AddUserCommand.java

package org.ovirt.engine.core.bll;

import java.util.Collections;
import java.util.Map;

import org.ovirt.engine.core.bll.adbroker.AdActionType;
import org.ovirt.engine.core.bll.adbroker.LdapFactory;
import org.ovirt.engine.core.bll.adbroker.LdapSearchByIdParameters;
import org.ovirt.engine.core.common.AuditLogType;
import org.ovirt.engine.core.common.VdcObjectType;
import org.ovirt.engine.core.common.action.AddUserParameters;
import org.ovirt.engine.core.common.businessentities.AdUser;
import org.ovirt.engine.core.common.businessentities.ad_groups;
import org.ovirt.engine.core.compat.Guid;
import org.ovirt.engine.core.dal.VdcBllMessages;

public class AddUserCommand<T extends AddUserParameters> extends CommandBase<T> {

    public AddUserCommand(T params) {
        super(params);
    }

    @Override
    public AuditLogType getAuditLogTypeValue() {
        return getSucceeded() ? AuditLogType.USER_ADD : AuditLogType.USER_FAILED_ADD_ADUSER;
    }

    @Override
    protected boolean canDoAction() {
        Guid userId = null;
        String domain = null;
        if (getParameters().getVdcUser() != null) {
            AddCustomValue("NewUserName", getParameters().getVdcUser().getUserName());
            userId = getParameters().getVdcUser().getUserId();
            domain = getParameters().getVdcUser().getDomainControler();
            AdUser adUser = (AdUser) LdapFactory.getInstance(domain).RunAdAction(AdActionType.GetAdUserByUserId,
                    new LdapSearchByIdParameters(domain, userId)).getReturnValue();
            if (adUser == null) {
                addCanDoActionMessage(VdcBllMessages.USER_MUST_EXIST_IN_DIRECTORY);
                return false;
            }
            // set the AD user on the parameters to save another roundtrip to the AD when adding the user
            getParameters().setAdUser(adUser);
        } else if (getParameters().getAdGroup() != null) {
            AddCustomValue("NewUserName", getParameters().getAdGroup().getname());
            userId = getParameters().getAdGroup().getid();
            domain = getParameters().getAdGroup().getdomain();
            ad_groups adGroup =
                    (ad_groups) LdapFactory.getInstance(domain).RunAdAction(AdActionType.GetAdGroupByGroupId,
                    new LdapSearchByIdParameters(domain, userId)).getReturnValue();
            if (adGroup == null) {
                addCanDoActionMessage(VdcBllMessages.USER_MUST_EXIST_IN_DIRECTORY);
                return false;
            }
        }

        if (userId == null) {
            addCanDoActionMessage(VdcBllMessages.MISSING_DIRECTORY_ELEMENT_ID);
            return false;
        }

        return true;
    }

    @Override
    protected void executeCommand() {
        if (getParameters().getVdcUser() != null) {
            UserCommandBase.persistAuthenticatedUser(getParameters().getAdUser());
        }
        // try to add group to db if adGroup sent
        else if (getParameters().getAdGroup() != null) {
            AdGroupsHandlingCommandBase.initAdGroup(getParameters().getAdGroup());
        }
        setSucceeded(true);
    }

    @Override
    public Map getPermissionCheckSubjects() {
        return Collections.singletonMap(MultiLevelAdministrationHandler.SYSTEM_OBJECT_ID, VdcObjectType.System);
    }
}