Fix OPENDJ-487: Normal acis under cn=config are not loaded at startup. Rath...

Ludovic Poitou

21.12.2012 d99a8227a80998e38d1b6b0193895090276db7f1

Fix OPENDJ-487: Normal acis under cn=config are not loaded at startup.
Rather than using regular internal connection search, lets search directly in the config backend, as it's not yet registered as a workflow.
The method is similar to what is done for the subEntryManager and the groupManager.

 opends/src/server/org/opends/server/authorization/dseecompat/AciHandler.java

@@ -49,6 +49,7 @@
import org.opends.server.admin.std.server.DseeCompatAccessControlHandlerCfg;
import org.opends.server.api.AccessControlHandler;
import org.opends.server.api.ClientConnection;
import org.opends.server.api.ConfigHandler;
import org.opends.server.backends.jeb.EntryContainer;
import org.opends.server.config.ConfigException;
import org.opends.server.controls.GetEffectiveRightsRequestControl;
@@ -1285,38 +1286,66 @@
   */
  private void processConfigAcis() throws InitializationException
  {
    try
    {
      DN configDN = DN.decode("cn=config");
      LinkedHashSet<String> attrs = new LinkedHashSet<String>(1);
      attrs.add("aci");
    LinkedHashSet<String> requestAttrs = new LinkedHashSet<String>(1);
    requestAttrs.add("aci");
      LinkedList<Message> failedACIMsgs = new LinkedList<Message>();
      InternalClientConnection conn =
          InternalClientConnection.getRootConnection();
      InternalSearchOperation op =
          conn.processSearch(configDN, SearchScope.WHOLE_SUBTREE,

    ConfigHandler configBackend = DirectoryServer.getConfigHandler();
    for (DN baseDN : configBackend.getBaseDNs())
    {
      try
      {
        if (! configBackend.entryExists(baseDN))
        {
          continue;
        }
      }
      catch (Exception e)
      {
        if (debugEnabled())
        {
          TRACER.debugCaught(DebugLogLevel.ERROR, e);
        }

        // FIXME -- Is there anything that we need to do here?
        continue;
      }

      try {
        InternalSearchOperation internalSearch = new InternalSearchOperation(
              conn, InternalClientConnection.nextOperationID(),
              InternalClientConnection.nextMessageID(),
              null, baseDN, SearchScope.WHOLE_SUBTREE,
              DereferencePolicy.NEVER_DEREF_ALIASES, 0, 0, false,
              SearchFilter.createFilterFromString("aci=*"), attrs);
      if (!op.getSearchEntries().isEmpty())
              SearchFilter.createFilterFromString("aci=*"), requestAttrs, null);
        LocalBackendSearchOperation localSearch =
              new LocalBackendSearchOperation(internalSearch);

        configBackend.search(localSearch);

        if (!internalSearch.getSearchEntries().isEmpty())
      {
        int validAcis =
            aciList.addAci(op.getSearchEntries(), failedACIMsgs);
              aciList.addAci(internalSearch.getSearchEntries(), failedACIMsgs);
        if (!failedACIMsgs.isEmpty())
        {
          aciListenerMgr.logMsgsSetLockDownMode(failedACIMsgs);
        }
        Message message =
            INFO_ACI_ADD_LIST_ACIS.get(Integer.toString(validAcis),
                String.valueOf(configDN));
                String.valueOf(baseDN));
        logError(message);
      }
    }
    catch (DirectoryException e)
      catch (Exception e)
    {
      Message message = INFO_ACI_HANDLER_FAIL_PROCESS_ACI.get();
      throw new InitializationException(message, e);
    }
  }
  }