[GitHub] [guacamole-client] jmuehlner commented on a diff in pull request #751: GUACAMOLE-1656: Add per-user KSM vault functionality.

Wed, 21 Sep 2022 12:06:23 -0700 


jmuehlner commented on code in PR #751:
URL: https://github.com/apache/guacamole-client/pull/751#discussion_r976894128


##########
extensions/guacamole-vault/modules/guacamole-vault-ksm/src/main/java/org/apache/guacamole/vault/ksm/secret/KsmSecretService.java:
##########
@@ -386,6 +482,38 @@ public Map<String, Future<String>> getTokens(UserContext 
userContext, Connectabl
                 addRecordTokens(tokens, "KEEPER_USER_",
                         ksm.getRecordByLogin(filter.filter(username), null));
         }
+    }
+
+    @Override
+    public Map<String, Future<String>> getTokens(UserContext userContext, 
Connectable connectable,
+            GuacamoleConfiguration config, TokenFilter filter) throws 
GuacamoleException {
+
+        Map<String, Future<String>> tokens = new HashMap<>();
+        Map<String, String> parameters = config.getParameters();
+
+        // Attempt to find a KSM config for this connection or group
+        String ksmConfig = getConnectionGroupKsmConfig(userContext, 
connectable);
+
+        // Create a list containing just the global / connection group config
+        List<KsmClient> ksmClients = new ArrayList<>(2);
+        ksmClients.add(getClient(ksmConfig));
+
+        // Only use the user-specific KSM config if explicitly enabled in the 
global
+        // configuration, AND for the specific connectable being connected to
+        String userKsmConfig = getUserKSMConfig(userContext, connectable);
+        if (userKsmConfig != null && !userKsmConfig.trim().isEmpty())
+            ksmClients.add(0, getClient(userKsmConfig));
+
+        // Iterate through the KSM clients, processing using the user-specific
+        // config first (if it exists), to ensure that any admin-defined values
+        // will override the user-specific values
+        Iterator<KsmClient> ksmIterator = ksmClients.iterator();
+        while (ksmIterator.hasNext()) {
+
+            // Add tokens to the Connectable for each KSM client
+            addConnectableTokens(
+                    config, ksmIterator.next(), tokens, parameters, filter);
+        }

Review Comment:
   No good reason - this was a holdover from when there was a lot more stuff in 
this loop. I'll remove the list.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to