mirror of
https://github.com/xcp-ng/xenadmin.git
synced 2024-12-30 07:40:13 +01:00
92f0499911
We observed that some threads can reach deadlock-ish state after they have Invoked into a control's UI thread. When it happens they are all in a waiting for join or in sleep state for very long time, although there should not be any deadlock situations.
It seems this has something to do with multiple parent controls and with which control we invoked on. This should not make a difference, because we have got one UI thread (for MainWindow) they should wait for, but we have seen it does.
The solution that fixed this issue was to invoke on the MainWindow instead of various controls (see a4fe507adf
).
This changeset is changing all our Invokes to invoke into MainWindow
instead of a control itself. (MainWindow's UI thread is the only UI thread
all Control is using in XenCenter)
This changeset should be in place until we have found the root cause or the exact reason for the above.
430 lines
17 KiB
C#
430 lines
17 KiB
C#
/* Copyright (c) Citrix Systems Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms,
|
|
* with or without modification, are permitted provided
|
|
* that the following conditions are met:
|
|
*
|
|
* * Redistributions of source code must retain the above
|
|
* copyright notice, this list of conditions and the
|
|
* following disclaimer.
|
|
* * Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the
|
|
* following disclaimer in the documentation and/or other
|
|
* materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
|
|
* CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
|
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
|
|
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
|
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
|
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Drawing;
|
|
using System.Windows.Forms;
|
|
using XenAdmin.Controls;
|
|
using XenAdmin.Network;
|
|
using XenAPI;
|
|
using System.Threading;
|
|
using XenAdmin.Core;
|
|
using XenAdmin.Properties;
|
|
using System.Linq;
|
|
|
|
namespace XenAdmin.Wizards.GenericPages
|
|
{
|
|
public partial class RBACWarningPage : XenTabPage
|
|
{
|
|
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
|
|
|
|
private readonly Dictionary<IXenConnection, List<WizardPermissionCheck>> checksPerConnectionDict;
|
|
private Thread bgThread;
|
|
private bool refreshPage = false;
|
|
private bool finished = false;
|
|
public bool blockProgress = false;
|
|
|
|
public RBACWarningPage(string description)
|
|
: this()
|
|
{
|
|
labelDescription.Text = description;
|
|
}
|
|
|
|
public RBACWarningPage()
|
|
{
|
|
InitializeComponent();
|
|
checksPerConnectionDict = new Dictionary<IXenConnection, List<WizardPermissionCheck>>();
|
|
}
|
|
|
|
public override string HelpID { get { return "RBAC"; } }
|
|
|
|
public override string Text { get { return Messages.RBAC_WARNING_PAGE_TEXT_TITLE; } }
|
|
|
|
public override string PageTitle { get { return Messages.RBAC_WARNING_PAGE_TEXT_TITLE; } }
|
|
|
|
public void AddPermissionChecks(IXenConnection connection, params WizardPermissionCheck[] permissionChecks)
|
|
{
|
|
if (!checksPerConnectionDict.ContainsKey(connection))
|
|
{
|
|
checksPerConnectionDict.Add(connection, new List<WizardPermissionCheck>());
|
|
}
|
|
|
|
checksPerConnectionDict[connection].AddRange(permissionChecks);
|
|
}
|
|
|
|
public void ClearPermissionChecks()
|
|
{
|
|
DeregisterConnectionEvents();
|
|
checksPerConnectionDict.Clear();
|
|
}
|
|
|
|
public override void PageLoaded(PageLoadedDirection direction)
|
|
{
|
|
RegisterConnectionEvents();
|
|
RefreshPage();
|
|
base.PageLoaded(direction);
|
|
}
|
|
|
|
