etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug 7466: adding a whole bunch of new apis for accounts and users; merging account locking and disabling into one; preventing account manipulation on user disabling; disabling user lock

This commit is contained in:
abhishek 2010-12-14 15:18:52 -08:00
parent 1f2ff1bec2
commit 6ae9e73c0b
16 changed files with 445 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/src/com/cloud/api/ApiConstants.java
View File

@ -92,6 +92,7 @@ public class ApiConstants {
public static final String JOB_STATUS = "jobstatus";
public static final String LASTNAME = "lastname";
public static final String LEVEL = "level";
public static final String LOCK = "lock";
public static final String LUN = "lun";
public static final String MAX = "max";
public static final String MAX_SNAPS = "maxsnaps";

4
api/src/com/cloud/api/ResponseGenerator.java
View File

@ -205,4 +205,8 @@ public interface ResponseGenerator {
NetworkResponse createNetworkResponse(Network network);
UserResponse createUserResponse(User user);
UserResponse createUserAccountResponse(UserAccount user);
}

135
api/src/com/cloud/api/commands/CreateAccountCmd.java Normal file
View File

@ -0,0 +1,135 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.UserResponse;
import com.cloud.user.UserAccount;
@Implementation(description="Creates an account", responseObject=UserResponse.class)
public class CreateAccountCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(CreateAccountCmd.class.getName());
private static final String s_name = "createaccountresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
private String accountName;
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, required=true, description="Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Long accountType;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Creates the user under the specified domain.")
private Long domainId;
@Parameter(name=ApiConstants.EMAIL, type=CommandType.STRING, required=true, description="email")
private String email;
@Parameter(name=ApiConstants.FIRSTNAME, type=CommandType.STRING, required=true, description="firstname")
private String firstname;
@Parameter(name=ApiConstants.LASTNAME, type=CommandType.STRING, required=true, description="lastname")
private String lastname;
@Parameter(name=ApiConstants.PASSWORD, type=CommandType.STRING, required=true, description="Hashed password (Default is MD5). If you wish to use any other hashing algorithm, you would need to write a custom authentication adapter See Docs section.")
private String password;
@Parameter(name=ApiConstants.TIMEZONE, type=CommandType.STRING, description="Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
private String timezone;
@Parameter(name=ApiConstants.USERNAME, type=CommandType.STRING, required=true, description="Unique username.")
private String username;
@Parameter(name=ApiConstants.NETWORK_DOMAIN, type=CommandType.STRING, description="Network domain name of the Vms that belong to the domain")
private String networkdomain;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getAccountName() {
return accountName;
}
public Long getAccountType() {
return accountType;
}
public Long getDomainId() {
return domainId;
}
public String getEmail() {
return email;
}
public String getFirstname() {
return firstname;
}
public String getLastname() {
return lastname;
}
public String getPassword() {
return password;
}
public String getTimezone() {
return timezone;
}
public String getUsername() {
return username;
}
public String getNetworkdomain() {
return networkdomain;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public void execute(){
UserAccount user = _accountService.createAccount(this);
if (user != null) {
UserResponse response = _responseGenerator.createUserAccountResponse(user);
response.setResponseName(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to create a user account");
}
}
}

24
api/src/com/cloud/api/commands/CreateUserCmd.java
View File

@ -16,8 +16,8 @@
*
*/
package com.cloud.api.commands;
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
@ -26,9 +26,9 @@ import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.UserResponse;
import com.cloud.user.UserAccount;
import com.cloud.user.User;
@Implementation(description="Creates a user account", responseObject=UserResponse.class)
@Implementation(description="Creates a user for an account that already exists", responseObject=UserResponse.class)
public class CreateUserCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(CreateUserCmd.class.getName());
@ -41,9 +41,6 @@ public class CreateUserCmd extends BaseCmd {
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
private String accountName;
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, required=true, description="Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Long accountType;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Creates the user under the specified domain.")
private Long domainId;
@ -64,10 +61,6 @@ public class CreateUserCmd extends BaseCmd {
@Parameter(name=ApiConstants.USERNAME, type=CommandType.STRING, required=true, description="Unique username.")
private String username;
@Parameter(name=ApiConstants.NETWORK_DOMAIN, type=CommandType.STRING, description="Network domain name of the Vms that belong to the domain")
private String networkdomain;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@ -77,10 +70,6 @@ public class CreateUserCmd extends BaseCmd {
return accountName;
}
public Long getAccountType() {
return accountType;
}
public Long getDomainId() {
return domainId;
}
@ -109,9 +98,6 @@ public class CreateUserCmd extends BaseCmd {
return username;
}
public String getNetworkdomain() {
return networkdomain;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@ -123,7 +109,7 @@ public class CreateUserCmd extends BaseCmd {
@Override
public void execute(){
UserAccount user = _accountService.createUser(this);
User user = _accountService.createUser(this);
if (user != null) {
UserResponse response = _responseGenerator.createUserResponse(user);
response.setResponseName(getCommandName());

