The TPS VLV indexes have been modified to fix the filters and sort
orders. Upgrade instruction is available here:
http://pki.fedoraproject.org/wiki/Database_Upgrade_for_PKI_10.3.x#Fixing_VLV_filters_and_sort_orders
https://fedorahosted.org/pki/ticket/2354
https://fedorahosted.org/pki/ticket/2263
https://fedorahosted.org/pki/ticket/2269
--
Endi S. Dewata
>From 2f385835b719372823230e8274e8321d3a781084 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <[email protected]>
Date: Tue, 7 Jun 2016 09:52:52 +0200
Subject: [PATCH] Fixed TPS VLV filters.
Previously TPS VLVs for tokens and activities were defined using
presence filters of some optional attributes. If the optional
attribute is missing the entry will not be included in the search
result.
The VLVs have now been modified to use object class matching
filters to ensure they match all tokens and activities.
https://fedorahosted.org/pki/ticket/2354
---
base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java | 2 +-
base/tps/shared/conf/vlv.ldif | 4 ++--
base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java | 2 +-
base/tps/src/org/dogtagpki/server/tps/dbs/TokenDatabase.java | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
index 4a2d5e495cad171097b820e5fae70e44aa4e7d50..6e6f83750cb0d7c16c59222ebf5531d9b9dbfaaa 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
@@ -320,7 +320,7 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
// if value contains no '*', then it is equality
if (value.indexOf('*') == -1) {
- if (type.equals("objectclass")) {
+ if (type.equalsIgnoreCase("objectclass")) {
String ldapNames[] = mOCclassNames.get(value);
if (ldapNames == null)
diff --git a/base/tps/shared/conf/vlv.ldif b/base/tps/shared/conf/vlv.ldif
index 3aea39fd7bbd53d6242764573263e8a876a11d7d..e3063984b171eac0c88f25e53a6d66298be799d6 100644
--- a/base/tps/shared/conf/vlv.ldif
+++ b/base/tps/shared/conf/vlv.ldif
@@ -23,7 +23,7 @@ cn: listtokens
objectClass: top
objectClass: vlvsearch
vlvBase: ou=Tokens,{rootSuffix}
-vlvFilter: (&(cn=*)(tokenUserID=*))
+vlvFilter: (&(objectClass=top)(objectClass=tokenRecord))
vlvScope: 1
dn: cn=listActivities,cn={database},cn=ldbm database,cn=plugins,cn=config
@@ -31,7 +31,7 @@ cn: listActivities
objectClass: top
objectClass: vlvsearch
vlvBase: ou=Activities,{rootSuffix}
-vlvFilter: (&(tokenID=*)(tokenUserID=*))
+vlvFilter: (&(objectClass=top)(objectClass=tokenActivity))
vlvScope: 1
dn: cn=listTokensIndex,cn=listTokens,cn={database},cn=ldbm database,cn=plugins,cn=config
diff --git a/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java b/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java
index 46ab2128d17ae2b40e7cc835650f422cb254332a..0a4dcf3d82b1d64add443590a39152b83556f0e2 100644
--- a/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java
+++ b/base/tps/src/org/dogtagpki/server/tps/dbs/ActivityDatabase.java
@@ -107,7 +107,7 @@ public class ActivityDatabase extends LDAPDatabase<ActivityRecord> {
createFilter(sb, attributes);
if (sb.length() == 0) {
- sb.append("(&(tokenID=*)(userID=*))"); // listActivities VLV
+ sb.append("(objectClass=" + ActivityRecord.class.getName() + ")"); // listActivities VLV
}
return sb.toString();
diff --git a/base/tps/src/org/dogtagpki/server/tps/dbs/TokenDatabase.java b/base/tps/src/org/dogtagpki/server/tps/dbs/TokenDatabase.java
index f751c66c97f67b944313b0fed5b1138f3ccf74b3..9235e7871751b7956099a4cdd467acc0d9f12c80 100644
--- a/base/tps/src/org/dogtagpki/server/tps/dbs/TokenDatabase.java
+++ b/base/tps/src/org/dogtagpki/server/tps/dbs/TokenDatabase.java
@@ -67,7 +67,7 @@ public class TokenDatabase extends LDAPDatabase<TokenRecord> {
createFilter(sb, attributes);
if (sb.length() == 0) {
- sb.append("(&(id=*)(userID=*))"); // listTokens VLV
+ sb.append("(objectClass=" + TokenRecord.class.getName() + ")"); // listTokens VLV
}
return sb.toString();
--
2.5.5
>From 0a6056b930675ca814b174724fca5359dfb9c196 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <[email protected]>
Date: Tue, 7 Jun 2016 10:02:30 +0200
Subject: [PATCH] Fixed TPS VLV sort orders.
