[GitHub] [guacamole-client] necouchman commented on a change in pull request #389: GUACAMOLE-708: Enable auto-creation of users in JDBC modules

Sat, 20 Jun 2020 06:47:48 -0700 


necouchman commented on a change in pull request #389:
URL: https://github.com/apache/guacamole-client/pull/389#discussion_r443132178



##########
File path: 
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectService.java
##########
@@ -429,14 +429,19 @@ public InternalType 
retrieveObject(ModeledAuthenticatedUser user,
         
         // Build list of implicit permissions
         Collection<ObjectPermissionModel> implicitPermissions =
-                new 
ArrayList<ObjectPermissionModel>(IMPLICIT_OBJECT_PERMISSIONS.length);
+                new ArrayList<>();
 
         UserModel userModel = user.getUser().getModel();
         for (ObjectPermission.Type permission : IMPLICIT_OBJECT_PERMISSIONS) {
 
+            Integer entityId = userModel.getEntityID();
+            
+            if (entityId == null)
+                continue;

Review comment:
       Okay, took another couple of tries, but I've tweaked this a bit more.  
Let me know if that looks okay - essentially, in the `super` version of the 
`getImplicitPermissions()` method I'm either returning an `emptyList()` if the 
entity id is null, or an `unmodifiableCollection()` of permissions.  In the 
`UserService` version of `getImplicitPermissions()` I have it making a copy and 
then adding anything to it (`READ` for self) that it needs, and return another 
`unmodifiableCollection()` of those.  This makes the behavior consistent across 
both of those methods.

##########
File path: 
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
##########
@@ -126,9 +127,15 @@ public ModeledUserContext 
getUserContext(AuthenticationProvider authenticationPr
         }
         
         // If no user account is found, and database-specific account
-        // restrictions do not apply, get an empty user.
+        // restrictions do not apply, get a skeleton user.
         else if (!databaseRestrictionsApplicable) {
             user = userService.retrieveSkeletonUser(authenticationProvider, 
authenticatedUser);
+            
+            // If auto account creation is enabled, add user to DB.
+            if(environment.autoCreateAbsentAccounts()) {

Review comment:
       -Sigh-




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to