You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Shawn McKinney (Jira)" <ji...@apache.org> on 2023/09/04 18:16:00 UTC

[jira] [Created] (FC-325) Research LDAP Transactions

Shawn McKinney created FC-325:
---------------------------------

             Summary: Research LDAP Transactions
                 Key: FC-325
                 URL: https://issues.apache.org/jira/browse/FC-325
             Project: FORTRESS
          Issue Type: Improvement
    Affects Versions: 3.0.0
            Reporter: Shawn McKinney


The need can be made by looking at the code. Perhaps the biggest (worst) example is when deleting a role. In RBAC, the role binds the user with the permission. It necessarily has relationships in the data model. Hier data storage means the DAO must remove the relationships before removing the entity. This is done via code. (No automatic ways of doing this as in relational models)

So, if something goes wrong, there is no way of rolling back the list of items that were changed (before the fault). 

This can be fixed by using transactions. Both OpenLDAP and Apache DS support them (to some extent). Here will be details of the research. Eventually, a proposed design will be shared.

Code Example(antipattern):

- [AdminMgrImpl.deleteRole](https://github.com/apache/directory-fortress-core/blob/master/src/main/java/org/apache/directory/fortress/core/impl/AdminMgrImpl.java#L295)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org