Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: reactivate user ......................................................................
aaa: reactivate user Reactive users in the following flow: 1. Login 2. AddUser 3. Periodic sync reactivate will occur with syncing the directory groups Change-Id: I556d8da48a858ce193865e84fb6c7cb4043a8e5b Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java 4 files changed, 39 insertions(+), 9 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/08/30208/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java index 8762617..3d5633b 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java @@ -10,6 +10,7 @@ import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.action.AddUserParameters; import org.ovirt.engine.core.common.businessentities.DbUser; +import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.dal.dbbroker.DbFacade; public class AddUserCommand<T extends AddUserParameters> extends CommandBase<T> { @@ -37,11 +38,20 @@ @Override protected void executeCommand() { - // First check if the user is already in the database, if it is we need to update, if not we need to insert: DbUser userToAdd = getParameters().getUserToAdd(); - SyncUsers.sync(Arrays.asList(userToAdd)); - setActionReturnValue(DbFacade.getInstance().getDbUserDao().getByExternalId(userToAdd.getDomain(), userToAdd.getExternalId()).getId()); - setSucceeded(true); + for (DbUser syncedUser : SyncUsers.sync(Arrays.asList(userToAdd))) { + if (Guid.isNullOrEmpty(syncedUser.getId())) { + if (syncedUser.isActive()) { + DbFacade.getInstance().getDbUserDao().save(syncedUser); + } + } else { + DbFacade.getInstance().getDbUserDao().update(syncedUser); + } + } + DbUser userFromDb = + DbFacade.getInstance().getDbUserDao().getByExternalId(userToAdd.getDomain(), userToAdd.getExternalId()); + setActionReturnValue(userFromDb.getId()); + setSucceeded(userFromDb.isActive()); } @Override diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java index 83f89ee..9297924 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java @@ -1,10 +1,13 @@ package org.ovirt.engine.core.bll; +import java.util.ArrayList; import java.util.HashMap; +import java.util.List; import java.util.Map; import java.util.concurrent.TimeUnit; import org.ovirt.engine.core.common.businessentities.DbGroup; +import org.ovirt.engine.core.common.businessentities.DbUser; import org.ovirt.engine.core.common.config.Config; import org.ovirt.engine.core.common.config.ConfigValues; import org.ovirt.engine.core.dal.dbbroker.DbFacade; @@ -52,7 +55,15 @@ */ @OnTimerMethodAnnotation("refreshAllUsers") public void refreshAllUsers() { - SyncUsers.sync(DbFacade.getInstance().getDbUserDao().getAll()); + List<DbUser> activeUsers = new ArrayList<>(); + for (DbUser dbUser : DbFacade.getInstance().getDbUserDao().getAll()) { + if (dbUser.isActive()) { + activeUsers.add(dbUser); + } + } + for (DbUser user : SyncUsers.sync(activeUsers)) { + DbFacade.getInstance().getDbUserDao().update(user); + } } } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java index 3d145f2..0a4f841 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java @@ -266,6 +266,14 @@ } DirectoryUtils.flatGroups(principalRecord); dbUser.setGroupIds(DirectoryUtils.getGroupIdsFromPrincipal(AuthzUtils.getName(profile.getAuthz()), principalRecord)); + if (!dbUser.isActive()) { + dbUser.setActive(true); + log.info( + String.format("The user %1$s was reactivated as it was found in authz provider %2$s during login attempt.", + dbUser.getLoginName(), + dbUser.getDomain()) + ); + } getDbUserDAO().saveOrUpdate(dbUser); // Check login permissions. We do it here and not via the diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java index 8ad22c5..bce943e 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SyncUsers.java @@ -11,7 +11,6 @@ import org.ovirt.engine.core.aaa.AuthzUtils; import org.ovirt.engine.core.aaa.DirectoryUtils; import org.ovirt.engine.core.common.businessentities.DbUser; -import org.ovirt.engine.core.dal.dbbroker.DbFacade; import org.ovirt.engine.core.extensions.mgr.ExtensionProxy; import org.ovirt.engine.core.utils.collections.MultiValueMapUtils; import org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager; @@ -22,7 +21,8 @@ private static final Log log = LogFactory.getLog(SyncUsers.class); - public static void sync(List<DbUser> dbUsers) { + public static List<DbUser> sync(List<DbUser> dbUsers) { + List<DbUser> usersToUpdate = new ArrayList<>(); Map<String, Map<String, Set<String>>> authzToNamespaceToUserIds = new HashMap<>(); Map<DirectoryEntryKey, DbUser> originalDbUsersMap = new HashMap<>(); Map<String, List<DbUser>> dbUsersPerAuthz = new HashMap<>(); @@ -64,14 +64,14 @@ log.info(String.format("The user %1$s from authz extension %2$s got updated since last interval", activeUser.getLoginName(), activeUser.getDomain())); - DbFacade.getInstance().getDbUserDao().saveOrUpdate(activeUser); + usersToUpdate.add(activeUser); } } else { log.info(String.format("The user %1$s from authz extension %2$s could not be found, and will be marked as inactive", dbUser.getLoginName(), dbUser.getDomain())); dbUser.setActive(false); - DbFacade.getInstance().getDbUserDao().saveOrUpdate(dbUser); + usersToUpdate.add(dbUser); } } } catch (Exception ex) { @@ -80,5 +80,6 @@ log.debug("", ex); } } + return usersToUpdate; } } -- To view, visit http://gerrit.ovirt.org/30208 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I556d8da48a858ce193865e84fb6c7cb4043a8e5b Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.5 Gerrit-Owner: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
