Hello Yair Zaslavsky,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/31552
to review the following change.
Change subject: aaa: Fix add users
......................................................................
aaa: Fix add users
Topic: AAA
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1127623
Change-Id: Ie0384bab5abb6b8e1b1c9d1582bc630ea012cd4f
Signed-off-by: Yair Zaslavsky <[email protected]>
---
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java
M
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectoryIdQueryParameters.java
D
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectorySearchParameters.java
A
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/ResourceConstants.java
M
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupsResource.java
M
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainUsersResource.java
M
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResource.java
M
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResource.java
M
backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupResourceTest.java
M
backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResourceTest.java
M
backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResourceTest.java
M
frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/users/AdElementListModel.java
15 files changed, 163 insertions(+), 146 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/52/31552/1
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java
index 9bebaeb..907c0d4 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java
@@ -1,18 +1,24 @@
package org.ovirt.engine.core.bll;
public class QueryData {
- public QueryData(String query, long date, String domain) {
+ public QueryData(String query, long date, String authz, String namespace) {
this.query = query;
this.date = date;
- this.domain = domain;
+ this.authz = authz;
+ this.namespace = namespace;
}
private final String query;
private final long date;
- private final String domain;
+ private final String authz;
+ private final String namespace;
- public String getDomain() {
- return domain;
+ public String getAuthz() {
+ return authz;
+ }
+
+ public String getNamespace() {
+ return namespace;
}
public String getQuery() {
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java
index 0e7810f..260cfcf 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java
@@ -7,6 +7,7 @@
import java.util.HashMap;
import java.util.List;
+import org.apache.commons.lang.StringUtils;
import org.ovirt.engine.core.aaa.AuthenticationProfileRepository;
import org.ovirt.engine.core.aaa.DirectoryGroup;
import org.ovirt.engine.core.aaa.DirectoryUser;
@@ -33,7 +34,6 @@
import org.ovirt.engine.core.common.config.ConfigValues;
import
org.ovirt.engine.core.common.errors.SearchEngineIllegalCharacterException;
import org.ovirt.engine.core.common.errors.SqlInjectionException;
-import org.ovirt.engine.core.common.queries.DirectorySearchParameters;
import org.ovirt.engine.core.common.queries.SearchParameters;
import org.ovirt.engine.core.common.queries.VdcQueryParametersBase;
import org.ovirt.engine.core.common.queries.VdcQueryType;
@@ -180,24 +180,17 @@
if (data == null) {
return Collections.emptyList();
}
-
- ExtensionProxy authz =
EngineExtensionsManager.getInstance().getExtensionByName(data.getDomain());
- DirectorySearchParameters directorySearchParams =
(DirectorySearchParameters) getParameters();
- List<String> namespaces =
Arrays.asList(directorySearchParams.getNamespace());
- if (directorySearchParams.getNamespace() == null) {
- HashMap<String, List<String>> namespacesMap =
- runInternalQuery(VdcQueryType.GetAvailableNamespaces, new
VdcQueryParametersBase()).getReturnValue();
- namespaces = namespacesMap.get(data.getDomain());
- }
+ ExtensionProxy authz =
EngineExtensionsManager.getInstance().getExtensionByName(data.getAuthz());
List<DirectoryUser> results = new ArrayList<>();
- for (String namespace : namespaces) {
+ for (String namespace : getNamespaces(data)) {
results.addAll(DirectoryUtils.findDirectoryUsersByQuery(authz,
namespace,
data.getQuery()));
}
return results;
}
+
private List<DirectoryGroup> searchDirectoryGroups() {
// Parse the query:
@@ -206,22 +199,27 @@
return Collections.emptyList();
}
- ExtensionProxy authz =
EngineExtensionsManager.getInstance().getExtensionByName(data.getDomain());
- DirectorySearchParameters directorySearchParams =
(DirectorySearchParameters) getParameters();
- List<String> namespaces =
Arrays.asList(directorySearchParams.getNamespace());
- if (directorySearchParams.getNamespace() == null) {
- HashMap<String, List<String>> namespacesMap =
- runInternalQuery(VdcQueryType.GetAvailableNamespaces, new
VdcQueryParametersBase()).getReturnValue();
- namespaces = namespacesMap.get(data.getDomain());
- }
+ ExtensionProxy authz =
EngineExtensionsManager.getInstance().getExtensionByName(data.getAuthz());
List<DirectoryGroup> results = new ArrayList<>();
- for (String namespace : namespaces) {
+ for (String namespace : getNamespaces(data)) {
results.addAll(DirectoryUtils.findDirectoryGroupsByQuery(authz,
namespace,
data.getQuery()));
}
return results;
+ }
+
+ private List<String> getNamespaces(QueryData data) {
+ List<String> namespaces = null;
+ if (StringUtils.isNotEmpty(data.getNamespace())) {
+ namespaces = Arrays.asList(data.getNamespace());
+ } else {
+ HashMap<String, List<String>> namespacesMap =
+ runInternalQuery(VdcQueryType.GetAvailableNamespaces, new
VdcQueryParametersBase()).getReturnValue();
+ namespaces = namespacesMap.get(data.getAuthz());
+ }
+ return namespaces;
}
private List<DbUser> searchDbUsers() {
@@ -338,7 +336,8 @@
// search text.
