diff --git a/api/src/com/cloud/network/NetworkProfile.java b/api/src/com/cloud/network/NetworkProfile.java index 542df3e1f64..025b8d21f83 100644 --- a/api/src/com/cloud/network/NetworkProfile.java +++ b/api/src/com/cloud/network/NetworkProfile.java @@ -18,6 +18,8 @@ package com.cloud.network; import java.net.URI; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.Mode; import com.cloud.network.Networks.TrafficType; @@ -276,4 +278,9 @@ public class NetworkProfile implements Network { public String getIp6Cidr() { return ip6Cidr; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Network; + } } diff --git a/api/src/com/cloud/network/vpc/StaticRouteProfile.java b/api/src/com/cloud/network/vpc/StaticRouteProfile.java index 301bb23c382..e3bbc6891e6 100644 --- a/api/src/com/cloud/network/vpc/StaticRouteProfile.java +++ b/api/src/com/cloud/network/vpc/StaticRouteProfile.java @@ -16,6 +16,7 @@ // under the License. package com.cloud.network.vpc; +import org.apache.cloudstack.acl.AclEntityType; public class StaticRouteProfile implements StaticRoute { private long id; @@ -104,4 +105,9 @@ public class StaticRouteProfile implements StaticRoute { return netmask; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.StaticRoute; + } + } diff --git a/api/src/org/apache/cloudstack/acl/AclEntityType.java b/api/src/org/apache/cloudstack/acl/AclEntityType.java index 109c7dcf981..096fcd2073b 100644 --- a/api/src/org/apache/cloudstack/acl/AclEntityType.java +++ b/api/src/org/apache/cloudstack/acl/AclEntityType.java @@ -2,6 +2,39 @@ package org.apache.cloudstack.acl; public enum AclEntityType { // currently supported entity, to be added one by one after we support acl on the entity - VM, - VOLUME; + VirtualMachine, + Volume, + ResourceTag, + Account, + AffinityGroup, + AutoScalePolicy, + AutoScaleVmGroup, + AutoScaleVmProfile, + Condition, + Vpc, + VpcGateway, + VpnUser, + VMSnapshot, + VirtualMachineTemplate, + UserIpv6Address, + StaticRoute, + SSHKeyPair, + Snapshot, + Site2SiteVpnGateway, + Site2SiteVpnConnection, + Site2SiteCustomerGateway, + SecurityGroup, + RemoteAccessVpn, + PublicIpAddress, + ProjectInvitation, + NicSecondaryIp, + NicIpAlias, + Network, + IpAddress, + InstanceGroup, + GlobalLoadBalancerRule, + FirewallRule, + Event, + AclPolicy, + AclGroup; } diff --git a/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java b/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java index 02d557e1b93..c5f5cbede30 100644 --- a/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java +++ b/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java @@ -36,8 +36,17 @@ public interface AclPolicyPermission extends InternalIdentity { Permission getPermission(); public enum Permission { - Allow, - Deny + Allow(true), Deny(false); + + boolean result; + + Permission(boolean result) { + this.result = result; + } + + public boolean isGranted() { + return result; + } } } diff --git a/api/src/org/apache/cloudstack/acl/ControlledEntity.java b/api/src/org/apache/cloudstack/acl/ControlledEntity.java index 3e0412623e2..5b95927f35b 100644 --- a/api/src/org/apache/cloudstack/acl/ControlledEntity.java +++ b/api/src/org/apache/cloudstack/acl/ControlledEntity.java @@ -30,4 +30,5 @@ public interface ControlledEntity extends OwnedBy, PartOf { Domain } + AclEntityType getEntityType(); } diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java index 05a2c5db731..75e87abb10c 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java @@ -22,13 +22,13 @@ import java.util.List; import org.apache.log4j.Logger; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.ApiCommandJobType; import org.apache.cloudstack.api.ApiConstants; import org.apache.cloudstack.api.ApiErrorCode; import org.apache.cloudstack.api.BaseAsyncCmd; import org.apache.cloudstack.api.BaseAsyncCreateCmd; -import org.apache.cloudstack.api.BaseCmd; import org.apache.cloudstack.api.Parameter; import org.apache.cloudstack.api.ServerApiException; import org.apache.cloudstack.api.response.FirewallResponse; @@ -112,7 +112,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F return vpcId; } - + // /////////////////////////////////////////////////// // ///////////// API Implementation/////////////////// @@ -246,7 +246,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F if (getVpcId() != null ){ throw new InvalidParameterValueException("Unable to create firewall rule for the network id=" + networkId + - " as firewall egress rule can be created only for non vpc networks."); + " as firewall egress rule can be created only for non vpc networks."); } try { @@ -287,7 +287,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F return getNetworkId(); } - + @Override public Integer getIcmpCode() { if (icmpCode != null) { @@ -339,4 +339,9 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F return null; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } + } diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java index 9f84152ee9c..53ba0fe4179 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java @@ -19,6 +19,7 @@ package org.apache.cloudstack.api.command.user.firewall; import java.util.ArrayList; import java.util.List; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.ApiCommandJobType; import org.apache.cloudstack.api.ApiConstants; @@ -328,4 +329,9 @@ public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements Firewal return FirewallRule.TrafficType.Ingress; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } + } diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java index ff63d088e96..1ebe3d4c59e 100644 --- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java @@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.firewall; import java.util.List; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.ApiCommandJobType; import org.apache.cloudstack.api.ApiConstants; @@ -398,4 +399,9 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P return null; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } + } diff --git a/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java index 39790fa1faf..4e782304d9d 100644 --- a/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java @@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.nat; import java.util.List; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.ApiCommandJobType; import org.apache.cloudstack.api.ApiConstants; @@ -314,4 +315,9 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta return null; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } + } diff --git a/engine/components-api/src/com/cloud/network/addr/PublicIp.java b/engine/components-api/src/com/cloud/network/addr/PublicIp.java index b18c6912003..c0c10915ccd 100644 --- a/engine/components-api/src/com/cloud/network/addr/PublicIp.java +++ b/engine/components-api/src/com/cloud/network/addr/PublicIp.java @@ -18,6 +18,8 @@ package com.cloud.network.addr; import java.util.Date; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.dc.VlanVO; import com.cloud.network.PublicIpAddress; import com.cloud.network.dao.IPAddressVO; @@ -40,7 +42,7 @@ public class PublicIp implements PublicIpAddress { public static PublicIp createFromAddrAndVlan(IPAddressVO addr, VlanVO vlan) { return new PublicIp(addr, vlan, NetUtils.createSequenceBasedMacAddress(addr.getMacAddress())); } - + @Override public Ip getAddress() { return _addr.getAddress(); @@ -194,7 +196,7 @@ public class PublicIp implements PublicIpAddress { public boolean getSystem() { return _addr.getSystem(); } - + @Override public Long getVpcId() { return _addr.getVpcId(); @@ -232,4 +234,9 @@ public class PublicIp implements PublicIpAddress { public Long getIpMacAddress() { return _addr.getMacAddress(); } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.PublicIpAddress; + } } diff --git a/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java b/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java index 6103689a31b..8c3d557a01a 100644 --- a/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java +++ b/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java @@ -18,6 +18,7 @@ package com.cloud.network.rules; import java.util.List; +import org.apache.cloudstack.acl.AclEntityType; public class StaticNatRuleImpl implements StaticNatRule { long id; @@ -144,4 +145,9 @@ public class StaticNatRuleImpl implements StaticNatRule { return null; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } + } diff --git a/engine/schema/src/com/cloud/event/EventVO.java b/engine/schema/src/com/cloud/event/EventVO.java index 2c30eadebdc..d422fc10c97 100644 --- a/engine/schema/src/com/cloud/event/EventVO.java +++ b/engine/schema/src/com/cloud/event/EventVO.java @@ -29,6 +29,8 @@ import javax.persistence.Id; import javax.persistence.Table; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; @Entity @@ -191,4 +193,9 @@ public class EventVO implements Event { public void setArchived(Boolean archived) { this.archived = archived; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Event; + } } diff --git a/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java b/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java index 70eb12d32b0..d3cc95af15f 100644 --- a/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java +++ b/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java @@ -29,6 +29,8 @@ import javax.persistence.Id; import javax.persistence.Table; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; @Entity @@ -72,10 +74,10 @@ public class UserIpv6AddressVO implements UserIpv6Address { @Column(name="domain_id") private Long domainId = null; - + @Column(name = GenericDao.CREATED_COLUMN) Date created; - + protected UserIpv6AddressVO() { this.uuid = UUID.randomUUID().toString(); } @@ -185,4 +187,9 @@ public class UserIpv6AddressVO implements UserIpv6Address { public void setCreated(Date created) { this.created = created; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.UserIpv6Address; + } } diff --git a/engine/schema/src/com/cloud/network/VpnUserVO.java b/engine/schema/src/com/cloud/network/VpnUserVO.java