mike-jumper commented on a change in pull request #389:
URL: https://github.com/apache/guacamole-client/pull/389#discussion_r443151518
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/conf/MySQLGuacamoleProperties.java
##########
@@ -240,5 +240,18 @@ private MySQLGuacamoleProperties() {}
public String getName() { return "mysql-ssl-client-password"; }
};
+
+ /**
+ * Wether or not to automatically create accounts in the MySQL database for
Review comment:
Whether*
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectService.java
##########
@@ -427,16 +427,22 @@ public InternalType
retrieveObject(ModeledAuthenticatedUser user,
protected Collection<ObjectPermissionModel>
getImplicitPermissions(ModeledAuthenticatedUser user,
ModelType model) {
+ // Get the user model and check for an entity ID.
+ UserModel userModel = user.getUser().getModel();
+ Integer entityId = userModel.getEntityID();
+ if (entityId == null)
+ return Collections.emptyList();
Review comment:
I'm still unclear on the circumstances that would cause `entityId` to be
`null`. The entity serves as the permission-receiving base of either a user or
a group, and referential integrity constraints guarantee that neither a user
nor a group can be inserted without a corresponding entity.
For users, the entity is currently automatically inserted during creation of
the user within `beforeCreate()` (invoked by `createObject()`):
https://github.com/apache/guacamole-client/blob/e1f95b87636705931fff50fd37598bb63a26ae48/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java#L253-L254
Is there something going on which leads to this check being required? If so,
and `entityId` can indeed be `null` here, how are things working without an
entity?
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/conf/SQLServerGuacamoleProperties.java
##########
@@ -193,5 +193,18 @@ private SQLServerGuacamoleProperties() {}
public String getName() { return "sqlserver-driver"; }
};
+
+ /**
+ * Wether or not to automatically create accounts in the SQL Server
database
Review comment:
Whether*
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectService.java
##########
@@ -464,7 +470,9 @@ public InternalType createObject(ModeledAuthenticatedUser
user, ExternalType obj
object.setIdentifier(model.getIdentifier());
// Add implicit permissions
- getPermissionMapper().insert(getImplicitPermissions(user, model));
+ Collection<ObjectPermissionModel> implicitPermissions =
getImplicitPermissions(user, model);
+ if (implicitPermissions != null && !implicitPermissions.isEmpty())
Review comment:
When does `getImplicitPermissions()` return `null`?
##########
File path:
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/java/org/apache/guacamole/auth/postgresql/conf/PostgreSQLGuacamoleProperties.java
##########
@@ -233,4 +233,17 @@ private PostgreSQLGuacamoleProperties() {}
};
+ /**
+ * Wether or not to automatically create accounts in the PostgreSQL
database
Review comment:
Whether*
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
