getUserRepository();
}
@@ -44,7 +44,7 @@ protected IUserRepository getUser() {
*
* @return Company repository provider.
*/
- protected ICompanyRepository getCompany() {
+ public ICompanyRepository getCompanyRepository() {
return iamProvider[0].getConfiguration().getCompanyRepository();
}
@@ -53,7 +53,7 @@ protected ICompanyRepository getCompany() {
*
* @return Group repository provider.
*/
- protected IGroupRepository getGroup() {
+ public IGroupRepository getGroupRepository() {
return iamProvider[0].getConfiguration().getGroupRepository();
}
}
diff --git a/src/main/java/org/ligoj/app/plugin/id/resource/CompanyResource.java b/src/main/java/org/ligoj/app/plugin/id/resource/CompanyResource.java
index b2e979d..9d84b10 100644
--- a/src/main/java/org/ligoj/app/plugin/id/resource/CompanyResource.java
+++ b/src/main/java/org/ligoj/app/plugin/id/resource/CompanyResource.java
@@ -55,7 +55,7 @@ public CacheCompanyRepository getCacheRepository() {
@Override
public ICompanyRepository getRepository() {
- return getCompany();
+ return getCompanyRepository();
}
/**
@@ -64,7 +64,7 @@ public ICompanyRepository getRepository() {
* @return The company name of current user or null if the current user is not in the repository.
*/
public CompanyOrg getUserCompany() {
- final var user = getUser().findById(securityHelper.getLogin());
+ final var user = getUserRepository().findById(securityHelper.getLogin());
if (user == null) {
return null;
}
@@ -91,7 +91,7 @@ private String getUserCompanyDn() {
*/
public boolean isUserInternalCompany() {
return ObjectUtils.defaultIfNull(getUserCompanyDn(), "")
- .endsWith(ObjectUtils.defaultIfNull(getUser().getPeopleInternalBaseDn(), ""));
+ .endsWith(ObjectUtils.defaultIfNull(getUserRepository().getPeopleInternalBaseDn(), ""));
}
/**
@@ -111,8 +111,8 @@ public TableItem findAll(@Context final UriInfo uriInfo) {
.collect(Collectors.toSet());
final var writeCompanies = getContainersIdForWrite();
final var adminCompanies = getContainersIdForAdmin();
- final var users = getUser().findAll();
- final var companies = getCompany().findAll();
+ final var users = getUserRepository().findAll();
+ final var companies = getCompanyRepository().findAll();
// Search the companies
final var findAll = getRepository().findAll(visibleCompanies,
@@ -142,7 +142,7 @@ protected void checkForDeletion(final ContainerOrg container) {
super.checkForDeletion(container);
// Company deletion is only possible where there is no user inside this company, or inside any sub-company
- final var users = getUser().findAll();
+ final var users = getUserRepository().findAll();
if (getRepository().findAll().values().stream()
.filter(c -> DnUtils.equalsOrParentOf(container.getDn(), c.getDn()))
.anyMatch(c -> users.values().stream().map(UserOrg::getCompany).anyMatch(c.getId()::equals))) {
diff --git a/src/main/java/org/ligoj/app/plugin/id/resource/GroupResource.java b/src/main/java/org/ligoj/app/plugin/id/resource/GroupResource.java
index 1b4687a..188f9ad 100644
--- a/src/main/java/org/ligoj/app/plugin/id/resource/GroupResource.java
+++ b/src/main/java/org/ligoj/app/plugin/id/resource/GroupResource.java
@@ -59,7 +59,7 @@ public GroupResource() {
@Override
public IGroupRepository getRepository() {
- return getGroup();
+ return getGroupRepository();
}
@Override
@@ -77,12 +77,12 @@ public CacheGroupRepository getCacheRepository() {
@GET
public TableItem findAll(@Context final UriInfo uriInfo) {
final var types = containerScopeResource.findAllDescOrder(ContainerType.GROUP);
- final var companies = getCompany().findAll();
+ final var companies = getCompanyRepository().findAll();
final var visibleCompanies = organizationResource.getContainers();
final var writeGroups = getContainersIdForWrite();
final var adminGroups = getContainersIdForAdmin();
- final var users = getUser().findAll();
- final var groups = getGroup().findAll();
+ final var users = getUserRepository().findAll();
+ final var groups = getGroupRepository().findAll();
// Search the groups
final var page = getContainers(DataTableAttributes.getSearch(uriInfo),
@@ -137,7 +137,7 @@ protected String toDn(final GroupEditionVo container, final ContainerScope scope
* @return The corresponding DN.
