dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Blob Blame History Raw
From 6c1e606c3e9da9910554e48a6409a9b3001deedb Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Fri, 4 Sep 2015 09:27:17 +0200
Subject: [PATCH 75/87] DP: Provide a way to mark subdomain as disabled and
 auto-enable it later with offline_timeout
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https://fedorahosted.org/sssd/ticket/2637

Adds a new Data Provider function be_mark_dom_offline() that is a
replacement for be_mark_offline(). When called, the function would
either set the whole back end offline, just like be_mark_offline or just
set the subdomain status to inactive.

When a subdomain is inactive, there is a singleton timed task that would
re-set the subdomin after offline_timeout seconds.

Reviewed-by: Pavel Březina <pbrezina@redhat.com>
---
 Makefile.am                              |  26 +++
 src/providers/data_provider_be.c         | 102 +++++++++++-
 src/providers/dp_backend.h               |   1 +
 src/tests/cmocka/test_data_provider_be.c | 275 +++++++++++++++++++++++++++++++
 4 files changed, 395 insertions(+), 9 deletions(-)
 create mode 100644 src/tests/cmocka/test_data_provider_be.c

diff --git a/Makefile.am b/Makefile.am
index e1102333b019e32c516c59c5fa969c970b688737..4e80701872c0e4e1391f0c6de8a2f68e719f8236 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -236,6 +236,7 @@ if HAVE_CMOCKA
         test_ipa_subdom_server \
         test_krb5_wait_queue \
         test_cert_utils \
+        test_data_provider_be \
         $(NULL)
 
 if HAVE_LIBRESOLV
@@ -2603,6 +2604,31 @@ test_cert_utils_LDADD = \
     libsss_cert.la \
     libsss_crypt.la \
     $(NULL)
+
+test_data_provider_be_SOURCES = \
+    $(sssd_be_SOURCES) \
+    src/tests/cmocka/test_data_provider_be.c \
+    src/tests/cmocka/common_mock_be.c \
+    $(NULL)
+test_data_provider_be_CFLAGS = \
+    $(AM_CFLAGS) \
+    -DUNIT_TESTING \
+    $(CRYPTO_CFLAGS) \
+    $(NULL)
+test_data_provider_be_LDFLAGS = \
+    -Wl,-wrap,_tevent_add_timer \
+    $(NULL)
+test_data_provider_be_LDADD = \
+    $(CMOCKA_LIBS) \
+    $(CARES_LIBS) \
+    $(POPT_LIBS) \
+    $(PAM_LIBS) \
+    $(TALLOC_LIBS) \
+    $(SSSD_INTERNAL_LTLIBS) \
+    libsss_debug.la \
+    libsss_test_common.la \
+    $(NULL)
+
 endif # HAVE_CMOCKA
 
 noinst_PROGRAMS = pam_test_client
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index d147630248f0a24f5a632760b55b9284a6928e40..f477ac8bde2b1e3eea862e8e8f503566282ea8f3 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -478,6 +478,24 @@ try_to_go_online(TALLOC_CTX *mem_ctx,
     return EOK;
 }
 
+static int get_offline_timeout(struct be_ctx *ctx)
+{
+    errno_t ret;
+    int offline_timeout;
+
+    ret = confdb_get_int(ctx->cdb, ctx->conf_path,
+                         CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60,
+                         &offline_timeout);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              "Failed to get offline_timeout from confdb. "
+              "Will use 60 seconds.\n");
+        offline_timeout = 60;
+    }
+
+    return offline_timeout;
+}
+
 void be_mark_offline(struct be_ctx *ctx)
 {
     int offline_timeout;
@@ -493,15 +511,9 @@ void be_mark_offline(struct be_ctx *ctx)
         /* This is the first time we go offline - create a periodic task
          * to check if we can switch to online. */
         DEBUG(SSSDBG_TRACE_INTERNAL, "Initialize check_if_online_ptask.\n");
-        ret = confdb_get_int(ctx->cdb, ctx->conf_path,
-                             CONFDB_DOMAIN_OFFLINE_TIMEOUT, 60,
-                             &offline_timeout);
-        if (ret != EOK) {
-            DEBUG(SSSDBG_CRIT_FAILURE,
-                  "Failed to get offline_timeout from confdb. "
-                  "Will use 60 seconds.\n");
-            offline_timeout = 60;
-        }
+
+        offline_timeout = get_offline_timeout(ctx);
+
         ret = be_ptask_create_sync(ctx, ctx,
                                    offline_timeout, offline_timeout,
                                    offline_timeout, 30, offline_timeout,
@@ -524,10 +536,82 @@ void be_mark_offline(struct be_ctx *ctx)
     be_run_offline_cb(ctx);
 }
 