101
api/src/com/cloud/api/commands/DeleteAccountCmd.java Normal file
View File

@ -0,0 +1,101 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.user.Account;
import com.cloud.user.User;
import com.cloud.user.UserContext;
@Implementation(description="Deletes a account, and all users associated with this account", responseObject=SuccessResponse.class)
public class DeleteAccountCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeleteAccountCmd.class.getName());
private static final String s_name = "deleteaccountresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="Account id")
private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
public static String getStaticName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
Account account = UserContext.current().getAccount();
if (account != null) {
return account.getId();
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
@Override
public String getEventType() {
return EventTypes.EVENT_ACCOUNT_DELETE;
}
@Override
public String getEventDescription() {
User user = _responseGenerator.findUserById(getId());
return (user != null ? ("User " + user.getUsername() + " (id: " + user.getId() + ") and accountId = " + user.getAccountId()) : "user delete, but this user does not exist in the system");
}
@Override
public void execute(){
boolean result = _accountService.deleteUserAccount(this);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to delete user account and all corresponding users");
}
}
}

58
api/src/com/cloud/api/commands/DeleteUserCmd.java
View File

@ -16,35 +16,31 @@
*
*/
package com.cloud.api.commands;
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.user.Account;
import com.cloud.user.User;
import com.cloud.user.UserContext;
import com.cloud.api.response.UserResponse;
@Implementation(description="Creates a user for an account", responseObject=UserResponse.class)
public class DeleteUserCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(DeleteUserCmd.class.getName());
private static final String s_name = "deleteuserresponse";
@Implementation(description="Deletes a user account", responseObject=SuccessResponse.class)
public class DeleteUserCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeleteUserCmd.class.getName());
private static final String s_name = "deleteuserresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="User id")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="Deletes a user")
private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -53,41 +49,15 @@ public class DeleteUserCmd extends BaseAsyncCmd {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
public static String getStaticName() {
return s_name;
}
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
Account account = UserContext.current().getAccount();
if (account != null) {
return account.getId();
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
public String getCommandName() {
return s_name;
}
@Override
public String getEventType() {
return EventTypes.EVENT_USER_DELETE;
}
@Override
public String getEventDescription() {
User user = _responseGenerator.findUserById(getId());
return (user != null ? ("User " + user.getUsername() + " (id: " + user.getId() + ") and accountId = " + user.getAccountId()) : "user delete, but this user does not exist in the system");
}
@Override
public void execute(){
boolean result = _accountService.deleteUser(this);
@ -98,4 +68,4 @@ public class DeleteUserCmd extends BaseAsyncCmd {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to delete user");
}
}
}
}

11
api/src/com/cloud/api/commands/DisableAccountCmd.java
View File

@ -45,6 +45,9 @@ public class DisableAccountCmd extends BaseAsyncCmd {
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, required=true, description="Disables specified account in this domain.")
private Long domainId;
@Parameter(name=ApiConstants.LOCK, type=CommandType.BOOLEAN, required=true, description="If true, only lock the account; else disable the account")
private Boolean lockRequested;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -88,13 +91,17 @@ public class DisableAccountCmd extends BaseAsyncCmd {
@Override
public void execute(){
Account result = _accountService.disableAccount(this);
Account result = null;
if(lockRequested)
result = _accountService.lockAccount(this);
else
result = _accountService.disableAccount(this);
if (result != null){
AccountResponse response = _responseGenerator.createAccountResponse(result);
response.setResponseName(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to disable account");
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, lockRequested == true ? "Failed to lock account" : "Failed to disable account" );
}
}
}

3
api/src/com/cloud/api/commands/LockAccountCmd.java
View File

@ -66,7 +66,8 @@ public class LockAccountCmd extends BaseCmd {
@Override
public void execute(){
Account result = _accountService.lockAccount(this);
Account result = null;
//result = _accountService.lockAccount(this);
if (result != null){
AccountResponse response = _responseGenerator.createAccountResponse(result);
response.setResponseName(getCommandName());