The TPS VLVs for tokens and activities has been modified to sort
the results by date in reverse order.
The DBRegistry.getLDAPAttributes() was modified to support reverse
sort order by recognizing the "-" prefix in the list of sort keys
and pass it to LDAP.
The DBVirtualList.setSortKey() was modified to ignore bubble up the
exceptions that happen during LDAP attribute mapping.
https://fedorahosted.org/pki/ticket/2263
https://fedorahosted.org/pki/ticket/2269
---
.../src/com/netscape/certsrv/dbs/IDBSSession.java | 19 +++++++-
.../src/com/netscape/cmscore/dbs/DBRegistry.java | 54 +++++++++++++---------
.../com/netscape/cmscore/dbs/DBVirtualList.java | 51 +++++++++-----------
.../src/com/netscape/cmscore/dbs/LDAPDatabase.java | 6 +--
.../cmscore/dbs/DBSSessionDefaultStub.java | 9 +++-
base/tps/shared/conf/vlv.ldif | 4 +-
.../dogtagpki/server/tps/rest/ActivityService.java | 2 +-
.../dogtagpki/server/tps/rest/TokenService.java | 3 +-
8 files changed, 87 insertions(+), 61 deletions(-)
diff --git a/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java b/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
index 1a1f58d60b6c7fb92d1d226e17b91c2a497fd27b..656950570b01d8f19a21302ca47f02212953102e 100644
--- a/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
+++ b/base/common/src/com/netscape/certsrv/dbs/IDBSSession.java
@@ -17,11 +17,11 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.certsrv.dbs;
-import netscape.ldap.LDAPSearchResults;
-
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.ISubsystem;
+import netscape.ldap.LDAPSearchResults;
+
/**
* An interface represents the database session. Operations
* can be performed with a session.
@@ -200,6 +200,21 @@ public interface IDBSSession extends AutoCloseable {
* @param base starting point of the search
* @param filter search filter
* @param attrs selected attributes
+ * @param sortKeys keys used to sort the list
+ * @param pageSize page size in the virtual list
+ * @return search results in virtual list
+ * @exception EBaseException failed to search
+ */
+ public <T> IDBVirtualList<T> createVirtualList(String base, String filter,
+ String attrs[], String sortKeys[], int pageSize)
+ throws EBaseException;
+
+ /**
+ * Retrieves a list of objects.
+ *
+ * @param base starting point of the search
+ * @param filter search filter
+ * @param attrs selected attributes
* @param startFrom starting point
* @param sortKey key used to sort the list
* @param pageSize page size in the virtual list
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
index 6e6f83750cb0d7c16c59222ebf5531d9b9dbfaaa..2ee3312f2b3d1c7fc4a99e39123b26e45f3e44ba 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java
@@ -20,11 +20,10 @@ package com.netscape.cmscore.dbs;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.Set;
import java.util.Vector;
-import netscape.ldap.LDAPAttribute;
-import netscape.ldap.LDAPAttributeSet;
-
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
@@ -37,6 +36,9 @@ import com.netscape.certsrv.dbs.IDBRegistry;
import com.netscape.certsrv.dbs.IFilterConverter;
import com.netscape.certsrv.logging.ILogger;
+import netscape.ldap.LDAPAttribute;
+import netscape.ldap.LDAPAttributeSet;
+
/**
* A class represents a registry where all the
* schema (object classes and attribute) information
@@ -362,21 +364,31 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
*/
public String[] getLDAPAttributes(String attrs[])
throws EBaseException {
- IDBAttrMapper mapper;
if (attrs == null)
return null;
- Vector<String> v = new Vector<String>();
+
+ // ignore duplicates, maintain order
+ Set<String> v = new LinkedHashSet<String>();
for (int i = 0; i < attrs.length; i++) {
- if (attrs[i].equals("objectclass")) {
- v.addElement("objectclass");
+ String attr = attrs[i];
+ String prefix = "";
+
+ // check reverse sort order
+ if (attr.startsWith("-")) {
+ attr = attr.substring(1);
+ prefix = "-";
+ }
+
