cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From raj...@apache.org
Subject [05/17] git commit: updated refs/heads/master to 5881035
Date Sat, 05 Sep 2015 04:02:45 GMT
CLOUDSTACK-8647 support for assigning and admin to linked ldap domain

if an admin username is given to the linkDomainToLdap, added support to
import this user
User will be imported only if the user is available in the group/ou in
ldap and an account with the name doesnt exist in cloudstack.
on successful import, accountid will be returned in response.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2825c07b
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2825c07b
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2825c07b

Branch: refs/heads/master
Commit: 2825c07b38795ff541d4e9dc648612ce84fd728f
Parents: 5929186
Author: Rajani Karuturi <rajanikaruturi@gmail.com>
Authored: Tue Aug 11 15:20:22 2015 +0530
Committer: Rajani Karuturi <rajani.karuturi@citrix.com>
Committed: Thu Aug 27 17:30:21 2015 +0530

----------------------------------------------------------------------
 .../api/command/LinkDomainToLdapCmd.java        | 31 ++++++++++++++++++++
 .../api/response/LinkDomainToLdapResponse.java  | 12 ++++++++
 2 files changed, 43 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2825c07b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
index 5a76e8e..f5a0ef8 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
@@ -21,6 +21,9 @@ package org.apache.cloudstack.api.command;
 import javax.inject.Inject;
 
 import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.user.AccountService;
+import com.cloud.user.User;
+import com.cloud.user.UserAccount;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
@@ -30,10 +33,14 @@ import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.response.DomainResponse;
 import org.apache.cloudstack.api.response.LinkDomainToLdapResponse;
 import org.apache.cloudstack.ldap.LdapManager;
+import org.apache.cloudstack.ldap.LdapUser;
+import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException;
 import org.apache.log4j.Logger;
 
 import com.cloud.user.Account;
 
+import java.util.UUID;
+
 @APICommand(name = "linkDomainToLdap", description = "link an existing cloudstack domain
to group or OU in ldap", responseObject = LinkDomainToLdapResponse.class, since = "4.6.0",
     requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
 public class LinkDomainToLdapCmd extends BaseCmd {
@@ -59,10 +66,34 @@ public class LinkDomainToLdapCmd extends BaseCmd {
     @Inject
     private LdapManager _ldapManager;
 
+    @Inject
+    public AccountService _accountService;
+
     @Override
     public void execute() throws ServerApiException {
         try {
             LinkDomainToLdapResponse response = _ldapManager.linkDomainToLdap(domainId, type,
name, accountType);
+            if(admin!=null) {
+                try {
+                    LdapUser ldapUser = _ldapManager.getUser(admin, type, name);
+                    if(!ldapUser.isDisabled()) {
+                        Account account = _accountService.getActiveAccountByName(admin, domainId);
+                        if (account == null) {
+                            UserAccount userAccount =
+                                _accountService.createUserAccount(admin, "", ldapUser.getFirstname(),
ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN,
domainId, admin, null, UUID.randomUUID().toString(),
+                                                                  UUID.randomUUID().toString(),
User.Source.LDAP);
+                            response.setAdminId(String.valueOf(userAccount.getAccountId()));
+                            s_logger.info("created an account with name " + admin + " in
the given domain " + domainId);
+                        } else {
+                            s_logger.debug("an account with name " + admin + " already exists
in the domain " + domainId);
+                        }
+                    } else {
+                        s_logger.debug("ldap user with username "+admin+" is disabled in
the given group/ou");
+                    }
+                } catch (NoLdapUserMatchingQueryException e) {
+                    s_logger.debug("no ldap user matching username " + admin + " in the given
group/ou");
+                }
+            }
             response.setObjectName("LinkDomainToLdap");
             response.setResponseName(getCommandName());
             setResponseObject(response);

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2825c07b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
index 103fb25..b0032b0 100644
--- a/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
+++ b/plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
@@ -41,6 +41,10 @@ public class LinkDomainToLdapResponse extends BaseResponse {
     @Param(description = "Type of the account to auto import")
     private short accountType;
 
+    @SerializedName(ApiConstants.ACCOUNT_ID)
+    @Param(description = "Domain Admin accountId that is created")
+    private String adminId;
+
     public LinkDomainToLdapResponse(long domainId, String type, String name, short accountType)
{
         this.domainId = domainId;
         this.name = name;
@@ -63,4 +67,12 @@ public class LinkDomainToLdapResponse extends BaseResponse {
     public short getAccountType() {
         return accountType;
     }
+
+    public String getAdminId() {
+        return adminId;
+    }
+
+    public void setAdminId(String adminId) {
+        this.adminId = adminId;
+    }
 }


Mime
View raw message