>From 30519eeb9b44ead5b52b0bd95da9971b0c285a8c Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 17 Jul 2014 00:24:06 -0400 Subject: [PATCH 6/9] Add LDAPProfileSubsystem to store profiles in LDAP Add the LDAPProfileSubsystem as another IProfileSubsystem implementation that can be used instead of ProfileSubsystem (which stores profiles on the file system) to store files in LDAP so that changes can be replicated. Extract common behaviour in to new AbstractProfileSubsystem superclass. Also address the minor issue #1220. --- .../dogtagpki/server/ca/rest/ProfileService.java | 16 +- .../certsrv/profile/IProfileSubsystem.java | 19 +- .../cms/servlet/admin/ProfileAdminServlet.java | 30 +-- base/server/cmsbundle/src/UserMessages.properties | 2 + .../com/netscape/cmscore/base/FileConfigStore.java | 4 +- .../cmscore/profile/AbstractProfileSubsystem.java | 151 ++++++++++++++ .../cmscore/profile/LDAPProfileSubsystem.java | 231 +++++++++++++++++++++ .../netscape/cmscore/profile/ProfileSubsystem.java | 182 ++++------------ 8 files changed, 436 insertions(+), 199 deletions(-) create mode 100644 base/server/cmscore/src/com/netscape/cmscore/profile/AbstractProfileSubsystem.java create mode 100644 base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java index 3b2f8a50ebcd18fe0098b2e92e0300645b904fa3..d3f08b270fd66154da880d47be30ea48716b75bd 100644 --- a/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java +++ b/base/ca/src/org/dogtagpki/server/ca/rest/ProfileService.java @@ -18,7 +18,6 @@ package org.dogtagpki.server.ca.rest; -import java.io.File; import java.io.IOException; import java.net.URI; import java.security.Principal; @@ -244,7 +243,7 @@ public class ProfileService extends PKIService implements ProfileResource { data.setAuthenticatorId(profile.getAuthenticatorId()); data.setAuthzAcl(profile.getAuthzAcl()); - data.setClassId(cs.getString(profileId + ".class_id")); + data.setClassId(ps.getProfileClassId(profileId)); data.setDescription(profile.getDescription(getLocale(headers))); data.setEnabled(ps.isProfileEnable(profileId)); data.setEnabledBy(ps.getProfileEnableBy(profileId)); @@ -472,18 +471,13 @@ public class ProfileService extends PKIService implements ProfileResource { auditParams.put("description", data.getDescription()); auditParams.put("visible", Boolean.toString(data.isVisible())); - String config = CMS.getConfigStore().getString("instanceRoot") + "/ca/profiles/ca/" + - profileId + ".cfg"; - File configFile = new File(config); - configFile.createNewFile(); IPluginInfo info = registry.getPluginInfo("profile", data.getClassId()); - profile = ps.createProfile(profileId, data.getClassId(), info.getClassName(), config); + profile = ps.createProfile(profileId, data.getClassId(), info.getClassName()); profile.setName(getLocale(headers), data.getName()); profile.setDescription(getLocale(headers), data.getDescription()); profile.setVisible(data.isVisible()); profile.getConfigStore().commit(false); - ps.createProfileConfig(profileId, data.getClassId(), config); if (profile instanceof IProfileEx) { // populates profile specific plugins such as @@ -504,7 +498,7 @@ public class ProfileService extends PKIService implements ProfileResource { return createCreatedResponse(profileData, profileData.getLink().getHref()); - } catch (EBaseException | IOException e) { + } catch (EBaseException e) { CMS.debug("createProfile: error in creating profile: " + e); e.printStackTrace(); @@ -983,9 +977,7 @@ public class ProfileService extends PKIService implements ProfileResource { "`. Profile must be disabled first."); } - String configFile = CMS.getConfigStore().getString("profile." + profileId + ".config"); - - ps.deleteProfile(profileId, configFile); + ps.deleteProfile(profileId); auditProfileChange( ScopeDef.SC_PROFILE_RULES, diff --git a/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java b/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java index 3238fb2e686cd3f9aa42dac7997cacd8f7c4c06c..b7071fe7526132d7f9ff1945819f0d1f67c18719 100644 --- a/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java +++ b/base/common/src/com/netscape/certsrv/profile/IProfileSubsystem.java @@ -61,33 +61,18 @@ public interface IProfileSubsystem extends ISubsystem { * @param id profile id * @param classid implementation id * @param className class