Juan Hernandez has uploaded a new change for review. Change subject: [WIP] Add generic directory support to DbUserCacheManager ......................................................................
[WIP] Add generic directory support to DbUserCacheManager This change replaces the previous LDAP specific code with the new generic directory interfaces in the user cache manager. Change-Id: I7875163dfd9f0d7fca938ac642761d4dd71ffab0 Signed-off-by: Juan Hernandez <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java 1 file changed, 37 insertions(+), 35 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/70/15770/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java index 4736212..7962708 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java @@ -12,9 +12,8 @@ import org.ovirt.engine.core.bll.adbroker.AdActionType; import org.ovirt.engine.core.bll.adbroker.LdapBrokerUtils; import org.ovirt.engine.core.bll.adbroker.LdapFactory; -import org.ovirt.engine.core.bll.adbroker.LdapSearchByIdParameters; import org.ovirt.engine.core.bll.adbroker.LdapSearchByUserIdListParameters; -import org.ovirt.engine.core.bll.adbroker.UsersDomainsCacheManagerService; +import org.ovirt.engine.core.bll.directory.DirectoryManager; import org.ovirt.engine.core.common.businessentities.AsyncTaskStatusEnum; import org.ovirt.engine.core.common.businessentities.DbUser; import org.ovirt.engine.core.common.businessentities.LdapGroup; @@ -22,6 +21,8 @@ import org.ovirt.engine.core.common.businessentities.LdapUser; import org.ovirt.engine.core.common.config.Config; import org.ovirt.engine.core.common.config.ConfigValues; +import org.ovirt.engine.core.common.users.Directory; +import org.ovirt.engine.core.common.users.DirectoryGroup; import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.dal.dbbroker.DbFacade; import org.ovirt.engine.core.utils.linq.LinqUtils; @@ -257,44 +258,45 @@ group.setdomain(newDomainName); } - // We check if the domain is null or empty for internal groups. - // An internal group does not have a domain, and there is no need to query - // the ldap server for it. Note that if we will add support in the future for - // domain-less groups in the ldap server then this code will have to change in order - // to fetch for them - if (group.getdomain() != null && !group.getdomain().isEmpty()) { - if (UsersDomainsCacheManagerService.getInstance().getDomain(group.getdomain()) == null) { - log.errorFormat("Cannot query for group {0} from domain {1} because the domain is not configured. Please use the manage domains utility if you wish to add this domain.", - group.getname(), - group.getdomain()); - } else { - LdapGroup groupFromAD = - (LdapGroup) LdapFactory - .getInstance(group.getdomain()) - .RunAdAction(AdActionType.GetAdGroupByGroupId, - new LdapSearchByIdParameters(group.getdomain(), group.getid())) - .getReturnValue(); - if (group.getstatus() == LdapRefStatus.Active - && (groupFromAD == null || groupFromAD.getstatus() == LdapRefStatus.Inactive)) { - group.setstatus(LdapRefStatus.Inactive); - DbFacade.getInstance().getAdGroupDao().update(group); - } else if (groupFromAD != null - && (!StringUtils.equals(group.getname(), groupFromAD.getname()) - || group.getstatus() != groupFromAD - .getstatus() || !StringUtils.equals(group.getDistinguishedName(), - groupFromAD.getDistinguishedName()))) { - DbFacade.getInstance().getAdGroupDao().update(groupFromAD); - } - // memberOf is not persistent and should be set in the returned groups list from the LDAP queries - if (groupFromAD != null) { - group.setMemberOf(groupFromAD.getMemberOf()); - } + // Check if there is a directory corresponding to the group, if it + // isn't we should issue a warning and mark the group as inactive: + Directory directory = DirectoryManager.getInstance().getDirectory(group.getdomain()); + if (directory == null) { + log.error( + "Cannot query for group \"" + group.getname() + "\" " + + "from domain \"" + group.getdomain() + "\" because " + + "the domain is not configured. Please use the manage " + + "domains utility if you wish to add this domain." + ); + if (group.getstatus() == LdapRefStatus.Active) { + group.setstatus(LdapRefStatus.Inactive); + DbFacade.getInstance().getAdGroupDao().update(group); } + break; + } + + // Try to find the group in the directory, the result can + // be null as it may have been deleted: + DirectoryGroup directoryGroup = directory.findGroupById(group.getid()); + + // If the group doesn't exist in the directory and it is + // marked as active in the database then we have to mark it + // as inactive: + if (directoryGroup == null && group.getstatus() == LdapRefStatus.Active) { + group.setstatus(LdapRefStatus.Inactive); + DbFacade.getInstance().getAdGroupDao().update(group); + } + + // If the group exists in the directory and it is marked as + // inactive in the database then we have to mark it as + // active: + if (directoryGroup != null && group.getstatus() == LdapRefStatus.Inactive) { + group.setstatus(LdapRefStatus.Inactive); + DbFacade.getInstance().getAdGroupDao().update(directoryGroup); } } return groups; - } public void Dispose() { -- To view, visit http://gerrit.ovirt.org/15770 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7875163dfd9f0d7fca938ac642761d4dd71ffab0 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Juan Hernandez <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