3
api/src/com/cloud/event/EventTypes.java
View File

@ -65,6 +65,9 @@ public class EventTypes {
// Account events
public static final String EVENT_ACCOUNT_DISABLE = "ACCOUNT.DISABLE";
public static final String EVENT_ACCOUNT_CREATE = "ACCOUNT.CREATE";
public static final String EVENT_ACCOUNT_DELETE = "ACCOUNT.DELETE";
// UserVO Events
public static final String EVENT_USER_LOGIN = "USER.LOGIN";

13
api/src/com/cloud/user/AccountService.java
View File

@ -19,7 +19,9 @@ package com.cloud.user;
import java.util.List;
import com.cloud.api.commands.CreateAccountCmd;
import com.cloud.api.commands.CreateUserCmd;
import com.cloud.api.commands.DeleteAccountCmd;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.DisableAccountCmd;
import com.cloud.api.commands.DisableUserCmd;
@ -42,13 +44,13 @@ public interface AccountService {
* @param cmd the create command that has the username, email, password, account name, domain, timezone, etc. for creating the user.
* @return the user if created successfully, null otherwise
*/
UserAccount createUser(CreateUserCmd cmd);
UserAccount createAccount(CreateAccountCmd cmd);
/**
* Deletes a user by userId
* @param cmd - the delete command defining the id of the user to be deleted.
* @return true if delete was successful, false otherwise
*/
boolean deleteUser(DeleteUserCmd cmd);
boolean deleteUserAccount(DeleteAccountCmd cmd);
/**
* Disables a user by userId
@ -101,7 +103,8 @@ public interface AccountService {
* @param cmd - the LockAccount command defining the accountId to be locked.
* @return account object
*/
Account lockAccount(LockAccountCmd cmd);
//Account lockAccount(LockAccountCmd cmd);
Account lockAccount(DisableAccountCmd cmd);
/**
* Updates an account name
@ -132,5 +135,9 @@ public interface AccountService {
Account getSystemAccount();
User getSystemUser();
User createUser(CreateUserCmd cmd);
boolean deleteUser(DeleteUserCmd deleteUserCmd);
}

6
client/tomcatconf/commands.properties.in
View File

@ -2,6 +2,8 @@
### Please standardize naming conventions to camel-case (even for acronyms).
### Account commands
createAccount=com.cloud.api.commands.CreateAccountCmd;1
deleteAccount=com.cloud.api.commands.DeleteAccountCmd;1
updateAccount=com.cloud.api.commands.UpdateAccountCmd;3
disableAccount=com.cloud.api.commands.DisableAccountCmd;3
enableAccount=com.cloud.api.commands.EnableAccountCmd;3
@ -10,10 +12,10 @@ listAccounts=com.cloud.api.commands.ListAccountsCmd;15
#### User commands
createUser=com.cloud.api.commands.CreateUserCmd;1
updateUser=com.cloud.api.commands.UpdateUserCmd;1
deleteUser=com.cloud.api.commands.DeleteUserCmd;1
updateUser=com.cloud.api.commands.UpdateUserCmd;1
listUsers=com.cloud.api.commands.ListUsersCmd;7
lockUser=com.cloud.api.commands.LockUserCmd;3
####lockUser=com.cloud.api.commands.LockUserCmd;3
disableUser=com.cloud.api.commands.DisableUserCmd;3
enableUser=com.cloud.api.commands.EnableUserCmd;3

