Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
RONCC
/
Big-Data-HPC-Platform
Pridať medzi pozorované 1
Hviezda 0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Prechádzať zdrojové kódy

HPCC-16180 addscopes should offer the option to clear ldap cache

Currently when addScopes is run to add private LDAP file scopes, they changes
are not visible until the caches (ESP and Dali)recycles.  This PR adds a new command line
option ( -c ) which, when specified, will clear the permission cache
making the changes immediately visible.

Signed-off-by: Russ Whitehead <william.whitehead@lexisnexis.com>
Russ Whitehead 8 rokov pred
rodič
d2de2c1fa7
commit
943cedeec4
2 zmenil súbory, kde vykonal 32 pridanie a 4 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 3 1
      tools/addScopes/CMakeLists.txt
  2. 29 3
      tools/addScopes/addScopes.cpp

+ 3 - 1
tools/addScopes/CMakeLists.txt
Zobraziť súbor 

@@ -34,7 +34,9 @@ include_directories (
 
          ./../../system/security/LdapSecurity
 
          ./../../system/security/shared 
          ./../../system/jlib 
-         ./../../system/include 
+         ./../../system/include
 
+         ./../../dali/base
 
+         ./../../system/mp
 
     )
 
 
 ADD_DEFINITIONS( -D_CONSOLE )

+ 29 - 3
tools/addScopes/addScopes.cpp
Zobraziť súbor 

@@ -18,6 +18,7 @@
 
 #include "seclib.hpp"
 
 #include "ldapsecurity.hpp"
 
 #include "jliball.hpp"
 
+#include "dasess.hpp"
 
 
 #ifndef _WIN32
 
 #include <unistd.h>
 
@@ -25,10 +26,10 @@
 
 
 int main(int argc, char* argv[])
 
 {
 
-    if(argc != 2)
 
+    if(argc < 2  || argc > 3)
 
     {
 
-        printf("usage: addScopes daliconf.xml\n");
 
-        printf("\n\tCreates all user-specific LDAP private file scopes 'hpccinternal::<user>'\n\tand grants users access to their scope. The configuration file\n\tdaliconf.xml is the dali configuration file, typically\n\tfound in /var/lib/HPCCSystems/mydali\n\n");
 
+        printf("usage: addScopes daliconf.xml [-c]\n");
 
+        printf("\n\tCreates all user-specific LDAP private file scopes 'hpccinternal::<user>'\n\tand grants users access to their scope. The configuration file\n\tdaliconf.xml is the dali configuration file, typically\n\tfound in /var/lib/HPCCSystems/mydali\n\tSpecify -c to make changes immediately visible by clearing permission caches\n\n");
 
         return -1;
 
     }
 
 
@@ -55,6 +56,31 @@ int main(int argc, char* argv[])
 
         }
 
         bool ok = secmgr->createUserScopes();
 
         printf(ok ? "User scopes added\n" : "Some scopes not added\n");
 
+
 
+        //Clear permission caches?
 
+        if (argc > 2 && 0==stricmp(argv[2], "-c"))
 
+        {
 
+            //Clear ESP Cache
 
+            StringBuffer sysuser;
 
+            StringBuffer passbuf;
 
+            seccfg->getProp(".//@systemUser", sysuser);
 
+            seccfg->getProp(".//@systemPassword", passbuf);
 
+
 
+            Owned<ISecUser> user = secmgr->createUser(sysuser.str());
 
+            ISecCredentials& cred = user->credentials();
 
+            StringBuffer decPwd;
 
+            decrypt(decPwd, passbuf.str());
 
+            cred.setPassword(decPwd.str());
 
+            secmgr->clearPermissionsCache(*user);
 
+            printf(ok ? "ESP Cache cleared\n" : "Error clearing ESP Cache\n");
 
+
 
+            //Clear Dali cache
 
+            Owned<IUserDescriptor> userdesc;
 
+            userdesc.setown(createUserDescriptor());
 
+            userdesc->set(sysuser, decPwd);
 
+            ok = querySessionManager().clearPermissionsCache(userdesc);
 
+            printf(ok ? "Dali Cache cleared\n" : "Error clearing Dali Cache\n");
 
+        }
 
 #endif
 
     }
 
     catch(IException* e)