Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: AuthzUtils and legacy provider support fetchPrincipalRecord changes ......................................................................
aaa: AuthzUtils and legacy provider support fetchPrincipalRecord changes Change-Id: I5ba5d75449afd1ecdf75e7b335b4ab5cb32d10ce Bug-Url: https://bugzilla.redhat.com/1127623 Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java 2 files changed, 27 insertions(+), 8 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/13/31413/1 diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java index 14ccaa7..dab1e14 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java @@ -35,18 +35,26 @@ } public static ExtMap fetchPrincipalRecord(final ExtensionProxy extension, ExtMap authRecord) { - ExtMap ret = null; - ExtMap output = extension.invoke(new ExtMap().mput( + ExtMap input = new ExtMap().mput( Base.InvokeKeys.COMMAND, Authz.InvokeCommands.FETCH_PRINCIPAL_RECORD ).mput( Authn.InvokeKeys.AUTH_RECORD, authRecord - )); - if (output.<Integer>get(Authz.InvokeKeys.STATUS) == Authz.Status.SUCCESS) { - ret = output.<ExtMap> get(Authz.InvokeKeys.PRINCIPAL_RECORD); - } - return ret; + ); + return fetchPrincipalRecordImpl(extension, input); + } + + + public static ExtMap fetchPrincipalRecord(final ExtensionProxy extension, String principal) { + ExtMap input = new ExtMap().mput( + Base.InvokeKeys.COMMAND, + Authz.InvokeCommands.FETCH_PRINCIPAL_RECORD + ).mput( + Authz.InvokeKeys.PRINCIPAL, + principal + ); + return fetchPrincipalRecordImpl(extension, input); } public static Collection<ExtMap> fetchPrincipalsByIdsRecursively( @@ -301,6 +309,15 @@ return results; } + private static ExtMap fetchPrincipalRecordImpl(final ExtensionProxy extension, ExtMap input) { + ExtMap ret = null; + ExtMap output = extension.invoke(input); + if (output.<Integer> get(Authz.InvokeKeys.STATUS) == Authz.Status.SUCCESS) { + ret = output.<ExtMap> get(Authz.InvokeKeys.PRINCIPAL_RECORD); + } + return ret; + } + private static int queryFlagValue(boolean resolveGroups, boolean resolveGroupsRecursive) { int result = 0; if (resolveGroups) { diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java index 6b0929a..d32cbe6 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java @@ -177,11 +177,13 @@ } private void doFetchPrincipalRecord(ExtMap input, ExtMap output) { + ExtMap authRecord = input.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD); LdapReturnValueBase ldapResult = broker.runAdAction(AdActionType.GetAdUserByUserName, new LdapSearchByUserNameParameters(configuration, null, getDirectoryName(), - input.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD).<String> get(Authn.AuthRecord.PRINCIPAL))); + authRecord != null ? authRecord.<String> get(Authn.AuthRecord.PRINCIPAL) + : input.<String> get(Authz.InvokeKeys.PRINCIPAL))); output.mput( Authz.InvokeKeys.PRINCIPAL_RECORD, mapLdapUser(((LdapUser) ldapResult.getReturnValue())) -- To view, visit http://gerrit.ovirt.org/31413 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I5ba5d75449afd1ecdf75e7b335b4ab5cb32d10ce Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