+ if (attr.equalsIgnoreCase("objectclass")) {
+ v.add(prefix + attr);
continue;
}
- if (isAttributeRegistered(attrs[i])) {
- mapper = mAttrufNames.get(attrs[i].toLowerCase());
+ if (isAttributeRegistered(attr)) {
+ IDBAttrMapper mapper = mAttrufNames.get(attr.toLowerCase());
if (mapper == null) {
throw new EDBException(CMS.getUserMessage("CMS_DBS_INVALID_ATTRS"));
}
@@ -384,24 +396,23 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
while (e.hasMoreElements()) {
String s = e.nextElement();
-
- if (!v.contains(s)) {
- v.addElement(s);
- }
+ v.add(prefix + s);
}
+
} else {
IDBDynAttrMapper matchingDynAttrMapper = null;
// check if a dynamic mapper can handle the attribute
for (Iterator<IDBDynAttrMapper> dynMapperIter = mDynAttrMappers.iterator(); dynMapperIter.hasNext();) {
- IDBDynAttrMapper dynAttrMapper =
- dynMapperIter.next();
- if (dynAttrMapper.supportsLDAPAttributeName(attrs[i])) {
+ IDBDynAttrMapper dynAttrMapper = dynMapperIter.next();
+ if (dynAttrMapper.supportsLDAPAttributeName(attr)) {
matchingDynAttrMapper = dynAttrMapper;
break;
}
}
+
if (matchingDynAttrMapper != null) {
- v.addElement(attrs[i]);
+ v.add(prefix + attr);
+
} else {
/*LogDoc
*
@@ -410,17 +421,18 @@ public class DBRegistry implements IDBRegistry, ISubsystem {
* @message DBRegistry: <attr> is not registered
*/
mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB,
- ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i]));
- throw new EDBException(CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attrs[i]));
+ ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attr));
+ throw new EDBException(CMS.getLogMessage("CMSCORE_DBS_ATTR_NOT_REGISTER", attr));
}
}
-
}
+
if (v.size() == 0)
return null;
+
String ldapAttrs[] = new String[v.size()];
+ v.toArray(ldapAttrs);
- v.copyInto(ldapAttrs);
return ldapAttrs;
}
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBVirtualList.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBVirtualList.java
index fde67c66304208432d9dad73623778534e54b8c7..38646bbfb93840e10a089c8676f21d163a772f2d 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBVirtualList.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBVirtualList.java
@@ -20,6 +20,13 @@ package com.netscape.cmscore.dbs;
import java.util.Arrays;
import java.util.Vector;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.dbs.IDBRegistry;
+import com.netscape.certsrv.dbs.IDBVirtualList;
+import com.netscape.certsrv.dbs.IElementProcessor;
+import com.netscape.certsrv.logging.ILogger;
+
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPControl;
import netscape.ldap.LDAPEntry;
@@ -30,13 +37,6 @@ import netscape.ldap.controls.LDAPSortControl;
import netscape.ldap.controls.LDAPVirtualListControl;
import netscape.ldap.controls.LDAPVirtualListResponse;
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.dbs.IDBRegistry;
-import com.netscape.certsrv.dbs.IDBVirtualList;
-import com.netscape.certsrv.dbs.IElementProcessor;
-import com.netscape.certsrv.logging.ILogger;
-
/**
* A class represents a virtual list of search results.
* Note that this class must be used with DS4.0.
@@ -305,36 +305,29 @@ public class DBVirtualList<E> implements IDBVirtualList<E> {
* @param sortKey the attributes to sort by
*/
public void setSortKey(String[] sortKeys) throws EBaseException {
+
if (sortKeys == null)
throw new EBaseException("sort keys cannot be null");
- try {
- mKeys = new LDAPSortKey[sortKeys.length];
- String la[] = null;
- synchronized (this) {
- la = mRegistry.getLDAPAttributes(sortKeys);
- }
- for (int j = 0; j < sortKeys.length; j++) {
- mKeys[j] = new LDAPSortKey(la[j]);
- }
- } catch (Exception e) {
+ mKeys = new LDAPSortKey[sortKeys.length];
+ String la[] = null;
+ synchronized (this) {
+ la = mRegistry.getLDAPAttributes(sortKeys);
+ }
+
+ if (la == null)
+ throw new EBaseException("sort keys cannot be null");
- /*LogDoc
- *
- * @phase local ldap search
- * @reason Failed at setSortKey.