+static void be_subdom_reset_status(struct tevent_context *ev,
+                                  struct tevent_timer *te,
+                                  struct timeval current_time,
+                                  void *pvt)
+{
+    struct sss_domain_info *subdom = talloc_get_type(pvt,
+                                                     struct sss_domain_info);
+
+    DEBUG(SSSDBG_TRACE_LIBS, "Resetting subdomain %s\n", subdom->name);
+    subdom->state = DOM_ACTIVE;
+}
+
+static void be_mark_subdom_offline(struct sss_domain_info *subdom,
+                                   struct be_ctx *be_ctx)
+{
+    struct timeval tv;
+    struct tevent_timer *timeout = NULL;
+    int reset_status_timeout;
+
+    reset_status_timeout = get_offline_timeout(be_ctx);
+    tv = tevent_timeval_current_ofs(reset_status_timeout, 0);
+
+    switch (subdom->state) {
+    case DOM_DISABLED:
+        DEBUG(SSSDBG_MINOR_FAILURE, "Won't touch disabled subdomain\n");
+        return;
+    case DOM_INACTIVE:
+        DEBUG(SSSDBG_TRACE_ALL, "Subdomain already inactive\n");
+        return;
+    case DOM_ACTIVE:
+        DEBUG(SSSDBG_TRACE_LIBS,
+              "Marking subdomain %s as inactive\n", subdom->name);
+        break;
+    }
+
+    timeout = tevent_add_timer(be_ctx->ev, be_ctx, tv,
+                               be_subdom_reset_status, subdom);
+    if (timeout == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n");
+        return;
+    }
+
+    subdom->state = DOM_INACTIVE;
+}
+
+void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx)
+{
+    if (IS_SUBDOMAIN(dom) == false) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Marking back end offline\n");
+        be_mark_offline(ctx);
+    } else {
+        DEBUG(SSSDBG_TRACE_LIBS, "Marking subdomain %s offline\n", dom->name);
+        be_mark_subdom_offline(dom, ctx);
+    }
+}
+
+static void reactivate_subdoms(struct sss_domain_info *head)
+{
+    struct sss_domain_info *dom;
+
+    DEBUG(SSSDBG_TRACE_LIBS, "Resetting all subdomains");
+
+    for (dom = head; dom; dom = get_next_domain(dom, true)) {
+        if (sss_domain_get_state(dom) == DOM_INACTIVE) {
+            sss_domain_set_state(dom, DOM_ACTIVE);
+        }
+    }
+}
+
 static void be_reset_offline(struct be_ctx *ctx)
 {
     ctx->offstat.went_offline = 0;
     ctx->offstat.offline = false;
+
+    reactivate_subdoms(ctx->domain);
+
     be_ptask_disable(ctx->check_if_online_ptask);
     be_run_online_cb(ctx);
 }
diff --git a/src/providers/dp_backend.h b/src/providers/dp_backend.h
index e4e22ea343a5cbf4c75f176c3002dc579c2893fe..4d54bf547682379bcb8cf855b8fae39214495728 100644
--- a/src/providers/dp_backend.h
+++ b/src/providers/dp_backend.h
@@ -189,6 +189,7 @@ struct be_host_req {
 
 bool be_is_offline(struct be_ctx *ctx);
 void be_mark_offline(struct be_ctx *ctx);
+void be_mark_dom_offline(struct sss_domain_info *dom, struct be_ctx *ctx);
 
