001package org.apache.archiva.redback.common.ldap.role; 002/* 003 * Licensed to the Apache Software Foundation (ASF) under one 004 * or more contributor license agreements. See the NOTICE file 005 * distributed with this work for additional information 006 * regarding copyright ownership. The ASF licenses this file 007 * to you under the Apache License, Version 2.0 (the 008 * "License"); you may not use this file except in compliance 009 * with the License. You may obtain a copy of the License at 010 * 011 * http://www.apache.org/licenses/LICENSE-2.0 012 * 013 * Unless required by applicable law or agreed to in writing, 014 * software distributed under the License is distributed on an 015 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 016 * KIND, either express or implied. See the License for the 017 * specific language governing permissions and limitations 018 * under the License. 019 */ 020 021import org.apache.archiva.redback.common.ldap.MappingException; 022 023import javax.naming.directory.DirContext; 024import java.util.Collection; 025import java.util.List; 026import java.util.Map; 027import java.util.stream.Stream; 028 029/** 030 * will map ldap group to redback role 031 * 032 * @author Olivier Lamy 033 * @since 2.1 034 */ 035public interface LdapRoleMapper 036{ 037 038 /** 039 * read all groups from ldap 040 * 041 * @return all LDAP groups 042 */ 043 List<String> getAllGroups( DirContext context ) 044 throws MappingException; 045 046 /** 047 * Read all groups from LDAP and return the list of group objects. 048 * 049 * @return all LDAP groups found in the LDAP directory 050 */ 051 List<LdapGroup> getAllGroupObjects( DirContext context ) 052 throws MappingException; 053 054 LdapGroup getGroupForName( DirContext context, String groupName ) 055 throws MappingException; 056 057 /** 058 * read all ldap groups then map to corresponding role (if no mapping found group is ignored) 059 * 060 * @return all roles 061 * @throws MappingException 062 */ 063 List<String> getAllRoles( DirContext context ) 064 throws MappingException; 065 066 boolean hasRole( DirContext context, String role ) 067 throws MappingException; 068 069 /** 070 * @return the base dn which contains all ldap groups 071 */ 072 String getGroupsDn(); 073 074 /** 075 * @return the class used for group usually groupOfUniqueNames 076 */ 077 String getLdapGroupClass(); 078 079 /** 080 * @param group ldap group 081 * @return uids of group members 082 * @throws MappingException 083 */ 084 List<String> getGroupsMember( String group, DirContext context ) 085 throws MappingException; 086 087 List<String> getGroups( String username, DirContext context ) 088 throws MappingException; 089 090 List<LdapGroup> getGroupObjects( String username, DirContext context ) 091 throws MappingException; 092 093 List<String> getRoles( String username, DirContext context, Collection<String> realRoles ) 094 throws MappingException; 095 096 097 098 /** 099 * will save a ldap group corresponding to the mapping. 100 * <b>will do nothing in group already exists.</b> 101 * 102 * @param roleName 103 * @return <code>true</code> if role was added, <code>false</code> if role already exists 104 * @throws MappingException 105 */ 106 boolean saveRole( String roleName, DirContext context ) 107 throws MappingException; 108 109 /** 110 * associate role to user in ldap 111 * 112 * @param roleName 113 * @param username 114 * @return <code>true</code> if role was added to user, <code>false</code> if role already exists for the user 115 * @throws MappingException 116 */ 117 boolean saveUserRole( String roleName, String username, DirContext context ) 118 throws MappingException; 119 120 boolean removeUserRole( String roleName, String username, DirContext context ) 121 throws MappingException; 122 123 void removeAllRoles( DirContext context ) 124 throws MappingException; 125 126 void removeRole( String roleName, DirContext context ) 127 throws MappingException; 128 129 String getUserIdAttribute(); 130 131 boolean isUseDefaultRoleName(); 132 133}