- * @message DBVirtualList: <exception thrown>
- */
- mLogger.log(ILogger.EV_SYSTEM, ILogger.S_DB, ILogger.LL_FAILURE,
- CMS.getLogMessage("OPERATION_ERROR", e.toString()));
+ for (int i = 0; i < sortKeys.length; i++) {
+ mKeys[i] = new LDAPSortKey(la[i]);
}
+
// Paged results also require a sort control
- if (mKeys != null) {
- mPageControls[0] =
- new LDAPSortControl(mKeys, true);
- } else {
+ if (mKeys == null) {
throw new EBaseException("sort keys cannot be null");
}
+
+ mPageControls[0] = new LDAPSortControl(mKeys, true);
}
/**
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
index 48d15950e7c4589a7d285fd0c5036162d99f330d..8773423ca4fe33fe184a8e37d8aebbc1dbbecdb3 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java
@@ -142,7 +142,7 @@ public abstract class LDAPDatabase<E extends IDBObj> extends Database<E> {
}
public IDBVirtualList<E> findRecords(String keyword, Map<String, String> attributes,
- String sortKey, int pageSize) throws Exception {
+ String[] sortKeys, int pageSize) throws Exception {
CMS.debug("LDAPDatabase: findRecords()");
@@ -154,8 +154,8 @@ public abstract class LDAPDatabase<E extends IDBObj> extends Database<E> {
return session.<E>createVirtualList(
baseDN,
ldapFilter,
- null,
- sortKey,
+ (String[]) null,
+ sortKeys,
pageSize);
}
}
diff --git a/base/server/test/com/netscape/cmscore/dbs/DBSSessionDefaultStub.java b/base/server/test/com/netscape/cmscore/dbs/DBSSessionDefaultStub.java
index 09a2e1498addd496b8171c1979b2346e2539fb8c..e4e715724fab2430058a5e699a44051cc7b41964 100644
--- a/base/server/test/com/netscape/cmscore/dbs/DBSSessionDefaultStub.java
+++ b/base/server/test/com/netscape/cmscore/dbs/DBSSessionDefaultStub.java
@@ -1,7 +1,5 @@
package com.netscape.cmscore.dbs;
-import netscape.ldap.LDAPSearchResults;
-
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.ISubsystem;
import com.netscape.certsrv.dbs.EDBException;
@@ -11,6 +9,8 @@ import com.netscape.certsrv.dbs.IDBSearchResults;
import com.netscape.certsrv.dbs.IDBVirtualList;
import com.netscape.certsrv.dbs.ModificationSet;
+import netscape.ldap.LDAPSearchResults;
+
/**
* A default stub ojbect for tests to extend.
*/
@@ -72,6 +72,11 @@ public class DBSSessionDefaultStub implements IDBSSession {
return null;
}
+ public <T> IDBVirtualList<T> createVirtualList(String base, String filter, String attrs[], String sortKeys[], int pageSize)
+ throws EBaseException {
+ return null;
+ }
+
public <T> IDBVirtualList<T> createVirtualList(String base, String filter, String attrs[], String startFrom,
String sortKey, int pageSize) throws EBaseException {
return null;
diff --git a/base/tps/shared/conf/vlv.ldif b/base/tps/shared/conf/vlv.ldif
index e3063984b171eac0c88f25e53a6d66298be799d6..39a5f051cca65bd52bf188792da9fa2c3a5e6e6f 100644
--- a/base/tps/shared/conf/vlv.ldif
+++ b/base/tps/shared/conf/vlv.ldif
@@ -38,12 +38,12 @@ dn: cn=listTokensIndex,cn=listTokens,cn={database},cn=ldbm database,cn=plugins,c
cn: listTokensIndex
objectClass: top
objectClass: vlvindex
-vlvSort: dateOfModify
+vlvSort: -dateOfModify -dateOfCreate
vlvUses: 0
dn: cn=listActivitiesIndex,cn=listActivities,cn={database},cn=ldbm database,cn=plugins,cn=config
cn: listActivitiesIndex
objectClass: top
objectClass: vlvindex
-vlvSort: dateOfCreate
+vlvSort: -dateOfCreate
vlvUses: 0
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/ActivityService.java b/base/tps/src/org/dogtagpki/server/tps/rest/ActivityService.java
index 5fb3d1956a3d72258ba20337b52a3f534fc7a122..dbf5f8d63e7004f9ba9a71ea94d4105b765a9a1c 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/ActivityService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/ActivityService.java
@@ -121,7 +121,7 @@ public class ActivityService extends PKIService implements ActivityResource {
TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID);
ActivityDatabase database = subsystem.getActivityDatabase();
- IDBVirtualList<ActivityRecord> list = database.findRecords(filter, null, "date", size);
+ IDBVirtualList<ActivityRecord> list = database.findRecords(filter, null, new String[] { "-date" }, size);
int total = list.getSize();
ActivityCollection response = new ActivityCollection();
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
index 1c4285ed70a9c2ed47b014d7dad81d4778d4dfec..8e508aac8e05ebde92bc7c013c1c7a0f9d5d0870 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
@@ -268,7 +268,8 @@ public class TokenService extends PKIService implements TokenResource {
TPSSubsystem subsystem = (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID);
TokenDatabase database = subsystem.getTokenDatabase();
- IDBVirtualList<TokenRecord> list = database.findRecords(filter, null, "modifyTimestamp", size);
+ IDBVirtualList<TokenRecord> list = database.findRecords(
+ filter, null, new String[] { "-modifyTimestamp", "-createTimestamp" }, size);
int total = list.getSize();
TokenCollection response = new TokenCollection();
--
2.5.5
_______________________________________________
Pki-devel mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pki-devel
