necouchman commented on a change in pull request #389: GUACAMOLE-708: Enable
auto-creation of users in JDBC modules
URL: https://github.com/apache/guacamole-client/pull/389#discussion_r386036760
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java
##########
@@ -460,6 +460,47 @@ public ModeledUser
retrieveSkeletonUser(AuthenticationProvider authenticationPro
return user;
}
+
+ /**
+ * Create a user in the database that does not already exist, setting up an
+ * empty model and inserting both the entity and the user object, and
+ * generating a random password for the account.
+ *
+ * @param authenticationProvider
+ * The authentication provider that authenticated the user.
+ *
+ * @param authenticatedUser
+ * The authenticated user that is being added to the database.
+ *
+ * @return
+ * The ModeledUser associated with the newly-created database object
+ * for the user.
+ *
+ * @throws GuacamoleException
+ * If a ModeledUser cannot be created, or if the user cannot be
+ * inserted into the database.
+ */
+ public ModeledUser createMissingUser(AuthenticationProvider
authenticationProvider,
+ AuthenticatedUser authenticatedUser) throws GuacamoleException {
+
+ ModeledUser user = getObjectInstance(null,
+ new UserModel(authenticatedUser.getIdentifier()));
+
+ // Insert the database object
+ entityMapper.insert(user.getModel());
+
+ // Auto-generate a password
+ user.setPassword(null);
+
+ // Set up cyclic reference
+ user.setCurrentUser(new ModeledAuthenticatedUser(authenticatedUser,
+ authenticationProvider, user));
+
+ // Insert the user object
+ userMapper.insert(user.getModel());
Review comment:
Okay, so, been taking a look at the options and trying some things out - I'm
determined to figure this out...
1. The first option - a wrapper class - seems like the least desirable to
me, so I've been mostly ignoring this route. Still a possibility, but the
other two seem a little more elegant.
2. The second option - an interface for permission gathering that can be
implemented by `RemoteAuthenticatedUser` and `ModeledAuthenticatedUser` - seems
like the best way to do this. **Question: Is there any reason the interface to
be implemented shouldn't be the `Permissions` interface, since it already
contains the permissions-gathering methods?**
3. I took a look at the third option - replacing `ModeledAuthenticatedUser`
with `User`, and, while it probably would be feasible in the end, it isn't
quite as simple as just swapping them out - particularly since
`ModeledAuthenticatedUser.getUser()` passes a `ModeledUser`, not a plain
`User`, which has some extra methods like `isAdministrator()` that have to be
factored in. So, either the `User` class (interface?) would have to have at
least the `isAdministrator()` method defined (stubbed), or we'd have to do
`ModeledUser` instead of `User`, but then this System user couldn't be defined
in the `guacamole-ext` package, it would have to be in the
`guacamole-jdbc-base` package, which may not be the best place for it.
Hopefully that makes sense.
4. I guess this brings up a fourth option that is a combination of two and
three - either add a handful of the permissions methods to the `User`
interface, and replace `ModeledAuthenticatedUser` with `User` such that
swapping out `ModeledAuthenticatedUser` with `User` would actually work.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
