X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-batch%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fupdate%2FExpiring.java;h=e9f0e7267fc38aabe5d9e1fea9e66cb656914195;hb=7e966914050e66219689001ff4ab601a49eef0ac;hp=e12a452a5d05bca11d58a7016606cacc858981d3;hpb=e965ff37c2d3991fd431011521482efae8bd4bd0;p=aaf%2Fauthz.git diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java index e12a452a..e9f0e726 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java @@ -67,98 +67,98 @@ import org.onap.aaf.misc.env.TimeTaken; import org.onap.aaf.misc.env.util.Chrono; public class Expiring extends Batch { - private CredPrint crPrint; - private URFutureApprove urFutureApprove; - private URFutureApproveExec urFutureApproveExec; - private CredDelete crDelete; - private URDelete urDelete; - private final CacheTouch cacheTouch; - private final AuthzTrans noAvg; - private final ApprovalDAO apprDAO; - private final FutureDAO futureDAO; - private final PrintStream urDeleteF,urRecoverF; - private final URPrint urPrint; - private Email email; - private File deletesFile; + private CredPrint crPrint; + private URFutureApprove urFutureApprove; + private URFutureApproveExec urFutureApproveExec; + private CredDelete crDelete; + private URDelete urDelete; + private final CacheTouch cacheTouch; + private final AuthzTrans noAvg; + private final ApprovalDAO apprDAO; + private final FutureDAO futureDAO; + private final PrintStream urDeleteF,urRecoverF; + private final URPrint urPrint; + private Email email; + private File deletesFile; - public Expiring(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); - trans.info().log("Starting Connection Process"); - - noAvg = env.newTransNoAvg(); - noAvg.setUser(new BatchPrincipal("batch:Expiring")); - - TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); - try { - crPrint = new CredPrint("Expired:"); + public Expiring(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); + trans.info().log("Starting Connection Process"); + + noAvg = env.newTransNoAvg(); + noAvg.setUser(new BatchPrincipal("batch:Expiring")); + + TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); + try { + crPrint = new CredPrint("Expired:"); - TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE); - try { - urFutureApprove = new URFutureApprove(trans, cluster,isDryRun()); - checkOrganizationAcccess(trans, urFutureApprove.question()); - urFutureApproveExec = new URFutureApproveExec(trans, urFutureApprove); - urPrint = new URPrint("User Roles:"); - crDelete = new CredDelete(trans, urFutureApprove); - urDelete = new URDelete(trans,urFutureApprove); - cacheTouch = new CacheTouch(trans, urFutureApprove); - - // Reusing... don't destroy - apprDAO = urFutureApprove.question().approvalDAO; - futureDAO = urFutureApprove.question().futureDAO; + TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE); + try { + urFutureApprove = new URFutureApprove(trans, cluster,isDryRun()); + checkOrganizationAcccess(trans, urFutureApprove.question()); + urFutureApproveExec = new URFutureApproveExec(trans, urFutureApprove); + urPrint = new URPrint("User Roles:"); + crDelete = new CredDelete(trans, urFutureApprove); + urDelete = new URDelete(trans,urFutureApprove); + cacheTouch = new CacheTouch(trans, urFutureApprove); + + // Reusing... don't destroy + apprDAO = urFutureApprove.question().approvalDAO; + futureDAO = urFutureApprove.question().futureDAO; - TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE); - try { - session = urFutureApprove.getSession(trans); - } finally { - tt2.done(); - } - } finally { - tt.done(); - } - - File data_dir = new File(env.getProperty("aaf_data_dir")); - if(!