etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-8647 support for assigning and admin to linked ldap domain 

if an admin username is given to the linkDomainToLdap, added support to
import this user
User will be imported only if the user is available in the group/ou in
ldap and an account with the name doesnt exist in cloudstack.
on successful import, accountid will be returned in response.
This commit is contained in:
Rajani Karuturi 2015-08-11 15:20:22 +05:30 committed by Rajani Karuturi
parent 59291864fc
commit 2825c07b38
2 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
View File

@ -21,6 +21,9 @@ package org.apache.cloudstack.api.command;
import javax.inject.Inject;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.user.AccountService;
import com.cloud.user.User;
import com.cloud.user.UserAccount;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@ -30,10 +33,14 @@ import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.DomainResponse;
import org.apache.cloudstack.api.response.LinkDomainToLdapResponse;
import org.apache.cloudstack.ldap.LdapManager;
import org.apache.cloudstack.ldap.LdapUser;
import org.apache.cloudstack.ldap.NoLdapUserMatchingQueryException;
import org.apache.log4j.Logger;
import com.cloud.user.Account;
import java.util.UUID;
@APICommand(name = "linkDomainToLdap", description = "link an existing cloudstack domain to group or OU in ldap", responseObject = LinkDomainToLdapResponse.class, since = "4.6.0",
requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
public class LinkDomainToLdapCmd extends BaseCmd {
@ -59,10 +66,34 @@ public class LinkDomainToLdapCmd extends BaseCmd {
@Inject
private LdapManager _ldapManager;
@Inject
public AccountService _accountService;
@Override
public void execute() throws ServerApiException {
try {
LinkDomainToLdapResponse response = _ldapManager.linkDomainToLdap(domainId, type, name, accountType);
if(admin!=null) {
try {
LdapUser ldapUser = _ldapManager.getUser(admin, type, name);
if(!ldapUser.isDisabled()) {
Account account = _accountService.getActiveAccountByName(admin, domainId);
if (account == null) {
UserAccount userAccount =
_accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId, admin, null, UUID.randomUUID().toString(),
UUID.randomUUID().toString(), User.Source.LDAP);
response.setAdminId(String.valueOf(userAccount.getAccountId()));
s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
} else {
s_logger.debug("an account with name " + admin + " already exists in the domain " + domainId);
}
} else {
s_logger.debug("ldap user with username "+admin+" is disabled in the given group/ou");
}
} catch (NoLdapUserMatchingQueryException e) {
s_logger.debug("no ldap user matching username " + admin + " in the given group/ou");
}
}
response.setObjectName("LinkDomainToLdap");
response.setResponseName(getCommandName());
setResponseObject(response);

12
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
View File

@ -41,6 +41,10 @@ public class LinkDomainToLdapResponse extends BaseResponse {
@Param(description = "Type of the account to auto import")
private short accountType;
@SerializedName(ApiConstants.ACCOUNT_ID)
@Param(description = "Domain Admin accountId that is created")
private String adminId;
public LinkDomainToLdapResponse(long domainId, String type, String name, short accountType) {
this.domainId = domainId;
this.name = name;
@ -63,4 +67,12 @@ public class LinkDomainToLdapResponse extends BaseResponse {
public short getAccountType() {
return accountType;
}
public String getAdminId() {
return adminId;
}
public void setAdminId(String adminId) {
this.adminId = adminId;
}
}