-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25814/
-----------------------------------------------------------
Review request for Ambari, Jonathan Hurley and Nate Cole.
Bugs: AMBARI-7349
https://issues.apache.org/jira/browse/AMBARI-7349
Repository: ambari
Description
-------
This is the first step to introduce a new API for LDAP sync. It does not hook
up the API to the exising LDAP sync back end.
LDAP_SYNC API Proposal...
The ldap sync event resource contains the information needed to perform an ldap
sync. This includes the principal type (user, group), the sync type (all,
existing, specific), and an optional set of principal names. Wildcards will be
supported for principal names. You can mix and match specs, so it is possible
to have an event that syncs all users but specific groups, for example.
-- Create ldap sync events ...
{code}
POST http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events
{
"specs" : [
{
"principal-type":"users",
"sync-type":"all"
},
{
"principal-type":"groups",
"sync-type":"all"
}
]
}
POST http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events
{
"specs" : [
{
"principal-type":"users",
"sync-type":"existing"
},
{
"principal-type":"groups",
"sync-type":"existing"
}
]
}
POST http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events
{
"specs" : [
{
"principal-type":"users",
"names":"fred,joe,admin*",
"sync-type":"specific"
},
{
"principal-type":"groups",
"names":"group1,group2,admin*",
"sync-type":"specific"
}
]
}
{code}
When you create an event it is assigned a unique id.
The response of each post will contain the href to the new ldap sync event
resource. For example,
{code}"href" :
"http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/1"{code}
The events are not persisted in the DB. We will keep them in memory only for
now, possibly with an expiry value. If there is a need to persist them beyond
a stop then we can add the DB persistence later.
When an event is added, it will be placed on a queue. Events will be serviced
sequentially (for now we will not handle concurrent syncing).
Events will be run as they are taken off the queue. In the future we may add
the ability to schedule events.
-- Get all of the sync events ...
{code}
GET http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events
{
"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/";,
"items" : [
{
"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/1";,
"Event" : {
"id":1
},
"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/2";,
"Event" : {
"id":2
},
"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/3";,
"Event" : {
"id":3
},
}
]
}
{code}
You can view a specific sync event.
-- Get a specific sync event ...
{code}
GET http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/1
{
"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap-sync-events/1/";,
"Event":{
"id":1,
"state":"COMPLETE",
"sync-start-time":"10/12/2004 12:14:26.002"
"sync-end-time":"10/12/2004 12:15:36.006"
"users-fetched":200,
"users-created":12,
"users-updated":4,
"users-removed":5,
"groups-fetched":10,
"groups-created":3,
"groups-updated":2,
"groups-removed":1,
"membership-fetched":20,
"membership-created":1,
"membership-updated":5,
"specs" : [
{
"principal-type":"users",
"sync-type":"all"
},
{
"principal-type":"groups",
"sync-type":"all"
}
]
}
}
{code}
The values for the state property will be PENDING, RUNNING, COMPLETE. The
result values will be null until the state is COMPLETE.
When an event is COMPLETE, the ldap user / group / member resources of Ambari
should have been updated accordingly.
Note that the results do not show the specific users and groups that were
synced, only the totals. The specific users and groups touched by the sync can
be added if required.
Also note that this revised proposal removes the LDAP_SYNC resource as a root
level service. It doesn't seem to be needed to meet the current requirements.
We can add it later, if needed.
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/api/resources/LdapSyncEventResourceDefinition.java
PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
f85c0ea
ambari-server/src/main/java/org/apache/ambari/server/api/services/LdapSyncEventService.java
PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
1b5075a
ambari-server/src/main/java/org/apache/ambari/server/controller/internal/LdapSyncEventResourceProvider.java
PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java
a14f1f0
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/LdapSyncEventEntity.java
PRE-CREATION
ambari-server/src/main/java/org/apache/ambari/server/orm/entities/LdapSyncSpecEntity.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/api/resources/LdapSyncEventResourceDefinitionTest.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/api/services/LdapSyncEventServiceTest.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/controller/internal/LdapSyncEventResourceProviderTest.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/orm/entities/LdapSyncEventEntityTest.java
PRE-CREATION
ambari-server/src/test/java/org/apache/ambari/server/orm/entities/LdapSyncSpecEntityTest.java
PRE-CREATION
Diff: https://reviews.apache.org/r/25814/diff/
Testing
-------
Manual tests.
New unit tests added. All existing tests pass ...
Results :
Tests run: 2021, Failures: 0, Errors: 0, Skipped: 16
...
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 31:18.827s
[INFO] Finished at: Thu Sep 18 22:03:51 EDT 2014
[INFO] Final Memory: 45M/196M
[INFO] ------------------------------------------------------------------------
Thanks,
Tom Beerbower
