You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ra...@apache.org on 2015/09/05 06:02:56 UTC
[16/17] git commit: updated refs/heads/master to 5881035
CLOUDSTACK-8647: linkdomaintoldap shouldnt fail when createuseraccount fails
Incase create useraccount fails with any runtime exception,
linkdomaintoldap api shouldnt fail. It just will not return the admin id
as it didnt create the account.
added test cases to verify this as well.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/53a441fa
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/53a441fa
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/53a441fa
Branch: refs/heads/master
Commit: 53a441faf6d5c74f666a130f4b438977684c3800
Parents: 6177bae
Author: Rajani Karuturi <ra...@citrix.com>
Authored: Thu Sep 3 18:05:50 2015 +0530
Committer: Rajani Karuturi <ra...@citrix.com>
Committed: Thu Sep 3 18:05:50 2015 +0530
----------------------------------------------------------------------
.../api/command/LinkDomainToLdapCmd.java | 28 ++++----
.../ldap/LinkDomainToLdapCmdSpec.groovy | 67 ++++++++++++++++++++
2 files changed, 83 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/53a441fa/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
index 90fcaad..0ffa840 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
@@ -71,24 +71,28 @@ public class LinkDomainToLdapCmd extends BaseCmd {
try {
LinkDomainToLdapResponse response = _ldapManager.linkDomainToLdap(domainId, type, name, accountType);
if(admin!=null) {
+ LdapUser ldapUser = null;
try {
- LdapUser ldapUser = _ldapManager.getUser(admin, type, name);
- if(!ldapUser.isDisabled()) {
- Account account = _accountService.getActiveAccountByName(admin, domainId);
- if (account == null) {
- UserAccount userAccount =
- _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin, null, UUID.randomUUID().toString(),
- UUID.randomUUID().toString(), User.Source.LDAP);
+ ldapUser = _ldapManager.getUser(admin, type, name);
+ } catch (NoLdapUserMatchingQueryException e) {
+ s_logger.debug("no ldap user matching username " + admin + " in the given group/ou", e);
+ }
+ if (ldapUser != null && !ldapUser.isDisabled()) {
+ Account account = _accountService.getActiveAccountByName(admin, domainId);
+ if (account == null) {
+ try {
+ UserAccount userAccount = _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
+ admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
response.setAdminId(String.valueOf(userAccount.getAccountId()));
s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
- } else {
- s_logger.debug("an account with name " + admin + " already exists in the domain " + domainId);
+ } catch (Exception e) {
+ s_logger.info("an exception occurred while creating account with name " + admin +" in domain " + domainId, e);
}
} else {
- s_logger.debug("ldap user with username "+admin+" is disabled in the given group/ou");
+ s_logger.debug("an account with name " + admin + " already exists in the domain " + domainId);
}
- } catch (NoLdapUserMatchingQueryException e) {
- s_logger.debug("no ldap user matching username " + admin + " in the given group/ou");
+ } else {
+ s_logger.debug("ldap user with username "+admin+" is disabled in the given group/ou");
}
}
response.setObjectName("LinkDomainToLdap");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/53a441fa/plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy b/plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
index dbf92fb..9d667bf 100644
--- a/plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
+++ b/plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
@@ -28,6 +28,7 @@ import org.apache.cloudstack.api.command.LinkDomainToLdapCmd
import org.apache.cloudstack.api.response.LinkDomainToLdapResponse
import org.apache.cloudstack.ldap.LdapManager
import org.apache.cloudstack.ldap.LdapUser
+import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException
import spock.lang.Shared
import spock.lang.Specification
@@ -162,4 +163,70 @@ class LinkDomainToLdapCmdSpec extends Specification {
result.getAdminId() == String.valueOf(accountId)
}
+ def "test when admin doesnt exist in ldap"() {
+ def domainId = 1;
+ def type = "GROUP";
+ def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
+ def accountType = 2;
+ def username = "admin"
+
+ LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
+ _ldapManager.linkDomainToLdap(_,_,_,_) >> response
+ _ldapManager.getUser(username, type, name) >> {throw new NoLdapUserMatchingQueryException("get ldap user failed from mock")}
+
+ linkDomainToLdapCmd.admin = username
+ linkDomainToLdapCmd.type = type
+ linkDomainToLdapCmd.name = name
+ linkDomainToLdapCmd.domainId = domainId
+
+ when:
+ linkDomainToLdapCmd.execute()
+ then:
+ LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
+ result.getObjectName() == "LinkDomainToLdap"
+ result.getResponseName() == linkDomainToLdapCmd.getCommandName()
+ result.getDomainId() == domainId
+ result.getType() == type
+ result.getName() == name
+ result.getAdminId() == null
+ }
+
+ /**
+ * api should not fail in this case as link domain to ldap is successful
+ */
+ def "test when create user account throws a run time exception"() {
+ def domainId = 1;
+ def type = "GROUP";
+ def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
+ def accountType = 2;
+ def username = "admin"
+ def accountId = 24
+
+ LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
+ _ldapManager.linkDomainToLdap(_,_,_,_) >> response
+ _ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false)
+
+ _accountService.getActiveAccountByName(username, domainId) >> null
+ UserAccount userAccount = Mock(UserAccount)
+ userAccount.getAccountId() >> 24
+ _accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
+ username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }
+
+ linkDomainToLdapCmd.admin = username
+ linkDomainToLdapCmd.type = type
+ linkDomainToLdapCmd.name = name
+ linkDomainToLdapCmd.domainId = domainId
+
+ when:
+ linkDomainToLdapCmd.execute()
+ then:
+ LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
+ result.getObjectName() == "LinkDomainToLdap"
+ result.getResponseName() == linkDomainToLdapCmd.getCommandName()
+ result.getDomainId() == domainId
+ result.getType() == type
+ result.getName() == name
+ result.getAdminId() == null
+ }
+
}