(cloudstack) branch 4.19 updated: Accept a role ID on linking an account to LDAP (#8236)

Tue, 25 Jun 2024 12:57:23 -0700 

This is an automated email from the ASF dual-hosted git repository.

sureshanaparti pushed a commit to branch 4.19
in repository https://gitbox.apache.org/repos/asf/cloudstack.git


The following commit(s) were added to refs/heads/4.19 by this push:
     new 6d7c042bc1d Accept a role ID on linking an account to LDAP (#8236)
6d7c042bc1d is described below

commit 6d7c042bc1de8fd1cda59fdd1c9fd6b4c4f848dd
Author: dahn <[email protected]>
AuthorDate: Tue Jun 25 21:56:28 2024 +0200

    Accept a role ID on linking an account to LDAP (#8236)
    
    * accept role on link account to ldap
    
    * reformat tests
    
    * validation
    
    * Update 
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
    
    Co-authored-by: Suresh Kumar Anaparti <[email protected]>
---
 .../cloudstack/api/command/LinkAccountToLdapCmd.java | 17 ++++++++++++++---
 .../org/apache/cloudstack/ldap/LdapManagerImpl.java  |  3 ++-
 test/integration/component/test_ldap.py              |  7 +------
 test/integration/plugins/ldap/test_ldap.py           | 20 +++++++++-----------
 4 files changed, 26 insertions(+), 21 deletions(-)

diff --git 
a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
 
b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
index af5420ef488..16f68b01468 100644
--- 
a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
+++ 
b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
@@ -33,6 +33,7 @@ import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.DomainResponse;
 import org.apache.cloudstack.api.response.LinkAccountToLdapResponse;
 import org.apache.cloudstack.api.response.LinkDomainToLdapResponse;
+import org.apache.cloudstack.api.response.RoleResponse;
 import org.apache.cloudstack.ldap.LdapManager;
 import org.apache.cloudstack.ldap.LdapUser;
 import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException;
@@ -63,9 +64,12 @@ public class LinkAccountToLdapCmd extends BaseCmd {
     @Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required 
= false, description = "domain admin username in LDAP ")
     private String admin;
 
-    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, 
required = true, description = "Type of the account to auto import. Specify 0 
for user and 2 for "
+    @Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, 
required = false, description = "Type of the account to auto import. Specify 0 
for user and 2 for "
             + "domain admin")
-    private int accountType;
+    private Integer accountType;
+
+    @Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, 
entityType = RoleResponse.class, required = false, description = "Creates the 
account under the specified role.", since="4.19.1")
+    private Long roleId;
 
     @Inject
     private LdapManager _ldapManager;
@@ -134,7 +138,14 @@ public class LinkAccountToLdapCmd extends BaseCmd {
     }
 
     public Account.Type getAccountType() {
-        return Account.Type.getFromValue(accountType);
+        if (accountType == null) {
+            return RoleType.getAccountTypeByRole(roleService.findRole(roleId), 
null);
+        }
+        return RoleType.getAccountTypeByRole(roleService.findRole(roleId), 
Account.Type.getFromValue(accountType.intValue()));
+    }
+
+    public Long getRoleId() {
+        return RoleType.getRoleByAccountType(roleId, getAccountType());
     }
 
     @Override
diff --git 
a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
 
b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
index b5b67c0c0a5..6ed79a0c69f 100644
--- 
a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ 
b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -451,11 +451,12 @@ public class LdapManagerImpl extends 
ComponentLifecycleBase implements LdapManag
         Validate.notEmpty(cmd.getLdapDomain(), "ldapDomain cannot be empty, 
please supply a GROUP or OU name");
         Validate.notNull(cmd.getType(), "type cannot be null. It should either 
be GROUP or OU");
         Validate.notEmpty(cmd.getLdapDomain(), "GROUP or OU name cannot be 
empty");
+        Validate.isTrue(cmd.getAccountType() != null || cmd.getRoleId() != 
null, "Either account type or role ID must be given");
 
         LinkType linkType = 
LdapManager.LinkType.valueOf(cmd.getType().toUpperCase());
         Account account = 
accountDao.findActiveAccount(cmd.getAccountName(),cmd.getDomainId());
         if (account == null) {
-            account = new AccountVO(cmd.getAccountName(), cmd.getDomainId(), 
null, cmd.getAccountType(), UUID.randomUUID().toString());
+            account = new AccountVO(cmd.getAccountName(), cmd.getDomainId(), 
null, cmd.getAccountType(), cmd.getRoleId(), UUID.randomUUID().toString());
             accountDao.persist((AccountVO)account);
         }
 
diff --git a/test/integration/component/test_ldap.py 
b/test/integration/component/test_ldap.py
index 6c6179e292b..8a9fd4cf5e6 100644
--- a/test/integration/component/test_ldap.py
+++ b/test/integration/component/test_ldap.py
@@ -52,12 +52,7 @@ class TestLdap(cloudstackTestCase):
 
     @classmethod
     def tearDownClass(cls):
-        try:
-            cleanup_resources(cls.api_client, cls._cleanup)
-
-        except Exception as tde:
-            raise Exception("Warning: Exception during cleanup : %s" % tde)
-        return
+        super(TestLdap, cls).tearDownClass()
 
     def setUp(self):
 
diff --git a/test/integration/plugins/ldap/test_ldap.py 
b/test/integration/plugins/ldap/test_ldap.py
index fd0aecfab45..6746f3289f7 100644
--- a/test/integration/plugins/ldap/test_ldap.py
+++ b/test/integration/plugins/ldap/test_ldap.py
@@ -101,11 +101,13 @@ class TestLDAP(cloudstackTestCase):
     def tearDownClass(cls):
         cls.logger.info("Tearing Down Class")
         try:
-            cleanup_resources(cls.apiclient, reversed(cls._cleanup))
-            cls.remove_ldap_configuration_for_domains()
-            cls.logger.debug("done cleaning up resources in tearDownClass(cls) 
%s")
-        except Exception as e:
-            cls.logger.debug("Exception in tearDownClass(cls): %s" % e)
+            super(TestLDAP, cls).tearDownClass()
+        finally:
+            try:
+                cls.remove_ldap_configuration_for_domains()
+                cls.logger.debug("done cleaning up resources in 
tearDownClass(cls) %s")
+            except Exception as e:
+                cls.logger.debug("Exception in tearDownClass(cls): %s" % e)
 
     def setUp(self):
         self.cleanup = []
@@ -116,11 +118,7 @@ class TestLDAP(cloudstackTestCase):
         return
 
     def tearDown(self):
-        try:
-            cleanup_resources(self.apiclient, self.cleanup)
-        except Exception as e:
-            raise Exception("Warning: Exception during cleanup : %s" % e)
-        return
+        super(TestLDAP, self).tearDown()
 
     @attr(tags=["smoke", "advanced"], required_hardware="false")
     def test_01_manual(self):
@@ -349,8 +347,8 @@ class TestLDAP(cloudstackTestCase):
         if parent_domain:
             domain_to_create["parentdomainid"] = parent_domain
         tmpDomain = Domain.create(cls.apiclient, domain_to_create)
-        cls.logger.debug("Created domain %s with id %s " % (tmpDomain.name, 
tmpDomain.id))
         cls._cleanup.append(tmpDomain)
+        cls.logger.debug("Created domain %s with id %s " % (tmpDomain.name, 
tmpDomain.id))
         return tmpDomain
 
     @classmethod

Reply via email to