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) { - throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!"); - } - UserRole.setDeleteStream( - urDeleteF = new PrintStream(new FileOutputStream(deletesFile = new File(data_dir,"UserRoleDeletes.dat"),false))); - UserRole.setRecoverStream( - urRecoverF = new PrintStream(new FileOutputStream(new File(data_dir,"UserRoleRecover.dat"),false))); - UserRole.load(trans, session, UserRole.v2_0_11); - - Cred.load(trans, session); - NS.load(trans, session,NS.v2_0_11); - Future.load(trans,session,Future.withConstruct); - Approval.load(trans,session,Approval.v2_0_17); - Role.load(trans, session); - - email = new Email(); - email.subject("AAF Expiring Process Alert (ENV: %s)",batchEnv); - email.preamble("Expiring Process Alert for %s",batchEnv); - email.signature("Sincerely,\nAAF Expiring Batch Process\n"); - String address = env.getProperty("ALERT_TO_ADDRESS"); - if(address==null) { - throw new APIException("ALERT_TO_ADDRESS property is required"); - } - email.addTo(address); - - } catch (OrganizationException e) { - throw new APIException("Error getting valid Organization",e); - } finally { - tt0.done(); - } - } + TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE); + try { + session = urFutureApprove.getSession(trans); + } finally { + tt2.done(); + } + } finally { + tt.done(); + } + + File data_dir = new File(env.getProperty("aaf_data_dir")); + if (!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) { + throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!"); + } + UserRole.setDeleteStream( + urDeleteF = new PrintStream(new FileOutputStream(deletesFile = new File(data_dir,"UserRoleDeletes.dat"),false))); + UserRole.setRecoverStream( + urRecoverF = new PrintStream(new FileOutputStream(new File(data_dir,"UserRoleRecover.dat"),false))); + UserRole.load(trans, session, UserRole.v2_0_11); + + Cred.load(trans, session); + NS.load(trans, session,NS.v2_0_11); + Future.load(trans,session,Future.withConstruct); + Approval.load(trans,session,Approval.v2_0_17); + Role.load(trans, session); + + email = new Email(); + email.subject("AAF Expiring Process Alert (ENV: %s)",batchEnv); + email.preamble("Expiring Process Alert for %s",batchEnv); + email.signature("Sincerely,\nAAF Expiring Batch Process\n"); + String address = env.getProperty("ALERT_TO_ADDRESS"); + if (address==null) { + throw new APIException("ALERT_TO_ADDRESS property is required"); + } + email.addTo(address); + + } catch (OrganizationException e) { + throw new APIException("Error getting valid Organization",e); + } finally { + tt0.done(); + } + } - @Override - protected void run(AuthzTrans trans) { - // Setup Date boundaries - + @Override + protected void run(AuthzTrans trans) { + // Setup Date boundaries + final GregorianCalendar gc = new GregorianCalendar(); final Date now = gc.getTime(); gc.add(GregorianCalendar.MONTH, 1); Date future = gc.getTime(); -// Date earliest = null; +// Date earliest = null; // reset gc.setTime(now); @@ -167,290 +167,290 @@ public class Expiring extends Batch { TimeTaken tt; - // Clean out Approvals UserRoles are fixed up. - String memo; - for(List la : Approval.byUser.values()) { - for(Approval a : la ) { - memo = a.getMemo(); - if(memo!=null && (memo.contains("Re-Approval") || memo.contains("Re-Validate"))) { - String role = a.getRole(); - if(role!=null) { - UserRole ur = UserRole.get(a.getUser(), a.getRole()); - Future f=null; - if(ur!=null) { - if(ur.expires().after(future)) { // no need for Approval anymore - a.delayDelete(noAvg, apprDAO, dryRun, "User Role already Extended"); - UUID tkt = a.getTicket(); - if(tkt!=null && Future.data.containsKey(tkt)) { - f = Future.data.get(a.getTicket()); - } - } - } else { - a.delayDelete(noAvg, apprDAO, dryRun, "User Role does not exist"); - UUID tkt = a.getTicket(); - if(tkt !=null && Future.data.containsKey(tkt)) { - f = Future.data.get(a.getTicket()); - } - } - if(f!=null) { - f.delayedDelete(noAvg, futureDAO, dryRun, "Approvals removed"); - } - } - } - } - } - try { - trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); - Future.resetLocalData(); - Approval.resetLocalData(); - } catch (Exception t) { - t.printStackTrace(); - } - + // Clean out Approvals UserRoles are fixed up. + String memo; + for (List la : Approval.byUser.values()) { + for (Approval a : la ) { + memo = a.getMemo(); + if (memo!=null && (memo.contains("Re-Approval") || memo.contains("Re-Validate"))) { + String role = a.getRole(); + if (role!=null) { + UserRole ur = UserRole.get(a.getUser(), a.getRole()); + Future f=null; + if (ur!=null) { + if (ur.expires().after(future)) { // no need for Approval anymore + a.delayDelete(noAvg, apprDAO, dryRun, "User Role already Extended"); + UUID tkt = a.getTicket(); + if (tkt!