Avoid profile race conditions by tracking entryUSN

Avoid race conditions in the LDAPProfileSubsystem by tracking the most recently known entryUSN of profiles' LDAP entries. As part of this change, add the commitProfile method to the IProfileSubsystem interface, remove commit behaviour from the enableProfile and disableProfile methods and update ProfileService and ProfileApproveServlet to commit the profile (using the commitProfile method) where needed. Part of: https://fedorahosted.org/pki/ticket/1700
author: Fraser Tweedale <ftweedal@redhat.com> 2015-11-30 14:04:08 +1100
committer: Fraser Tweedale <ftweedal@redhat.com> 2016-01-19 10:48:57 +1100
commit: 81af68d3e3b1a89f799693e7f7ecda59f57abfe4 (patch)
tree: 87b5e8c56e74d77f6403de27e7a431070372254f /base/server/cms/src/com/netscape
parent: 2bd89f148b4b347fc80285ec521d2af0299da746 (diff)
download: pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.tar.gz
pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.tar.xz
pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
index 7ae623f32..89ba1bd8c 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
@@ -267,6 +267,7 @@ public class ProfileApproveServlet extends ProfileServlet {
                     if (ps.checkOwner()) {
                         if (ps.getProfileEnableBy(profileId).equals(userid)) {
                             ps.disableProfile(profileId);
+                            ps.commitProfile(profileId);
                         } else {
                             // only enableBy can disable profile
                             args.set(ARG_ERROR_CODE, "1");
@@ -288,9 +289,11 @@ public class ProfileApproveServlet extends ProfileServlet {
                         }
                     } else {
                         ps.disableProfile(profileId);
+                        ps.commitProfile(profileId);
                     }
                 } else {
                     ps.enableProfile(profileId, userid);
+                    ps.commitProfile(profileId);
                 }
 
                 // store a message in the signed audit log file
author	Fraser Tweedale <ftweedal@redhat.com>	2015-11-30 14:04:08 +1100
committer	Fraser Tweedale <ftweedal@redhat.com>	2016-01-19 10:48:57 +1100
commit	81af68d3e3b1a89f799693e7f7ecda59f57abfe4 (patch)
tree	87b5e8c56e74d77f6403de27e7a431070372254f /base/server/cms/src/com/netscape
parent	2bd89f148b4b347fc80285ec521d2af0299da746 (diff)
download	pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.tar.gz pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.tar.xz pki-81af68d3e3b1a89f799693e7f7ecda59f57abfe4.zip