*/
private List toDn(final List uids) {
- return CollectionUtils.emptyIfNull(uids).stream().map(getUser()::findByIdExpected).map(UserOrg::getDn).toList();
+ return CollectionUtils.emptyIfNull(uids).stream().map(getUserRepository()::findByIdExpected).map(UserOrg::getDn).toList();
}
/**
@@ -158,7 +158,7 @@ public void empty(@PathParam("id") final String id) {
}
// Perform the update
- getRepository().empty(container, getUser().findAll());
+ getRepository().empty(container, getUserRepository().findAll());
}
@Override
diff --git a/src/main/java/org/ligoj/app/plugin/id/resource/UserOrgResource.java b/src/main/java/org/ligoj/app/plugin/id/resource/UserOrgResource.java
index 42ed658..e1180e7 100644
--- a/src/main/java/org/ligoj/app/plugin/id/resource/UserOrgResource.java
+++ b/src/main/java/org/ligoj/app/plugin/id/resource/UserOrgResource.java
@@ -132,7 +132,7 @@ public List findAllNotSecure(final String company, final String group)
private Page findAllNotSecure(final Set visibleGroups, final String company, final String group, final String criteria, @Context final UriInfo uriInfo) {
final var pageRequest = paginationJson.getPageRequest(uriInfo, ORDERED_COLUMNS);
final var visibleCompanies = companyResource.getContainers().stream().map(CompanyOrg::getId).collect(Collectors.toSet());
- final var allGroups = getGroup().findAll();
+ final var allGroups = getGroupRepository().findAll();
// The companies to use
final var filteredCompanies = computeFilteredCompanies(Normalizer.normalize(company), visibleCompanies);
@@ -141,7 +141,7 @@ private Page findAllNotSecure(final Set visibleGroups, final
final var filteredGroups = group == null ? null : computeFilteredGroups(group, visibleGroups, allGroups);
// Search the users
- return getUser().findAll(filteredGroups, filteredCompanies, StringUtils.trimToNull(criteria), pageRequest);
+ return getUserRepository().findAll(filteredGroups, filteredCompanies, StringUtils.trimToNull(criteria), pageRequest);
}
/**
@@ -183,7 +183,7 @@ public TableItem findAll(@QueryParam(SimpleUser.COMPANY_ALIAS) final
});
// Forward custom attributes definition
- result.setExtensions(Map.of("customAttributes", getUser().getCustomAttributes()));
+ result.setExtensions(Map.of("customAttributes", getUserRepository().getCustomAttributes()));
return result;
}
@@ -228,10 +228,10 @@ private List computeFilteredGroups(final String group, final Set(mergedGroups), userOrg);
+ getUserRepository().updateMembership(new ArrayList<>(mergedGroups), userOrg);
}
}
@@ -311,7 +311,7 @@ public UserUpdateResult update(final UserOrgEditionVo user) {
final var hasAttributeChange = validateChanges(securityHelper.getLogin(), user);
// Check the user exists
- getUser().findByIdExpected(user.getId());
+ getUserRepository().findByIdExpected(user.getId());
return saveOrUpdate(user, hasAttributeChange);
}
@@ -328,7 +328,7 @@ public String create(final UserOrgEditionVo user, final boolean quiet) {
validateChanges(securityHelper.getLogin(), user);
// Check the user does not exist
- if (getUser().findById(user.getId()) != null) {
+ if (getUserRepository().findById(user.getId()) != null) {