49
server/src/com/cloud/api/ApiResponseHelper.java
View File

@ -28,6 +28,7 @@ import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.GNOME.Accessibility._AccessibleStub;
import org.apache.log4j.Logger;
import com.cloud.api.commands.QueryAsyncJobResultCmd;
@ -135,6 +136,7 @@ import com.cloud.storage.snapshot.SnapshotPolicy;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.test.PodZoneConfig;
import com.cloud.user.Account;
import com.cloud.user.AccountVO;
import com.cloud.user.User;
import com.cloud.user.UserAccount;
import com.cloud.user.UserContext;
@ -180,6 +182,53 @@ public class ApiResponseHelper implements ResponseGenerator {
return userResponse;
}
@Override
public UserResponse createUserResponse(User user) {
UserResponse userResponse = new UserResponse();
Account account = ApiDBUtils.findAccountById(user.getAccountId());
userResponse.setAccountName(account.getAccountName());
userResponse.setAccountType(account.getType());
userResponse.setCreated(user.getCreated());
userResponse.setDomainId(account.getDomainId());
userResponse.setDomainName(ApiDBUtils.findDomainById(account.getDomainId()).getName());
userResponse.setEmail(user.getEmail());
userResponse.setFirstname(user.getFirstname());
userResponse.setId(user.getId());
userResponse.setLastname(user.getLastname());
userResponse.setState(user.getState());
userResponse.setTimezone(user.getTimezone());
userResponse.setUsername(user.getUsername());
userResponse.setApiKey(user.getApiKey());
userResponse.setSecretKey(user.getSecretKey());
userResponse.setObjectName("user");
return userResponse;
}
//this method is used for response generation via createAccount (which creates an account + user)
@Override
public UserResponse createUserAccountResponse(UserAccount user) {
UserResponse userResponse = new UserResponse();
userResponse.setAccountName(user.getAccountName());
userResponse.setAccountType(user.getType());
userResponse.setCreated(user.getCreated());
userResponse.setDomainId(user.getDomainId());
userResponse.setDomainName(ApiDBUtils.findDomainById(user.getDomainId()).getName());
userResponse.setEmail(user.getEmail());
userResponse.setFirstname(user.getFirstname());
userResponse.setId(user.getId());
userResponse.setLastname(user.getLastname());
userResponse.setState(user.getState());
userResponse.setTimezone(user.getTimezone());
userResponse.setUsername(user.getUsername());
userResponse.setApiKey(user.getApiKey());
userResponse.setSecretKey(user.getSecretKey());
userResponse.setObjectName("account");
return userResponse;
}
@Override
public AccountResponse createAccountResponse(Account account) {
boolean accountIsAdmin = (account.getType() == Account.ACCOUNT_TYPE_ADMIN);

2
server/src/com/cloud/event/EventUtils.java
View File

@ -78,7 +78,7 @@ public class EventUtils {
event.setLevel(level);
event.setStartId(startEventId);
event = _eventDao.persist(event);
return event.getId();
return (event != null ? event.getId() : null);
}
public static Long saveEvent(Long userId, Long accountId, String level, String type, String description, String params, long startEventId) {

7
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -3257,12 +3257,7 @@ public class ManagementServerImpl implements ManagementServer {
sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
List<AccountVO> accounts = _accountDao.search(sc, null);
for (AccountVO account : accounts) {
SearchCriteria<UserVO> userSc = _userDao.createSearchCriteria();
userSc.addAnd("accountId", SearchCriteria.Op.EQ, account.getId());
List<UserVO> users = _userDao.search(userSc, null);
for (UserVO user : users) {
success = (success && _accountMgr.deleteUserInternal(user.getId(), 0));
}
success = (success && _accountMgr.deleteAccountInternal(account.getAccountId(), 0));
}
}

8
server/src/com/cloud/user/AccountManager.java
View File

@ -21,6 +21,7 @@ package com.cloud.user;
import java.util.List;
import com.cloud.acl.ControlledEntity;
import com.cloud.api.commands.CreateUserCmd;
import com.cloud.configuration.ResourceCount;
import com.cloud.configuration.ResourceCount.ResourceType;
import com.cloud.configuration.ResourceLimitVO;
@ -107,9 +108,12 @@ public interface AccountManager extends Manager {
boolean deleteAccount(AccountVO account);
boolean deleteUserInternal(long userId, long startEventId);
void checkAccess(Account account, Domain domain) throws PermissionDeniedException;
void checkAccess(Account account, ControlledEntity... entities) throws PermissionDeniedException;
boolean deleteAccountInternal(long accountId, long startEventId);
UserVO createUser(CreateUserCmd cmd);
}