Name - * @param configFile configuration file * @exception EProfileException failed to create profile */ - public IProfile createProfile(String id, String classid, - String className, String configFile) + public IProfile createProfile(String id, String classid, String className) throws EProfileException; /** * Deletes profile. * * @param id profile id - * @param configFile configuration file * @exception EProfileException failed to delete profile */ - public void deleteProfile(String id, String configFile) - throws EProfileException; - - /** - * Creates a new profile configuration file. - * - * @param id profile id - * @param classId implementation id - * @param configPath location to create the configuration file - * @exception failed to create profile - */ - public void createProfileConfig(String id, String classId, - String configPath) throws EProfileException; + public void deleteProfile(String id) throws EProfileException; /** * Enables a profile. diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java index 3d25b8b71bc7f71a7d579aa6d27bcdc623e49e28..b418baf41a0f84ce5d5ac9da56efd191e1a20316 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; -import java.io.File; import java.io.IOException; import java.util.Enumeration; import java.util.StringTokenizer; @@ -2290,26 +2289,8 @@ public class ProfileAdminServlet extends AdminServlet { return; } - String config = null; - try { - config = CMS.getConfigStore().getString("profile." + id + ".config"); - } catch (EBaseException e) { - // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); - - audit(auditMessage); - - sendResponse(ERROR, null, null, resp); - return; - } - - try { - mProfileSub.deleteProfile(id, config); + mProfileSub.deleteProfile(id); } catch (EProfileException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( @@ -2475,16 +2456,10 @@ public class ProfileAdminServlet extends AdminServlet { IProfile profile = null; - // create configuration file - File configFile = new File(config); - - configFile.createNewFile(); - // create profile try { profile = mProfileSub.createProfile(id, impl, - info.getClassName(), - config); + info.getClassName()); profile.setName(getLocale(req), name); profile.setDescription(getLocale(req), name); if (visible != null && visible.equals("true")) { @@ -2495,7 +2470,6 @@ public class ProfileAdminServlet extends AdminServlet { profile.setAuthenticatorId(auth); profile.getConfigStore().commit(false); - mProfileSub.createProfileConfig(id, impl, config); if (profile instanceof IProfileEx) { // populates profile specific plugins such as // policies, inputs and outputs diff --git a/base/server/cmsbundle/src/UserMessages.properties b/base/server/cmsbundle/src/UserMessages.properties index 4861f2da556dd87147aa4840033078f4e7833350..94749cebde21b10e0ba354eb22bc770e7e9d3e8f 100644 --- a/base/server/cmsbundle/src/UserMessages.properties +++ b/base/server/cmsbundle/src/UserMessages.properties @@ -754,6 +754,8 @@ CMS_PROFILE_CONFIG_KEY_USAGE_EXTENSION_CHECKING=Allow duplicate subject names wi CMS_PROFILE_INTERNAL_ERROR=Profile internal error: {0} CMS_PROFILE_DENY_OPERATION=Not authorized to do this operation. CMS_PROFILE_DELETE_ENABLEPROFILE=Cannot delete enabled profile: {0} +CMS_PROFILE_DELETE_UNKNOWNPROFILE=Cannot delete unknown profile: {0} +CMS_PROFILE_DELETE_DATABASEERROR=Failed to delete profile: {0} CMS_PROFILE_INVALID_REQUEST=Invalid Request CMS_PROFILE_EMPTY_REQUEST_TYPE=Request type is not specified. Check your profile input. CMS_PROFILE_CREATE_POLICY_FAILED=Failed to create profile policy: {0} diff --git a/base/server/cmscore/src/com/netscape/cmscore/base/FileConfigStore.java b/base/server/cmscore/src/com/netscape/cmscore/base/FileConfigStore.java index b77f86d781995e27bb0fe16135fc45a7d6fc4da3..4f8cb2743fdecc354338042a5219a9aaf6e27880 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/base/FileConfigStore.java +++ b/base/server/cmscore/src/com/netscape/cmscore/base/FileConfigStore.java @@ -33,12 +33,10 @@ import com.netscape.cmsutil.util.Utils; /** * FileConfigStore: - * Extends HashConfigStore with methods to load/save from/to file for + * Extends PropConfigStore with methods to load/save from/to file for * persistent storage. This is a configuration store agent who * reads data from a file. *

