@Override
public void setUsersRoles(String userId, String source, Set<RoleIdentifier> roleIdentifiers)
throws UserNotFoundException {
// TODO: this is a bit sticky, what we really want to do is just expose the
// RoleMappingUserManagers this way (i
// think), maybe this is too generic
boolean foundUser = false;
for (UserManager userManager : getUserManagers()) {
if (RoleMappingUserManager.class.isInstance(userManager)) {
RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) userManager;
try {
foundUser = true;
roleMappingUserManager.setUsersRoles(
userId,
source,
RoleIdentifier.getRoleIdentifiersForSource(userManager.getSource(), roleIdentifiers));
} catch (UserNotFoundException e) {
log.debug(
"User '{}' is not managed by the user-manager: {}", userId, userManager.getSource());
}
}
}
if (!foundUser) {
throw new UserNotFoundException(userId);
}
// clear the authz realm caches
eventBus.post(new AuthorizationConfigurationChanged());
}
@Override
public User updateUser(User user) throws UserNotFoundException, NoSuchUserManagerException {
// first update the user
// this is the UserManager that owns the user
UserManager userManager = getUserManager(user.getSource());
if (!userManager.supportsWrite()) {
throw new ConfigurationException(
"UserManager: " + userManager.getSource() + " does not support writing.");
}
final User oldUser = userManager.getUser(user.getUserId());
userManager.updateUser(user);
if (oldUser.getStatus() == UserStatus.active && user.getStatus() != oldUser.getStatus()) {
// clear the realm authc caches as user got disabled
eventBus.post(new UserPrincipalsExpired(user.getUserId(), user.getSource()));
}
// then save the users Roles
for (UserManager tmpUserManager : getUserManagers()) {
// skip the user manager that owns the user, we already did that
// these user managers will only save roles
if (!tmpUserManager.getSource().equals(user.getSource())
&& RoleMappingUserManager.class.isInstance(tmpUserManager)) {
try {
RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
roleMappingUserManager.setUsersRoles(
user.getUserId(),
user.getSource(),
RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
} catch (UserNotFoundException e) {
log.debug(
"User '{}' is not managed by the user-manager: {}",
user.getUserId(),
tmpUserManager.getSource());
}
}
}
// clear the realm authz caches as user might get roles changed
eventBus.post(new AuthorizationConfigurationChanged());
return user;
}
@Override
public User addUser(User user, String password) throws NoSuchUserManagerException {
// first save the user
// this is the UserManager that owns the user
UserManager userManager = getUserManager(user.getSource());
if (!userManager.supportsWrite()) {
throw new ConfigurationException(
"UserManager: " + userManager.getSource() + " does not support writing.");
}
userManager.addUser(user, password);
// then save the users Roles
for (UserManager tmpUserManager : getUserManagers()) {
// skip the user manager that owns the user, we already did that
// these user managers will only save roles
if (!tmpUserManager.getSource().equals(user.getSource())
&& RoleMappingUserManager.class.isInstance(tmpUserManager)) {
try {
RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager;
roleMappingUserManager.setUsersRoles(
user.getUserId(),
user.getSource(),
RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles()));
} catch (UserNotFoundException e) {
log.debug(
"User '{}' is not managed by the user-manager: {}",
user.getUserId(),
tmpUserManager.getSource());
}
}
}
return user;
}