Work in progress

fanf · Sep 21, 2021 · 7b8d112 · 7b8d112
1 parent deed8c5
commit 7b8d112
Show file tree

Hide file tree

Showing 16 changed files with 1,094 additions and 246 deletions.
diff --git a/webapp/sources/rudder/rudder-core/src/main/resources/ldap/init-policy-server.ldif b/webapp/sources/rudder/rudder-core/src/main/resources/ldap/init-policy-server.ldif
@@ -220,9 +220,9 @@ isSystem: TRUE
 directivePriority: 0
 directiveVariable: OWNER[0]:${rudder.node.admin}
 directiveVariable: UUID[0]:${rudder.node.id}
-directiveVariable: POLICYSERVER[0]:%%POLICY_SERVER_HOSTNAME%%
-directiveVariable: POLICYSERVER_ID[0]:root
-directiveVariable: POLICYSERVER_ADMIN[0]:root
+directiveVariable: POLICYSERVER[0]:${rudder.node.hostname}
+directiveVariable: POLICYSERVER_ID[0]:${rudder.node.id}
+directiveVariable: POLICYSERVER_ADMIN[0]:${rudder.node.admin}
 
 #######################################################################################################################
 ## Allowed networks for root server: init corresponding setting in ou=Application Properties

diff --git a/...udder/rudder-core/src/main/scala/com/normation/rudder/domain/logger/MigrationLogger.scala b/...udder/rudder-core/src/main/scala/com/normation/rudder/domain/logger/MigrationLogger.scala
@@ -37,8 +37,9 @@
 
 package com.normation.rudder.domain.logger
 
-import org.slf4j.LoggerFactory
+import com.normation.NamedZioLogger
 
+import org.slf4j.LoggerFactory
 import com.normation.rudder.domain.Constants.XML_CURRENT_FILE_FORMAT
 import com.normation.rudder.migration.MigrableEntity
 
@@ -66,3 +67,7 @@ final case class MigrationLogger(
     _logger.debug(s"Successfully migrated ${seq.size} eventlogs to format ${goal}")
   }
 }
+
+object MigrationLoggerPure extends NamedZioLogger {
+  def loggerName = "migration"
+}
diff --git a/...dder/rudder-core/src/main/scala/com/normation/rudder/services/nodes/NodeInfoService.scala b/...dder/rudder-core/src/main/scala/com/normation/rudder/services/nodes/NodeInfoService.scala
@@ -126,7 +126,7 @@ trait NodeInfoService {
 
 
   /**
-   * Return the number of managed (ie non policy server, no rudder role )nodes.
+   * Return the number of managed (ie non policy server, no rudder role nodes.
    * Implementation of that method must as efficient as possible.
    * It can't fails (implementation must use a sane default if backend is not accessible,
    * or cache the information)

diff --git a/.../src/main/scala/com/normation/rudder/services/servers/PolicyServerManagementService.scala b/.../src/main/scala/com/normation/rudder/services/servers/PolicyServerManagementService.scala
@@ -39,9 +39,11 @@ package com.normation.rudder.services.servers
 
 import com.normation.inventory.domain.NodeId
 import com.normation.rudder.domain.Constants
+
 import net.liftweb.common.Loggable
 import com.normation.eventlog.EventActor
 import com.normation.eventlog.ModificationId
+
 import ca.mrvisser.sealerate
 import cats.data.NonEmptyList
 import com.normation.cfclerk.domain.TechniqueName
@@ -50,13 +52,16 @@ import com.normation.ldap.sdk.LDAPConnectionProvider
 import com.normation.ldap.sdk.RwLDAPConnection
 import com.normation.rudder.domain.RudderDit
 import com.normation.rudder.domain.logger.ApplicationLogger
+
 import com.unboundid.ldap.sdk.DN
 import net.liftweb.common.Failure
 import net.liftweb.common.Full
+
 import zio._
 import zio.syntax._
 import com.normation.errors._
 import com.normation.eventlog.EventLogDetails
+import com.normation.ldap.sdk.LDAPEntry
 import com.normation.rudder.domain.RudderLDAPConstants
 import com.normation.rudder.domain.appconfig.RudderWebPropertyName
 import com.normation.rudder.domain.eventlog.AuthorizedNetworkModification
@@ -84,9 +89,11 @@ import com.normation.rudder.domain.queries.Query
 import com.normation.rudder.domain.queries.StringComparator
 import com.normation.rudder.repository.EventLogRepository
 import com.normation.rudder.rule.category.RuleCategoryId
+
 import com.normation.zio._
 import zio.json._
 import com.normation.rudder.services.servers.json._
+
 import com.softwaremill.quicklens._
 import net.liftweb.common.Box
 
