Ravi Nori has uploaded a new change for review. Change subject: core : Remove quartz job to SyncUsers ......................................................................
core : Remove quartz job to SyncUsers Since all queries are performed using the engine sessions table, the users groups are always derived from the principal on user login there is no need to periodically sync users. The groupids is updated on user login Change-Id: I15248a628647430d7f3d22e68e66456caffbcb40 Bug-Url: https://bugzilla.redhat.com/1092744 Signed-off-by: Ravi Nori <[email protected]> --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDbGroupsByUserIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/DbUserCacheManager.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SyncUsers.java 5 files changed, 28 insertions(+), 140 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/93/35893/1 diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java index 6cdfc85..09f2f52 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java @@ -2,6 +2,7 @@ import java.util.ArrayDeque; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.Deque; @@ -74,6 +75,13 @@ return ret; } + public static ExtMap fetchPrincipalByIdRecursively(final ExtensionProxy extension, + final String namespace, + final String id) { + Collection<ExtMap> principals = fetchPrincipalsByIdsRecursively(extension, namespace, Arrays.asList(id)); + return principals.isEmpty() ? null : new ArrayList<>(principals).get(0); + } + public static Collection<ExtMap> fetchPrincipalsByIdsRecursively( final ExtensionProxy extension, final String namespace, diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDbGroupsByUserIdQuery.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDbGroupsByUserIdQuery.java index 87310cd..1500509 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDbGroupsByUserIdQuery.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDbGroupsByUserIdQuery.java @@ -1,5 +1,7 @@ package org.ovirt.engine.core.bll; +import org.ovirt.engine.core.bll.aaa.SyncUsers; +import org.ovirt.engine.core.common.businessentities.aaa.DbUser; import org.ovirt.engine.core.common.queries.IdQueryParameters; import org.ovirt.engine.core.compat.Guid; import org.ovirt.engine.core.dao.DbGroupDAO; @@ -14,6 +16,11 @@ protected void executeQueryCommand() { final Guid id = getParameters().getId(); final DbGroupDAO dao = getDbFacade().getDbGroupDao(); + DbUser dbUser = getDbFacade().getDbUserDao().get(id); + DbUser syncedUser = SyncUsers.sync(dbUser); + if (!dbUser.equals(syncedUser)) { + getDbFacade().getDbUserDao().saveOrUpdate(syncedUser); + } getQueryReturnValue().setReturnValue(dao.getByUserId(id)); } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java index 21d9076..46a9ec5 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java @@ -8,7 +8,6 @@ import javax.ejb.Singleton; import javax.ejb.Startup; -import org.ovirt.engine.core.bll.aaa.DbUserCacheManager; import org.ovirt.engine.core.bll.aaa.SessionDataContainer; import org.ovirt.engine.core.bll.dwh.DwhHeartBeat; import org.ovirt.engine.core.bll.gluster.GlusterJobsManager; @@ -60,9 +59,6 @@ // recover from engine failure PmHealthCheckManager.getInstance().recover(hosts); - // Create authentication profiles for all the domains that exist in the database: - // TODO: remove this later, and rely only on the custom and built in extensions directories configuration - DbUserCacheManager.getInstance().init(); CommandCoordinatorUtil.initAsyncTaskManager(); ResourceManager.getInstance().init(); OvfDataUpdater.getInstance().initOvfDataUpdater(); diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/DbUserCacheManager.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/DbUserCacheManager.java deleted file mode 100644 index 7aed7a7..0000000 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/DbUserCacheManager.java +++ /dev/null @@ -1,69 +0,0 @@ -package org.ovirt.engine.core.bll.aaa; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.concurrent.TimeUnit; - -import org.ovirt.engine.core.common.businessentities.aaa.DbGroup; -import org.ovirt.engine.core.common.businessentities.aaa.DbUser; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; -import org.ovirt.engine.core.dal.dbbroker.DbFacade; -import org.ovirt.engine.core.utils.timer.OnTimerMethodAnnotation; -import org.ovirt.engine.core.utils.timer.SchedulerUtilQuartzImpl; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class DbUserCacheManager { - private static final Logger log = LoggerFactory.getLogger(DbUserCacheManager.class); - private static final DbUserCacheManager _instance = new DbUserCacheManager(); - private boolean initialized = false; - private final Map<String, DbGroup> groupsMap = new HashMap<>(); - - public static DbUserCacheManager getInstance() { - return _instance; - } - - private DbUserCacheManager() { - } - - public void init() { - if (!initialized) { - log.info("Start initializing {}", getClass().getSimpleName()); - - int mRefreshRate = Config.