void Connection_ConnectionResult(object sender, ConnectionResultEventArgs e)
|
|
{
|
|
if (e.Connected)
|
|
Program.Invoke(Program.MainWindow, RefreshPage);
|
|
}
|
|
|
|
public override void PageLeave(PageLoadedDirection direction, ref bool cancel)
|
|
{
|
|
DeregisterConnectionEvents();
|
|
base.PageLeave(direction, ref cancel);
|
|
}
|
|
|
|
public override void PageCancelled()
|
|
{
|
|
DeregisterConnectionEvents();
|
|
base.PageCancelled();
|
|
}
|
|
|
|
public void RefreshPage()
|
|
{
|
|
if (bgThread == null || !bgThread.IsAlive)
|
|
{
|
|
bgThread = new Thread(RetrieveRBACWarnings);
|
|
bgThread.IsBackground = true;
|
|
bgThread.Start();
|
|
}
|
|
else
|
|
{
|
|
refreshPage = true;
|
|
}
|
|
}
|
|
|
|
public override bool EnableNext()
|
|
{
|
|
return !blockProgress && finished;
|
|
}
|
|
|
|
private void RegisterConnectionEvents()
|
|
{
|
|
foreach (var connectionChecks in checksPerConnectionDict)
|
|
{
|
|
IXenConnection connection = connectionChecks.Key;
|
|
connection.ConnectionResult += Connection_ConnectionResult;
|
|
}
|
|
}
|
|
|
|
private void DeregisterConnectionEvents()
|
|
{
|
|
foreach (var connectionChecks in checksPerConnectionDict)
|
|
{
|
|
IXenConnection connection = connectionChecks.Key;
|
|
connection.ConnectionResult -= Connection_ConnectionResult;
|
|
}
|
|
}
|
|
|
|
private PermissionCheckResult RunPermissionChecks(IXenConnection connection,
|
|
List<WizardPermissionCheck> permissionChecks, out List<WizardPermissionCheck> errors,
|
|
out List<WizardPermissionCheck> warnings)
|
|
{
|
|
PermissionCheckResult checkResult = PermissionCheckResult.OK;
|
|
|
|
errors = new List<WizardPermissionCheck>();
|
|
warnings = new List<WizardPermissionCheck>();
|
|
foreach (WizardPermissionCheck wpc in permissionChecks)
|
|
{
|
|
List<Role> rolesAbleToComplete = Role.ValidRoleList(wpc.ApiCallsToCheck, connection);
|
|
List<Role> subjectRoles = connection.Session.Roles;
|
|
|
|
if (subjectRoles.Find(rolesAbleToComplete.Contains) != null)
|
|
continue;
|
|
|
|
log.DebugFormat("Failed RBAC check: {0}", wpc.WarningMessage);
|
|
if (wpc.Blocking)
|
|
{
|
|
errors.Add(wpc);
|
|
checkResult = PermissionCheckResult.Failed;
|
|
}
|
|
else
|
|
{
|
|
warnings.Add(wpc);
|
|
if (checkResult == PermissionCheckResult.OK)
|
|
checkResult = PermissionCheckResult.Warning;
|
|
}
|
|
}
|
|
|
|
return checkResult;
|
|
}
|
|
|
|
private void RetrieveRBACWarnings()
|
|
{
|
|
SetUpdating();
|
|
foreach (var connectionChecks in checksPerConnectionDict)
|
|
{
|
|
IXenConnection connection = connectionChecks.Key;
|
|
PermissionCheckHeaderRow headerRow = AddHeaderRow(connection);
|
|
PermissionCheckResult checkResult = PermissionCheckResult.OK;
|
|
|
|
if (connection.Session.IsLocalSuperuser || connectionChecks.Value.Count == 0 || !Helpers.MidnightRideOrGreater(connection))
|
|
{
|
|
SetNoWarnings();
|
|
}
|
|
else
|
|
{
|
|
List<WizardPermissionCheck> errors;
|
|
List<WizardPermissionCheck> warnings;
|
|
checkResult = RunPermissionChecks(connection, connectionChecks.Value, out errors, out warnings);
|
|
switch (checkResult)
|
|
{
|
|
case PermissionCheckResult.OK:
|
|
SetNoWarnings();
|
|
break;
|
|
case PermissionCheckResult.Warning:
|
|
AddWarnings(connection, warnings);
|
|
break;
|
|
case PermissionCheckResult.Failed:
|
|
AddErrors(connection, errors);
|
|
break;
|
|
}
|
|
}
|
|
UpdateHeaderRow(headerRow, checkResult);
|
|
}
|
|
FinishedUpdating();
|
|
}
|
|
|
|
private void AddErrors(IXenConnection connection, List<WizardPermissionCheck> errors)
|
|
{
|
|
Program.AssertOffEventThread();
|
|
|
|
if (connection.Session.IsLocalSuperuser || !Helpers.MidnightRideOrGreater(connection))
|
|
{
|
|
// We should not be here.