@@ -316,16 +323,31 @@ class PolicyServerManagementServiceImpl(
    */
   val lock = Semaphore.make(1).runNow
 
+
+
+  private def getDefaultSettingEntryIfMissing = {
+    val entry = dit.APPCONFIG.propertyModel(RudderWebPropertyName(PROP_NAME))
+    entry.resetValuesTo(RudderLDAPConstants.A_PROPERTY_VALUE, """[{"id":"root","allowed-networks":[]}]""")
+    entry
+  }
+
   private def getLdap(con: RwLDAPConnection) = {
     for {
-      entry   <- con.get(dit.APPCONFIG.propertyDN(RudderWebPropertyName(PROP_NAME))).notOptional(s"LDAP setting entry ${PROP_NAME} was not found. It may be a bug, please report it.")
+      entry   <- con.get(dit.APPCONFIG.propertyDN(RudderWebPropertyName(PROP_NAME))).map {
+                   case Some(e) => e
+                   case None    => getDefaultSettingEntryIfMissing
+                 }
       json    <- entry(RudderLDAPConstants.A_PROPERTY_VALUE).notOptional(s"Value for policy servers is empty, while we should always have root server defined. It may be a bug, please report it.")
       servers <- json.fromJson[JPolicyServers].toIO
     } yield {
       (entry, servers.toPolicyServers())
     }
   }
 
+  /*
+   * Get policy servers. If the setting property is missing (for example in migration), returns just root with
+   * no allowed networks.
+   */
   override def getPolicyServers(): IOResult[PolicyServers] = {
     for {
       con     <- ldap
@@ -490,17 +512,17 @@ object PolicyServerConfigurationObjects {
   }
 
   val relayTechniques = List("server-common", "rudder-service-apache","rudder-service-relayd")
-  val rootTechniques = List("rudder-service-postgresql","rudder-service-slapd","rudder-service-webapp")
+  val rootTechniques = List("rudder-service-postgresql","rudder-service-slapd","rudder-service-webapp") ::: relayTechniques
 
-  def directiveCommonHasPolicyServer(nodeId: NodeId, hostname: String, policyServerId: NodeId) = {
+  def directiveCommonHasPolicyServer(nodeId: NodeId) = {
     TechniqueName("common") ->
       s"common-hasPolicyServer-${nodeId.value}".toDirective
         .modify(_.parameters).setTo(Map(
              "OWNER"              -> Seq("${rudder.node.admin}")
            , "UUID"               -> Seq("${rudder.node.id}")
-           , "POLICYSERVER"       -> Seq(hostname)
-           , "POLICYSERVER_ID"    -> Seq(policyServerId.value)
-           , "POLICYSERVER_ADMIN" -> Seq("root")
+           , "POLICYSERVER"       -> Seq("${rudder.node.hostname}")
+           , "POLICYSERVER_ID"    -> Seq("${rudder.node.id}")
+           , "POLICYSERVER_ADMIN" -> Seq("${rudder.node.admin}")
          ))
         .modify(_.name).setTo(s"Common - ${nodeId.value}")
         .modify(_.shortDescription).setTo(s"Common policy for nodes with '${nodeId.value}' for policy server")
@@ -575,18 +597,17 @@ object PolicyServerConfigurationObjects {
   }
 
   /*
-   * Get system configuration objects (directives, groups, rules) for policyServerId with given hostname.
-   * parentPolicyServerId is the policyServer'policyServer (and for root, it's itself)
+   * Get system configuration objects (directives, groups, rules) for policyServerId
    */
-  def getConfigurationObject(policyServerId: NodeId, hostname: String, parentPolicyServerId: NodeId): PolicyServerConfigurationObjects = {
+  def getConfigurationObject(policyServerId: NodeId): PolicyServerConfigurationObjects = {
     val techniques = if(policyServerId == Constants.ROOT_POLICY_SERVER_ID) {
       rootTechniques
     } else {
       relayTechniques
     }
 