<Integer> getValue(ConfigValues.UserRefreshRate); - SchedulerUtilQuartzImpl.getInstance().scheduleAFixedDelayJob( - this, - "refreshAllUsers", - new Class[] {}, - new Object[] {}, - 0, - mRefreshRate, - TimeUnit.SECONDS - ); - initialized = true; - log.info("Finished initializing {}", getClass().getSimpleName()); - - } - } - - - /** - * Load all the users from the database and refresh them. - */ - @OnTimerMethodAnnotation("refreshAllUsers") - public void refreshAllUsers() { - List<DbUser> activeUsers = new ArrayList<>(); - for (DbUser dbUser : DbFacade.getInstance().getDbUserDao().getAll()) { - if (dbUser.isActive()) { - activeUsers.add(dbUser); - } - } - for (DbUser user : SyncUsers.sync(activeUsers)) { - DbFacade.getInstance().getDbUserDao().update(user); - } - } - -} diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SyncUsers.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SyncUsers.java index 39261ed..a5ac4c8 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SyncUsers.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SyncUsers.java @@ -1,18 +1,9 @@ package org.ovirt.engine.core.bll.aaa; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Set; - import org.ovirt.engine.api.extensions.ExtMap; import org.ovirt.engine.core.aaa.AuthzUtils; import org.ovirt.engine.core.common.businessentities.aaa.DbUser; import org.ovirt.engine.core.extensions.mgr.ExtensionProxy; -import org.ovirt.engine.core.utils.collections.MultiValueMapUtils; import org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -21,67 +12,22 @@ private static final Logger log = LoggerFactory.getLogger(SyncUsers.class); - public static DbUser sync(DbUser dbUser) { - List<DbUser> synchedUsers = sync(Arrays.asList(dbUser)); - return synchedUsers.isEmpty() ? null : synchedUsers.get(0); - } + public static DbUser sync(final DbUser dbUser) { - public static List<DbUser> sync(List<DbUser> dbUsers) { - List<DbUser> usersToUpdate = new ArrayList<>(); - Map<String, Map<String, Set<String>>> authzToNamespaceToUserIds = new HashMap<>(); - Map<String, List<DbUser>> dbUsersPerAuthz = new HashMap<>(); - - //Initialize the entries based on authz in the map - for (DbUser dbUser : dbUsers) { - MultiValueMapUtils.addToMap(dbUser.getDomain(), dbUser, dbUsersPerAuthz); - if (!authzToNamespaceToUserIds.containsKey(dbUser.getDomain())) { - authzToNamespaceToUserIds.put(dbUser.getDomain(), new HashMap<String, Set<String>>()); + DbUser syncedUser = null; + try { + ExtensionProxy authzExtension = EngineExtensionsManager.getInstance().getExtensionByName(dbUser.getDomain()); + ExtMap principal = AuthzUtils.fetchPrincipalByIdRecursively( + authzExtension, dbUser.getNamespace(), dbUser.getExternalId()); + if (principal != null) { + syncedUser = DirectoryUtils.mapPrincipalRecordToDbUser(dbUser.getDomain(), principal); } - MultiValueMapUtils.addToMapOfSets(dbUser.getNamespace(), dbUser.getExternalId(), authzToNamespaceToUserIds.get(dbUser.getDomain())); + } catch (Exception ex) { + log.error("Error during user synchronization of extension '{}': {}", + dbUser.getDomain(), ex.getMessage()); + log.debug("Exception", ex); } - for (Entry<String, Map<String, Set<String>>> entry : authzToNamespaceToUserIds.entrySet()) { - Map<String, DbUser> activeUsers = new HashMap<>(); - String authz = entry.getKey(); - try { - ExtensionProxy authzExtension = EngineExtensionsManager.getInstance().getExtensionByName(authz); - for (Entry<String, Set<String>> userIdsPerNamespace : entry.getValue().entrySet()) { - for ( - ExtMap principal : - AuthzUtils.fetchPrincipalsByIdsRecursively( - authzExtension, userIdsPerNamespace.getKey(), - userIdsPerNamespace.getValue()) - ) { - DbUser dbUser = DirectoryUtils.mapPrincipalRecordToDbUser(authz, principal); - activeUsers.put(dbUser.getExternalId(), dbUser); - } - } - - for (DbUser dbUser : dbUsersPerAuthz.get(authz)) { - DbUser activeUser = activeUsers.get(dbUser.getExternalId()); - if (activeUser != null) { - if (!activeUser.equals(dbUser)) { - activeUser.setId(dbUser.getId()); - activeUser.setAdmin(dbUser.isAdmin()); - log.info("Principal {}::{} synchronized", - activeUser.getLoginName(), - activeUser.getDomain()); - usersToUpdate.add(activeUser); - } - } else { - log.info("Deactivating non existing principal {}::{}", - dbUser.getLoginName(), - dbUser.getDomain()); - dbUser.setActive(false); - usersToUpdate.add(dbUser); - } - } - } catch (Exception ex) { - log.error("Error during user synchronization of extension '{}': {}", - authz, ex.getMessage()); - log.debug("Exception", ex); - } - } - return usersToUpdate; + return syncedUser == null ? dbUser : syncedUser; } } -- To view, visit http://gerrit.ovirt.org/35893 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I15248a628647430d7f3d22e68e66456caffbcb40 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
