mirror of https://github.com/apache/cloudstack.git
Add missing table acl_group_role_map, as well as adding columns.
This commit is contained in:
Min Chen
parent
7b4998fcd8
commit
354588611a
|
|
@ -24,9 +24,10 @@ import java.sql.ResultSet;
|
|||
import java.sql.SQLException;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.cloudstack.acl.RoleType;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import org.apache.cloudstack.acl.RoleType;
|
||||
|
||||
import com.cloud.utils.PropertiesUtil;
|
||||
import com.cloud.utils.exception.CloudRuntimeException;
|
||||
import com.cloud.utils.script.Script;
|
||||
|
|
@ -62,6 +63,7 @@ public class Upgrade420to430 implements DbUpgrade {
|
|||
@Override
|
||||
public void performDataMigration(Connection conn) {
|
||||
populateACLGroupAccountMap(conn);
|
||||
populateACLGroupRoleMap(conn);
|
||||
populateACLRoleBasedAPIPermission(conn);
|
||||
}
|
||||
|
||||
|
|
@ -74,7 +76,7 @@ public class Upgrade420to430 implements DbUpgrade {
|
|||
s_logger.debug("Populating acl_group_account_map table for existing accounts...");
|
||||
try {
|
||||
acctInsert = conn
|
||||
.prepareStatement("INSERT INTO `cloud`.`acl_group_account_map` (group_id, account_id) values(?, ?)");
|
||||
.prepareStatement("INSERT INTO `cloud`.`acl_group_account_map` (group_id, account_id, created) values(?, ?, Now())");
|
||||
acctQuery = conn
|
||||
.prepareStatement("select id, type from `cloud`.`account` where removed is null");
|
||||
rs = acctQuery.executeQuery();
|
||||
|
|
@ -110,13 +112,47 @@ public class Upgrade420to430 implements DbUpgrade {
|
|||
s_logger.debug("Completed populate acl_group_account_map for existing accounts.");
|
||||
}
|
||||
|
||||
// populate acl_group_role_map table for existing accounts
|
||||
private void populateACLGroupRoleMap(Connection conn) {
|
||||
PreparedStatement sqlInsert = null;
|
||||
ResultSet rs = null;
|
||||
|
||||
s_logger.debug("Populating acl_group_role_map table for default groups and roles...");
|
||||
try {
|
||||
sqlInsert = conn
|
||||
.prepareStatement("INSERT INTO `cloud`.`acl_group_role_map` (group_id, role_id, created) values(?, ?, Now())");
|
||||
for (int i = 1; i < 6; i++) {
|
||||
// insert entry in acl_group_role_map table, 1 to 1 mapping for default group and role
|
||||
sqlInsert.setLong(1, i);
|
||||
sqlInsert.setLong(2, i);
|
||||
sqlInsert.executeUpdate();
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
String msg = "Unable to populate acl_group_role_map for default groups and roles." + e.getMessage();
|
||||
s_logger.error(msg);
|
||||
throw new CloudRuntimeException(msg, e);
|
||||
} finally {
|
||||
try {
|
||||
if (rs != null) {
|
||||
rs.close();
|
||||
}
|
||||
|
||||
if (sqlInsert != null) {
|
||||
sqlInsert.close();
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
}
|
||||
}
|
||||
s_logger.debug("Completed populate acl_group_role_map for existing accounts.");
|
||||
}
|
||||
|
||||
private void populateACLRoleBasedAPIPermission(Connection conn) {
|
||||
// read the commands.properties.in and populate the table
|
||||
PreparedStatement apiInsert = null;
|
||||
|
||||
s_logger.debug("Populating acl_api_permission table for existing commands...");
|
||||
try {
|
||||
apiInsert = conn.prepareStatement("INSERT INTO `cloud`.`acl_api_permission` (role_id, api) values(?, ?)");
|
||||
apiInsert = conn.prepareStatement("INSERT INTO `cloud`.`acl_api_permission` (role_id, api, created) values(?, ?, Now())");
|
||||
|
||||
Map<String, String> commandMap = PropertiesUtil.processConfigFile(new String[] { "commands.properties" });
|
||||
for (Map.Entry<String, String> entry : commandMap.entrySet()) {
|
||||
|
|
|
|||
|
|
@ -286,6 +286,7 @@ CREATE VIEW `cloud`.`template_view` AS
|
|||
CREATE TABLE `cloud`.`acl_group` (
|
||||
`id` bigint unsigned NOT NULL UNIQUE auto_increment,
|
||||
`name` varchar(255) NOT NULL,
|
||||
`description` varchar(255) default NULL,
|
||||
`uuid` varchar(40),
|
||||
`removed` datetime COMMENT 'date the group was removed',
|
||||
`created` datetime COMMENT 'date the group was created',
|
||||
|
|
@ -298,6 +299,8 @@ CREATE TABLE `cloud`.`acl_group_account_map` (
|
|||
`id` bigint unsigned NOT NULL auto_increment,
|
||||
`group_id` bigint unsigned NOT NULL,
|
||||
`account_id` bigint unsigned NOT NULL,
|
||||