=null && Future.data.containsKey(tkt)) { + f = Future.data.get(a.getTicket()); + } + } + } else { + a.delayDelete(noAvg, apprDAO, dryRun, "User Role does not exist"); + UUID tkt = a.getTicket(); + if (tkt !=null && Future.data.containsKey(tkt)) { + f = Future.data.get(a.getTicket()); + } + } + if (f!=null) { + f.delayedDelete(noAvg, futureDAO, dryRun, "Approvals removed"); + } + } + } + } + } + try { + trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); + Future.resetLocalData(); + Approval.resetLocalData(); + } catch (Exception t) { + t.printStackTrace(); + } + // Run for Expired Futures trans.info().log("Checking for Expired Approval/Futures"); tt = trans.start("Delete old Futures", Env.REMOTE); - trans.info().log("### Running Future Execution on ",Future.data.size(), "Items"); - // Execute any Futures waiting - for(Future f : Future.data.values()) { - if(f.memo().contains("Re-Approval") || f.memo().contains("Re-Validate")) { - List la = Approval.byTicket.get(f.id()); - if(la!=null) { - Result ruf = urFutureApproveExec.exec(noAvg,la,f); - if(ruf.isOK()) { - switch(ruf.value) { - case P: - break; - case E: - case D: - case L: - f.delayedDelete(noAvg, futureDAO, dryRun,OP_STATUS.L.desc()); - Approval.delayDelete(noAvg, apprDAO, dryRun, la,OP_STATUS.L.desc()); - break; - } - } - } - } - } - try { - trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); - Future.resetLocalData(); - Approval.resetLocalData(); - } catch (Exception t) { - t.printStackTrace(); - } + trans.info().log("### Running Future Execution on ",Future.data.size(), "Items"); + // Execute any Futures waiting + for (Future f : Future.data.values()) { + if (f.memo().contains("Re-Approval") || f.memo().contains("Re-Validate")) { + List la = Approval.byTicket.get(f.id()); + if (la!=null) { + Result ruf = urFutureApproveExec.exec(noAvg,la,f); + if (ruf.isOK()) { + switch(ruf.value) { + case P: + break; + case E: + case D: + case L: + f.delayedDelete(noAvg, futureDAO, dryRun,OP_STATUS.L.desc()); + Approval.delayDelete(noAvg, apprDAO, dryRun, la,OP_STATUS.L.desc()); + break; + } + } + } + } + } + try { + trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); + Future.resetLocalData(); + Approval.resetLocalData(); + } catch (Exception t) { + t.printStackTrace(); + } - - trans.info().log("### Remove Expired on ",Future.data.size(), "Items, or premature ones"); - // Remove Expired - String expiredBeforeNow = "Expired before " + tooLate; - String expiredAfterFuture = "Expired after " + future; + + trans.info().log("### Remove Expired on ",Future.data.size(), "Items, or premature ones"); + // Remove Expired + String expiredBeforeNow = "Expired before " + tooLate; + String expiredAfterFuture = "Expired after " + future; try { - for(Future f : Future.data.values()) { - if(f.expires().before(tooLate)) { - f.delayedDelete(noAvg,futureDAO,dryRun, expiredBeforeNow); - Approval.delayDelete(noAvg, apprDAO, dryRun, Approval.byTicket.get(f.id()), expiredBeforeNow); - } else if(f.expires().after(future)) { - f.delayedDelete(noAvg,futureDAO,dryRun, expiredAfterFuture); - Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), expiredAfterFuture); - } - } - try { - trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); - Future.resetLocalData(); - Approval.resetLocalData(); - } catch (Exception t) { - t.printStackTrace(); - } + for (Future f : Future.data.values()) { + if (f.expires().before(tooLate)) { + f.delayedDelete(noAvg,futureDAO,dryRun, expiredBeforeNow); + Approval.delayDelete(noAvg, apprDAO, dryRun, Approval.byTicket.get(f.id()), expiredBeforeNow); + } else if (f.expires().after(future)) { + f.delayedDelete(noAvg,futureDAO,dryRun, expiredAfterFuture); + Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), expiredAfterFuture); + } + } + try { + trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); + Future.resetLocalData(); + Approval.resetLocalData(); + } catch (Exception t) { + t.printStackTrace(); + } } finally { - tt.done(); + tt.done(); } - trans.info().log("### Checking Approvals valid (",Approval.byApprover.size(),"Items)"); + trans.info().log("### Checking Approvals valid (",Approval.byApprover.size(),"Items)"); // Make sure users of Approvals are still valid - for(List lapp : Approval.byTicket.values()) { - for(Approval app : lapp) { - Future f; - if(app.getTicket()==null) { - f = null; - } else { - f = Future.data.get(app.getTicket()); - if(Future.pendingDelete(f)) { - f=null; - } - } - String msg; - if(f!