- * Note that a LdapConfigStore can be implemented so that it reads the configuration stores from the Ldap directory. - *

* * @version $Revision$, $Date$ * @see PropConfigStore diff --git a/base/server/cmscore/src/com/netscape/cmscore/profile/AbstractProfileSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/profile/AbstractProfileSubsystem.java new file mode 100644 index 0000000000000000000000000000000000000000..b7cd503a142fc0c3065c7d19de5229c7490613f4 --- /dev/null +++ b/base/server/cmscore/src/com/netscape/cmscore/profile/AbstractProfileSubsystem.java @@ -0,0 +1,151 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.profile; + +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Vector; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileSubsystem; + +public abstract class AbstractProfileSubsystem implements IProfileSubsystem { + protected static final String PROP_CHECK_OWNER = "checkOwner"; + protected static final String PROP_ENABLE = "enable"; + protected static final String PROP_ENABLE_BY = "enableBy"; + + protected IConfigStore mConfig = null; + @SuppressWarnings("unused") + protected ISubsystem mOwner; + protected Vector mProfileIds; + protected Hashtable mProfiles; + protected Hashtable mProfileClassIds; + + /** + * Returns the root configuration storage of this system. + *

+ * + * @return configuration store of this subsystem + */ + public IConfigStore getConfigStore() { + return mConfig; + } + + /** + * Retrieves the name of this subsystem. + */ + public String getId() { + return null; + } + + /** + * Sets specific to this subsystem. + */ + public void setId(String id) throws EBaseException { + } + + public boolean isProfileEnable(String id) { + IProfile profile = mProfiles.get(id); + String enable = null; + + try { + enable = profile.getConfigStore().getString(PROP_ENABLE); + } catch (EBaseException e) { + } + return Boolean.valueOf(enable); + } + + public String getProfileEnableBy(String id) { + if (!isProfileEnable(id)) + return null; + IProfile profile = mProfiles.get(id); + String enableBy = null; + + try { + enableBy = profile.getConfigStore().getString(PROP_ENABLE_BY); + } catch (EBaseException e) { + } + return enableBy; + } + + /** + * Enables a profile for execution. + */ + public void enableProfile(String id, String enableBy) + throws EProfileException { + IProfile profile = mProfiles.get(id); + + profile.getConfigStore().putString(PROP_ENABLE, "true"); + profile.getConfigStore().putString(PROP_ENABLE_BY, enableBy); + try { + profile.getConfigStore().commit(false); + } catch (EBaseException e) { + } + } + + /** + * Retrieves a profile by id. + */ + public IProfile getProfile(String id) + throws EProfileException { + return mProfiles.get(id); + } + + /** + * Disables a profile for execution. + */ + public void disableProfile(String id) + throws EProfileException { + IProfile profile = mProfiles.get(id); + + profile.getConfigStore().putString(PROP_ENABLE, "false"); + try { + profile.getConfigStore().commit(false); + } catch (EBaseException e) { + } + } + + public String getProfileClassId(String id) { + return mProfileClassIds.get(id); + } + + /** + * Retrieves a list of profile ids. The return + * list is of type String. + */ + public Enumeration getProfileIds() { + return mProfileIds.elements(); + } + + /** + * Checks if owner id should be enforced during profile approval. + * + * @return true if approval should be checked + */ + public boolean checkOwner() { + try { + return mConfig.getBoolean(PROP_CHECK_OWNER, false); + } catch (EBaseException e) { + return false; + } + } +} diff --git a/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java new file mode 100644 index 0000000000000000000000000000000000000000..810965d11a8f99635b7358b862ec620e0f651587 --- /dev/null +++ b/base/server/cmscore/src/com/netscape/cmscore/profile/LDAPProfileSubsystem.java @@ -0,0 +1,231 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007, 2014, 2015 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cmscore.profile; + +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Vector; + +import netscape.ldap.LDAPAttribute; +import netscape.ldap.LDAPConnection; +import netscape.ldap.LDAPEntry; +import netscape.ldap.LDAPException; +import netscape.ldap.LDAPSearchResults; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.ldap.ELdapException; +import com.netscape.certsrv.ldap.ILdapConnFactory; +import com.netscape.certsrv.profile.EProfileException; +import com.netscape.certsrv.profile.IProfile; +import com.netscape.certsrv.profile.IProfileSubsystem; +import com.netscape.certsrv.registry.IPluginInfo; +import com.netscape.certsrv.registry.IPluginRegistry; +import com.netscape.cmscore.base.LDAPConfigStore; + +public class LDAPProfileSubsystem + extends AbstractProfileSubsystem + implements IProfileSubsystem { + + private String dn; + private ILdapConnFactory dbFactory; + + /** + * Initializes this subsystem with the given configuration + * store. + *