if (!isExistsValue || IsFromYesterday) {
log.debugFormat("ResourceManager::searchBusinessObjects(''{0}'') - entered",
searchText);
- String queryDomain = null;
+ String queryAuthz = null;
+ String queryNamespace = null;
ISyntaxChecker curSyntaxChecker;
String[] splitted = searchText.split("[:@ ]");
final String objectName = splitted[0].toUpperCase();
@@ -347,11 +346,13 @@
|| (SearchObjects.AD_GROUP_OBJ_NAME.equals(objectName))
||
(SearchObjects.AD_GROUP_PLU_OBJ_NAME.equals(objectName))) {
if (searchText.indexOf('@') > 0 && splitted.length > 1) {
- queryDomain = splitted[1];
+ queryAuthz = splitted[1];
+ queryNamespace = splitted[2];
searchText = searchText.substring(0,
searchText.indexOf('@'))
- +
searchText.substring(searchText.indexOf(':'));
+ + searchText.substring(searchText.indexOf(':',
searchText.indexOf(':') + 1));
} else {
- queryDomain = getDefaultDomain();
+ queryAuthz = getDefaultAuthz();
+ queryNamespace = null;
}
curSyntaxChecker =
SyntaxCheckerFactory.createADSyntaxChecker(Config
.<String>getValue(ConfigValues.AuthenticationMethod));
@@ -397,7 +398,7 @@
data =
new
QueryData(curSyntaxChecker.generateQueryFromSyntaxContainer(searchObj, isSafe),
DateTime.getNow().getTime(),
- queryDomain);
+ queryAuthz, queryNamespace);
// when looking for tags , the query contains all parent
children tag id's
// statically, therefore , in order to reflect changes in the
parent tree
// we should not rely on the cached query in such case and
have to build the
@@ -418,7 +419,7 @@
return data;
}
- protected String getDefaultDomain() {
+ protected String getDefaultAuthz() {
return
AuthenticationProfileRepository.getInstance().getProfiles().get(0).getName();
}
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java
index 1ed3854..8d84408 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java
@@ -1,5 +1,6 @@
package org.ovirt.engine.core.bll.aaa;
+import java.util.Arrays;
import java.util.List;
import org.ovirt.engine.api.extensions.aaa.Authz;
@@ -23,7 +24,7 @@
if (authz == null) {
getQueryReturnValue().setSucceeded(false);
} else {
- for (String namespace : authz.getContext().<List<String>>
get(Authz.ContextKeys.AVAILABLE_NAMESPACES)) {
+ for (String namespace : getParameters().constainsNamespace() ?
Arrays.asList(getParameters().getNamespace()) :
authz.getContext().<List<String>> get(Authz.ContextKeys.AVAILABLE_NAMESPACES)) {
final DirectoryGroup group =
DirectoryUtils.findDirectoryGroupById(authz, namespace, id, false, false);
if (group != null) {
getQueryReturnValue().setReturnValue(group);
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java
index 6c1a4a2..4c3fde2 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java
@@ -1,5 +1,6 @@
package org.ovirt.engine.core.bll.aaa;
+import java.util.Arrays;
import java.util.List;
import org.ovirt.engine.api.extensions.aaa.Authz;
@@ -23,7 +24,7 @@
if (authz == null) {
getQueryReturnValue().setSucceeded(false);
} else {
- for (String namespace : authz.getContext().<List<String>>
get(Authz.ContextKeys.AVAILABLE_NAMESPACES)) {
+ for (String namespace : getParameters().constainsNamespace() ?