=null && app.getRole()!=null && Role.byName.get(app.getRole())==null) { - f.delayedDelete(noAvg,futureDAO,dryRun,msg="Role '" + app.getRole() + "' no longer exists"); - Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); - continue; - } - - switch(app.getStatus()) { - case "pending": - if(f==null) { - app.delayDelete(noAvg,apprDAO, isDryRun(), "ticketDeleted"); - continue; - } - switch(app.getType()) { - case "owner": - boolean anOwner=false; - String approle = app.getRole(); - if(approle!=null) { - Role role = Role.byName.get(approle); - if(role==null) { - app.delayDelete(noAvg, apprDAO, dryRun, "Role No Longer Exists"); - continue; - } else { - // Make sure Owner Role exists - String owner = role.ns + ".owner"; - if(Role.byName.containsKey(owner)) { - List lur = UserRole.getByRole().get(owner); - if(lur != null) { - for(UserRole ur : lur) { - if(ur.user().equals(app.getApprover())) { - anOwner = true; - break; - } - } - } - } - } - if(!anOwner) { - app.delayDelete(noAvg, apprDAO, dryRun, "No longer Owner"); - } - - } - break; - case "supervisor": - try { - Identity identity = org.getIdentity(noAvg, app.getUser()); - if(identity==null) { - if(f!=null) { - f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getUser() + " is no longer associated with " + org.getName()); - Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); - } - } else { - if(!app.getApprover().equals(identity.responsibleTo().fullID())) { - if(f!=null) { - f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getApprover() + " is no longer a Supervisor of " + app.getUser()); - Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); - } - } - } - } catch (OrganizationException e) { - e.printStackTrace(); - } - break; - } - break; - } - } + for (List lapp : Approval.byTicket.values()) { + for (Approval app : lapp) { + Future f; + if (app.getTicket()==null) { + f = null; + } else { + f = Future.data.get(app.getTicket()); + if (Future.pendingDelete(f)) { + f=null; + } + } + String msg; + if (f!=null && app.getRole()!=null && Role.byName.get(app.getRole())==null) { + f.delayedDelete(noAvg,futureDAO,dryRun,msg="Role '" + app.getRole() + "' no longer exists"); + Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); + continue; + } + + switch(app.getStatus()) { + case "pending": + if (f==null) { + app.delayDelete(noAvg,apprDAO, isDryRun(), "ticketDeleted"); + continue; + } + switch(app.getType()) { + case "owner": + boolean anOwner=false; + String approle = app.getRole(); + if (approle!=null) { + Role role = Role.byName.get(approle); + if (role==null) { + app.delayDelete(noAvg, apprDAO, dryRun, "Role No Longer Exists"); + continue; + } else { + // Make sure Owner Role exists + String owner = role.ns + ".owner"; + if (Role.byName.containsKey(owner)) { + List lur = UserRole.getByRole().get(owner); + if (lur != null) { + for (UserRole ur : lur) { + if (ur.user().equals(app.getApprover())) { + anOwner = true; + break; + } + } + } + } + } + if (!anOwner) { + app.delayDelete(noAvg, apprDAO, dryRun, "No longer Owner"); + } + + } + break; + case "supervisor": + try { + Identity identity = org.getIdentity(noAvg, app.getUser()); + if (identity==null) { + if (f!=null) { + f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getUser() + " is no longer associated with " + org.getName()); + Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); + } + } else { + if (!app.getApprover().equals(identity.responsibleTo().fullID())) { + if (f!