@Override public void setUsersRoles(String userId, String source, Set<RoleIdentifier> roleIdentifiers) throws UserNotFoundException { // TODO: this is a bit sticky, what we really want to do is just expose the // RoleMappingUserManagers this way (i // think), maybe this is too generic boolean foundUser = false; for (UserManager userManager : getUserManagers()) { if (RoleMappingUserManager.class.isInstance(userManager)) { RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) userManager; try { foundUser = true; roleMappingUserManager.setUsersRoles( userId, source, RoleIdentifier.getRoleIdentifiersForSource(userManager.getSource(), roleIdentifiers)); } catch (UserNotFoundException e) { log.debug( "User '{}' is not managed by the user-manager: {}", userId, userManager.getSource()); } } } if (!foundUser) { throw new UserNotFoundException(userId); } // clear the authz realm caches eventBus.post(new AuthorizationConfigurationChanged()); }
@Override public User updateUser(User user) throws UserNotFoundException, NoSuchUserManagerException { // first update the user // this is the UserManager that owns the user UserManager userManager = getUserManager(user.getSource()); if (!userManager.supportsWrite()) { throw new ConfigurationException( "UserManager: " + userManager.getSource() + " does not support writing."); } final User oldUser = userManager.getUser(user.getUserId()); userManager.updateUser(user); if (oldUser.getStatus() == UserStatus.active && user.getStatus() != oldUser.getStatus()) { // clear the realm authc caches as user got disabled eventBus.post(new UserPrincipalsExpired(user.getUserId(), user.getSource())); } // then save the users Roles for (UserManager tmpUserManager : getUserManagers()) { // skip the user manager that owns the user, we already did that // these user managers will only save roles if (!tmpUserManager.getSource().equals(user.getSource()) && RoleMappingUserManager.class.isInstance(tmpUserManager)) { try { RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager; roleMappingUserManager.setUsersRoles( user.getUserId(), user.getSource(), RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles())); } catch (UserNotFoundException e) { log.debug( "User '{}' is not managed by the user-manager: {}", user.getUserId(), tmpUserManager.getSource()); } } } // clear the realm authz caches as user might get roles changed eventBus.post(new AuthorizationConfigurationChanged()); return user; }
@Override public User addUser(User user, String password) throws NoSuchUserManagerException { // first save the user // this is the UserManager that owns the user UserManager userManager = getUserManager(user.getSource()); if (!userManager.supportsWrite()) { throw new ConfigurationException( "UserManager: " + userManager.getSource() + " does not support writing."); } userManager.addUser(user, password); // then save the users Roles for (UserManager tmpUserManager : getUserManagers()) { // skip the user manager that owns the user, we already did that // these user managers will only save roles if (!tmpUserManager.getSource().equals(user.getSource()) && RoleMappingUserManager.class.isInstance(tmpUserManager)) { try { RoleMappingUserManager roleMappingUserManager = (RoleMappingUserManager) tmpUserManager; roleMappingUserManager.setUsersRoles( user.getUserId(), user.getSource(), RoleIdentifier.getRoleIdentifiersForSource(user.getSource(), user.getRoles())); } catch (UserNotFoundException e) { log.debug( "User '{}' is not managed by the user-manager: {}", user.getUserId(), tmpUserManager.getSource()); } } } return user; }