Avoid profile race conditions by tracking entryUSN

Avoid race conditions in the LDAPProfileSubsystem by tracking the most recently known entryUSN of profiles' LDAP entries. As part of this change, add the commitProfile method to the IProfileSubsystem interface, remove commit behaviour from the enableProfile and disableProfile methods and update ProfileService and ProfileApproveServlet to commit the profile (using the commitProfile method) where needed. Part of: https://fedorahosted.org/pki/ticket/1700
author: Fraser Tweedale <ftweedal@redhat.com> 2015-11-30 14:04:08 +1100
committer: Fraser Tweedale <ftweedal@redhat.com> 2016-01-21 12:48:56 +1100
commit: 2cb2e9c8df06a7fdb2fed11e2973c03483024bc0 (patch)
tree: 67e5aefb7dcf89bce01c4158f91229e17e94baab /base/server/cms
parent: 6371ea5cd0abf64ab755b8d7b410c879f5051936 (diff)
download: pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.tar.gz
pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.tar.xz
pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
index 7ae623f32..89ba1bd8c 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java
@@ -267,6 +267,7 @@ public class ProfileApproveServlet extends ProfileServlet {
                     if (ps.checkOwner()) {
                         if (ps.getProfileEnableBy(profileId).equals(userid)) {
                             ps.disableProfile(profileId);
+                            ps.commitProfile(profileId);
                         } else {
                             // only enableBy can disable profile
                             args.set(ARG_ERROR_CODE, "1");
@@ -288,9 +289,11 @@ public class ProfileApproveServlet extends ProfileServlet {
                         }
                     } else {
                         ps.disableProfile(profileId);
+                        ps.commitProfile(profileId);
                     }
                 } else {
                     ps.enableProfile(profileId, userid);
+                    ps.commitProfile(profileId);
                 }
 
                 // store a message in the signed audit log file
author	Fraser Tweedale <ftweedal@redhat.com>	2015-11-30 14:04:08 +1100
committer	Fraser Tweedale <ftweedal@redhat.com>	2016-01-21 12:48:56 +1100
commit	2cb2e9c8df06a7fdb2fed11e2973c03483024bc0 (patch)
tree	67e5aefb7dcf89bce01c4158f91229e17e94baab /base/server/cms
parent	6371ea5cd0abf64ab755b8d7b410c879f5051936 (diff)
download	pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.tar.gz pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.tar.xz pki-2cb2e9c8df06a7fdb2fed11e2973c03483024bc0.zip