[GitHub] [guacamole-client] necouchman commented on a change in pull request #389: GUACAMOLE-708: Enable auto-creation of users in JDBC modules

[GitBox]

necouchman commented on a change in pull request #389: GUACAMOLE-708: Enable 
auto-creation of users in JDBC modules
URL: https://github.com/apache/guacamole-client/pull/389#discussion_r281221124
 
 

 ##########
 File path: 
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
 ##########
 @@ -460,6 +460,47 @@ public ModeledUser 
retrieveSkeletonUser(AuthenticationProvider authenticationPro
         return user;
         
     }
+    
+    /**
+     * Create a user in the database that does not already exist, setting up an
+     * empty model and inserting both the entity and the user object, and
+     * generating a random password for the account.
+     * 
+     * @param authenticationProvider
+     *     The authentication provider that authenticated the user.
+     * 
+     * @param authenticatedUser
+     *     The authenticated user that is being added to the database.
+     * 
+     * @return
+     *     The ModeledUser associated with the newly-created database object
+     *     for the user.
+     * 
+     * @throws GuacamoleException
+     *     If a ModeledUser cannot be created, or if the user cannot be
+     *     inserted into the database.
+     */
+    public ModeledUser createMissingUser(AuthenticationProvider 
authenticationProvider,
+            AuthenticatedUser authenticatedUser) throws GuacamoleException {
+        
+        ModeledUser user = getObjectInstance(null,
+                new UserModel(authenticatedUser.getIdentifier()));
+        
+        // Insert the database object
+        entityMapper.insert(user.getModel());
+            
+        // Auto-generate a password
+        user.setPassword(null);
+            
+        // Set up cyclic reference
+        user.setCurrentUser(new ModeledAuthenticatedUser(authenticatedUser,
+            authenticationProvider, user));
+            
+        // Insert the user object
+        userMapper.insert(user.getModel());
 
 Review comment:
   So, for using `createObject()`, the only issue I can see is that the current 
implementation of it requires the input of an already authenticated user who is 
creating the object, and then checks that the user is an Administrator.  So, we 
could do one of a couple of things:
   * Tweak the `createObject()` code to factor in System-created users in this 
instance.
   * Create some sort of internal definition of a SYSTEM user that can be 
passed into the `createObject()` method and that is, by definition, an 
Administrator.
   
   Thoughts?

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services