From 6ce68b93ccfe23c4001713ae38c6422029891726 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Tue, 11 Dec 2012 14:10:36 -0800 Subject: [PATCH] api: Fix APIAccessChecker and StaticRoleBasedAPIAccessChecker - Add getCmd api interface in APIAccessChecker adapter to get cmd properties - Add mechanism in StaticRoleBasedAPIAccessChecker to get config properties - Add public interface to get the cmd properties for the adapter impl Signed-off-by: Rohit Yadav --- api/src/com/cloud/acl/APIAccessChecker.java | 8 ++++++-- .../cloud/acl/StaticRoleBasedAPIAccessChecker.java | 14 +++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/api/src/com/cloud/acl/APIAccessChecker.java b/api/src/com/cloud/acl/APIAccessChecker.java index 4ccf49f49fb..234f665cfe4 100644 --- a/api/src/com/cloud/acl/APIAccessChecker.java +++ b/api/src/com/cloud/acl/APIAccessChecker.java @@ -16,6 +16,8 @@ // under the License. package com.cloud.acl; +import java.util.Properties; + import com.cloud.exception.PermissionDeniedException; import com.cloud.user.Account; import com.cloud.user.User; @@ -25,6 +27,8 @@ import com.cloud.utils.component.Adapter; * APIAccessChecker checks the ownership and access control to API requests */ public interface APIAccessChecker extends Adapter { - - boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException; + // Interface for checking access to an API for a user + boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException; + // Interface for getting API Cmd properties + Properties getApiCommands(); } diff --git a/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java b/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java index cff098a3a52..29dbc13b0f4 100644 --- a/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java +++ b/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java @@ -61,6 +61,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA private static List s_resourceDomainAdminCommands = null; private static List s_allCommands = null; private static List s_pluggableServiceCommands = null; + private Properties _apiCommands = null; protected @Inject AccountManager _accountMgr; @@ -90,6 +91,11 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA return commandExists; } + @Override + public Properties getApiCommands() { + return _apiCommands; + } + private static boolean isCommandAvailableForAccount(short accountType, String commandName) { boolean isCommandAvailable = false; switch (accountType) { @@ -140,6 +146,9 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA private void processConfigFiles(String[] apiConfig, boolean pluggableServicesConfig) { try { + if (_apiCommands == null) + _apiCommands = new Properties(); + Properties preProcessedCommands = new Properties(); if (apiConfig != null) { for (String configFile : apiConfig) { @@ -161,7 +170,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA for (Object key : preProcessedCommands.keySet()) { String preProcessedCommand = preProcessedCommands.getProperty((String) key); String[] commandParts = preProcessedCommand.split(";"); - + _apiCommands.setProperty(key.toString(), commandParts[0]); if (pluggableServicesConfig) { s_pluggableServiceCommands.add(commandParts[0]); @@ -196,8 +205,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA } catch (FileNotFoundException fnfex) { s_logger.error("Unable to find properties file", fnfex); } catch (IOException ioex) { - s_logger.error("Exception loading properties file", ioex); + s_logger.error("IO Exception loading properties file", ioex); } } - }