`removed` datetime COMMENT 'date the account was removed from the group',
|
||||
`created` datetime COMMENT 'date the account was assigned to the group',
|
||||
PRIMARY KEY (`id`),
|
||||
CONSTRAINT `fk_acl_group_vm_map___group_id` FOREIGN KEY(`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `fk_acl_group_vm_map___account_id` FOREIGN KEY(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE
|
||||
|
|
@ -306,6 +309,7 @@ CREATE TABLE `cloud`.`acl_group_account_map` (
|
|||
CREATE TABLE `cloud`.`acl_role` (
|
||||
`id` bigint unsigned NOT NULL UNIQUE auto_increment,
|
||||
`name` varchar(255) NOT NULL,
|
||||
`description` varchar(255) default NULL,
|
||||
`uuid` varchar(40),
|
||||
`removed` datetime COMMENT 'date the role was removed',
|
||||
`created` datetime COMMENT 'date the role was created',
|
||||
|
|
@ -314,23 +318,36 @@ CREATE TABLE `cloud`.`acl_role` (
|
|||
CONSTRAINT `uc_acl_role__uuid` UNIQUE (`uuid`)
|
||||
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
|
||||
|
||||
CREATE TABLE `cloud`.`acl_group_role_map` (
|
||||
`id` bigint unsigned NOT NULL auto_increment,
|
||||
`group_id` bigint unsigned NOT NULL,
|
||||
`role_id` bigint unsigned NOT NULL,
|
||||
`removed` datetime COMMENT 'date the role was revoked from the group',
|
||||
`created` datetime COMMENT 'date the role was granted to the group',
|
||||
PRIMARY KEY (`id`),
|
||||
CONSTRAINT `fk_acl_group_role_map___group_id` FOREIGN KEY(`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `fk_acl_group_role_map___role_id` FOREIGN KEY(`role_id`) REFERENCES `acl_role` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, uuid, created) VALUES (1,'NORMAL', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, uuid, created) VALUES (2, 'ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, uuid, created) VALUES (3, 'DOMAIN_ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, uuid, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, uuid, created) VALUES (5, 'READ_ONLY_ADMIN', UUID(), Now());
|
||||
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, uuid, created) VALUES (1, 'NORMAL', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, uuid, created) VALUES (2, 'ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, uuid, created) VALUES (3, 'DOMAIN_ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, uuid, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, uuid, created) VALUES (5, 'READ_ONLY_ADMIN', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, description, uuid, created) VALUES (1,'NORMAL', 'Domain user role', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, description, uuid, created) VALUES (2, 'ADMIN', 'Root admin role', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, description, uuid, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, description, uuid, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_role` (id, name, description, uuid, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), Now());
|
||||
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, created) VALUES (2, 'ADMIN', 'Root admin group', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin group', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin group', UUID(), Now());
|
||||
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin group', UUID(), Now());
|
||||
|
||||
CREATE TABLE `cloud`.`acl_api_permission` (
|
||||
`id` bigint unsigned NOT NULL UNIQUE auto_increment,
|
||||
`role_id` bigint unsigned NOT NULL,
|
||||
`api` varchar(255) NOT NULL,
|
||||
`removed` datetime COMMENT 'date the permission was revoked',
|
||||
`created` datetime COMMENT 'date the permission was granted',
|
||||
PRIMARY KEY (`id`),
|
||||
CONSTRAINT `fk_acl_api_permission___role_id` FOREIGN KEY(`role_id`) REFERENCES `acl_role` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
|
@ -341,6 +358,8 @@ CREATE TABLE `cloud`.`acl_entity_permission` (
|
|||
`entity_type` varchar(100) NOT NULL,
|
||||
`entity_id` bigint unsigned NOT NULL,
|
||||
`access_type` varchar(40) NOT NULL,
|
||||
`removed` datetime COMMENT 'date the permission was revoked',
|
||||
`created` datetime COMMENT 'date the permission was granted',
|
||||
PRIMARY KEY (`id`),
|
||||
CONSTRAINT `fk_acl_entity_permission___group_id` FOREIGN KEY(`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
|
|
|||
Loading…
Reference in New Issue