Arrays.asList(getParameters().getNamespace()) :
authz.getContext().<List<String>> get(Authz.ContextKeys.AVAILABLE_NAMESPACES)) {
DirectoryUser user =
DirectoryUtils.findDirectoryUserById(authz, namespace, id, false, false);
if (user != null) {
getQueryReturnValue().setReturnValue(user);
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectoryIdQueryParameters.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectoryIdQueryParameters.java
index 8fea853..47d0ecd 100644
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectoryIdQueryParameters.java
+++
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectoryIdQueryParameters.java
@@ -9,13 +9,19 @@
private String domain;
private String id;
+ private String namespace;
public DirectoryIdQueryParameters() {
// Nothing.
}
public DirectoryIdQueryParameters(String domain, String id) {
+ this(domain, "", id);
+ }
+
+ public DirectoryIdQueryParameters(String domain, String namespace, String
id) {
this.domain = domain;
+ this.namespace = namespace;
this.id = id;
}
@@ -27,11 +33,23 @@
return domain;
}
+ public void setNamespace(String namespace) {
+ this.namespace = namespace;
+ }
+
public void setId(String id) {
this.id = id;
}
+ public String getNamespace() {
+ return namespace;
+ }
+
public String getId() {
return id;
}
+
+ public boolean constainsNamespace() {
+ return namespace != null && !namespace.isEmpty();
+ }
}
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectorySearchParameters.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectorySearchParameters.java
deleted file mode 100644
index f96e975..0000000
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/DirectorySearchParameters.java
+++ /dev/null
@@ -1,40 +0,0 @@
-package org.ovirt.engine.core.common.queries;
-
-import org.ovirt.engine.core.common.interfaces.SearchType;
-
-public class DirectorySearchParameters extends SearchParameters {
-
- /**
- *
- */
- private static final long serialVersionUID = 1831775270159639568L;
-
- private String namespace;
-
- public DirectorySearchParameters() {
- super();
- }
-
- public DirectorySearchParameters(String searchPattern, SearchType
searchType, String namespace) {
- super(searchPattern, searchType);
- this.namespace = namespace;
- }
-
- public DirectorySearchParameters(String searchPattern, SearchType
searchType) {
- this(searchPattern, searchType, null);
- }
-
- public DirectorySearchParameters(String searchPattern,
- SearchType searchType,
- boolean caseSensitive,
- String namespace) {
- super(searchPattern, searchType, caseSensitive);
- this.namespace = namespace;
- }
-
- public String getNamespace() {
- return namespace;
- }
-
-
-}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/ResourceConstants.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/ResourceConstants.java
new file mode 100644
index 0000000..262d92f
--- /dev/null
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/ResourceConstants.java
@@ -0,0 +1,9 @@
+package org.ovirt.engine.api.restapi.resource;
+
+public class ResourceConstants {
+
+ public static final String AAA_GROUPS_SEARCH_TEMPLATE = "ADGROUP@{0}:{1}:
";
+ public static final String AAA_PRINCIPALS_SEARCH_TEMPLATE =
"ADUSER@{0}:{1}: ";
+
+
+}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupsResource.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupsResource.java
index 4a0e452..14faa78 100644
---
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupsResource.java
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupsResource.java
@@ -11,11 +11,10 @@
import org.ovirt.engine.api.resource.aaa.DomainGroupResource;
import org.ovirt.engine.api.resource.aaa.DomainGroupsResource;
import org.ovirt.engine.api.restapi.resource.AbstractBackendSubResource;
+import org.ovirt.engine.api.restapi.resource.ResourceConstants;
import org.ovirt.engine.api.restapi.resource.SingleEntityResource;
import org.ovirt.engine.core.aaa.DirectoryGroup;
import org.ovirt.engine.core.common.interfaces.SearchType;
-import org.ovirt.engine.core.common.queries.DirectorySearchParameters;
-import org.ovirt.engine.core.common.queries.SearchParameters;
/**
* This resource corresponds to the groups that exist in a directory
accessible to the engine. Those groups may or may
