Refactore saving and triggers workflow
Split from #6063
Present situation:
sequenceDiagram
loop each tab
simpleTabs->>+simplePlugin:Check
simplePlugin-->>hooks:Check hook
simplePlugin-->>-simpleTabs:.
end
simpleTabs->>LDAP:Move (if dn changed)
loop each tab
simpleTabs->>+simplePlugin:Save
simplePlugin-->>hooks:Pre hook
simplePlugin->>LDAP:save
simplePlugin-->>simplePlugin:Forein key handling
simplePlugin-->>hooks:Post hook
simplePlugin-->>-simpleTabs:.
end
Notes
- An error in pre hook or tab save cancels a tab saving (only this tab)
- An error in main object creation cancels whole creation (obviously)
- When hooks are running, partial data is in the LDAP
- When errors are met upon creation in a tab, object is partially created
We should change to something that runs all pre-save computing, then runs a single LDAP operation, the runs post-save computing. But, we need to keep in mind that this is only the simple case, and some plugins do lots of other things in their save method. They may modify other objects or subnodes, some will call APIs to update other systems. All of which would become part of post-save computing, and run only if LDAP modification passed.
If we go this road, we might also want to look into making both previous and future values of attributes to hooks as this is a current limitation.
The new workflow should be:
sequenceDiagram
loop each tab
simpleTabs->>+simplePlugin:Check
simplePlugin-->>simplePlugin:Check attribute values
simplePlugin-->>hooks:Check hook
simplePlugin-->>-simpleTabs:.
end
loop each tab
simpleTabs->>+simplePlugin:PrepareSave
simplePlugin-->>simplePlugin:Fill LDAP operation
simplePlugin-->>hooks:Pre hook
simplePlugin-->>-simpleTabs:.
end
simpleTabs->>LDAP:Move (if dn changed)
simpleTabs->>LDAP:Save (ldap_modify_batch)
loop each tab
simpleTabs->>+simplePlugin:PostSave
simplePlugin-->>simplePlugin:Non-LDAP save
simplePlugin-->>simplePlugin:Forein key handling
simplePlugin-->>hooks:Post hook
simplePlugin-->>-simpleTabs:.
end
- Is it necessary to split move and save?
- Should the Save LDAP call go through simplePlugin main tab?
- Hooks should only be called if the tab changed (except check hooks).
- We may want special posthook that are called after complete saving, and lock release
- We may want normal posthook to happen in a separate loop after non-ldap save anyway
- We need to design how LDAP save in other objects happens. For instance when modifying a sub object, or when modifying another object (DNS configuration from system edition for instance)
- How can we give hooks access to before/after values of attributes?
- How can we easily allow hooks to alter attributes?
- How can we give hooks API tokens?
The hooks questions seems to be pointing to allow hooks to edit the LDAP modification array, but that means forcing them to use LDAP syntax for attributes. In which case maybe the best would be to use LDIF format as in/out of hooks.