[jboss-jira] [JBoss JIRA] (WFCORE-580) Recursive read-resource with include-runtime=true assumes all runtime singleton resources will be present.

[ https://issues.jboss.org/browse/WFCORE-580?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-580: ------------------------------------ Description: Take the following hierarchy: - {code} keystore=xxx alias=yyy certificate-chain=default certificate-chain=x509 {code} keystore is a regular resource with storage=configuration. alias is a regular resource with storage=runtime certificate-chain=default and certificate-chain=x509 are regular resources with storage=runtime. So alias represents a single alias from a Java KeyStore, this may or may not have a certificate chain and it may be a default chain or it may be an x509 chain. The recursive read-resource is fine with regular resources such as alias as it has to rely on the underlying resource implementation to identify the instances that actually exist. For the singleton resources however the following method is called: - {code} org.jboss.as.controller.operations.global.GlobalOperationHandlers.getChildAddresses(OperationContext, PathAddress, ImmutableManagementResourceRegistration, Resource, String) {code} Within this method the following check takes place: - {code} if (resource != null && resource.hasChildren(childType)) { Set<String> childNames = resource.getChildrenNames(childType); if (element.isWildcard()) { set.addAll(childNames); } else if (childNames.contains(element.getValue())) { set.add(element.getValue()); } {code} Up to this point all is fine, the children the resource claims are available are the only ones added. But further down this happens: - {code} if (!element.isWildcard()) { ImmutableManagementResourceRegistration childReg = registry.getSubModel(PathAddress.pathAddress(element)); if (childReg != null && childReg.isRuntimeOnly()) { set.add(element.getValue()); } } {code} So even though the resource was previously checked and missing children excluded they are now added back. The end result in this example is that the recursive read resource attempts to read for certificate-chain=default when it should only be reading for certificate-chain=x509 as already reported by the resource implementation. was: Take the following hierarchy: - keystore=xxx alias=yyy certificate-chain=default certificate-chain=x509 keystore is a regular resource with storage=configuration. alias is a regular resource with storage=runtime certificate-chain=default and certificate-chain=x509 are regular resources with storage=runtime. So alias represents a single alias from a Java KeyStore, this may or may not have a certificate chain and it may be a default chain or it may be an x509 chain. The recursive read-resource is fine with regular resources such as alias as it has to rely on the underlying resource implementation to identify the instances that actually exist. For the singleton resources however the following method is called: - {code} org.jboss.as.controller.operations.global.GlobalOperationHandlers.getChildAddresses(OperationContext, PathAddress, ImmutableManagementResourceRegistration, Resource, String) {code} Within this method the following check takes place: - {code} if (resource != null && resource.hasChildren(childType)) { Set<String> childNames = resource.getChildrenNames(childType); if (element.isWildcard()) { set.addAll(childNames); } else if (childNames.contains(element.getValue())) { set.add(element.getValue()); } {code} Up to this point all is fine, the children the resource claims are available are the only ones added. But further down this happens: - {code} if (!element.isWildcard()) { ImmutableManagementResourceRegistration childReg = registry.getSubModel(PathAddress.pathAddress(element)); if (childReg != null && childReg.isRuntimeOnly()) { set.add(element.getValue()); } } {code} So even though the resource was previously checked and missing children excluded they are now added back. The end result in this example is that the recursive read resource attempts to read for certificate-chain=default when it should only be reading for certificate-chain=x509 as already reported by the resource implementation. -- This message was sent by Atlassian JIRA (v6.3.11#6341)