+ * + * @param owner owner of this subsystem + * @param config configuration store + * @exception EBaseException failed to initialize + */ + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { + CMS.debug("LDAPProfileSubsystem: start init"); + + // (re)init member collections + mProfileIds = new Vector(); + mProfiles = new Hashtable(); + mProfileClassIds = new Hashtable(); + + IPluginRegistry registry = (IPluginRegistry) + CMS.getSubsystem(CMS.SUBSYSTEM_REGISTRY); + + IConfigStore cs = CMS.getConfigStore(); + IConfigStore dbCfg = cs.getSubStore("internaldb"); + dbFactory = CMS.getLdapBoundConnFactory(); + dbFactory.init(dbCfg); + + mConfig = config; + mOwner = owner; + + // Configuration File Format: + // *.list=profile1,profile2 + // *.profile1.class=com.netscape.cms.profile.common.BasicProfile + // *.profile1.config=config/profiles/profile1.cfg + // *.profile2.class=com.netscape.cms.profile.common.BasicProfile + // *.profile2.config=config/profiles/profile2.cfg + + // read profile id, implementation, and its configuration files + String basedn = cs.getString("internaldb.basedn"); + String dn = "ou=certificateProfiles,ou=ca," + basedn; + LDAPConnection conn = dbFactory.getConn(); + + String[] attrs = {"cn", "classId"}; + try { + LDAPSearchResults ldapProfiles = conn.search( + dn, LDAPConnection.SCOPE_ONE, "(objectclass=*)", attrs, false); + + while (ldapProfiles.hasMoreElements()) { + String id = ""; + try { + LDAPEntry ldapProfile = ldapProfiles.next(); + + id = (String) + ldapProfile.getAttribute("cn").getStringValues().nextElement(); + + String classid = (String) + ldapProfile.getAttribute("classId").getStringValues().nextElement(); + + IPluginInfo info = registry.getPluginInfo("profile", classid); + if (info == null) { + CMS.debug("Error loading profile: No plugins for type : profile, with id " + classid); + } else { + CMS.debug("Start Profile Creation - " + id + " " + classid + " " + info.getClassName()); + createProfile(id, classid, info.getClassName()); + CMS.debug("Done Profile Creation - " + id); + } + } catch (LDAPException e) { + CMS.debug("Error reading profile '" + id + "'; skipping."); + } + } + } catch (LDAPException e) { + throw new EBaseException("Error reading profiles: " + e.toString()); + } finally { + try { + dbFactory.returnConn(conn); + } catch (Exception e) { + throw new EProfileException("Error releasing the ldap connection" + e.toString()); + } + } + + Enumeration ee = getProfileIds(); + + while (ee.hasMoreElements()) { + String id = ee.nextElement(); + + CMS.debug("Registered Confirmation - " + id); + } + } + + /** + * Creates a profile instance. + */ + public IProfile createProfile(String id, String classid, String className) + throws EProfileException { + try { + String[] objectClasses = {"top", "certProfile"}; + LDAPAttribute[] createAttrs = { + new LDAPAttribute("objectclass", objectClasses), + new LDAPAttribute("cn", id), + new LDAPAttribute("classId", classid) + }; + + IConfigStore subStoreConfig = new LDAPConfigStore( + dbFactory, createProfileDN(id), createAttrs, "certProfileConfig"); + + CMS.debug("LDAPProfileSubsystem: initing " + className); + IProfile profile = (IProfile) Class.forName(className).newInstance(); + profile.setId(id); + profile.init(this, subStoreConfig); + mProfileIds.addElement(id); + mProfiles.put(id, profile); + mProfileClassIds.put(id, classid); + return profile; + } catch (Exception e) { + // throw exceptions + CMS.debug(e.toString()); + CMS.debug(e); + } + return null; + } + + public void deleteProfile(String id) throws EProfileException { + if (isProfileEnable(id)) { + throw new EProfileException("CMS_PROFILE_DELETE_ENABLEPROFILE"); + } + + LDAPConnection