 int be_add_reconnect_cb(TALLOC_CTX *mem_ctx,
                         struct be_ctx *ctx,
diff --git a/src/tests/cmocka/test_data_provider_be.c b/src/tests/cmocka/test_data_provider_be.c
new file mode 100644
index 0000000000000000000000000000000000000000..68eb5841bee568bef64cb62461403036b1320bec
--- /dev/null
+++ b/src/tests/cmocka/test_data_provider_be.c
@@ -0,0 +1,275 @@
+/*
+    Copyright (C) 2015 Red Hat
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <talloc.h>
+#include <tevent.h>
+#include <errno.h>
+#include <popt.h>
+#include <time.h>
+
+#include "providers/dp_backend.h"
+#include "tests/cmocka/common_mock.h"
+#include "tests/cmocka/common_mock_be.h"
+#include "tests/common.h"
+
+#define TESTS_PATH "tests_dp_be"
+#define TEST_CONF_DB "test_dp_be_conf.ldb"
+#define TEST_DOM_NAME "dp_be_test"
+#define TEST_ID_PROVIDER "ldap"
+
+#define OFFLINE_TIMEOUT 2
+#define AS_STR(param) (#param)
+
+static TALLOC_CTX *global_mock_context = NULL;
+static bool global_timer_added;
+
+struct tevent_timer *__real__tevent_add_timer(struct tevent_context *ev,
+                                              TALLOC_CTX *mem_ctx,
+                                              struct timeval next_event,
+                                              tevent_timer_handler_t handler,
+                                              void *private_data,
+                                              const char *handler_name,
+                                              const char *location);
+
+struct tevent_timer *__wrap__tevent_add_timer(struct tevent_context *ev,
+                                              TALLOC_CTX *mem_ctx,
+                                              struct timeval next_event,
+                                              tevent_timer_handler_t handler,
+                                              void *private_data,
+                                              const char *handler_name,
+                                              const char *location)
+{
+    global_timer_added = true;
+
+    return __real__tevent_add_timer(ev, mem_ctx, next_event,
+                                    handler, private_data, handler_name,
+                                    location);
+}
+
+
+struct test_ctx {
+    struct sss_test_ctx *tctx;
+    struct be_ctx *be_ctx;
+};
+
+static struct sss_domain_info *named_domain(TALLOC_CTX *mem_ctx,
+                                            const char *name,
+                                            struct sss_domain_info *parent)
+{
+    struct sss_domain_info *dom = NULL;
+
+    dom = talloc_zero(mem_ctx, struct sss_domain_info);
+    assert_non_null(dom);
+
+    dom->name = talloc_strdup(dom, name);
+    assert_non_null(dom->name);
+
+    dom->parent = parent;
+
+    return dom;
+}
+
+static int test_setup(void **state)
+{
+    struct test_ctx *test_ctx = NULL;
+    struct sss_test_conf_param params[] = {
+        { "offline_timeout", AS_STR(OFFLINE_TIMEOUT) },
+        { NULL, NULL },             /* Sentinel */
+    };
+
+    assert_true(leak_check_setup());
+    global_mock_context = talloc_new(global_talloc_context);
+    assert_non_null(global_mock_context);
+
+    test_ctx = talloc_zero(global_talloc_context, struct test_ctx);
+    assert_non_null(test_ctx);
+
+    test_ctx->tctx = create_dom_test_ctx(test_ctx, TESTS_PATH,
+                                         TEST_CONF_DB, TEST_DOM_NAME,
+                                         TEST_ID_PROVIDER, params);
+    assert_non_null(test_ctx->tctx);
+
+    test_ctx->be_ctx = mock_be_ctx(test_ctx, test_ctx->tctx);
+    assert_non_null(test_ctx->be_ctx);
+
+    test_ctx->be_ctx->domain->subdomains = named_domain(test_ctx,
+                                                        "subdomains",
+                                                        test_ctx->be_ctx->domain);
+    assert_non_null(test_ctx->be_ctx->domain->subdomains);
+
+    *state = test_ctx;
+
+    return 0;
+}
+
+static int test_teardown(void **state)
+{
+    talloc_zfree(*state);
+    assert_true(leak_check_teardown());
+    return 0;
+}
+
+static void assert_domain_state(struct sss_domain_info *dom,
+                                enum sss_domain_state expected_state)
+{
+    enum sss_domain_state dom_state;
+
+    dom_state = sss_domain_get_state(dom);
+    assert_int_equal(dom_state, expected_state);
+}
+
+static void test_mark_subdom_offline_check(struct tevent_context *ev,
+                                           struct tevent_timer *te,
+                                           struct timeval current_time,