     PolicyServerConfigurationObjects(
-        Map(directiveServerCommon(policyServerId), directiveCommonHasPolicyServer(policyServerId, hostname, parentPolicyServerId))
+        Map(directiveServerCommon(policyServerId), directiveCommonHasPolicyServer(policyServerId))
           ++ directiveServices(policyServerId).filter { case (t, d) => techniques.contains(t.value) }
       , groupHasPolicyServer(policyServerId) :: Nil
       , PolicyServerTarget(policyServerId) :: Nil

diff --git a/...er/rudder-core/src/test/scala/com/normation/rudder/repository/ldap/LoadDemoDataTest.scala b/...er/rudder-core/src/test/scala/com/normation/rudder/repository/ldap/LoadDemoDataTest.scala
@@ -53,20 +53,6 @@ import com.normation.ldap.sdk.RwLDAPConnection
 @RunWith(classOf[JUnitRunner])
 class LoadDemoDataTest extends Specification {
 
-  val schemaLDIFs = (
-      "00-core" ::
-      "01-pwpolicy" ::
-      "04-rfc2307bis" ::
-      "05-rfc4876" ::
-      "099-0-inventory" ::
-      "099-1-rudder"  ::
-      Nil
-  ) map { name =>
-    // toURI is needed for https://issues.rudder.io/issues/19186
-    this.getClass.getClassLoader.getResource("ldap-data/schema/" + name + ".ldif").toURI.getPath
-  }
-
-  val baseDN = "cn=rudder-configuration"
   val bootstrapLDIFs = ("ldap/bootstrap.ldif" :: "ldap-data/inventory-sample-data.ldif" :: Nil) map { name =>
     // toURI is needed for https://issues.rudder.io/issues/19186
     this.getClass.getClassLoader.getResource(name).toURI.getPath
@@ -80,12 +66,7 @@ class LoadDemoDataTest extends Specification {
     i + x
   }
 
-  val ldap = InMemoryDsConnectionProvider[RwLDAPConnection with RoLDAPConnection](
-      baseDNs = baseDN :: Nil
-    , schemaLDIFPaths = schemaLDIFs
-    , bootstrapLDIFPaths = bootstrapLDIFs
-  )
-
+  val ldap = InitTestLDAPServer.newLdapConnectionProvider(bootstrapLDIFs)
 
   "The in memory LDAP directory" should {
 
@@ -95,3 +76,28 @@ class LoadDemoDataTest extends Specification {
     }
   }
 }
+
+object InitTestLDAPServer {
+  val schemaLDIFs = (
+      "00-core" ::
+      "01-pwpolicy" ::
+      "04-rfc2307bis" ::
+      "05-rfc4876" ::
+      "099-0-inventory" ::
+      "099-1-rudder"  ::
+      Nil
+  ) map { name =>
+    // toURI is needed for https://issues.rudder.io/issues/19186
+    this.getClass.getClassLoader.getResource("ldap-data/schema/" + name + ".ldif").toURI.getPath
+  }
+
+  val baseDN = "cn=rudder-configuration"
+
+  def newLdapConnectionProvider(fullLdifPaths: List[String]) = {
+    InMemoryDsConnectionProvider[RwLDAPConnection with RoLDAPConnection](
+        baseDNs = baseDN :: Nil
+      , schemaLDIFPaths = schemaLDIFs
+      , bootstrapLDIFPaths = fullLdifPaths
+    )
+  }
+}
diff --git a/...er/rudder-core/src/test/scala/com/normation/rudder/services/policies/NodeConfigData.scala b/...er/rudder-core/src/test/scala/com/normation/rudder/services/policies/NodeConfigData.scala
@@ -746,9 +746,9 @@ class TestNodeConfiguration(prefixTestResources: String = "") {
     , Map(
         ("OWNER", Seq("${rudder.node.admin}"))
       , ("UUID", Seq("${rudder.node.id}"))
-      , ("POLICYSERVER_ID", Seq("${rudder.node.policyserver.id}"))
-      , ("POLICYSERVER", Seq("${rudder.node.policyserver.hostname}"))
-      , ("POLICYSERVER_ADMIN", Seq("${rudder.node.policyserver.admin}"))
+      , ("POLICYSERVER_ID", Seq("${rudder.node.id}"))
+      , ("POLICYSERVER", Seq("${rudder.node.hostname}"))
+      , ("POLICYSERVER_ADMIN", Seq("${rudder.node.admin}"))
       )
     , "common-root"
     , "", None, "", 5, true, true