=null) { + f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getApprover() + " is no longer a Supervisor of " + app.getUser()); + Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg); + } + } + } + } catch (OrganizationException e) { + e.printStackTrace(); + } + break; + } + break; + } + } } - try { - trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); - Future.resetLocalData(); - Approval.resetLocalData(); - } catch (Exception t) { - t.printStackTrace(); - } + try { + trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals"); + Future.resetLocalData(); + Approval.resetLocalData(); + } catch (Exception t) { + t.printStackTrace(); + } int count = 0, deleted=0, delayedURDeletes = 0; // Run for User Roles trans.info().log("Checking for Expired User Roles"); try { - for(UserRole ur : UserRole.getData()) { - if(org.getIdentity(noAvg, ur.user())==null) { // if not part of Organization; - if(isSpecial(ur.user())) { - trans.info().log(ur.user(),"is not part of organization, but may not be deleted"); - } else { - ur.delayDelete(noAvg, "Not Part of Organization", dryRun); - ++deleted; - ++delayedURDeletes; - } - } else { - if(NS.data.get(ur.ns())==null) { - ur.delayDelete(noAvg,"Namespace " + ur.ns() + " does not exist.",dryRun); - ++delayedURDeletes; - ++deleted; - } else if(!Role.byName.containsKey(ur.role())) { - ur.delayDelete(noAvg,"Role " + ur.role() + " does not exist.",dryRun); - ++deleted; - ++delayedURDeletes; - } else if(ur.expires().before(tooLate)) { - if("owner".equals(ur.rname())) { // don't delete Owners, even if Expired - urPrint.exec(noAvg,ur,"Owner Expired (but not deleted)"); - } else { - // In this case, when UR is expired, not dependent on other lookups, we delete straight out. - urDelete.exec(noAvg, ur,"Expired before " + tooLate); - ++deleted; - } - //trans.logAuditTrail(trans.info()); - } else if(ur.expires().before(future) && ur.expires().after(now)) { - ++count; - // Is there an Approval set already - boolean needNew = true; - if(ur.role()!=null && ur.user()!=null) { - List abm = Approval.byUser.get(ur.user()); - if(abm!=null) { - for(Approval a : abm) { - if(a.getOperation().equals(FUTURE_OP.A.name()) && ur.role().equals(a.getRole())) { - if(Future.data.get(a.getTicket())!=null) { - needNew = false; - break; - } - } - } - } - } - if(needNew) { - urFutureApprove.exec(noAvg, ur,""); - } - } - } - } - } catch (OrganizationException e) { - env.info().log(e,"Exiting ..."); - } finally { - env.info().log("Found",count,"user roles expiring before",future); - env.info().log("deleting",deleted,"user roles expiring before",tooLate); + for (UserRole ur : UserRole.getData()) { + if (org.getIdentity(noAvg, ur.user())==null) { // if not part of Organization; + if (isSpecial(ur.user())) { + trans.info().log(ur.user(),"is not part of organization, but may not be deleted"); + } else { + ur.delayDelete(noAvg, "Not Part of Organization", dryRun); + ++deleted; + ++delayedURDeletes; + } + } else { + if (NS.data.get(ur.ns())==null) { + ur.delayDelete(noAvg,"Namespace " + ur.ns() + " does not exist.",dryRun); + ++delayedURDeletes; + ++deleted; + } else if (!Role.byName.containsKey(ur.role())) { + ur.delayDelete(noAvg,"Role " + ur.role() + " does not exist.",dryRun); + ++deleted; + ++delayedURDeletes; + } else if (ur.expires().before(tooLate)) { + if ("owner".equals(ur.rname())) { // don't delete Owners, even if Expired + urPrint.exec(noAvg,ur,"Owner Expired (but not deleted)"); + } else { + // In this case, when UR is expired, not dependent on other lookups, we delete straight out. + urDelete.exec(noAvg, ur,"Expired before " + tooLate); + ++deleted; + } + //trans.logAuditTrail(trans.info()); + } else if (ur.expires().before(future) && ur.expires().after(now)) { + ++count; + // Is there an Approval set already + boolean needNew = true; + if (ur.role()!=null && ur.user()!=null) { + List abm = Approval.byUser.get(ur.user()); + if (abm!=null) { + for (Approval a : abm) { + if (a.getOperation().equals(FUTURE_OP.A.name()) && ur.role().equals(a.getRole())) { + if (Future.data.get(a.getTicket())!