+                                           void *pvt)
+{
+    struct test_ctx *test_ctx = talloc_get_type(pvt, struct test_ctx);
+
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_ACTIVE);
+
+    test_ctx->tctx->done = true;
+    test_ctx->tctx->error = EOK;
+}
+
+static void test_mark_dom_offline(void **state)
+{
+    struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+
+    assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE);
+    assert_false(be_is_offline(test_ctx->be_ctx));
+
+    be_mark_dom_offline(test_ctx->be_ctx->domain, test_ctx->be_ctx);
+
+    assert_true(be_is_offline(test_ctx->be_ctx));
+    assert_domain_state(test_ctx->be_ctx->domain, DOM_ACTIVE);
+}
+
+static void test_mark_subdom_offline(void **state)
+{
+    struct timeval tv;
+    struct tevent_timer *check_ev = NULL;
+    struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+    errno_t ret;
+
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_ACTIVE);
+    assert_false(be_is_offline(test_ctx->be_ctx));
+
+    global_timer_added = false;
+    be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_INACTIVE);
+
+    /* A timer must be added that resets the state back */
+    assert_true(global_timer_added);
+
+    /* Global offline state must not change */
+    assert_false(be_is_offline(test_ctx->be_ctx));
+
+    /* Make sure we don't add a second timer */
+    global_timer_added = false;
+    be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_INACTIVE);
+    assert_false(global_timer_added);
+
+    /* Wait for the internal timer to reset our subdomain back */
+    tv = tevent_timeval_current_ofs(OFFLINE_TIMEOUT + 1, 0);
+
+    check_ev = tevent_add_timer(test_ctx->tctx->ev, test_ctx, tv,
+                                test_mark_subdom_offline_check,
+                                test_ctx);
+    if (check_ev == NULL) {
+        DEBUG(SSSDBG_OP_FAILURE, "Cannot create timer\n");
+        return;
+    }
+
+    ret = test_ev_loop(test_ctx->tctx);
+    assert_int_equal(ret, EOK);
+}
+
+static void test_mark_subdom_offline_disabled(void **state)
+{
+    struct test_ctx *test_ctx = talloc_get_type(*state, struct test_ctx);
+
+    sss_domain_set_state(test_ctx->be_ctx->domain->subdomains, DOM_DISABLED);
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_DISABLED);
+
+    be_mark_dom_offline(test_ctx->be_ctx->domain->subdomains, test_ctx->be_ctx);
+    assert_domain_state(test_ctx->be_ctx->domain->subdomains,
+                        DOM_DISABLED);
+}
+
+int main(int argc, const char *argv[])
+{
+    poptContext pc;
+    int opt;
+    int rv;
+    int no_cleanup = 0;
+    struct poptOption long_options[] = {
+        POPT_AUTOHELP
+        SSSD_DEBUG_OPTS
+        {"no-cleanup", 'n', POPT_ARG_NONE, &no_cleanup, 0,
+         _("Do not delete the test database after a test run"), NULL },
+        POPT_TABLEEND
+    };
+
+    const struct CMUnitTest tests[] = {
+        cmocka_unit_test_setup_teardown(test_mark_dom_offline,
+                                        test_setup,
+                                        test_teardown),
+        cmocka_unit_test_setup_teardown(test_mark_subdom_offline,
+                                        test_setup,
+                                        test_teardown),
+        cmocka_unit_test_setup_teardown(test_mark_subdom_offline_disabled,
+                                        test_setup,
+                                        test_teardown),
+    };
+
+    /* Set debug level to invalid value so we can deside if -d 0 was used. */
+    debug_level = SSSDBG_INVALID;
+
+    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
+    while((opt = poptGetNextOpt(pc)) != -1) {
+        switch(opt) {
+        default:
+            fprintf(stderr, "\nInvalid option %s: %s\n\n",
+                    poptBadOption(pc, 0), poptStrerror(opt));
+            poptPrintUsage(pc, stderr, 0);
+            return 1;
+        }
+    }
+    poptFreeContext(pc);
+
+    DEBUG_CLI_INIT(debug_level);
+
+    /* Even though normally the tests should clean up after themselves
+     * they might not after a failed run. Remove the old db to be sure */
+    tests_set_cwd();
+    test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME);
+    test_dom_suite_setup(TESTS_PATH);
+
+    rv = cmocka_run_group_tests(tests, NULL, NULL);
+    if (rv == 0 && !no_cleanup) {
+        test_dom_suite_cleanup(TESTS_PATH, TEST_CONF_DB, TEST_DOM_NAME);
+    }
+    return rv;
+
+    return cmocka_run_group_tests(tests, NULL, NULL);
+}
-- 
2.4.3