diff --git a/webapp/sources/rudder/rudder-rest/src/test/scala/com/normation/rudder/MockServices.scala b/webapp/sources/rudder/rudder-rest/src/test/scala/com/normation/rudder/MockServices.scala
@@ -308,9 +308,9 @@ class MockDirectives(mockTechniques: MockTechniques) {
       , Map(
           ("OWNER", Seq("${rudder.node.admin}"))
         , ("UUID", Seq("${rudder.node.id}"))
-        , ("POLICYSERVER_ID", Seq("${rudder.node.policyserver.id}"))
-        , ("POLICYSERVER", Seq("${rudder.node.policyserver.hostname}"))
-        , ("POLICYSERVER_ADMIN", Seq("${rudder.node.policyserver.admin}"))
+        , ("POLICYSERVER_ID", Seq("${rudder.node.id}"))
+        , ("POLICYSERVER", Seq("${rudder.node.hostname}"))
+        , ("POLICYSERVER_ADMIN", Seq("${rudder.node.admin}"))
         )
       , "common-root"
       , "", None, "", 5, true, true // short desc / policyMode / long desc / prio / enabled / system

diff --git a/webapp/sources/rudder/rudder-web/pom.xml b/webapp/sources/rudder/rudder-web/pom.xml
@@ -276,5 +276,13 @@ along with Rudder.  If not, see <http://www.gnu.org/licenses/>.
       <version>${spring-security-version}</version>
     </dependency>
 
+    <!-- TESTS -->
+    <dependency>
+      <groupId>com.normation.rudder</groupId>
+      <artifactId>rudder-core</artifactId>
+      <version>${rudder-version}</version>
+      <classifier>tests</classifier>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 </project>
diff --git a/webapp/sources/rudder/rudder-web/src/main/scala/bootstrap/liftweb/RudderConfig.scala b/webapp/sources/rudder/rudder-web/src/main/scala/bootstrap/liftweb/RudderConfig.scala
@@ -2294,7 +2294,6 @@ object RudderConfig extends Loggable {
     // Check technique library reload needs to be achieved after modification in configuration (like migration of CFEngine variables)
     , new CheckTechniqueLibraryReload(
           techniqueRepositoryImpl
-        , asyncDeploymentAgent
         , uuidGen
       )
     , new CheckNcfTechniqueUpdate(

diff --git a/...dder-web/src/main/scala/bootstrap/liftweb/checks/action/CheckTechniqueLibraryReload.scala b/...dder-web/src/main/scala/bootstrap/liftweb/checks/action/CheckTechniqueLibraryReload.scala
@@ -39,7 +39,6 @@ package bootstrap.liftweb.checks.action
 
 import com.normation.cfclerk.services.UpdateTechniqueLibrary
 import com.normation.eventlog.ModificationId
-import com.normation.rudder.batch.AsyncDeploymentActor
 import com.normation.rudder.domain.eventlog.RudderEventActor
 import com.normation.utils.StringUuidGenerator
 
@@ -55,9 +54,8 @@ import java.io.File
  * This needs to be achieved after all tasks that could modify configuration are done
  */
 class CheckTechniqueLibraryReload(
-    techniqueLibUpdater  : UpdateTechniqueLibrary
-  , asyncDeploymentAgent : AsyncDeploymentActor
-  , uuidGen              : StringUuidGenerator
+    techniqueLibUpdater: UpdateTechniqueLibrary
+  , uuidGen            : StringUuidGenerator
 ) extends BootstrapChecks {
 
   override val description = "Check for force reload of Techniques library"