[Pki-devel] [PATCH] 620 Cleaned up SystemConfigService.configureClone().

Endi Sukma Dewata edewata at redhat.com
Mon Jun 29 17:37:54 UTC 2015 

The getCloningData() in SystemConfigService has been renamed to
configureClone(). Redundant try-catch blocks have been removed.
Some exception messages have been modified to include more info.

-- 
Endi S. Dewata
-------------- next part --------------
From 01b218bd3be9e51e7aff8645e1bcf3ca1957574c Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Mon, 29 Jun 2015 13:29:41 -0400
Subject: [PATCH] Cleaned up SystemConfigService.configureClone().

The getCloningData() in SystemConfigService has been renamed to
configureClone(). Redundant try-catch blocks have been removed.
Some exception messages have been modified to include more info.
---
 .../dogtagpki/server/rest/SystemConfigService.java | 72 +++++++---------------
 .../server/tps/rest/TPSInstallerService.java       |  2 +-
 2 files changed, 23 insertions(+), 51 deletions(-)

diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index 75e3065faedb59f6e38a1778be7df40e2056ea0f..73d24a7150e3124c70b8f0a49f2bd9008322ff13 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -799,7 +799,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         }
     }
 
-    private void getCloningData(ConfigurationRequest data, Collection<String> certList, String token, String domainXML) {
+    private void configureClone(ConfigurationRequest data, Collection<String> certList, String token, String domainXML) throws Exception {
         for (String tag : certList) {
             if (tag.equals("sslserver")) {
                 cs.putBoolean("preop.cert." + tag + ".enable", true);
@@ -809,73 +809,45 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         }
 
         String cloneUri = data.getCloneUri();
-        URL url = null;
-        try {
-            url = new URL(cloneUri);
-        } catch (MalformedURLException e) {
-            // should not reach here as this check is done in validate()
-        }
+        URL url = new URL(cloneUri);
         String masterHost = url.getHost();
         int masterPort = url.getPort();
 
-        // check and store cloneURI information
-        boolean validCloneUri;
-        try {
-            validCloneUri = ConfigurationUtils.isValidCloneURI(domainXML, masterHost, masterPort);
-        } catch (Exception e) {
-            CMS.debug(e);
-            throw new PKIException("Error in determining whether clone URI is valid");
-        }
+        CMS.debug("SystemConfigService: validate clone URI: " + url);
+        boolean validCloneUri = ConfigurationUtils.isValidCloneURI(domainXML, masterHost, masterPort);
 
         if (!validCloneUri) {
             throw new BadRequestException(
-                    "Invalid clone URI provided.  Does not match the available subsystems in the security domain");
+                    "Clone URI does not match available subsystems: " + url);
         }
 
         if (csType.equals("CA")) {
-            try {
-                int masterAdminPort = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
-                        masterHost, masterPort, "CA", "SecurePort", "SecureAdminPort");
-                ConfigurationUtils.importCertChain(masterHost, masterAdminPort, "/ca/admin/ca/getCertChain",
-                        "clone");
-            } catch (Exception e) {
-                CMS.debug(e);
-                throw new PKIException("Failed to import certificate chain from master" + e);
-            }
+            CMS.debug("SystemConfigService: import certificate chain from master");
+            int masterAdminPort = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
+                    masterHost, masterPort, "CA", "SecurePort", "SecureAdminPort");
+            ConfigurationUtils.importCertChain(masterHost, masterAdminPort,
+                    "/ca/admin/ca/getCertChain", "clone");
         }
 
-        try {
-            CMS.debug("SystemConfigService.getCloningData(): get config entries");
-            ConfigurationUtils.getConfigEntriesFromMaster();
-        } catch (Exception e) {
-            CMS.debug(e);
-            throw new PKIException("Failed to obtain configuration entries from the master for cloning " + e);
-        }
+        CMS.debug("SystemConfigService: get configuration entries from master");
+        ConfigurationUtils.getConfigEntriesFromMaster();
 
         if (token.equals(ConfigurationRequest.TOKEN_DEFAULT)) {
-            CMS.debug("SystemConfigService.getCloningData(): restore certs from P12 file");
+            CMS.debug("SystemConfigService: restore certificates from P12 file");
             String p12File = data.getP12File();
             String p12Pass = data.getP12Password();
-            try {
-                ConfigurationUtils.restoreCertsFromP12(p12File, p12Pass);
-            } catch (Exception e) {
-                CMS.debug(e);
-                throw new PKIException("Failed to restore certificates from p12 file" + e);
-            }
+            ConfigurationUtils.restoreCertsFromP12(p12File, p12Pass);
+
         } else {
-            CMS.debug("SystemConfigService.getCloningData(): set permissions for certs stored in hardware");
-            try {
-                ConfigurationUtils.importAndSetCertPermissionsFromHSM();
-            } catch (Exception e) {
-                CMS.debug(e);
-                throw new PKIException("Failed to import certs from HSM and set permissions:" + e);
-            }
+            CMS.debug("SystemConfigService: import certificates from HSM and set permission");
+            ConfigurationUtils.importAndSetCertPermissionsFromHSM();
         }
 
-        CMS.debug("SystemConfigService.getCloningData(): verify certs");
+        CMS.debug("SystemConfigService: verify certificates");
         boolean cloneReady = ConfigurationUtils.isCertdbCloned();
+
         if (!cloneReady) {
-            CMS.debug("clone does not have all the certificates.");
+            CMS.debug("SystemConfigService: clone does not have all the certificates.");
             throw new PKIException("Clone does not have all the required certificates");
         }
     }
@@ -992,7 +964,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
     }
 
     public void configureSubsystem(ConfigurationRequest request,
-            Collection<String> certList, String token, String domainXML) {
+            Collection<String> certList, String token, String domainXML) throws Exception {
 
         cs.putString("preop.subsystem.name", request.getSubsystemName());
 
@@ -1004,7 +976,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         } else {
             cs.putString("preop.subsystem.select", "clone");
             cs.putString("subsystem.select", "Clone");
-            getCloningData(request, certList, token, domainXML);
+            configureClone(request, certList, token, domainXML);
         }
     }
 
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
index 9c4943b9f50019e629ecfacb87862ef997071f91..fe4e124461ff1fc0c02e86121275248dccb258d1 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
@@ -44,7 +44,7 @@ public class TPSInstallerService extends SystemConfigService  {
 
     @Override
     public void configureSubsystem(ConfigurationRequest request,
-            Collection<String> certList, String token, String domainXML) {
+            Collection<String> certList, String token, String domainXML) throws Exception {
 
         super.configureSubsystem(request, certList, token, domainXML);
 
-- 
1.9.3

More information about the Pki-devel mailing list