ac2 - createUser in the DAO no longer returns the User

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java

@@ -100,7 +100,7 @@ public interface UserPersistence<T extends Principal>
      * @throws TransientException If an temporary, unexpected problem occurred.
      * @throws AccessControlException If the operation is not permitted.
      */
-    User<T> addUser(UserRequest<T> user)
+    void addUser(UserRequest<T> user)
         throws TransientException, AccessControlException,
                UserAlreadyExistsException;
 

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java

@@ -284,7 +284,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
      * @throws AccessControlException     If the operation is not permitted.
      * @throws UserAlreadyExistsException If the user already exists.
      */
-    public User<T> addUser(final UserRequest<T> userRequest)
+    public void addUser(final UserRequest<T> userRequest)
             throws TransientException, UserAlreadyExistsException
     {
         DN userDN;
@@ -301,19 +301,6 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
 
             userDN = getUserRequestsDN(userID.getName());
             addUser(userRequest, userDN);
-
-            // AD: Search results sometimes come incomplete if
-            // connection is not reset - not sure why.
-            getConnection().reconnect();
-            try
-            {
-                return getUser(userID, config.getUserRequestsDN());
-            }
-            catch (UserNotFoundException e)
-            {
-                throw new RuntimeException("BUG: new user " + userDN.toNormalizedString() +
-                    " not found");
-            }
         }
         catch (LDAPException e)
         {
@@ -507,9 +494,13 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
                                       searchField, userAttribs);
             if (proxy && isSecure(usersDN))
             {
-                searchRequest.addControl(
-                        new ProxiedAuthorizationV2RequestControl(
-                                "dn:" + getSubjectDN().toNormalizedString()));
+                String proxyDN = "dn:" + getSubjectDN().toNormalizedString();
+                logger.debug("Proxying auth as: " + proxyDN);
+                searchRequest.addControl(new ProxiedAuthorizationV2RequestControl(proxyDN));
+            }
+            else
+            {
+                logger.debug("Not proxying authorization");
             }
 
             searchResult = getConnection().searchForEntry(searchRequest);
@@ -530,9 +521,18 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
         user.getIdentities().add(new HttpPrincipal(
                 searchResult.getAttributeValue(
                        userLdapAttrib.get(HttpPrincipal.class))));
-        user.getIdentities().add(new NumericPrincipal(
-                searchResult.getAttributeValueAsLong(
-                        userLdapAttrib.get(NumericPrincipal.class))));
+
+        Long numericID = searchResult.getAttributeValueAsLong(userLdapAttrib.get(NumericPrincipal.class));
+        logger.debug("Numeric id is: " + numericID);
+        if (numericID == null)
+        {
+            // If the numeric ID does not return it means the user
+            // does not have permission
+            throw new AccessControlException("Permission denied");
+        }
+        NumericPrincipal numericPrincipal = new NumericPrincipal(numericID);
+        user.getIdentities().add(numericPrincipal);
+
         user.getIdentities().add(new X500Principal(
                 searchResult.getAttributeValue(
                         userLdapAttrib.get(X500Principal.class))));

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java

@@ -126,7 +126,7 @@ public class LdapUserPersistence<T extends Principal>
      * @throws TransientException If an temporary, unexpected problem occurred.
      * @throws AccessControlException If the operation is not permitted.
      */
-    public User<T> addUser(UserRequest<T> user)
+    public void addUser(UserRequest<T> user)
         throws TransientException, AccessControlException,
                UserAlreadyExistsException
     {
@@ -134,7 +134,7 @@ public class LdapUserPersistence<T extends Principal>
         try
         {
             userDAO = new LdapUserDAO<T>(this.config);
-            return userDAO.addUser(user);
+            userDAO.addUser(user);
         }
         finally
         {

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/CreateUserAction.java

@@ -93,10 +93,10 @@ public class CreateUserAction extends AbstractUserAction
     {
         final UserPersistence<Principal> userPersistence = getUserPersistence();
         final UserRequest<Principal> userRequest = readUserRequest(this.inputStream);
-        final User<Principal> newUser = userPersistence.addUser(userRequest);
+        userPersistence.addUser(userRequest);
 
         syncOut.setCode(201);
-        logUserInfo(newUser.getUserID().getName());
+        logUserInfo(userRequest.getUser().getUserID().getName());
     }
 
 }

projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAOTest.java

@@ -194,7 +194,10 @@ public class LdapUserDAOTest extends AbstractLdapDAOTest
         subject.getPrincipals().add(testUser.getUserID());
 
         final LdapUserDAO<HttpPrincipal> userDAO = getUserDAO();
-        User<HttpPrincipal> actual = userDAO.addUser(userRequest);
+        userDAO.addUser(userRequest);
+
+        User<HttpPrincipal> actual = userDAO.getPendingUser(userRequest.getUser().getUserID());
+
         check(expected, actual);
     }