[Engine-patches] Change in ovirt-engine[master]: aaa: do not display non password authn profiles within login

Tue, 09 Sep 2014 23:24:02 -0700 

Alon Bar-Lev has uploaded a new change for review.

Change subject: aaa: do not display non password authn profiles within login
......................................................................

aaa: do not display non password authn profiles within login

they are useless in this location.

Topic: AAA
Change-Id: I74df82dcead1b88124b44cbec2ea43ef85768fce
Signed-off-by: Alon Bar-Lev <alo...@redhat.com>
---
M 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
M 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/aaa/ProfileEntry.java
M 
frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java
M 
frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
6 files changed, 22 insertions(+), 14 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/32/32732/1

diff --git 
a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java
 
b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java
index 6f3a186..8a9c561 100644
--- 
a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java
+++ 
b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java
@@ -34,6 +34,10 @@
         return proxy.getContext().<String> get(Base.ContextKeys.INSTANCE_NAME);
     }
 
+    public static boolean supportsPasswordAuthentication(ExtensionProxy proxy) 
{
+        return (proxy.getContext().<Long> get(Authn.ContextKeys.CAPABILITIES, 
0L) & Authn.Capabilities.AUTHENTICATE_PASSWORD) != 0;
+    }
+
     public static ExtMap fetchPrincipalRecord(final ExtensionProxy extension, 
ExtMap authRecord) {
         return fetchPrincipalRecordImpl(extension, 
Authn.InvokeKeys.AUTH_RECORD, authRecord, true, true);
     }
diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java
index 5268909..eac6fc1 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java
@@ -22,7 +22,8 @@
         List<AuthenticationProfile> profiles = 
AuthenticationProfileRepository.getInstance().getProfiles();
         List<ProfileEntry> names = new ArrayList<>(profiles.size());
         for (AuthenticationProfile profile : profiles) {
-            names.add(new ProfileEntry(profile.getName(), 
AuthzUtils.getName(profile.getAuthz())));
+            names.add(new ProfileEntry(profile.getName(), 
AuthzUtils.getName(profile.getAuthz()),
+                    
AuthzUtils.supportsPasswordAuthentication(profile.getAuthn())));
         }
         Collections.sort(names, new Comparator<ProfileEntry>() {
 
diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
index 843b94c..b019219 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
@@ -182,7 +182,7 @@
                 return false;
             }
 
-            if (!isPasswordAuth(authnExtension)) {
+            if (!AuthzUtils.supportsPasswordAuthentication(authnExtension)) {
                 log.errorFormat(
                         "Can't login user \"{0}\" because the authentication 
profile \"{1}\" doesn't support password "
                                 +
@@ -342,11 +342,6 @@
         AuditLogableBase logable = new AuditLogableBase();
         logable.setUserName(getParameters().getLoginName());
         AuditLogDirector.log(logable, AuditLogType.USER_VDC_LOGIN_FAILED);
-    }
-
-    private boolean isPasswordAuth(ExtensionProxy authnExtension) {
-        return (authnExtension.getContext().<Long> 
get(Authn.ContextKeys.CAPABILITIES).longValue() &
-                Authn.Capabilities.AUTHENTICATE_PASSWORD) != 0;
     }
 
     private ExtMap authenticate(AuthenticationProfile profile, String user, 
String password) {
diff --git 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/aaa/ProfileEntry.java
 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/aaa/ProfileEntry.java
index bedb4b6..0f67180 100644
--- 
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/aaa/ProfileEntry.java
+++ 
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/aaa/ProfileEntry.java
@@ -8,13 +8,15 @@
 
     private String profile;
     private String authz;
+    boolean supportsPasswordAuthentication;
 
     public ProfileEntry() {
     }
 
-    public ProfileEntry(String profile, String authz) {
+    public ProfileEntry(String profile, String authz, boolean 
supportsPasswordAuthentication) {
         this.profile = profile;
         this.authz = authz;
+        this.supportsPasswordAuthentication = supportsPasswordAuthentication;
     }
 
     public String getProfile() {
@@ -25,6 +27,10 @@
         return authz;
     }
 
+    public boolean getSupportsPasswordAuthenication() {
+        return supportsPasswordAuthentication;
+    }
+
     public String toString() {
         return profile + " (" + authz + ")"; //$NON-NLS-1$  //$NON-NLS-2$
     }
diff --git 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java
 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java
index 8fac97b..7dd3047 100644
--- 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java
+++ 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/dataprovider/AsyncDataProvider.java
@@ -488,8 +488,8 @@
         return diskInterfaces;
     }
 
-    public void getAAAProfilesListViaPublic(AsyncQuery aQuery) {
-        convertAAAProfilesResult(aQuery);
+    public void getAAAProfilesListViaPublic(AsyncQuery aQuery, boolean 
passwordBasedOnly) {
+        convertAAAProfilesResult(aQuery, passwordBasedOnly);
         Frontend.getInstance().runPublicQuery(VdcQueryType.GetAAAProfileList, 
new VdcQueryParametersBase(), aQuery);
     }
 
@@ -1208,7 +1208,7 @@
     }
 
     public void getAAAProfilesList(AsyncQuery aQuery) {
-        convertAAAProfilesResult(aQuery);
+        convertAAAProfilesResult(aQuery, false);
         Frontend.getInstance().runQuery(VdcQueryType.GetAAAProfileList, new 
VdcQueryParametersBase(), aQuery);
     }
 
@@ -3798,14 +3798,16 @@
         }
     }
 
-    private static void convertAAAProfilesResult(AsyncQuery aQuery) {
+    private static void convertAAAProfilesResult(AsyncQuery aQuery, final 
boolean passwordBasedOnly) {
         aQuery.converterCallback = new IAsyncConverter() {
             @Override
             public Object Convert(Object source, AsyncQuery _asyncQuery)
             {
                 List<String> results = new ArrayList<String>();
                 for (ProfileEntry profileEntry : (Collection<ProfileEntry>) 
source) {
-                    results.add(profileEntry.getProfile());
+                    if (!passwordBasedOnly || 
profileEntry.getSupportsPasswordAuthenication()) {
+                        results.add(profileEntry.getProfile());
+                    }
                 }
                 return results;
             }
diff --git 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
index b1b1bf6..599b739 100644
--- 
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
+++ 
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
@@ -204,7 +204,7 @@
 
             }
         };
-        
AsyncDataProvider.getInstance().getAAAProfilesListViaPublic(_asyncQuery);
+        
AsyncDataProvider.getInstance().getAAAProfilesListViaPublic(_asyncQuery, true);
     }
 
     public void login()


-- 
To view, visit http://gerrit.ovirt.org/32732
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I74df82dcead1b88124b44cbec2ea43ef85768fce
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to