168
server/src/com/cloud/user/AccountManagerImpl.java
View File

@ -30,7 +30,11 @@ import org.apache.log4j.Logger;
import com.cloud.acl.ControlledEntity;
import com.cloud.acl.SecurityChecker;
import com.cloud.api.BaseCmd;
import com.cloud.api.ServerApiException;
import com.cloud.api.commands.CreateAccountCmd;
import com.cloud.api.commands.CreateUserCmd;
import com.cloud.api.commands.DeleteAccountCmd;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.DisableAccountCmd;
import com.cloud.api.commands.DisableUserCmd;
@ -748,42 +752,21 @@ public class AccountManagerImpl implements AccountManager, AccountService {
}
@Override
public boolean deleteUserInternal(long userId, long startEventId) {
UserAccount userAccount = null;
Long accountId = null;
String username = null;
public boolean deleteAccountInternal(long accountId, long startEventId) {
boolean result = false;
try {
UserVO user = _userDao.findById(userId);
accountId = user != null ? user.getAccountId() : 1L;// We cant set it to null.
EventUtils.saveStartedEvent(UserContext.current().getUserId(), accountId, EventTypes.EVENT_USER_DELETE, "Start deleting the user id:" +userId, startEventId);
if (user == null || user.getRemoved() != null) {
result = true;
return result;
}
username = user.getUsername();
result = _userDao.remove(userId);
if (!result) {
s_logger.error("Unable to remove the user with id: " + userId + "; username: " + user.getUsername());
return result;
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("User is removed, id: " + userId + "; username: " + user.getUsername());
List<UserVO> users = _userDao.listByAccount(accountId);
for(UserVO user : users){
//remove each user
_userDao.remove(user.getId());
}
userAccount = _userAccountDao.findByIdIncludingRemoved(userId);
List<UserVO> users = _userDao.listByAccount(accountId);
if (users.size() != 0) {
s_logger.debug("User (" + userId + "/" + user.getUsername() + ") is deleted but there's still other users in the account so not deleting account.");
result = true;
return result;
}
result = _accountDao.remove(accountId);
if (!result) {
s_logger.error("Unable to delete account " + accountId);
return false;
}
if (s_logger.isDebugEnabled()) {
@ -795,18 +778,14 @@ public class AccountManagerImpl implements AccountManager, AccountService {
result = true;
return result;
} catch (Exception e) {
s_logger.error("exception deleting user: " + userId, e);
s_logger.error("exception deleting account: " + accountId, e);
return false;
}finally{
long domainId = 0L;
if (userAccount != null) {
domainId = userAccount.getDomainId();
}
String description = "User " + username + " (id: " + userId + ") for accountId = " + accountId + " and domainId = " + domainId;
String description = "Account:" + accountId ;
if(result){
EventUtils.saveEvent(UserContext.current().getUserId(), accountId, EventVO.LEVEL_INFO, EventTypes.EVENT_USER_DELETE, "Successfully deleted " +description, startEventId);
EventUtils.saveEvent(UserContext.current().getUserId(), accountId, EventVO.LEVEL_INFO, EventTypes.EVENT_ACCOUNT_DELETE, "Successfully deleted " +description, startEventId);
}else{
EventUtils.saveEvent(UserContext.current().getUserId(), accountId, EventVO.LEVEL_ERROR, EventTypes.EVENT_USER_DELETE, "Error deleting " +description, startEventId);
EventUtils.saveEvent(UserContext.current().getUserId(), accountId, EventVO.LEVEL_ERROR, EventTypes.EVENT_ACCOUNT_DELETE, "Error deleting " +description, startEventId);
}
}
}
@ -997,7 +976,7 @@ public class AccountManagerImpl implements AccountManager, AccountService {
@Override
public UserAccount createUser(CreateUserCmd cmd) {
public UserAccount createAccount(CreateAccountCmd cmd) {
Long accountId = null;
String username = cmd.getUsername();
String password = cmd.getPassword();
@ -1019,10 +998,7 @@ public class AccountManagerImpl implements AccountManager, AccountService {
Account account = _accountDao.findActiveAccount(accountName, domainId);
if (account != null) {
if (account.getType() != userType) {
throw new CloudRuntimeException("Account " + accountName + " is not the correct account type for user " + username);
}
accountId = account.getId();
throw new CloudRuntimeException("The specified account: "+account.getAccountName()+" already exists");
}
if (!_userAccountDao.validateUsernameInDomain(username, domainId)) {
@ -1094,6 +1070,54 @@ public class AccountManagerImpl implements AccountManager, AccountService {
}
}
@Override
public UserVO createUser(CreateUserCmd cmd){
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
String userName = cmd.getUsername();
String password = cmd.getPassword();
String firstName = cmd.getFirstname();
String lastName = cmd.getLastname();