throw new ValidationJsonException(USER_KEY, "already-exist", "0", USER_KEY, "1", user.getId());
}
@@ -373,11 +373,11 @@ private boolean validateChanges(final String principal, final UserOrgEditionVo i
final var delegates = delegateRepository.findAllByUser(principal);
// Get the stored data of the implied user
- final var userOrg = getUser().findById(importEntry.getId());
+ final var userOrg = getUserRepository().findById(importEntry.getId());
// Check the implied company and request changes
final var cleanCompany = Normalizer.normalize(importEntry.getCompany());
- final var companyDn = getCompany().findByIdExpected(principal, cleanCompany).getDn();
+ final var companyDn = getCompanyRepository().findByIdExpected(principal, cleanCompany).getDn();
final var hasAttributeChange = hasAttributeChange(importEntry, userOrg);
if (hasAttributeChange && !canWrite(delegates, companyDn, DelegateType.COMPANY)) {
// Visible but without write access
@@ -434,7 +434,8 @@ private void validateAndGroupsCN(final UserOrg userOrg, final UserOrgEditionVo i
*/
private void validateAndGroupsCN(final Collection previousGroups, final Collection desiredGroups, final List delegates) {
// Check visibility of the desired groups
- desiredGroups.forEach(g -> getGroup().findByIdExpected(securityHelper.getLogin(), g));
+ final var repository = getGroupRepository();
+ desiredGroups.forEach(g -> repository.findByIdExpected(securityHelper.getLogin(), g));
// Check the visible updated groups can be edited by the principal
CollectionUtils.disjunction(desiredGroups, previousGroups).forEach(g -> validateWriteGroup(g, delegates));
@@ -450,7 +451,7 @@ private void validateAndGroupsCN(final Collection previousGroups, final
private void validateWriteGroup(final String updatedGroup, final List delegates) {
// Check the visible updated groups can be edited by the principal
- Optional.ofNullable(getGroup().findById(securityHelper.getLogin(), updatedGroup)).filter(g -> !canWrite(delegates, g.getDn(), DelegateType.GROUP)).ifPresent(g -> {
+ Optional.ofNullable(getGroupRepository().findById(securityHelper.getLogin(), updatedGroup)).filter(g -> !canWrite(delegates, g.getDn(), DelegateType.GROUP)).ifPresent(g -> {
throw new ValidationJsonException(GROUP, READ_ONLY, "0", GROUP, "1", g.getId());
});
}
@@ -477,8 +478,9 @@ private Collection mergeGroups(final List delegates, final
// Compute the groups merged groups
final Collection newGroups = new HashSet<>(userOrg.getGroups());
newGroups.addAll(groups);
+ final var repository = getGroupRepository();
for (final var oldGroup : userOrg.getGroups()) {
- final var oldGroupDn = getGroup().findById(oldGroup).getDn();
+ final var oldGroupDn = repository.findById(oldGroup).getDn();
if (!groups.contains(oldGroup) && canWrite(delegates, oldGroupDn, DelegateType.GROUP)) {
// This group is writable, so it has been explicitly removed by the current user
newGroups.remove(oldGroup);
@@ -564,7 +566,7 @@ private boolean hasAttributeChange(final SimpleUser user1, final SimpleUser user
private UserUpdateResult saveOrUpdate(final UserOrgEditionVo importEntry, final boolean quiet, final boolean hasAttributeChange) {
// Create as needed the user, groups will be proceeded after.