=null) { + needNew = false; + break; + } + } + } + } + } + if (needNew) { + urFutureApprove.exec(noAvg, ur,""); + } + } + } + } + } catch (OrganizationException e) { + env.info().log(e,"Exiting ..."); + } finally { + env.info().log("Found",count,"user roles expiring before",future); + env.info().log("deleting",deleted,"user roles expiring before",tooLate); } // Actualize UR Deletes, or send Email - if(UserRole.sizeForDeletion()>0) { - count+=UserRole.sizeForDeletion(); + if (UserRole.sizeForDeletion()>0) { + count+=UserRole.sizeForDeletion(); double onePercent = 0.01; - if(((double)UserRole.sizeForDeletion())/UserRole.getData().size() > onePercent) { - Message msg = new Message(); - try { - msg.line("Found %d of %d UserRoles marked for Deletion in file %s", - delayedURDeletes,UserRole.getData().size(),deletesFile.getCanonicalPath()); - } catch (IOException e) { - msg.line("Found %d of %d UserRoles marked for Deletion.\n", - delayedURDeletes); - } - msg.line("Review the File. If data is ok, Use ExpiringP2 BatchProcess to complete the deletions"); - - email.msg(msg); - email.exec(trans, org, "Email Support"); - } else { - urDeleteF.flush(); - try { - BufferedReader br = new BufferedReader(new FileReader(deletesFile)); - try { - ExpiringP2.deleteURs(noAvg, br, urDelete, null /* don't touch Cache here*/); - } finally { - br.close(); - } - } catch (IOException io) { - noAvg.error().log(io); - } - } + if (((double)UserRole.sizeForDeletion())/UserRole.getData().size() > onePercent) { + Message msg = new Message(); + try { + msg.line("Found %d of %d UserRoles marked for Deletion in file %s", + delayedURDeletes,UserRole.getData().size(),deletesFile.getCanonicalPath()); + } catch (IOException e) { + msg.line("Found %d of %d UserRoles marked for Deletion.\n", + delayedURDeletes); + } + msg.line("Review the File. If data is ok, Use ExpiringP2 BatchProcess to complete the deletions"); + + email.msg(msg); + email.exec(trans, org, "Email Support"); + } else { + urDeleteF.flush(); + try { + BufferedReader br = new BufferedReader(new FileReader(deletesFile)); + try { + ExpiringP2.deleteURs(noAvg, br, urDelete, null /* don't touch Cache here*/); + } finally { + br.close(); + } + } catch (IOException io) { + noAvg.error().log(io); + } + } } - if(count>0) { - String str = String.format("%d UserRoles modified or deleted", count); - cacheTouch.exec(trans, "user_role", str); + if (count>0) { + String str = String.format("%d UserRoles modified or deleted", count); + cacheTouch.exec(trans, "user_role", str); } // Run for Creds @@ -458,49 +458,49 @@ public class Expiring extends Batch { System.out.flush(); count = 0; try { - CredDAO.Data crd = new CredDAO.Data(); - Date last = null; - for( Cred creds : Cred.data.values()) { - crd.id = creds.id; - for(int type : creds.types()) { - crd.type = type; - for( Instance inst : creds.instances) { - if(inst.expires.before(tooLate)) { - crd.expires = inst.expires; - crDelete.exec(noAvg, crd,"Expired before " + tooLate); - } else if(last==null || inst.expires.after(last)) { - last = inst.expires; - } - } - if(last!=null) { - if(last.before(future)) { - crd.expires = last; - crPrint.exec(noAvg, crd,""); - ++count; - } - } - } - } + CredDAO.Data crd = new CredDAO.Data(); + Date last = null; + for ( Cred creds : Cred.data.values()) { + crd.id = creds.id; + for (int type : creds.types()) { + crd.type = type; + for ( Instance inst : creds.instances) { + if (inst.expires.before(tooLate)) { + crd.expires = inst.expires; + crDelete.exec(noAvg, crd,"Expired before " + tooLate); + } else if (last==null || inst.expires.after(last)) { + last = inst.expires; + } + } + if (last!=null) { + if (last.before(future)) { + crd.expires = last; + crPrint.exec(noAvg, crd,""); + ++count; + } + } + } + } } finally { - String str = String.format("Found %d current creds expiring before %s", count, Chrono.dateOnlyStamp(future)); - if(count>0) { - cacheTouch.exec(trans, "cred", str); - } + String str = String.format("Found %d current creds expiring before %s", count, Chrono.dateOnlyStamp(future)); + if (count>0) { + cacheTouch.exec(trans, "cred", str); + } } - } - - @Override - protected void _close(AuthzTrans trans) { + } + + @Override + protected void _close(AuthzTrans trans) { aspr.info("End " + this.getClass().getSimpleName() + " processing" ); - for(Action action : new Action[] {crDelete}) { - if(action instanceof ActionDAO) { - ((ActionDAO)action).close(trans); - } + for (Action action : new Action[] {crDelete}) { + if (action instanceof ActionDAO) { + ((ActionDAO)action).close(trans); + } } session.close(); urDeleteF.close(); urRecoverF.close(); - } + } }