@@ -25,7 +24,6 @@
public class BackendDomainGroupsResource
extends AbstractBackendSubResource<Group, DirectoryGroup>
implements DomainGroupsResource {
- private static final String SEARCH_TEMPLATE = "ADGROUP@{0}: ";
private BackendDomainResource parent;
@@ -40,11 +38,6 @@
public BackendDomainResource getParent() {
return parent;
- }
-
- @Override
- protected SearchParameters createSearchParameters(SearchType searchType,
String constraint) {
- return new DirectorySearchParameters(constraint, searchType);
}
public Domain getDirectory() {
@@ -64,7 +57,7 @@
false
);
StringBuilder sb = new StringBuilder(128);
- sb.append(MessageFormat.format(SEARCH_TEMPLATE,
parent.getDirectory().getName()));
+
sb.append(MessageFormat.format(ResourceConstants.AAA_GROUPS_SEARCH_TEMPLATE,
parent.getDirectory().getName(), ""));
sb.append(StringUtils.isEmpty(constraint)? "allnames=*": constraint);
return sb.toString();
}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainUsersResource.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainUsersResource.java
index a4b4652..a7a783f 100644
---
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainUsersResource.java
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainUsersResource.java
@@ -11,11 +11,10 @@
import org.ovirt.engine.api.resource.aaa.DomainUserResource;
import org.ovirt.engine.api.resource.aaa.DomainUsersResource;
import org.ovirt.engine.api.restapi.resource.AbstractBackendSubResource;
+import org.ovirt.engine.api.restapi.resource.ResourceConstants;
import org.ovirt.engine.api.restapi.resource.SingleEntityResource;
import org.ovirt.engine.core.aaa.DirectoryUser;
import org.ovirt.engine.core.common.interfaces.SearchType;
-import org.ovirt.engine.core.common.queries.DirectorySearchParameters;
-import org.ovirt.engine.core.common.queries.SearchParameters;
/**
* This resource corresponds to the users that exist in a directory accessible
@@ -26,8 +25,6 @@
public class BackendDomainUsersResource
extends AbstractBackendSubResource<User, DirectoryUser>
implements DomainUsersResource {
-
- private static final String SEARCH_TEMPLATE = "ADUSER@{0}: ";
private BackendDomainResource parent;
@@ -49,11 +46,6 @@
}
@Override
- protected SearchParameters createSearchParameters(SearchType searchType,
String constraint) {
- return new DirectorySearchParameters(constraint, searchType);
- }
-
- @Override
@SingleEntityResource
public DomainUserResource getDomainUserSubResource(String id) {
return inject(new BackendDomainUserResource(id, this));
@@ -62,7 +54,7 @@
private String getSearchPattern() {
String constraint = QueryHelper.getConstraint(getUriInfo(),
DirectoryUser.class, false);
StringBuilder sb = new StringBuilder(128);
- sb.append(MessageFormat.format(SEARCH_TEMPLATE,
parent.getDirectory().getName()));
+
sb.append(MessageFormat.format(ResourceConstants.AAA_PRINCIPALS_SEARCH_TEMPLATE,
parent.getDirectory().getName(), ""));
sb.append(StringUtils.isEmpty(constraint)? "allnames=*": constraint);
return sb.toString();
}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResource.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResource.java
index 6936fc0..89c38c9 100644
---
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResource.java
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResource.java
@@ -14,7 +14,9 @@
import org.ovirt.engine.api.resource.aaa.GroupResource;
import org.ovirt.engine.api.resource.aaa.GroupsResource;
import org.ovirt.engine.api.restapi.resource.AbstractBackendCollectionResource;
+import org.ovirt.engine.api.restapi.resource.ResourceConstants;
import org.ovirt.engine.api.restapi.resource.SingleEntityResource;
+import org.ovirt.engine.api.restapi.utils.DirectoryEntryIdUtils;
import org.ovirt.engine.core.aaa.DirectoryGroup;
import org.ovirt.engine.core.common.action.AddGroupParameters;
import org.ovirt.engine.core.common.action.IdParameters;
@@ -40,12 +42,6 @@
private static final String GROUPS_SEARCH_PATTERN = "grpname != \"\"";
private static final String AND_SEARCH_PATTERN = " and ";
-
- /**
- * This search pattern is used when searching for the directory group that
will be added to the database when the
- * {@code add} operation is performed.
