apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-03 04:12:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-8647: linkdomaintoldap shouldnt fail when createuseraccount fails

Browse Source 
Incase create useraccount fails with any runtime exception,
linkdomaintoldap api shouldnt fail. It just will not return the admin id
as it didnt create the account.
added test cases to verify this as well.
This commit is contained in:
Rajani Karuturi 2015-09-03 18:05:50 +05:30
parent 6177bae810
commit 53a441faf6
2 changed files with 83 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
View File

@ -71,24 +71,28 @@ public class LinkDomainToLdapCmd extends BaseCmd {
try {
LinkDomainToLdapResponse response = _ldapManager.linkDomainToLdap(domainId, type, name, accountType);
if(admin!=null) {
LdapUser ldapUser = null;
try {
LdapUser ldapUser = _ldapManager.getUser(admin, type, name);
if(!ldapUser.isDisabled()) {
Account account = _accountService.getActiveAccountByName(admin, domainId);
if (account == null) {
UserAccount userAccount =
_accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin, null, UUID.randomUUID().toString(),
UUID.randomUUID().toString(), User.Source.LDAP);
ldapUser = _ldapManager.getUser(admin, type, name);
} catch (NoLdapUserMatchingQueryException e) {
s_logger.debug("no ldap user matching username " + admin + " in the given group/ou", e);
}
if (ldapUser != null && !ldapUser.isDisabled()) {
Account account = _accountService.getActiveAccountByName(admin, domainId);
if (account == null) {
try {
UserAccount userAccount = _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
response.setAdminId(String.valueOf(userAccount.getAccountId()));
s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
} else {
s_logger.debug("an account with name " + admin + " already exists in the domain " + domainId);
} catch (Exception e) {
s_logger.info("an exception occurred while creating account with name " + admin +" in domain " + domainId, e);
}
} else {
s_logger.debug("ldap user with username "+admin+" is disabled in the given group/ou");
s_logger.debug("an account with name " + admin + " already exists in the domain " + domainId);
}
} catch (NoLdapUserMatchingQueryException e) {
s_logger.debug("no ldap user matching username " + admin + " in the given group/ou");
} else {
s_logger.debug("ldap user with username "+admin+" is disabled in the given group/ou");
}
}
response.setObjectName("LinkDomainToLdap");

67
plugins/user-authenticators/ldap/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
View File

@ -28,6 +28,7 @@ import org.apache.cloudstack.api.command.LinkDomainToLdapCmd
import org.apache.cloudstack.api.response.LinkDomainToLdapResponse
import org.apache.cloudstack.ldap.LdapManager
import org.apache.cloudstack.ldap.LdapUser
import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException
import spock.lang.Shared
import spock.lang.Specification
@ -162,4 +163,70 @@ class LinkDomainToLdapCmdSpec extends Specification {
result.getAdminId() == String.valueOf(accountId)
}
def "test when admin doesnt exist in ldap"() {
def domainId = 1;
def type = "GROUP";
def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
def accountType = 2;
def username = "admin"
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
_ldapManager.linkDomainToLdap(_,_,_,_) >> response
_ldapManager.getUser(username, type, name) >> {throw new NoLdapUserMatchingQueryException("get ldap user failed from mock")}
linkDomainToLdapCmd.admin = username
linkDomainToLdapCmd.type = type
linkDomainToLdapCmd.name = name
linkDomainToLdapCmd.domainId = domainId
when:
linkDomainToLdapCmd.execute()
then:
LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
result.getObjectName() == "LinkDomainToLdap"
result.getResponseName() == linkDomainToLdapCmd.getCommandName()
result.getDomainId() == domainId
result.getType() == type
result.getName() == name
result.getAdminId() == null
}
/**
* api should not fail in this case as link domain to ldap is successful
*/
def "test when create user account throws a run time exception"() {
def domainId = 1;
def type = "GROUP";
def name = "CN=test,DC=ccp,DC=Citrix,DC=com"
def accountType = 2;
def username = "admin"
def accountId = 24
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId, type, name, (short)accountType)
_ldapManager.linkDomainToLdap(_,_,_,_) >> response
_ldapManager.getUser(username, type, name) >> new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", name, "ccp", false)
_accountService.getActiveAccountByName(username, domainId) >> null
UserAccount userAccount = Mock(UserAccount)
userAccount.getAccountId() >> 24
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }
linkDomainToLdapCmd.admin = username
linkDomainToLdapCmd.type = type
linkDomainToLdapCmd.name = name
linkDomainToLdapCmd.domainId = domainId
when:
linkDomainToLdapCmd.execute()
then:
LinkDomainToLdapResponse result = (LinkDomainToLdapResponse)linkDomainToLdapCmd.getResponseObject()
result.getObjectName() == "LinkDomainToLdap"
result.getResponseName() == linkDomainToLdapCmd.getCommandName()
result.getDomainId() == domainId
result.getType() == type
result.getName() == name
result.getAdminId() == null
}
}