Alon Bar-Lev has posted comments on this change. Change subject: aaa: Fix sync ......................................................................
Patch Set 5: (5 comments) http://gerrit.ovirt.org/#/c/29706/5/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java: Line 35: authzToNamespaceToUserIds.put(dbUser.getDomain(), new HashMap<String, Set<String>>()); Line 36: } Line 37: MultiValueMapUtils.addToMapOfSets(dbUser.getNamespace(), dbUser.getExternalId(), authzToNamespaceToUserIds.get(dbUser.getDomain())); Line 38: dbUsersMap.put(new DirectoryEntryKey(dbUser.getDomain(), dbUser.getExternalId()), dbUser); Line 39: } > not just authz, i have to provide namespace as well. right, sorry, forgot we searching. Line 40: Line 41: for (String authz : authzToNamespaceToUserIds.keySet()) { Line 42: try { Line 43: ExtensionProxy authzExtension = EngineExtensionsManager.getInstance().getExtensionByName(authz); Line 43: ExtensionProxy authzExtension = EngineExtensionsManager.getInstance().getExtensionByName(authz); Line 44: for (Entry<String, Set<String>> userIdsPerNamespace : authzToNamespaceToUserIds.get(authz).entrySet()) { Line 45: Set<String> userIds = userIdsPerNamespace.getValue(); Line 46: for (DirectoryUser directoryUser : DirectoryUtils.fetchUsersByIdsRecursively(authzExtension, userIdsPerNamespace.getKey(), new ArrayList<String>(userIds))) { Line 47: DirectoryUtils.flatGroups(directoryUser); > flat groups should be done before setting the group ids. ok, but after you have a list of directory users... Line 48: DbUser dbUser = new DbUser(directoryUser); Line 49: dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromUser(directoryUser)); Line 50: activeUsers.put(new DirectoryEntryKey(directoryUser.getDirectoryName(), directoryUser.getId()), dbUser); Line 51: } Line 44: for (Entry<String, Set<String>> userIdsPerNamespace : authzToNamespaceToUserIds.get(authz).entrySet()) { Line 45: Set<String> userIds = userIdsPerNamespace.getValue(); Line 46: for (DirectoryUser directoryUser : DirectoryUtils.fetchUsersByIdsRecursively(authzExtension, userIdsPerNamespace.getKey(), new ArrayList<String>(userIds))) { Line 47: DirectoryUtils.flatGroups(directoryUser); Line 48: DbUser dbUser = new DbUser(directoryUser); > what's the 2nd function for? to work with layers... not mix terms.... 1. we have AuthzUtils that works with extension term. 2. we have DirectoryUtils that works with DirectoryXXX. 3. we have this that works with DbXXXX this is hell... I do not understand why we need DirectoryXXX if we have DbXXXX, but if you do want to keep that, you should create another layer, each layer should handle one entity type, and the later about to only map between lower level entity. but please explain why we cannot drop the DirectoryXXX and use only DbXXX. Line 49: dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromUser(directoryUser)); Line 50: activeUsers.put(new DirectoryEntryKey(directoryUser.getDirectoryName(), directoryUser.getId()), dbUser); Line 51: } Line 52: } Line 55: authz)); Line 56: } Line 57: } Line 58: Line 59: for (DbUser dbUser: dbUsers) { > there is no get in set, original should come from a map. ok, no problem. Line 60: DbUser activeUser = activeUsers.get(new DirectoryEntryKey(dbUser)); Line 61: DbUser updatedUser = activeUser; Line 62: boolean updated = false; Line 63: if (activeUser == null) { Line 74: updatedUser.setId(dbUser.getId()); Line 75: if (!dbUser.isActive()) { Line 76: updated = true; Line 77: dbUser.setActive(true); Line 78: log.info(String.format("The inactive user %1$s from authz extension %2$s was found, and will be marked as active", > what if extension was removed and re-added ? (for example, the jboss module if the extension was removed we are not disabling user. Line 79: dbUser.getLoginName(), Line 80: dbUser.getDomain())); Line 81: } Line 82: if (!dbUser.equals(activeUser)) { -- To view, visit http://gerrit.ovirt.org/29706 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I3a66a7c235f16ff26cac3a779de688c73d67f4a2 Gerrit-PatchSet: 5 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