- */
- private static final String DIRECTORY_GROUP_SEARCH_TEMPLATE =
"ADGROUP@{0}: ";
public BackendGroupsResource() {
super(Group.class, DbGroup.class, SUB_COLLECTIONS);
@@ -110,7 +106,7 @@
String constraint = QueryHelper.getConstraint(getUriInfo(),
DbGroup.class, false);
final StringBuilder sb = new StringBuilder(128);
- sb.append(MessageFormat.format(DIRECTORY_GROUP_SEARCH_TEMPLATE,
domain));
+
sb.append(MessageFormat.format(ResourceConstants.AAA_GROUPS_SEARCH_TEMPLATE,
domain, ""));
sb.append(StringUtils.isEmpty(constraint) ?
"allnames=" + groupname
@@ -180,19 +176,12 @@
*/
private DirectoryGroup findDirectoryGroup(String directoryName, Group
groupModel) {
// Try to find a group that matches the identifier contained in the
model:
+ String namespace = groupModel.getNamespace();
if (groupModel.isSetId()) {
- String groupId = groupModel.getId();
- return getEntity(
- DirectoryGroup.class,
- VdcQueryType.GetDirectoryGroupById,
- new DirectoryIdQueryParameters(directoryName, groupId),
- groupId,
- true
- );
- }
-
- // Try to find a group that matches the name contained in the model:
- if (groupModel.isSetName()) {
+ return getGroupById(directoryName, namespace, groupModel.getId());
+ } else if (groupModel.isSetDomainEntryId()) {
+ return getGroupById(directoryName, namespace,
groupModel.getDomainEntryId());
+ } else if (groupModel.isSetName()) {
String groupName = groupModel.getName();
if (groupName.startsWith(directoryName + "/")) {
int lastSlash = groupName.lastIndexOf("/");
@@ -208,6 +197,16 @@
return null;
}
+ private DirectoryGroup getGroupById(String directoryName, String
namespace, String groupId) {
+ groupId = DirectoryEntryIdUtils.decode(groupId);
+ return getEntity(
+ DirectoryGroup.class,
+ VdcQueryType.GetDirectoryGroupById,
+ new DirectoryIdQueryParameters(directoryName, namespace,
groupId),
+ groupId,
+ true);
+ }
+
@Override
public Response performRemove(String id) {
return performAction(VdcActionType.RemoveGroup, new
IdParameters(asGuid(id)));
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResource.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResource.java
index 422501c..e821bf7 100644
---
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResource.java
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResource.java
@@ -16,13 +16,16 @@
import org.ovirt.engine.api.resource.aaa.UserResource;
import org.ovirt.engine.api.resource.aaa.UsersResource;
import org.ovirt.engine.api.restapi.resource.AbstractBackendCollectionResource;
+import org.ovirt.engine.api.restapi.resource.ResourceConstants;
import org.ovirt.engine.api.restapi.resource.SingleEntityResource;
+import org.ovirt.engine.api.restapi.utils.DirectoryEntryIdUtils;
import org.ovirt.engine.core.aaa.DirectoryUser;
import org.ovirt.engine.core.common.action.AddUserParameters;
import org.ovirt.engine.core.common.action.IdParameters;
import org.ovirt.engine.core.common.action.VdcActionType;
import org.ovirt.engine.core.common.businessentities.aaa.DbUser;
import org.ovirt.engine.core.common.interfaces.SearchType;
+import org.ovirt.engine.core.common.queries.DirectoryIdQueryParameters;
import org.ovirt.engine.core.common.queries.IdQueryParameters;
import org.ovirt.engine.core.common.queries.VdcQueryParametersBase;
import org.ovirt.engine.core.common.queries.VdcQueryType;
@@ -42,13 +45,6 @@
private static final String USERS_SEARCH_PATTERN = "usrname != \"\"";
private static final String AND_SEARCH_PATTERN = " and ";
-
- /**
- * This search pattern is used when searching for the directory user that
- * will be added to the database when the {@code add} operation is
- * performed.