index 5a8e531893e..f54a13b4cba 100644 --- a/engine/schema/src/com/cloud/network/VpnUserVO.java +++ b/engine/schema/src/com/cloud/network/VpnUserVO.java @@ -27,9 +27,8 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; -import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.acl.AclEntityType; import com.cloud.utils.db.Encrypt; -import org.apache.cloudstack.api.InternalIdentity; @Entity @Table(name=("vpn_users")) @@ -128,4 +127,9 @@ public class VpnUserVO implements VpnUser { public void setUuid(String uuid) { this.uuid = uuid; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.VpnUser; + } } diff --git a/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java b/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java index f8fbcb483f5..f42364afddc 100644 --- a/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java +++ b/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java @@ -29,6 +29,8 @@ import javax.persistence.InheritanceType; import javax.persistence.Table; import com.cloud.utils.db.GenericDao; + +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; @Entity @@ -131,4 +133,9 @@ public class AutoScalePolicyVO implements AutoScalePolicy, InternalIdentity { public void setQuietTime(Integer quietTime) { this.quietTime = quietTime; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.AutoScalePolicy; + } } diff --git a/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java b/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java index d1d85f9e293..9a8c2385745 100644 --- a/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java +++ b/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java @@ -29,6 +29,8 @@ import javax.persistence.InheritanceType; import javax.persistence.Table; import com.cloud.utils.db.GenericDao; + +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; @Entity @@ -188,4 +190,9 @@ public class AutoScaleVmGroupVO implements AutoScaleVmGroup, InternalIdentity { public String getUuid() { return uuid; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.AutoScaleVmGroup; + } } diff --git a/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java b/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java index 011be2b41ca..9b048b940b1 100644 --- a/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java +++ b/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java @@ -33,6 +33,7 @@ import javax.persistence.Inheritance; import javax.persistence.InheritanceType; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.Identity; import com.cloud.utils.Pair; import com.cloud.utils.db.GenericDao; @@ -215,4 +216,9 @@ public class AutoScaleVmProfileVO implements AutoScaleVmProfile, Identity, Inter public long getAutoScaleUserId() { return autoscaleUserId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.AutoScaleVmProfile; + } } diff --git a/engine/schema/src/com/cloud/network/as/ConditionVO.java b/engine/schema/src/com/cloud/network/as/ConditionVO.java index bbae72f2312..e57bef0f58a 100644 --- a/engine/schema/src/com/cloud/network/as/ConditionVO.java +++ b/engine/schema/src/com/cloud/network/as/ConditionVO.java @@ -29,6 +29,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.Identity; import com.cloud.utils.db.GenericDao; import org.apache.cloudstack.api.InternalIdentity; @@ -126,4 +127,9 @@ public class ConditionVO implements Condition, Identity, InternalIdentity { public Date getRemoved() { return removed; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Condition; + } } diff --git a/engine/schema/src/com/cloud/network/dao/IPAddressVO.java b/engine/schema/src/com/cloud/network/dao/IPAddressVO.java index c5f17504603..a4c226760e7 100644 --- a/engine/schema/src/com/cloud/network/dao/IPAddressVO.java +++ b/engine/schema/src/com/cloud/network/dao/IPAddressVO.java @@ -31,6 +31,8 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.network.IpAddress; import com.cloud.utils.net.Ip; @@ -333,4 +335,9 @@ public class IPAddressVO implements IpAddress { public Long getNetworkId() { return sourceNetworkId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.IpAddress; + } } diff --git a/engine/schema/src/com/cloud/network/dao/NetworkVO.java b/engine/schema/src/com/cloud/network/dao/NetworkVO.java index 6580ea054f9..1ca7a93009a 100644 --- a/engine/schema/src/com/cloud/network/dao/NetworkVO.java +++ b/engine/schema/src/com/cloud/network/dao/NetworkVO.java @@ -29,6 +29,7 @@ import javax.persistence.Table; import javax.persistence.TableGenerator; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.acl.ControlledEntity; import com.cloud.network.Network; @@ -562,4 +563,9 @@ public class NetworkVO implements Network { public Long getNetworkACLId() { return networkACLId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Network; + } } diff --git a/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java b/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java index af82281bdc2..349f4bddd0b 100644 --- a/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java +++ b/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java @@ -25,6 +25,8 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.network.RemoteAccessVpn; @Entity @@ -35,13 +37,13 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { @Column(name="network_id") private Long networkId; - + @Column(name="domain_id") private long domainId; @Column(name="vpn_server_addr_id") private long serverAddressId; - + @Column(name="local_ip") private String localIp; @@ -50,22 +52,22 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { @Column(name="ipsec_psk") private String ipsecPresharedKey; - + @Column(name="state") private State state; - + @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name="uuid") private String uuid; @Column(name="vpc_id") private Long vpcId; - - public RemoteAccessVpnVO() { + + public RemoteAccessVpnVO() { this.uuid = UUID.randomUUID().toString(); } @@ -81,12 +83,12 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { this.uuid = UUID.randomUUID().toString(); this.vpcId = vpcId; } - + @Override public State getState() { return state; } - + public void setState(State state) { this.state = state; } @@ -95,7 +97,7 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { public long getAccountId() { return accountId; } - + @Override public long getServerAddressId() { return serverAddressId; @@ -128,7 +130,7 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { public long getDomainId() { return domainId; } - + @Override public Long getNetworkId() { return networkId; @@ -148,4 +150,9 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn { public Long getVpcId() { return vpcId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.RemoteAccessVpn; + } } diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java index fe0a4032819..6a87b622c9d 100644 --- a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java +++ b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -29,6 +29,8 @@ import javax.persistence.Table; import com.cloud.network.Site2SiteCustomerGateway; import com.cloud.utils.db.Encrypt; import com.cloud.utils.db.GenericDao; + +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; @Entity @@ -72,7 +74,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway { @Column(name="domain_id") private Long domainId; - + @Column(name="account_id") private Long accountId; @@ -195,7 +197,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway { public String getUuid() { return uuid; } - + @Override public long getDomainId() { return domainId; @@ -205,4 +207,9 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway { public long getAccountId() { return accountId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Site2SiteCustomerGateway; + } } diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java index d99823f2e0a..ba73b95415a 100644 --- a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java +++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -31,6 +31,8 @@ import javax.persistence.Table; import com.cloud.network.Site2SiteVpnConnection; import com.cloud.network.Site2SiteVpnConnection.State; import com.cloud.utils.db.GenericDao; + +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; @Entity @@ -40,32 +42,32 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name="uuid") - private String uuid; - + private String uuid; + @Column(name="vpn_gateway_id") private long vpnGatewayId; - + @Column(name="customer_gateway_id") private long customerGatewayId; @Column(name="state") @Enumerated(value=EnumType.STRING) private State state; - + @Column(name="domain_id") private Long domainId; - + @Column(name="account_id") private Long accountId; @Column(name=GenericDao.CREATED_COLUMN) private Date created; - + @Column(name=GenericDao.REMOVED_COLUMN) private Date removed; - + @Column(name="passive") private boolean passive; @@ -80,12 +82,12 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna this.domainId = domainId; this.passive = passive; } - + @Override public long getId() { return id; } - + @Override public State getState() { return state; @@ -130,11 +132,11 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna public void setRemoved(Date removed) { this.removed = removed; } - + public String getUuid() { return uuid; } - + @Override public long getDomainId() { return domainId; @@ -152,4 +154,9 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna public void setPassive(boolean passive) { this.passive = passive; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Site2SiteVpnConnection; + } } diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java index 1e12971d973..69b129e7fcf 100644 --- a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java +++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -28,6 +28,8 @@ import javax.persistence.Table; import com.cloud.network.Site2SiteVpnGateway; import com.cloud.utils.db.GenericDao; + +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; @Entity @@ -37,10 +39,10 