diff --git a/server/src/com/cloud/api/commands/LockAccountCmd.java b/server/src/com/cloud/api/commands/LockAccountCmd.java index dc6e2bb76cb..0bab944b63e 100644 --- a/server/src/com/cloud/api/commands/LockAccountCmd.java +++ b/server/src/com/cloud/api/commands/LockAccountCmd.java @@ -17,29 +17,18 @@ */ package com.cloud.api.commands; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - import org.apache.log4j.Logger; import com.cloud.api.BaseCmd; +import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.ServerApiException; -import com.cloud.user.Account; -import com.cloud.utils.Pair; - +import com.cloud.api.BaseCmd.Manager; + +@Implementation(method="lockAccount", manager=Manager.ManagementServer) public class LockAccountCmd extends BaseCmd { public static final Logger s_logger = Logger.getLogger(LockAccountCmd.class.getName()); private static final String s_name = "lockaccountresponse"; - private static final List> s_properties = new ArrayList>(); - - static { - s_properties.add(new Pair(BaseCmd.Properties.ACCOUNT, Boolean.TRUE)); - s_properties.add(new Pair(BaseCmd.Properties.DOMAIN_ID, Boolean.TRUE)); - s_properties.add(new Pair(BaseCmd.Properties.ACCOUNT_OBJ, Boolean.FALSE)); - } ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// @@ -70,33 +59,36 @@ public class LockAccountCmd extends BaseCmd { public String getName() { return s_name; } - public List> getProperties() { - return s_properties; - } - @Override - public List> execute(Map params) { - Account adminAccount = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); - Long domainId = (Long)params.get(BaseCmd.Properties.DOMAIN_ID.getName()); - String accountName = (String)params.get(BaseCmd.Properties.ACCOUNT.getName()); - - if ((adminAccount != null) && !getManagementServer().isChildDomain(adminAccount.getDomainId(), domainId)) { - throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Failed to lock account " + accountName + " in domain " + domainId + ", permission denied."); - } - - Account account = getManagementServer().findActiveAccount(accountName, domainId); - if (account == null) { - throw new ServerApiException (BaseCmd.PARAM_ERROR, "Unable to find active account with name " + accountName + " in domain " + domainId); - } - - // don't allow modify system account - if (account.getId().longValue() == Account.ACCOUNT_ID_SYSTEM) { - throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "can not lock system account"); - } - - boolean success = getManagementServer().lockAccount(account.getId().longValue()); - List> returnValues = new ArrayList>(); - returnValues.add(new Pair(BaseCmd.Properties.SUCCESS.getName(), Boolean.valueOf(success).toString())); - return returnValues; - } +// @Override +// public List> execute(Map params) { +// Account adminAccount = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); +// Long domainId = (Long)params.get(BaseCmd.Properties.DOMAIN_ID.getName()); +// String accountName = (String)params.get(BaseCmd.Properties.ACCOUNT.getName()); +// +// if ((adminAccount != null) && !getManagementServer().isChildDomain(adminAccount.getDomainId(), domainId)) { +// throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Failed to lock account " + accountName + " in domain " + domainId + ", permission denied."); +// } +// +// Account account = getManagementServer().findActiveAccount(accountName, domainId); +// if (account == null) { +// throw new ServerApiException (BaseCmd.PARAM_ERROR, "Unable to find active account with name " + accountName + " in domain " + domainId); +// } +// +// // don't allow modify system account +// if (account.getId().longValue() == Account.ACCOUNT_ID_SYSTEM) { +// throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "can not lock system account"); +// } +// +// boolean success = getManagementServer().lockAccount(account.getId().longValue()); +// List> returnValues = new ArrayList>(); +// returnValues.add(new Pair(BaseCmd.Properties.SUCCESS.getName(), Boolean.valueOf(success).toString())); +// return returnValues; +// } + + @Override + public String getResponse() { + // TODO Auto-generated method stub + return null; + } } diff --git a/server/src/com/cloud/server/ManagementServer.java b/server/src/com/cloud/server/ManagementServer.java index 35cff7631f8..e87feb807d7 100644 --- a/server/src/com/cloud/server/ManagementServer.java +++ b/server/src/com/cloud/server/ManagementServer.java @@ -29,6 +29,7 @@ import com.cloud.api.commands.CreatePortForwardingServiceRuleCmd; import com.cloud.api.commands.EnableAccountCmd; import com.cloud.api.commands.EnableUserCmd; import com.cloud.api.commands.GetCloudIdentifierCmd; +import com.cloud.api.commands.LockAccountCmd; import com.cloud.api.commands.LockUserCmd; import com.cloud.api.commands.RebootSystemVmCmd; import com.cloud.api.commands.RegisterCmd; @@ -231,7 +232,7 @@ public interface ManagementServer { * @param accountId * @return true if enable was successful, false otherwise */ - boolean lockAccount(long accountId); + boolean lockAccount(LockAccountCmd cmd); /** * Updates an account name diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index 3792826a535..58373c74e55 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -71,6 +71,7 @@ import com.cloud.api.commands.DeployVMCmd; import com.cloud.api.commands.EnableAccountCmd; import com.cloud.api.commands.EnableUserCmd; import com.cloud.api.commands.GetCloudIdentifierCmd; +import com.cloud.api.commands.LockAccountCmd; import com.cloud.api.commands.LockUserCmd; import com.cloud.api.commands.PrepareForMaintenanceCmd; import com.cloud.api.commands.PreparePrimaryStorageForMaintenanceCmd; @@ -1126,7 +1127,7 @@ public class ManagementServerImpl implements ManagementServer { } if (lockAccount) { - success = (success && lockAccount(user.getAccountId())); + success = (success && lockAccountInternal(user.getAccountId())); } } else { if (s_logger.isInfoEnabled()) { @@ -1267,8 +1268,7 @@ public class ManagementServerImpl implements ManagementServer { return success; } - @Override - public boolean lockAccount(long accountId) { + private boolean lockAccountInternal(long accountId) { boolean success = false; Account account = _accountDao.findById(accountId); if (account != null) { @@ -8394,5 +8394,29 @@ public class ManagementServerImpl implements ManagementServer { return true; } + + @Override + public boolean lockAccount(LockAccountCmd cmd) { + + Account adminAccount = (Account)UserContext.current().getAccountObject(); + Long domainId = cmd.getDomainId(); + String accountName = UserContext.current().getAccountName(); + + if ((adminAccount != null) && !_domainDao.isChildDomain(adminAccount.getDomainId(), domainId)) { + throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Failed to lock account " + accountName + " in domain " + domainId + ", permission denied."); + } + + Account account = _accountDao.findActiveAccount(accountName, domainId); + if (account == null) { + throw new ServerApiException (BaseCmd.PARAM_ERROR, "Unable to find active account with name " + accountName + " in domain " + domainId); + } + + // don't allow modify system account + if (account.getId().longValue() == Account.ACCOUNT_ID_SYSTEM) { + throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "can not lock system account"); + } + + return lockAccountInternal(account.getId()); + } }