Hello Ondřej Macháček,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/34908
to review the following change.
Change subject: aaa: provide UI error for builtin krbldap
......................................................................
aaa: provide UI error for builtin krbldap
Bug-Url: https://bugzilla.redhat.com/1106435
Change-Id: Idb1d19d8642ad2aaccd56ada23bebf12f540bf38
Signed-off-by: Ondra Machacek <[email protected]>
---
M
backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
M
backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java
2 files changed, 19 insertions(+), 9 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/08/34908/1
diff --git
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
index 038074e..bc79a53 100644
---
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
+++
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
@@ -81,7 +81,7 @@
public KerberosLdapAuthz() {
}
- public ExtMap queryGroups(ExtMap input, ExtMap output) {
+ public ExtMap queryGroups(ExtMap input, ExtMap output) throws Exception {
LdapQueryData queryData = new LdapQueryDataImpl();
queryData.setLdapQueryType(LdapQueryType.searchGroups);
queryData.setDomain(getDirectoryName());
@@ -96,6 +96,9 @@
false,
false)
);
+ if (!ldapResult.getSucceeded()) {
+ throw new Exception(ldapResult.getExceptionString());
+ }
List<LdapGroup> ldapGroups = (List<LdapGroup>)
ldapResult.getReturnValue();
List<ExtMap> results = new ArrayList<>();
for (LdapGroup ldapGroup : ldapGroups) {
@@ -104,7 +107,7 @@
return output.mput(Authz.InvokeKeys.QUERY_RESULT, results);
}
- public ExtMap queryUsers(ExtMap input, ExtMap output) {
+ public ExtMap queryUsers(ExtMap input, ExtMap output) throws Exception {
LdapQueryData queryData = new LdapQueryDataImpl();
queryData.setLdapQueryType(LdapQueryType.searchUsers);
queryData.setDomain(getDirectoryName());
@@ -121,6 +124,9 @@
)
);
+ if (!ldapResult.getSucceeded()) {
+ throw new Exception(ldapResult.getExceptionString());
+ }
List<LdapUser> ldapUsers = (List<LdapUser>)
ldapResult.getReturnValue();
List<ExtMap> results = new ArrayList<>();
for (LdapUser ldapUser : ldapUsers) {
@@ -195,7 +201,7 @@
}
- private void doQueryExecute(ExtMap input, ExtMap output) {
+ private void doQueryExecute(ExtMap input, ExtMap output) throws Exception {
Opaque opaque = input.<Opaque> get(Authz.InvokeKeys.QUERY_OPAQUE);
if (opaque.getQueryInfo() == null) {
output.mput(Authz.InvokeKeys.QUERY_RESULT, null);
diff --git
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java
index 6e146c1..eb04afe 100644
---
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java
+++
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java
@@ -98,20 +98,24 @@
@Override
public LdapReturnValueBase execute() {
boolean exceptionOccurred = true;
+ DirectorySearcher directorySearcher = null;
try {
log.debugFormat("Running LDAP command: {0}", getClass().getName());
String loginNameForKerberos =
LdapBrokerUtils.modifyLoginNameForKerberos(getLoginName(),
getAuthenticationDomain(), configuration);
LdapCredentials ldapCredentials = new
LdapCredentials(loginNameForKerberos, getPassword());
- DirectorySearcher directorySearcher = new
DirectorySearcher(configuration, ldapCredentials);
+ directorySearcher = new DirectorySearcher(configuration,
ldapCredentials);
executeQuery(directorySearcher);
exceptionOccurred = directorySearcher.getException() != null;
- }
- finally {
+ } finally {
if (exceptionOccurred) {
- log.error(String.format("Failed to run command %s. Domain is
%s. User is %s.",
- getClass().getSimpleName(), getDomain(),
getLoginName()));
-
_ldapReturnValue.setExceptionString(VdcBllMessages.FAILED_TO_RUN_LDAP_QUERY.name());
+ log.error("Failed to run command {}. Domain is {}. User is
{}.",
+ getClass().getSimpleName(), getDomain(),
getLoginName());
+ _ldapReturnValue.setExceptionString(
+ directorySearcher != null ?
+ directorySearcher.getException().getMessage() :
+ VdcBllMessages.FAILED_TO_RUN_LDAP_QUERY.name()
+ );
_ldapReturnValue.setSucceeded(false);
}
}
--
To view, visit http://gerrit.ovirt.org/34908
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Idb1d19d8642ad2aaccd56ada23bebf12f540bf38
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.5
Gerrit-Owner: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: Ondřej Macháček <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