conn; + try { + conn = dbFactory.getConn(); + } catch (ELdapException e) { + throw new EProfileException("Error acquiring the ldap connection" + e.toString()); + } + try { + conn.delete(createProfileDN(id)); + } catch (LDAPException e) { + throw new EProfileException("CMS_PROFILE_DELETE_DATABASEERROR"); + } finally { + try { + dbFactory.returnConn(conn); + } catch (Exception e) { + throw new EProfileException("Error releasing the ldap connection" + e.toString()); + } + } + + mProfileIds.removeElement(id); + mProfiles.remove(id); + mProfileClassIds.remove(id); + } + + /** + * Notifies this subsystem if owner is in running mode. + */ + public void startup() throws EBaseException { + CMS.debug("LDAPProfileSubsystem: startup"); + } + + /** + * Stops this system. The owner may call shutdown + * anytime after initialization. + *

+ */ + public void shutdown() { + mProfileIds.clear(); + mProfiles.clear(); + mProfileClassIds.clear(); + } + + /** + * Compute the profile DN given an ID. + */ + private String createProfileDN(String id) throws EProfileException { + if (id == null) { + throw new EProfileException("CMS_PROFILE_DELETE_UNKNOWNPROFILE"); + } + String basedn; + try { + basedn = CMS.getConfigStore().getString("internaldb.basedn"); + } catch (EBaseException e) { + throw new EProfileException("CMS_PROFILE_DELETE_UNKNOWNPROFILE"); + } + return "cn=" + id + ",ou=certificateProfiles,ou=ca," + basedn; + } +} diff --git a/base/server/cmscore/src/com/netscape/cmscore/profile/ProfileSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/profile/ProfileSubsystem.java index 27e72352ef22c742b5ea09a180d440d58452dd49..1c0d1b549cd0dee10feb32651189c58100d2439d 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/profile/ProfileSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/profile/ProfileSubsystem.java @@ -33,34 +33,12 @@ import com.netscape.certsrv.profile.IProfileSubsystem; import com.netscape.certsrv.registry.IPluginInfo; import com.netscape.certsrv.registry.IPluginRegistry; -public class ProfileSubsystem implements IProfileSubsystem { +public class ProfileSubsystem + extends AbstractProfileSubsystem + implements IProfileSubsystem { private static final String PROP_LIST = "list"; private static final String PROP_CLASS_ID = "class_id"; private static final String PROP_CONFIG = "config"; - private static final String PROP_CHECK_OWNER = "checkOwner"; - - private static final String PROP_ENABLE = "enable"; - private static final String PROP_ENABLE_BY = "enableBy"; - - private IConfigStore mConfig = null; - @SuppressWarnings("unused") - private ISubsystem mOwner; - private Vector mProfileIds = new Vector(); - private Hashtable mProfiles = new Hashtable(); - private Hashtable mProfileClassIds = new Hashtable(); - - /** - * Retrieves the name of this subsystem. - */ - public String getId() { - return null; - } - - /** - * Sets specific to this subsystem. - */ - public void setId(String id) throws EBaseException { - } /** * Initializes this subsystem with the given configuration @@ -77,6 +55,10 @@ public class ProfileSubsystem implements IProfileSubsystem { IPluginRegistry registry = (IPluginRegistry) CMS.getSubsystem(CMS.SUBSYSTEM_REGISTRY); + mProfileIds = new Vector(); + mProfiles = new Hashtable(); + mProfileClassIds = new Hashtable(); + mConfig = config; mOwner = owner; @@ -102,8 +84,7 @@ public class ProfileSubsystem implements IProfileSubsystem { String configPath = subStore.getString(PROP_CONFIG); CMS.debug("Start Profile Creation - " + id + " " + classid + " " + info.getClassName()); - createProfile(id, classid, info.getClassName(), - configPath); + createProfile(id, classid, info.getClassName(), false); CMS.debug("Done Profile Creation - " + id); } @@ -120,14 +101,27 @@ public class ProfileSubsystem implements IProfileSubsystem { /** * Creates a profile instance. */ - public IProfile createProfile(String id, String classid, String className, - String configPath) + @Override + public IProfile createProfile(String id, String classid, String className) throws EProfileException { + return createProfile(id, classid, className, true); + } + + private IProfile createProfile(String id, String classid, String className, + boolean isNew) throws EProfileException { IProfile profile = null; + String configPath; + try { + configPath = CMS.getConfigStore().getString("instanceRoot") + + "/ca/profiles/ca/" + id + ".cfg"; + } catch (EBaseException e) { + throw new EProfileException("CMS_PROFILE_DELETE_DATABASEERROR"); + } + try { - profile = (IProfile) Class.forName(className).newInstance(); IConfigStore subStoreConfig = CMS.createFileConfigStore(configPath); + profile = (IProfile) Class.forName(className).newInstance(); CMS.debug("ProfileSubsystem: initing " + className); profile.setId(id); @@ -135,6 +129,8 @@ public class ProfileSubsystem implements IProfileSubsystem { mProfileIds.addElement(id); mProfiles.put(id, profile); mProfileClassIds.put(id, classid); + if (isNew) + createProfileConfig(id, classid); return profile; } catch (Exception e) { // throw exceptions @@ -144,7 +140,14 @@ public class ProfileSubsystem implements IProfileSubsystem { return null; } - public void deleteProfile(String id, String configPath) throws EProfileException { + public void deleteProfile(String id) throws EProfileException { + String configPath; + try { + configPath = CMS.getConfigStore().getString("instanceRoot") + + "/ca/profiles/ca/" + id + ".cfg"; + } catch (EBaseException e) { + throw new EProfileException("CMS_PROFILE_DELETE_DATABASEERROR"); + } if (isProfileEnable(id)) { throw new EProfileException("CMS_PROFILE_DELETE_ENABLEPROFILE"); @@ -185,9 +188,16 @@ public class ProfileSubsystem implements IProfileSubsystem { } } - public void createProfileConfig(String id, String classId, - String configPath) + private void createProfileConfig(String id, String classId) throws EProfileException { + String configPath; + try { + configPath = CMS.getConfigStore().getString("instanceRoot") + + "/ca/profiles/ca/" + id + ".cfg"; + } catch (EBaseException e) { + throw new EProfileException("CMS_PROFILE_DELETE_DATABASEERROR"); + } + try { if (mProfiles.size() > 0) { mConfig.putString(PROP_LIST, @@ -220,110 +230,4 @@ public class ProfileSubsystem implements IProfileSubsystem { mProfiles.clear(); mProfileClassIds.clear(); } - - /** - * Returns the root configuration storage of this system. - *

- * - * @return configuration store of this subsystem - */ - public IConfigStore getConfigStore() { - return mConfig; - } - - /** - * Adds a profile. - */ - public void addProfile(String id, IProfile profile) - throws EProfileException { - } - - public boolean isProfileEnable(String id) { - IProfile profile = mProfiles.get(id); - String enable = null; - - try { - enable = profile.getConfigStore().getString(PROP_ENABLE); - } catch (EBaseException e) { - } - if (enable == null || enable.equals("false")) - return false; - else - return true; - } - - public String getProfileEnableBy(String id) { - if (!isProfileEnable(id)) - return null; - IProfile profile = mProfiles.get(id); - String enableBy = null; - - try { - enableBy = profile.getConfigStore().getString(PROP_ENABLE_BY); - } catch (EBaseException e) { - } - return enableBy; - } - - /** - * Enables a profile for execution. - */ - public void enableProfile(String id, String enableBy) - throws EProfileException { - IProfile profile = mProfiles.get(id); - - profile.getConfigStore().putString(PROP_ENABLE, "true"); - profile.getConfigStore().putString(PROP_ENABLE_BY, enableBy); - try { - profile.getConfigStore().commit(false); - } catch (EBaseException e) { - } - } - - /** - * Disables a profile for execution. - */ - public void disableProfile(String id) - throws EProfileException { - IProfile profile = mProfiles.get(id); - - profile.getConfigStore().putString(PROP_ENABLE, "false"); - try { - profile.getConfigStore().commit(false); - } catch (EBaseException e) { - } - } - - /** - * Retrieves a profile by id. - */ - public IProfile getProfile(String id) - throws EProfileException { - return mProfiles.get(id); - } - - public String getProfileClassId(String id) { - return mProfileClassIds.get(id); - } - - /** - * Retrieves a list of profile ids. The return - * list is of type String. - */ - public Enumeration getProfileIds() { - return mProfileIds.elements(); - } - - /** - * Checks if owner id should be enforced during profile approval. - * - * @return true if approval should be checked - */ - public boolean checkOwner() { - try { - return mConfig.getBoolean(PROP_CHECK_OWNER, false); - } catch (EBaseException e) { - return false; - } - } } -- 2.1.0