- */
- private static final String DIRECTORY_USER_SEARCH_TEMPLATE = "ADUSER@{0}:
";
private BackendDomainResource parent;
@@ -95,8 +91,8 @@
}
throw new WebFaultException(null, "Domain: '" +
user.getDomain().getId().toString() + "' does not exist.",
Response.Status.BAD_REQUEST);
}
- else if (user.isSetUserName() && user.getUserName().contains("@")) {
- return
user.getUserName().substring(user.getUserName().indexOf("@")+1);
+ else if (isNameContainsDomain(user)) {
+ return
user.getUserName().substring(user.getUserName().lastIndexOf("@") + 1);
}
return null;
}
@@ -111,15 +107,16 @@
* @param domain the name of the directory where the search will be
* performed
*/
- private String getDirectoryUserSearchPattern(String username, String
domain) {
+ private String getDirectoryUserSearchPattern(String username, String
namespace, String domain) {
String constraint = QueryHelper.getConstraint(getUriInfo(),
DbUser.class, false);
final StringBuilder sb = new StringBuilder(128);
- sb.append(MessageFormat.format(DIRECTORY_USER_SEARCH_TEMPLATE,
+
sb.append(MessageFormat.format(ResourceConstants.AAA_PRINCIPALS_SEARCH_TEMPLATE,
parent!=null?
parent.getDirectory().getName()
:
- domain));
+ domain,
+ namespace != null ? namespace : ""));
sb.append(StringUtils.isEmpty(constraint) ?
"allnames=" + username
@@ -179,11 +176,7 @@
validateParameters(user, "domain.id|name");
}
String domain = getDomain(user);
- DirectoryUser directoryUser = getEntity(
- DirectoryUser.class,
- SearchType.DirectoryUser,
- getDirectoryUserSearchPattern(user.getUserName(), domain)
- );
+ DirectoryUser directoryUser = findDirectoryUser(domain, user);
if (directoryUser == null) {
return Response.status(Status.BAD_REQUEST)
.entity("No such user: " + user.getUserName() + " in
domain " + domain)
@@ -195,6 +188,51 @@
}
private boolean isNameContainsDomain(User user) {
- return ((user.getUserName().contains("@")) &&
(user.getUserName().indexOf('@') != user.getUserName().length() - 1));
+ return ((user.getUserName().contains("@")) &&
(user.getUserName().lastIndexOf('@') != user.getUserName()
+ .length() - 1));
+ }
+
+ /**
+ * Find the directory user that corresponds to the given model.
+ *
+ * @param directoryName
+ * the name of the directory where to perform the search
+ * @param groupModel
+ * the group model
+ * @return the requested directory group or {@code null} if no such group
exists
+ */
+ private DirectoryUser findDirectoryUser(String directoryName, User user) {
+ DirectoryUser result = null;
+ String namespace = user.getNamespace();
+ if (user.isSetDomainEntryId()) {
+ result = getUserById(directoryName, namespace,
user.getDomainEntryId());
+ } else if (user.isSetId()) {
+ result = getUserById(directoryName, namespace, user.getId());
+ } else {
+ if (user.isSetUserName()) {
+ result = getEntity(
+ DirectoryUser.class,
+ SearchType.DirectoryUser,
+ getDirectoryUserSearchPattern(
+ isNameContainsDomain(user) ?
