From 381d73a405fd0a8b7439c9d3accde9e2cc69c042 Mon Sep 17 00:00:00 2001 From: Konrad Windszus Date: Tue, 16 Jul 2024 16:57:49 +0200 Subject: [PATCH] Limit number of group memberships to be managed with "add" step to 10 This closes #753 --- .../tools/actool/ims/IMSUserManagement.java | 20 +++++++++++------ .../tools/actool/ims/IMSUserManagementIT.java | 22 +++++++++++++++++++ 2 files changed, 35 insertions(+), 7 deletions(-) diff --git a/accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagement.java b/accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagement.java index d719565b..bdfbf4f7 100644 --- a/accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagement.java +++ b/accesscontroltool-bundle/src/main/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagement.java @@ -116,6 +116,7 @@ public class IMSUserManagement implements ExternalGroupManagement { public static final Logger LOG = LoggerFactory.getLogger(IMSUserManagement.class); private static final int MAX_NUM_COMMANDS_PER_REQUEST = 10; + private static final int MAX_NUM_GROUPS_PER_ADD_STEP = 10; private final Configuration config; private final CloseableHttpClient client; @@ -218,15 +219,20 @@ public void updateGroups(Collection groupConfigs) throws } // optionally make users group administrators if (config.groupAdmins() != null && config.groupAdmins().length > 0) { - Set adminGroupNames = groupConfigs.stream() + // at most 10 groups per add command + AtomicInteger groupCounter = new AtomicInteger(); + Collection> adminGroupNameBatches = groupConfigs.stream() .map(AuthorizableConfigBean::getAuthorizableId) .map(id -> "_admin_" + id) // https://adobe-apiplatform.github.io/umapi-documentation/en/api/ActionsCmds.html#addRemoveAttr - .collect(Collectors.toSet()); - for (String groupAdmin : config.groupAdmins()) { - ActionCommand actionCommand = new UserActionCommand(groupAdmin); - AddGroupMembership addGroupMembership = new AddGroupMembership(adminGroupNames); - actionCommand.addStep(addGroupMembership); - actionCommands.add(actionCommand); + .collect(Collectors.groupingBy + (it->groupCounter.getAndIncrement() / MAX_NUM_GROUPS_PER_ADD_STEP)).values(); + for (List adminGroupNames : adminGroupNameBatches) { + for (String groupAdmin : config.groupAdmins()) { + ActionCommand actionCommand = new UserActionCommand(groupAdmin); + AddGroupMembership addGroupMembership = new AddGroupMembership(adminGroupNames); + actionCommand.addStep(addGroupMembership); + actionCommands.add(actionCommand); + } } } // update in batches of 10 commands diff --git a/accesscontroltool-bundle/src/test/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagementIT.java b/accesscontroltool-bundle/src/test/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagementIT.java index a46cd8c0..67eb1116 100644 --- a/accesscontroltool-bundle/src/test/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagementIT.java +++ b/accesscontroltool-bundle/src/test/java/biz/netcentric/cq/tools/actool/ims/IMSUserManagementIT.java @@ -20,6 +20,8 @@ import java.io.IOException; import java.util.Collections; import java.util.HashMap; +import java.util.LinkedList; +import java.util.List; import java.util.Map; import org.apache.http.impl.client.HttpClientBuilder; @@ -132,6 +134,26 @@ public HttpClientBuilder newBuilder() { imsUserManagement.updateGroups(Collections.singleton(group)); } + @Test + void test20GroupsWithAdmin() throws IOException { + properties.put("groupAdmins", getMandatoryEnvironmentVariable("ACTOOL_IMS_IT_USERID")); + Configuration config = Converters.standardConverter().convert(properties).to(Configuration.class); + IMSUserManagement imsUserManagement = new IMSUserManagement(config, new HttpClientBuilderFactory() { + @Override + public HttpClientBuilder newBuilder() { + return HttpClientBuilder.create(); + } + }); + List groups = new LinkedList<>(); + for (int n=0; n<20; n++) { + AuthorizableConfigBean group = new AuthorizableConfigBean(); + group.setAuthorizableId("testGroup" + n); + group.setDescription("my description" + n); + groups.add(group); + } + imsUserManagement.updateGroups(groups); + } + private static String getMandatoryEnvironmentVariable(String name) { String value = System.getenv(name); if (value == null) {