- final var repository = getUser();
+ final var repository = getUserRepository();
var user = repository.findById(importEntry.getId());
final var newUser = toUserOrg(importEntry);
if (user == null) {
@@ -609,12 +611,12 @@ private void updateUser(final UserOrg oldUser, final UserOrg newUser, final bool
log.info("{} already exists", newUser.getId());
// First update the DN
- newUser.setDn(getUser().toDn(newUser));
+ newUser.setDn(getUserRepository().toDn(newUser));
updateCompanyAsNeeded(oldUser, newUser);
// Then, update the unsecured attributes : first name, etc.
final var hadNoMail = oldUser.getMails().isEmpty();
- getUser().updateUser(newUser);
+ getUserRepository().updateUser(newUser);
// Then update the mail and/or password
if (newUser.getMails().isEmpty()) {
@@ -670,10 +672,10 @@ public void delete(@PathParam("user") final String user) {
// Hard deletion
// Check the group : You can't delete a user if he is the last member
// of a group
- final var allGroups = getGroup().findAll();
+ final var allGroups = getGroupRepository().findAll();
checkLastMemberInGroups(userOrg, allGroups);
- final var repository = getUser();
+ final var repository = getUserRepository();
// Revoke all memberships of this user
repository.updateMembership(new ArrayList<>(), userOrg);
@@ -697,7 +699,7 @@ public void delete(@PathParam("user") final String user) {
@DELETE
@Path("{user}/lock")
public void lock(@PathParam("user") final String user) {
- getUser().lock(securityHelper.getLogin(), checkDeletionRight(user, "lock"));
+ getUserRepository().lock(securityHelper.getLogin(), checkDeletionRight(user, "lock"));
}
/**
@@ -719,7 +721,7 @@ public void lock(@PathParam("user") final String user) {
@DELETE
@Path("{user}/isolate")
public void isolate(@PathParam("user") final String user) {
- getUser().isolate(securityHelper.getLogin(), checkDeletionRight(user, "isolate"));
+ getUserRepository().isolate(securityHelper.getLogin(), checkDeletionRight(user, "isolate"));
}
/**
@@ -738,7 +740,7 @@ public void isolate(@PathParam("user") final String user) {
@PUT
@Path("{user}/unlock")
public void unlock(@PathParam("user") final String user) {
- getUser().unlock(checkDeletionRight(user, "unlock"));
+ getUserRepository().unlock(checkDeletionRight(user, "unlock"));
}
/**
@@ -757,7 +759,7 @@ public void unlock(@PathParam("user") final String user) {
@PUT
@Path("{user}/restore")
public void restore(@PathParam("user") final String user) {
- getUser().restore(checkDeletionRight(user, "restore"));
+ getUserRepository().restore(checkDeletionRight(user, "restore"));
}
/**
@@ -782,7 +784,7 @@ public void restore(@PathParam("user") final String user) {
public String resetPassword(@PathParam("user") final String uid) {
if (uid.equals(securityHelper.getLogin())) {
// Self-service reset password
- final var user = getUser().findByIdExpected(uid);
+ final var user = getUserRepository().findByIdExpected(uid);
return updatePassword(user, false);
}
@@ -792,7 +794,7 @@ public String resetPassword(@PathParam("user") final String uid) {
return Optional.ofNullable(updatePassword(user, false)).map(p -> {
// Unlock account if locked
- getUser().unlock(user);
+ getUserRepository().unlock(user);
// Log the action
logAdminReset(user);
@@ -819,10 +821,10 @@ private void logAdminReset(final UserOrg user) {
*/
private UserOrg checkResetRight(final String user) {
// Check the user exists
- final var userOrg = getUser().findByIdExpected(securityHelper.getLogin(), Normalizer.normalize(user));
+ final var userOrg = getUserRepository().findByIdExpected(securityHelper.getLogin(), Normalizer.normalize(user));
// Check the company
- final var companyDn = getCompany().findById(userOrg.getCompany()).getDn();
+ final var companyDn = getCompanyRepository().findById(userOrg.getCompany()).getDn();
if (delegateRepository.findByMatchingDnForWrite(securityHelper.getLogin(), companyDn, DelegateType.TREE).isEmpty()) {
// Report this attempt to delete a non-writable user
log.warn("Attempt to reset the password of a user '{}' out of scope", user);
@@ -840,10 +842,10 @@ private UserOrg checkResetRight(final String user) {
*/
private UserOrg checkDeletionRight(final String user, final String mode) {
// Check the user exists
- final var userOrg = getUser().findByIdExpected(securityHelper.getLogin(), Normalizer.normalize(user));
+ final var userOrg = getUserRepository().findByIdExpected(securityHelper.getLogin(), Normalizer.normalize(user));
// Check the company
- final var companyDn = getCompany().findById(userOrg.getCompany()).getDn();
+ final var companyDn = getCompanyRepository().findById(userOrg.getCompany()).getDn();
if (delegateRepository.findByMatchingDnForWrite(securityHelper.getLogin(), companyDn, DelegateType.COMPANY).isEmpty()) {
// Report this attempt to delete a non-writable user
log.warn("Attempt to {} a user '{}' out of scope", mode, user);
@@ -895,7 +897,7 @@ protected String updatePassword(final UserOrg user, final boolean quiet) {
* @return the found users. May be empty.