user.getUserName().substring(0, user.getUserName().lastIndexOf("@")) :
user.getUserName(),
+ user.getNamespace(),
+ directoryName)
+ );
+ }
+
+ }
+ return result;
+ }
+
+ private DirectoryUser getUserById(String directoryName, String namespace,
String userId) {
+ DirectoryUser result;
+ userId = DirectoryEntryIdUtils.decode(userId);
+ result = getEntity(
+ DirectoryUser.class,
+ VdcQueryType.GetDirectoryUserById,
+ new DirectoryIdQueryParameters(directoryName, namespace,
userId),
+ userId,
+ true);
+ return result;
}
}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupResourceTest.java
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupResourceTest.java
index 18d3bf4..cb33f25 100644
---
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupResourceTest.java
+++
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendDomainGroupResourceTest.java
@@ -2,16 +2,14 @@
import static org.easymock.EasyMock.expect;
-import java.nio.charset.Charset;
-
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.UriInfo;
-import javax.xml.bind.DatatypeConverter;
import org.junit.Test;
import org.ovirt.engine.api.model.Domain;
import org.ovirt.engine.api.model.Group;
import org.ovirt.engine.api.restapi.resource.AbstractBackendSubResourceTest;
+import org.ovirt.engine.api.restapi.utils.DirectoryEntryIdUtils;
import org.ovirt.engine.core.aaa.DirectoryGroup;
import org.ovirt.engine.core.common.queries.DirectoryIdQueryParameters;
import org.ovirt.engine.core.common.queries.VdcQueryType;
@@ -70,8 +68,8 @@
setUpGetEntityExpectations(
VdcQueryType.GetDirectoryGroupById,
DirectoryIdQueryParameters.class,
- new String[] { "Domain", "Id" },
- new Object[] { DOMAIN, new
String(DatatypeConverter.parseHexBinary(EXTERNAL_IDS[index]),
Charset.forName("UTF-8"))
+ new String[] { "Domain", "Namespace", "Id" },
+ new Object[] { DOMAIN, "",
DirectoryEntryIdUtils.decode(EXTERNAL_IDS[index])
},
notFound? null: getEntity(index)
);
@@ -79,7 +77,7 @@
@Override
protected DirectoryGroup getEntity(int index) {
- return new DirectoryGroup(DOMAIN, NAMESPACE, new
String(DatatypeConverter.parseHexBinary(EXTERNAL_IDS[index]),
Charset.forName("UTF-8")), NAMES[index]);
+ return new DirectoryGroup(DOMAIN, NAMESPACE, EXTERNAL_IDS[index],
NAMES[index]);
}
}
diff --git
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResourceTest.java
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResourceTest.java
index e1ba5ea..de832c4 100644
---
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResourceTest.java
+++
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendGroupsResourceTest.java
@@ -11,6 +11,7 @@
import org.ovirt.engine.api.model.Fault;
import org.ovirt.engine.api.model.Group;
import
org.ovirt.engine.api.restapi.resource.AbstractBackendCollectionResourceTest;
+import org.ovirt.engine.api.restapi.utils.DirectoryEntryIdUtils;
import org.ovirt.engine.core.aaa.DirectoryGroup;
import org.ovirt.engine.core.common.action.AddGroupParameters;
import org.ovirt.engine.core.common.action.IdParameters;
@@ -203,7 +204,7 @@
public void testAddGroupWithExplicitDirectoryName() throws Exception {
setUriInfo(setUpBasicUriExpectations());
setUpGetEntityExpectations(
- "ADGROUP@" + DOMAIN + ": allnames=" + NAMES[0],
+ "ADGROUP@" + DOMAIN + ":: allnames=" + NAMES[0],
SearchType.DirectoryGroup,
getDirectoryGroup(0)
);
@@ -242,7 +243,7 @@
public void testAddGroupWithImplicitDirectoryName() throws Exception {
setUriInfo(setUpBasicUriExpectations());
setUpGetEntityExpectations(
- "ADGROUP@" + DOMAIN + ": allnames=" + NAMES[0],
+ "ADGROUP@" + DOMAIN + ":: allnames=" + NAMES[0],
SearchType.DirectoryGroup,
getDirectoryGroup(0)
);
@@ -301,7 +302,7 @@
VdcQueryType.GetDirectoryGroupById,
DirectoryIdQueryParameters.class,
new String[] { "Domain", "Id" },
- new Object[] { DOMAIN, EXTERNAL_IDS[0] },
+ new Object[] { DOMAIN,
DirectoryEntryIdUtils.decode(EXTERNAL_IDS[0]) },
getDirectoryGroup(0)
);
setUpCreationExpectations(
@@ -340,7 +341,7 @@
VdcQueryType.GetDirectoryGroupById,
DirectoryIdQueryParameters.class,
