Fleshing out the Specification for multi-owner tasks in the BrainBox
by Adam Young
(E2) Candlepin should support a multi-owner (multi-org/multi-tenant) model
From a data modle perspecitive, we need some way of representing an
organization, and the ability to delegate authority down the tree, as
well as revoke that authority.
I'm going to state the obvious: a system like this will, at some point,
have to tie in with a directory server(DS). We'll need to determine what
set of information we cache from the DS as well as tree traversal strategy
do we read the whole tree on demand or read it up front...
do we register for events that change the tree
Assuming that we need to continue to run in stand alone (no LDAP) mode
for the most part, we want to have an analogue for each of the classes in
http://admiyo.fedorapeople.org/PartyPattern.png
I know that we have some work being done in the authentication side of
things, and I'd like to avoid duplicating effort there.
1. As a client, I would like to create the consumer for a specified owner.
This says to me that a person in an organiztion higher in the tree needs
to create one for an organization at the same level or lower in the tree.
2. As an on premise admin, I would like to load 2 different "satcerts"
for 2 different owners.
3. As a security person, I want to ensure a user from owner 1 can not
access data for owner.
4. As a security person, I want to ensure that a consumer from one owner
can not access the subscriptions from another owner
To do this, we need to filter the enumeration of certain entities
based on the organization of a given user. THis is a specific
application of the Role-Action-Resource portion of the linked diagram.
Actions should mostly map to
"person with role can read resource"
and
"person with role can modify resource"
And such should be on GET vs PUT, POST, and DELETE.
Note that a course grained poicy can be built out of fine grained
permissions. Actions (as specified in the above diagram) map to HTTP
verbs, and Resources (specified above) map to the URL based Methods on
the Resource. We then bundle up groups of those permissions in roles,
as well as the ability to dynamically add and remove them from an owner.
14 years, 1 month
unit tests slow
by jesus rodriguez
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hibernate was configured to use log4j recently, and our rootLogger
was configured at DEBUG causing EVERYTHING to log.
rootLogger = DEBUG - 2m22.025s
Changing rootLogger to WARN helps a lot:
rootLogger = WARN - 31.567s
Changing the output format to use %c instead of %C:
ConversionPattern=...%c... - 30.461s
This is still with org.fedorahosted.candlepin=DEBUG so we
still see all of our debug output if we want.
jesus
PS my times were all running 'buildr clean test > output'
slightly higher times if you output to the terminal.
- --
jesus m. rodriguez | jesusr(a)redhat.com
principal software engineer | irc: zeus
red hat systems management | 919.754.4413 (w)
rhce # 805008586930012 | 919.623.0080 (c)
+---------------------------------------------+
| "Those who cannot remember the past |
| are condemned to repeat it." |
| -- George Santayana |
+---------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkuyI/cACgkQvJZ57YntiYNG0gCeKrIyKE8YXn7fWnv2p7RTz4Y8
OPYAoLBFS88yFiMgiev6ENB3newtcvX7
=d7Wp
-----END PGP SIGNATURE-----
14 years, 1 month
Good Rest Link, and idea on delete
by Bryan Kearney
So.. here i a good REST link. Peruse it and the ones linked off of it.
http://www.amundsen.com/blog/archives/1040
I am wondering if we actualy support the DEL item. And, if we implement
storing deleted items as "TERMINATED" then we could expose this with
special media types:
application/json+terminated
or something to that effect.
-- bk
14 years, 1 month
Reviewing the customer create path
by Bryan Kearney
I took my own advice.. And reviewed one of the existing stories. I have
a bunch of comments below.
Reviewing the Create Consumer Code
==================================
ConsumerResource
----------------
- I assume the owner creation code in the ctor should be a fixme.
- Should the Identity cert creation go into the Curator? This seems like
business logic.
- In general, many of these classes actually implement business logic
(much of the bind logic). Should this move into a lower level business
curator? Perhaps there are other interim curators like the entitler.
