#239 Optimized role deployment

A role that doesn't have references to other roles won't be deployed twice now

Author: rjrudin

src/main/java/com/marklogic/appdeployer/command/AbstractCommand.java

@@ -137,6 +137,12 @@ protected SaveReceipt saveResource(ResourceManager mgr, CommandContext context,
 		String payload = copyFileToString(f, context);
 		mgr = adjustResourceManagerForPayload(mgr, context, payload);
 		payload = adjustPayloadBeforeSavingResource(mgr, context, f, payload);
+
+		// A subclass may decide that the resource shouldn't be saved by returning a null payload
+		if (payload == null) {
+			return null;
+		}
+
         SaveReceipt receipt = mgr.save(payload);
         if (storeResourceIdsAsCustomTokens) {
             storeTokenForResourceId(receipt, context);
@@ -147,6 +153,8 @@ protected SaveReceipt saveResource(ResourceManager mgr, CommandContext context,
 	/**
 	 * Allow subclass to override this in order to fiddle with the payload before it's saved; called by saveResource.
 	 *
+	 * A subclass can return null from this method to indicate that the resource should not be saved.
+	 *
 	 * @param mgr
 	 * @param context
 	 * @param f

src/main/java/com/marklogic/appdeployer/command/AbstractResourceCommand.java

@@ -110,6 +110,9 @@ protected File[] listFilesInDirectory(File resourceDir, CommandContext context)
      */
     protected void afterResourceSaved(ResourceManager mgr, CommandContext context, File resourceFile,
             SaveReceipt receipt) {
+    	if (receipt == null) {
+    		return;
+	    }
     	ResponseEntity<String> response = receipt.getResponse();
     	if (response != null) {
     		HttpHeaders headers = response.getHeaders();

src/main/java/com/marklogic/appdeployer/command/security/DeployRolesCommand.java

@@ -11,51 +11,91 @@
 import com.marklogic.mgmt.resource.security.RoleManager;
 
 import java.io.File;
+import java.util.HashSet;
+import java.util.Set;
 
 public class DeployRolesCommand extends AbstractResourceCommand {
 
 	// Used internally
 	private boolean removeRolesAndPermissionsDuringDeployment = false;
 	private ResourceMapper resourceMapper;
+	private Set<String> roleNamesThatDontNeedToBeRedeployed;
 
 	public DeployRolesCommand() {
 		setExecuteSortOrder(SortOrderConstants.DEPLOY_ROLES);
 		setUndoSortOrder(SortOrderConstants.DELETE_ROLES);
 	}
 
 	/**
-	 * The set of roles is processed twice. The first time, the roles are saved without any permissions or dependent roles.
-	 * This is to avoid issues where the roles depend on each other or on themselves. The second time, the roles are
-	 * saved with permissions and dependent roles, which is guaranteed to work now that the roles have all been created.
+	 * The set of roles is processed twice. The first time, the roles are saved without any default permissions or references to other roles.
+	 * This is to avoid issues where the roles refer to each other or to themselves (via default permissions). The second time, the roles are
+	 * saved with permissions and references to other roles, which is guaranteed to work now that the roles have all been created.
 	 *
 	 * @param context
 	 */
 	@Override
 	public void execute(CommandContext context) {
 		removeRolesAndPermissionsDuringDeployment = true;
 		if (logger.isInfoEnabled()) {
-			logger.info("Deploying roles without any permissions or dependent roles");
+			logger.info("Deploying roles minus their default permissions and references to roles");
 		}
+		roleNamesThatDontNeedToBeRedeployed = new HashSet<>();
 		super.execute(context);
 		if (logger.isInfoEnabled()) {
-			logger.info("Deploying roles with permissions and dependent roles");
+			logger.info("Redeploying roles that have default permissions and/or references to roles");
 		}
 		removeRolesAndPermissionsDuringDeployment = false;
 		super.execute(context);
 	}
 
+	/**
+	 * If this is the first time roles are being deployed by this command - indicated by the removeRolesAndPermissionsDuringDeployment
+	 * class variable - then each payload is modified so that default permissions and role references are not included,
+	 * thus ensuring that the role can be created successfully.
+	 *
+	 * If this is the second time that roles are being deployed by this command, then the entire payload is sent. However,
+	 * if the role doesn't have any default permissions or role references, it will not be deployed a second time, as
+	 * there was nothing missing from the first deployment of the role.
+	 *
+	 * @param mgr
+	 * @param context
+	 * @param f
+	 * @param payload
+	 * @return
+	 */
 	@Override
 	protected String adjustPayloadBeforeSavingResource(ResourceManager mgr, CommandContext context, File f, String payload) {
 		payload = super.adjustPayloadBeforeSavingResource(mgr, context, f, payload);
+
+		if (resourceMapper == null) {
+			API api = new API(context.getManageClient(), context.getAdminManager());
+			resourceMapper = new DefaultResourceMapper(api);
+		}
+
+		Role role = resourceMapper.readResource(payload, Role.class);
+
+		// Is this the first time the roles are being deployed?
 		if (removeRolesAndPermissionsDuringDeployment) {
-			if (resourceMapper == null) {
-				API api = new API(context.getManageClient(), context.getAdminManager());
-				resourceMapper = new DefaultResourceMapper(api);
+			if (role.hasPermissionsOrRoles()) {
+				role.clearPermissionsAndRoles();
+				return role.getJson();
+			} else {
+				roleNamesThatDontNeedToBeRedeployed.add(role.getRoleName());
+				return payload;
+			}
+		}
+		// Else it's the second time roles are being deployed, but no need to deploy a role if it doesn't have any default permissions or role references
+		else if (roleNamesThatDontNeedToBeRedeployed.contains(role.getRoleName())) {
+			if (logger.isInfoEnabled()) {
+				logger.info("Not redeploying role " + role.getRoleName() + ", as it does not have any default permissions or references to other roles");
 			}
-			Role role = resourceMapper.readResource(payload, Role.class);
-			role.clearPermissionsAndRoles();
-			return role.getJson();
+			return null;
+		}
+		// Else log a message to indicate that the role is being redeployed
+		else if (logger.isInfoEnabled()) {
+			logger.info("Redeploying role " + role.getRoleName() + " with default permissions and references to other roles included");
 		}
+
 		return payload;
 	}
 

src/main/java/com/marklogic/mgmt/api/security/Role.java

@@ -55,6 +55,10 @@ public Role(API api, String roleName) {
 		this.roleName = roleName;
 	}
 
+	public boolean hasPermissionsOrRoles() {
+		return (role != null && !role.isEmpty()) || (permission != null && !permission.isEmpty());
+	}
+
 	public void clearPermissionsAndRoles() {
 		if (role != null) {
 			role.clear();