|
|
log.Warn("A pre RBAC user or local root account is being blocked access");
|
|
}
|
|
|
|
List<Role> roleList = connection.Session.Roles;
|
|
roleList.Sort();
|
|
|
|
foreach (WizardPermissionCheck wizardPermissionCheck in errors)
|
|
{
|
|
// the string is a format string that needs to take the current role (we use the subject they were authorised under which could be a group or user)
|
|
string description = String.Format(wizardPermissionCheck.WarningMessage, roleList[0].FriendlyName);
|
|
AddDetailsRow(description, PermissionCheckResult.Failed);
|
|
}
|
|
|
|
Program.Invoke(Program.MainWindow, () => blockProgress = true);
|
|
}
|
|
|
|
private void FinishedUpdating()
|
|
{
|
|
if (refreshPage)
|
|
{
|
|
// If we have received a request to refresh while updating then we run the logic again
|
|
refreshPage = false;
|
|
RetrieveRBACWarnings();
|
|
return;
|
|
}
|
|
finished = true;
|
|
Program.Invoke(Program.MainWindow, delegate
|
|
{
|
|
labelClickNext.Visible = !blockProgress;
|
|
OnPageUpdated();
|
|
});
|
|
}
|
|
|
|
private void AddWarnings(IXenConnection connection, List<WizardPermissionCheck> warnings)
|
|
{
|
|
List<Role> roleList = connection.Session.Roles;
|
|
roleList.Sort();
|
|
|
|
foreach (WizardPermissionCheck wizardPermissionCheck in warnings)
|
|
{
|
|
if (wizardPermissionCheck.WarningAction != null)
|
|
wizardPermissionCheck.WarningAction();
|
|
|
|
// the string is a format string that needs to take the current role (we use the subject they were authorised under which could be a group or user)
|
|
string description = String.Format(wizardPermissionCheck.WarningMessage, roleList[0].FriendlyName);
|
|
AddDetailsRow(description, PermissionCheckResult.Warning);
|
|
}
|
|
}
|
|
|
|
private void SetNoWarnings()
|
|
{
|
|
AddDetailsRow(Messages.RBAC_NO_WIZARD_LIMITS, PermissionCheckResult.OK);
|
|
}
|
|
|
|
private void SetUpdating()
|
|
{
|
|
Program.AssertOffEventThread();
|
|
|
|
Program.Invoke(Program.MainWindow, delegate
|
|
{
|
|
blockProgress = false;
|
|
finished = false;
|
|
OnPageUpdated();
|
|
labelClickNext.Visible = false;
|
|
dataGridViewEx1.Rows.Clear();
|
|
});
|
|
}
|
|
|
|
private PermissionCheckHeaderRow AddHeaderRow(IXenConnection connection)
|
|
{
|
|
Program.AssertOffEventThread();
|
|
|
|
string text = string.Format(Messages.RBAC_WARNING_PAGE_HEADER_ROW_DESC, connection.Session.UserFriendlyName,
|
|
connection.Session.FriendlyRoleDescription, connection.FriendlyName);
|
|
PermissionCheckHeaderRow headerRow = new PermissionCheckHeaderRow(text);
|
|
Program.Invoke(Program.MainWindow, delegate
|
|
{
|
|
headerRow.SetPermissionCheckInProgress(true);
|
|
dataGridViewEx1.Rows.Add(headerRow);
|
|
});
|
|
return headerRow;
|
|
}
|
|
|
|
private void UpdateHeaderRow(PermissionCheckHeaderRow headerRow, PermissionCheckResult checkResult)
|
|
{
|
|
Program.AssertOffEventThread();
|
|
Program.Invoke(Program.MainWindow, delegate
|
|
{
|
|
headerRow.SetPermissionCheckInProgress(false);
|
|
headerRow.UpdateDescription(checkResult);
|
|
});
|
|
}
|
|
|
|
private void AddDetailsRow(string desc, PermissionCheckResult checkResult)
|
|
{
|
|
Program.AssertOffEventThread();
|
|