*/
public List findAllBy(final String attribute, final String value) {
- return getUser().findAllBy(attribute, value);
+ return getUserRepository().findAllBy(attribute, value);
}
/**
@@ -905,7 +907,7 @@ public List findAllBy(final String attribute, final String value) {
* @return the found user or null when not found. Groups are not fetched for this operation.
*/
public UserOrg findByIdNoCache(final String user) {
- return getUser().findByIdNoCache(Normalizer.normalize(user));
+ return getUserRepository().findByIdNoCache(Normalizer.normalize(user));
}
/**
@@ -918,7 +920,7 @@ private void updateCompanyAsNeeded(final UserOrg userOrg, final UserOrg newUser)
// Check the company
if (ObjectUtils.notEqual(userOrg.getCompany(), newUser.getCompany())) {
// Move the user
- getUser().move(userOrg, getCompany().findById(newUser.getCompany()));
+ getUserRepository().move(userOrg, getCompanyRepository().findById(newUser.getCompany()));
}
}
@@ -929,7 +931,7 @@ private void updateCompanyAsNeeded(final UserOrg userOrg, final UserOrg newUser)
* @return The group corresponding to the given department or null.
*/
private GroupOrg toDepartmentGroup(final String department) {
- return Optional.ofNullable(department).map(getGroup()::findByDepartment).orElse(null);
+ return Optional.ofNullable(department).map(getGroupRepository()::findByDepartment).orElse(null);
}
/**
@@ -945,10 +947,10 @@ public void mergeUser(final UserOrg userOrg, final UserOrg newUser) {
// Merge department
if (ObjectUtils.notEqual(userOrg.getDepartment(), newUser.getDepartment())) {
// Remove membership from the old department if exist
- Optional.ofNullable(toDepartmentGroup(userOrg.getDepartment())).ifPresent(g -> getGroup().removeUser(userOrg, g.getId()));
+ Optional.ofNullable(toDepartmentGroup(userOrg.getDepartment())).ifPresent(g -> getGroupRepository().removeUser(userOrg, g.getId()));
// Add membership to the new department if exist
- Optional.ofNullable(toDepartmentGroup(newUser.getDepartment())).ifPresent(g -> getGroup().addUser(userOrg, g.getId()));
+ Optional.ofNullable(toDepartmentGroup(newUser.getDepartment())).ifPresent(g -> getGroupRepository().addUser(userOrg, g.getId()));
userOrg.setDepartment(newUser.getDepartment());
needUpdate = true;
@@ -961,7 +963,7 @@ public void mergeUser(final UserOrg userOrg, final UserOrg newUser) {
// Updated as needed
if (needUpdate) {
- getUser().updateUser(userOrg);
+ getUserRepository().updateUser(userOrg);
}
}