new String[] { "Domain", "Id" },
- new Object[] { DOMAIN, NON_EXISTANT_EXTERNAL_ID },
+ new Object[] { DOMAIN,
DirectoryEntryIdUtils.decode(NON_EXISTANT_EXTERNAL_ID) },
null
);
control.replay();
diff --git
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResourceTest.java
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResourceTest.java
index 8051409..9546aa6 100644
---
a/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResourceTest.java
+++
b/backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/aaa/BackendUsersResourceTest.java
@@ -128,7 +128,7 @@
@Test
public void testAddUser_2() throws Exception {
- setUpAddUserExpectations("ADUSER@" + DOMAIN + ": allnames=" +
NAMES[0]);
+ setUpAddUserExpectations("ADUSER@" + DOMAIN + ":: allnames=" +
NAMES[0]);
User model = new User();
Domain domain = new Domain();
domain.setName(DOMAIN);
@@ -140,9 +140,9 @@
@Test
public void testAddUser_3() throws Exception {
- setUpAddUserExpectations("ADUSER@" + DOMAIN + ": allnames=" +
NAMES[0]+"@"+ DOMAIN);
+ setUpAddUserExpectations("ADUSER@" + DOMAIN + ":: allnames=" +
NAMES[0]);
User model = new User();
- model.setUserName(NAMES[0]+"@"+DOMAIN);
+ model.setUserName(NAMES[0] + "@" + DOMAIN);
Response response = collection.add(model);
verifyAddUser(response);
@@ -155,7 +155,7 @@
new String[] { },
new Object[] { },
setUpDomains());
- setUpAddUserExpectations("ADUSER@" + DOMAIN + ": allnames=" +
NAMES[0]);
+ setUpAddUserExpectations("ADUSER@" + DOMAIN + ":: allnames=" +
NAMES[0]);
User model = new User();
model.setUserName(NAMES[0]);
Domain domain = new Domain();
diff --git
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/users/AdElementListModel.java
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/users/AdElementListModel.java
index 08acb3e..fa1e187 100644
---
a/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/users/AdElementListModel.java
+++
b/frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/users/AdElementListModel.java
@@ -15,7 +15,7 @@
import org.ovirt.engine.core.common.businessentities.Role;
import org.ovirt.engine.core.common.businessentities.aaa.DbUser;
import org.ovirt.engine.core.common.interfaces.SearchType;
-import org.ovirt.engine.core.common.queries.DirectorySearchParameters;
+import org.ovirt.engine.core.common.queries.SearchParameters;
import org.ovirt.engine.core.common.queries.VdcQueryReturnValue;
import org.ovirt.engine.core.common.queries.VdcQueryType;
import org.ovirt.engine.core.compat.StringHelper;
@@ -379,13 +379,13 @@
protected void findGroups(String searchString, AsyncQuery query) {
Frontend.getInstance()
.runQuery(VdcQueryType.Search,
- new DirectorySearchParameters("ADGROUP@" +
((ProfileEntry) getProfile().getSelectedItem()).getAuthz() + ": " +
searchString, SearchType.DirectoryGroup, getNamespace().getSelectedItem()),
query); //$NON-NLS-1$ //$NON-NLS-2$
+ new SearchParameters("ADGROUP@" + ((ProfileEntry)
getProfile().getSelectedItem()).getAuthz() + ":" +
getNamespace().getSelectedItem() + ": " + searchString,
SearchType.DirectoryGroup), query); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
}
protected void findUsers(String searchString, AsyncQuery query) {
Frontend.getInstance()
.runQuery(VdcQueryType.Search,
- new DirectorySearchParameters("ADUSER@" +
((ProfileEntry) getProfile().getSelectedItem()).getAuthz() + ": " +
searchString, SearchType.DirectoryUser, getNamespace().getSelectedItem()),
query); //$NON-NLS-1$ //$NON-NLS-2$
+ new SearchParameters("ADUSER@" + ((ProfileEntry)
getProfile().getSelectedItem()).getAuthz() + ":" +
getNamespace().getSelectedItem() + ": " + searchString,
SearchType.DirectoryUser), query); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
}
protected void onUserAndAdGroupsLoaded(AdElementListModel
adElementListModel)
--
To view, visit http://gerrit.ovirt.org/31552
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie0384bab5abb6b8e1b1c9d1582bc630ea012cd4f
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.5
Gerrit-Owner: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