String email = cmd.getEmail();
String timeZone = cmd.getTimezone();
Long accountId = null;
Account account = _accountDao.findActiveAccount(accountName, domainId);
if( account == null){
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to find account to create user");
}else{
accountId = account.getAccountId();
}
if (!_userAccountDao.validateUsernameInDomain(userName, domainId)) {
throw new CloudRuntimeException("The user " + userName + " already exists in domain " + domainId);
}
UserVO user = new UserVO();
user.setUsername(userName);
user.setPassword(password);
user.setState("enabled");
user.setFirstname(firstName);
user.setLastname(lastName);
user.setAccountId(accountId.longValue());
user.setEmail(email);
user.setTimezone(timeZone);
if (s_logger.isDebugEnabled()) {
s_logger.debug("Creating user: " + userName + ", account: " + accountName + " (id:" + accountId + "), domain: " + domainId + " timezone:"+ timeZone);
}
UserVO dbUser = _userDao.persist(user);
if (!user.getPassword().equals(dbUser.getPassword())) {
throw new CloudRuntimeException("The user " + userName + " being creating is using a password that is different than what's in the db");
}
EventUtils.saveEvent(new Long(1), new Long(1), EventVO.LEVEL_INFO, EventTypes.EVENT_USER_CREATE, "User, " + userName + " for accountId = " + accountId
+ " and domainId = " + domainId + " was created.");
return dbUser;
}
@Override
public UserAccount updateUser(UpdateUserCmd cmd) throws InvalidParameterValueException {
Long id = cmd.getId();
@ -1206,20 +1230,8 @@ public class AccountManagerImpl implements AccountManager, AccountService {
boolean success = doSetUserStatus(userId, Account.ACCOUNT_STATE_DISABLED);
if (success) {
List<UserVO> allUsersByAccount = _userDao.listByAccount(user.getAccountId());
for (UserVO oneUser : allUsersByAccount) {
if (oneUser.getState().equals(Account.ACCOUNT_STATE_ENABLED)) {
return _userAccountDao.findById(userId);
}
}
// there are no enabled users attached to this user's account, disable the account
if (disableAccount(user.getAccountId())) {
return _userAccountDao.findById(userId);
} else {
throw new CloudRuntimeException("Unable to disable corresponding account for the user " + userId);
}
//user successfully disabled
return _userAccountDao.findById(userId);
} else {
throw new CloudRuntimeException("Unable to disable user " + userId);
}
@ -1318,22 +1330,26 @@ public class AccountManagerImpl implements AccountManager, AccountService {
}
@Override
public boolean deleteUser(DeleteUserCmd cmd) {
Long userId = cmd.getId();
//Verify that the user exists in the system
User user = _userDao.getUser(userId.longValue());
if (user == null) {
throw new InvalidParameterValueException("unable to find user " + userId);
}
//This method deletes the account
public boolean deleteUserAccount(DeleteAccountCmd cmd) {
Long accountId = cmd.getId();
// If the user is a System user, return an error. We do not allow this
Account account = _accountDao.findById(user.getAccountId());
Account account = _accountDao.findById(accountId);
if ((account != null) && (account.getId() == Account.ACCOUNT_ID_SYSTEM)) {
throw new InvalidParameterValueException("user id : " + userId + " is a system account, delete is not allowed");
throw new InvalidParameterValueException("Account id : " + accountId + " is a system account, delete is not allowed");
}
return deleteUserInternal(userId, cmd.getStartEventId());
if(account == null){
throw new InvalidParameterValueException("The specified account does not exist in the system");
}
if(account.getRemoved() != null){
s_logger.info("The account:"+account.getAccountName()+" is already removed");
return true;
}
return deleteAccountInternal(accountId, cmd.getStartEventId());
}
@ -1371,7 +1387,7 @@ public class AccountManagerImpl implements AccountManager, AccountService {
}
@Override
public AccountVO lockAccount(LockAccountCmd cmd) {
public AccountVO lockAccount(DisableAccountCmd cmd) {
Account adminAccount = UserContext.current().getAccount();
Long domainId = cmd.getDomainId();
String accountName = cmd.getAccountName();
@ -1464,4 +1480,20 @@ public class AccountManagerImpl implements AccountManager, AccountService {
}
}
@Override
public boolean deleteUser(DeleteUserCmd deleteUserCmd) {
long id = deleteUserCmd.getId();
UserVO user = _userDao.findById(id);
if(user == null)
throw new InvalidParameterValueException("The specified user doesn't exist in the system");
if ((user != null) && (user.getAccountId() == Account.ACCOUNT_ID_SYSTEM)) {
throw new InvalidParameterValueException("Account id : " + user.getAccountId() + " is a system account, delete for user associated with this account is not allowed");
}
return _userDao.remove(id);
}
}