Program.Invoke(Program.MainWindow, delegate
|
|
{
|
|
PermissionCheckDetailsRow detailsRow =
|
|
new PermissionCheckDetailsRow(desc, checkResult);
|
|
dataGridViewEx1.Rows.Add(detailsRow);
|
|
});
|
|
}
|
|
|
|
internal enum PermissionCheckResult { OK, Warning, Failed }
|
|
|
|
private abstract class PermissionCheckGridRow : DataGridViewRow
|
|
{
|
|
protected DataGridViewImageCell iconCell = new DataGridViewImageCell();
|
|
protected DataGridViewTextBoxCell descriptionCell = new DataGridViewTextBoxCell();
|
|
protected PermissionCheckGridRow()
|
|
{
|
|
Cells.Add(iconCell);
|
|
Cells.Add(descriptionCell);
|
|
}
|
|
}
|
|
|
|
private class PermissionCheckHeaderRow : PermissionCheckGridRow
|
|
{
|
|
private string description;
|
|
|
|
public PermissionCheckHeaderRow(string desc)
|
|
{
|
|
iconCell.Value = new Bitmap(1, 1);
|
|
description = desc;
|
|
descriptionCell.Value = desc;
|
|
descriptionCell.Style.Font = new Font(Program.DefaultFont, FontStyle.Bold);
|
|
}
|
|
|
|
public void UpdateDescription(PermissionCheckResult permissionCheckResult)
|
|
{
|
|
string result = permissionCheckResult == PermissionCheckResult.OK
|
|
? Messages.OK
|
|
: permissionCheckResult == PermissionCheckResult.Warning
|
|
? Messages.WARNING
|
|
: Messages.FAILED;
|
|
|
|
descriptionCell.Value = string.Format("{0} {1}", description, result);
|
|
}
|
|
|
|
public void SetPermissionCheckInProgress(bool value)
|
|
{
|
|
iconCell.Value = value ? XenAdmin.Properties.Resources.ajax_loader : new Bitmap(1, 1);
|
|
}
|
|
}
|
|
|
|
private class PermissionCheckDetailsRow : PermissionCheckGridRow
|
|
{
|
|
public PermissionCheckDetailsRow(string desc, PermissionCheckResult checkResult)
|
|
{
|
|
iconCell.Value = checkResult == PermissionCheckResult.OK
|
|
? Resources._000_Tick_h32bit_16
|
|
: checkResult == PermissionCheckResult.Warning
|
|
? Resources._000_Alert2_h32bit_16
|
|
: Resources._000_Abort_h32bit_16;
|
|
descriptionCell.Value = desc;
|
|
}
|
|
}
|
|
|
|
public delegate void PermissionCheckActionDelegate();
|
|
public class WizardPermissionCheck
|
|
{
|
|
public RbacMethodList ApiCallsToCheck;
|
|
/// <summary>
|
|
/// This is the warning message will be displayed. It should be a format string which takes one input, the users current role, which will be supplied when the page is displayed.
|
|
/// </summary>
|
|
public string WarningMessage;
|
|
/// <summary>
|
|
/// If true, this warning will be the only one that displays, and will use the cross icon.
|
|
/// </summary>
|
|
public bool Blocking = false;
|
|
public PermissionCheckActionDelegate WarningAction;
|
|
|
|
public WizardPermissionCheck(string warningMessage)
|
|
{
|
|
this.WarningMessage = warningMessage;
|
|
ApiCallsToCheck = new RbacMethodList();
|
|
}
|
|
|
|
public void AddApiCheck(string s)
|
|
{
|
|
ApiCallsToCheck.Add(s);
|
|
}
|
|
|
|
public void AddApiCheck(RbacMethod method)
|
|
{
|
|
ApiCallsToCheck.Add(method);
|
|
}
|
|
|
|
public void AddApiCheckRange(RbacMethodList methodList)
|
|
{
|
|
foreach (var method in methodList)
|
|
ApiCallsToCheck.Add(method);
|
|
}
|
|
|
|
public void AddWarningAction(PermissionCheckActionDelegate d)
|
|
{
|
|
WarningAction = d;
|
|
}
|
|
}
|
|
}
|
|
}
|