Although the binder is probably a bad name :)
- Any reason to not rip out the commented out code blocks for the old
methods?
IdentityCertAdapter
-------------------
- Currently, the adapter needs to (1) Generate and (2) Persist the new
certficate in the IdentityCertificate database. Do we want the candlepin
engine proper to actually do the persisting? It seems like this is a
little bit too much bleed over across the API.
Default Identity Certificate
----------------------------
- nextSerialNumber has a bit of a race condition :)
- why is username in the DN?
-- bk
14 years, 1 month
I hereby dub this THE BUG (at least for now)
by Adam Young
The inconsistancy with the consumed field has strechedinto its third
day, and is going to pass over the weekend. Not something that makes me
happy. Here's what I've learned:
We are property committing the transactions. I see the commit call
in the Java code, and the value in the database
There are multiple objects of Class Pool that are used to hold the
Pool with ID 4 (prodid='virtualization_host') with different values for
consumed. While there should be multiple instances, there should be one
per session, created after the start of the http request that access
them. This request should fetch the value from the Databse...or some
more complicated cache consistancy protocol should take effect, but I
have yet to see any indication of that.
I see two updates of the cp_pool table, which map to the bump and
dock calls. But in between, there is no corresponding select, which
means that if the value is written to the databse, it is never read out
again.
The object used for the bump call is not the same as the object used
for the dock call.
I asked mazz about it. Here's his explanation of how things work in
rhq, which shouldn't be that different from what we are doing:
"I'm used to being in the EJB3 world - whenever a new tx is started in
an EJB3 method, that starts with an empty cache. As you "do things" with
hib/jpa, the cache is populated. If you entityManager.clear(), you clear
the cache - otherwise, the cache maintains its state until that tx is
committed (i.e. you leave the tx context by say returning from the EJB3
method) you can layer another level of cache on top of this (like
ehcache) for cluster caching and things, and I don't know how this
works with extended persistence contexts in JPA. that's where a session
extends past tx boundaries"
I think we were lucky to catch this early, as it could well have burnt
us post production.
One hypothesis is that the dock call is using a session that started
before the bump call, and so has a version of the pool that pre-exists
the bump call. WHy that would be, I don't know.
I put a breakpoint on the constructors for Pool. Sometimes the no-arg
constructor gets called between bump and dock, but not always.
Happy Passover.
14 years, 1 month
I Assume this needs a big ole fixme
by Bryan Kearney
This is in the ctor of the consumer resource.
if (username != null) {
this.owner = ownerCurator.lookupByName(username);
if (owner == null) {
owner = ownerCurator.create(new Owner(username));
}
}
I assume this should be FIXME?
-- bk
14 years, 1 month
Hibernate not committing between requests
by Adam Young
I have a nosetest that bascially does the following
get Pool
create entitlement
get Pool
unbind entitlement
So four http calls. The create and unbind calls change the consumed
quantity of the pool object. I've been seeing inconsistant values for this.
I did full SQL logging, and I've been looking for any insert or
update statements. Here's what I get:
[ayoung@ayoung candlepin]$ grep -i insert /tmp/catalina.out
Hibernate: insert into cp_consumer (consumer_idcert_id, name, owner_id,
parent_consumer_id, type_id, uuid, id) values (?, ?, ?, ?, ?, ?, ?)
Hibernate: insert into cp_id_cert (cert, key, serial, id) values (?, ?,
?, ?)
[ayoung@ayoung candlepin]$ grep -i update /tmp/catalina.out
Hibernate: update cp_consumer set consumer_idcert_id=?, name=?,
owner_id=?, parent_consumer_id=?, type_id=?, uuid=? where id=?
No updates, no inserts. I've marked each of the Resource methods as
@Transactional, and tried that on merthods inside the Entitler as well.
No love. Hibernate is transaction resistant. Thi
14 years, 1 month
