From d6595375699a34ffe5b1cf062196f16dd826e19b Mon Sep 17 00:00:00 2001 From: Alessandro Boch Date: Thu, 15 Aug 2013 16:47:45 -0700 Subject: [PATCH] Default network admin password change is not persistent across controller restart ISSUE: Change default network admin (NA) user password, save config, restart controller. To be able to login as default NA user you still have to type the default password. This happens because when parsing startup configuration user config addition are replayed through public API which has a check to block addiiton/removal of default NA user. CHANGES: - Perform checks in a middle layer function and have a internal level function which just update the db - Call the internal function during startup config replay - Added missing checks on presence/conflict of user configs when removing/adding a user config object Change-Id: I38c98bb946b42215cec46d86d3b1a9885c12795b Signed-off-by: Alessandro Boch --- .../usermanager/internal/UserManagerImpl.java | 58 ++++++++++++------- 1 file changed, 38 insertions(+), 20 deletions(-) diff --git a/opendaylight/usermanager/implementation/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java b/opendaylight/usermanager/implementation/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java index add453f09f..fedc432f20 100644 --- a/opendaylight/usermanager/implementation/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java +++ b/opendaylight/usermanager/implementation/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java @@ -446,7 +446,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader, } for (UserConfig conf : confList.values()) { - addLocalUser(conf); + addRemoveLocalUserInternal(conf, false); } } @@ -483,21 +483,44 @@ public class UserManagerImpl implements IUserManager, IObjectReader, /* * Interaction with GUI START */ - public Status addRemoveLocalUser(UserConfig AAAconf, boolean delete) { + private Status addRemoveLocalUser(UserConfig AAAconf, boolean delete) { // UserConfig Validation check Status validCheck = AAAconf.validate(); if (!validCheck.isSuccess()) { return validCheck; } + String user = AAAconf.getUser(); + + // Check default admin user + if (user.equals(UserManagerImpl.defaultAdmin)) { + String msg = "Invalid Request: Default Network Admin User cannot be " + ((delete)? "removed" : "added"); + logger.debug(msg); + return new Status(StatusCode.NOTALLOWED, msg); + } + + // Check user presence/conflict + StatusCode statusCode = null; + String reason = null; + if (delete && !localUserConfigList.containsKey(user)) { + reason = "not found"; + statusCode = StatusCode.NOTFOUND; + } else if (!delete && localUserConfigList.containsKey(user)) { + reason = "already present"; + statusCode = StatusCode.CONFLICT; + } + if (statusCode != null) { + String msg = String.format("User %s %s in configuration database", user, reason); + logger.debug(msg); + return new Status(statusCode, msg); + } + + return addRemoveLocalUserInternal(AAAconf, delete); + } + + private Status addRemoveLocalUserInternal(UserConfig AAAconf, boolean delete) { // Update Config database if (delete) { - if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) { - String msg = "Invalid Request: Default Network Admin User " - + "cannot be deleted"; - logger.debug(msg); - return new Status(StatusCode.NOTALLOWED, msg); - } localUserConfigList.remove(AAAconf.getUser()); /* * A user account has been removed form local database, we assume @@ -506,16 +529,10 @@ public class UserManagerImpl implements IUserManager, IObjectReader, */ removeUserFromActiveList(AAAconf.getUser()); } else { - if (AAAconf.getUser().equals(UserManagerImpl.defaultAdmin)) { - String msg = "Invalid Request: Default Network Admin User " - + "cannot be added"; - logger.debug(msg); - return new Status(StatusCode.NOTALLOWED, msg); - } localUserConfigList.put(AAAconf.getUser(), AAAconf); } - return new Status(StatusCode.SUCCESS, null); + return new Status(StatusCode.SUCCESS); } private Status addRemoveAAAServer(ServerConfig AAAconf, boolean delete) { @@ -533,7 +550,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader, remoteServerConfigList.put(AAAconf.getAddress(), AAAconf); } - return new Status(StatusCode.SUCCESS, null); + return new Status(StatusCode.SUCCESS); } private Status addRemoveAuthInfo(AuthorizationConfig AAAconf, boolean delete) { @@ -552,7 +569,7 @@ public class UserManagerImpl implements IUserManager, IObjectReader, authorizationConfList.put(AAAconf.getUser(), AAAconf); } - return new Status(StatusCode.SUCCESS, null); + return new Status(StatusCode.SUCCESS); } @Override @@ -570,9 +587,11 @@ public class UserManagerImpl implements IUserManager, IObjectReader, if (userName == null || userName.trim().isEmpty()) { return new Status(StatusCode.BADREQUEST, "Invalid user name"); } + if (!localUserConfigList.containsKey(userName)) { return new Status(StatusCode.NOTFOUND, "User does not exist"); } + return addRemoveLocalUser(localUserConfigList.get(userName), true); } @@ -950,11 +969,10 @@ public class UserManagerImpl implements IUserManager, IObjectReader, } if (success) { - return new Status(StatusCode.SUCCESS, null); + return new Status(StatusCode.SUCCESS); } - return new Status(StatusCode.INTERNALERROR, - "Failed to save user configurations"); + return new Status(StatusCode.INTERNALERROR, "Failed to save user configurations"); } @Override -- 2.36.6