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name="uuid") - private String uuid; - + private String uuid; + @Column(name="addr_id") private long addrId; @@ -49,13 +51,13 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { @Column(name="domain_id") private Long domainId; - + @Column(name="account_id") private Long accountId; @Column(name=GenericDao.REMOVED_COLUMN) private Date removed; - + public Site2SiteVpnGatewayVO() { } public Site2SiteVpnGatewayVO(long accountId, long domainId, long addrId, long vpcId) { @@ -65,7 +67,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { this.accountId = accountId; this.domainId = domainId; } - + @Override public long getId() { return id; @@ -75,7 +77,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { public long getVpcId() { return vpcId; } - + public void setVpcId(long vpcId) { this.vpcId = vpcId; } @@ -101,7 +103,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { public String getUuid() { return uuid; } - + @Override public long getDomainId() { return domainId; @@ -111,4 +113,9 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { public long getAccountId() { return accountId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Site2SiteVpnGateway; + } } diff --git a/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java index a51c3643353..48a6d7dd440 100644 --- a/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java +++ b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -34,6 +34,8 @@ import javax.persistence.InheritanceType; import javax.persistence.Table; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; import com.cloud.utils.net.NetUtils; @@ -192,7 +194,7 @@ public class FirewallRuleVO implements FirewallRule { this.uuid = UUID.randomUUID().toString(); } - public FirewallRuleVO(String xId, Long ipAddressId, Integer portStart, Integer portEnd, String protocol, + public FirewallRuleVO(String xId, Long ipAddressId, Integer portStart, Integer portEnd, String protocol, long networkId, long accountId, long domainId, Purpose purpose, List sourceCidrs, Integer icmpCode, Integer icmpType, Long related, TrafficType trafficType) { this.xId = xId; @@ -230,7 +232,7 @@ public class FirewallRuleVO implements FirewallRule { this.type = type; } - public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId, + public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId, long domainId, Purpose purpose, List sourceCidrs, Integer icmpCode, Integer icmpType, Long related) { this(xId, ipAddressId, port, port, protocol, networkId, accountId, domainId, purpose, sourceCidrs, icmpCode, icmpType, related, null); } @@ -272,4 +274,9 @@ public class FirewallRuleVO implements FirewallRule { public TrafficType getTrafficType() { return trafficType; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.FirewallRule; + } } diff --git a/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java b/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java index be7c593f744..a4214f486a3 100644 --- a/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java +++ b/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java @@ -25,6 +25,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.Identity; import org.apache.cloudstack.api.InternalIdentity; @@ -50,7 +51,7 @@ public class SecurityGroupVO implements SecurityGroup { @Column(name = "uuid") private String uuid; - + public SecurityGroupVO() { this.uuid = UUID.randomUUID().toString(); } @@ -87,13 +88,18 @@ public class SecurityGroupVO implements SecurityGroup { public long getAccountId() { return accountId; } - + @Override public String getUuid() { return this.uuid; } - + public void setUuid(String uuid) { this.uuid = uuid; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.SecurityGroup; + } } diff --git a/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java b/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java index eb4c61b7860..b7c4991fb8e 100644 --- a/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java +++ b/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java @@ -28,6 +28,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.Identity; import com.cloud.utils.db.GenericDao; import org.apache.cloudstack.api.InternalIdentity; @@ -138,4 +139,9 @@ public class StaticRouteVO implements StaticRoute { buf.append(uuid).append("|").append(cidr).append("|").append(vpcGatewayId).append("]"); return buf.toString(); } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.StaticRoute; + } } \ No newline at end of file diff --git a/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java b/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java index 54cfbd13df9..9288375f6e7 100644 --- a/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java +++ b/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java @@ -28,58 +28,60 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; @Entity @Table(name="vpc_gateways") public class VpcGatewayVO implements VpcGateway { - + @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name = "ip4_address") String ip4Address; - - @Column(name="gateway") + + @Column(name="gateway") String gateway; - - @Column(name="netmask") + + @Column(name="netmask") String netmask; - - @Column(name="vlan_tag") + + @Column(name="vlan_tag") String broadcastUri; - + @Column(name = "type") @Enumerated(value = EnumType.STRING) VpcGateway.Type type; - + @Column(name="vpc_id") Long vpcId; - + @Column(name="zone_id") long zoneId; - + @Column(name="network_id") long networkId; - + @Column(name=GenericDao.CREATED_COLUMN) Date created; - + @Column(name=GenericDao.REMOVED_COLUMN) Date removed; - + @Column(name="uuid") private String uuid; - + @Column(name = "account_id") long accountId; @Column(name = "domain_id") long domainId; - + @Column(name="state") @Enumerated(value=EnumType.STRING) State state; @@ -95,7 +97,7 @@ public class VpcGatewayVO implements VpcGateway { protected VpcGatewayVO(){ this.uuid = UUID.randomUUID().toString(); } - + /** * @param ip4Address * @param type @@ -110,7 +112,7 @@ public class VpcGatewayVO implements VpcGateway { * @param account_id * @param sourceNat */ - public VpcGatewayVO(String ip4Address, Type type, long vpcId, long zoneId, long networkId, String broadcastUri, + public VpcGatewayVO(String ip4Address, Type type, long vpcId, long zoneId, long networkId, String broadcastUri, String gateway, String netmask, long accountId, long domainId, boolean sourceNat, long networkACLId) { this.ip4Address = ip4Address; this.type = type; @@ -131,9 +133,9 @@ public class VpcGatewayVO implements VpcGateway { @Override public String getUuid() { - return this.uuid; + return this.uuid; } - + @Override public long getId() { return id; @@ -163,7 +165,7 @@ public class VpcGatewayVO implements VpcGateway { public long getNetworkId() { return networkId; } - + @Override public String toString() { StringBuilder buf = new StringBuilder("VpcGateway["); @@ -185,7 +187,7 @@ public class VpcGatewayVO implements VpcGateway { public String getBroadcastUri() { return broadcastUri; } - + @Override public long getAccountId() { return accountId; @@ -218,4 +220,9 @@ public class VpcGatewayVO implements VpcGateway { public long getNetworkACLId() { return networkACLId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.VpcGateway; + } } diff --git a/engine/schema/src/com/cloud/network/vpc/VpcVO.java b/engine/schema/src/com/cloud/network/vpc/VpcVO.java index 7b784eb6458..ed179be728b 100644 --- a/engine/schema/src/com/cloud/network/vpc/VpcVO.java +++ b/engine/schema/src/com/cloud/network/vpc/VpcVO.java @@ -26,6 +26,8 @@ import javax.persistence.Enumerated; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; @Entity @@ -34,13 +36,13 @@ public class VpcVO implements Vpc { @Id @Column(name="id") long id; - + @Column(name="uuid") private String uuid; - + @Column(name="name") private String name; - + @Column(name = "display_text") String displayText; @@ -49,36 +51,36 @@ public class VpcVO implements Vpc { @Column(name="cidr") private String cidr = null; - + @Column(name="domain_id") Long domainId = null; - + @Column(name="account_id") Long accountId = null; @Column(name="state") @Enumerated(value=EnumType.STRING) State state; - + @Column(name="vpc_offering_id") long vpcOfferingId; - + @Column(name=GenericDao.REMOVED_COLUMN) Date removed; @Column(name=GenericDao.CREATED_COLUMN) Date created; - + @Column(name="network_domain") String networkDomain; - + @Column(name="restart_required") boolean restartRequired = false; - + public VpcVO() { this.uuid = UUID.randomUUID().toString(); } - + public VpcVO(long zoneId, String name, String displayText, long accountId, long domainId, long vpcOffId, String cidr, String networkDomain) { this.zoneId = zoneId; @@ -117,7 +119,7 @@ public class VpcVO implements Vpc { public String getCidr() { return cidr; } - + @Override public long getDomainId() { return domainId; @@ -158,7 +160,7 @@ public class VpcVO implements Vpc { public void setDisplayText(String displayText) { this.displayText = displayText; } - + @Override public String toString() { StringBuilder buf = new StringBuilder("[VPC ["); @@ -169,7 +171,7 @@ public class VpcVO implements Vpc { public String getNetworkDomain() { return networkDomain; } - + public void setRestartRequired(boolean restartRequired) { this.restartRequired = restartRequired; } @@ -178,4 +180,9 @@ public class VpcVO implements Vpc { public boolean isRestartRequired() { return restartRequired; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Vpc; + } } diff --git a/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java b/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java index 78f05c792e6..aee3bd9c1ba 100644 --- a/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java +++ b/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java @@ -28,9 +28,8 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; -import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.acl.AclEntityType; import com.cloud.utils.db.GenericDao; -import org.apache.cloudstack.api.InternalIdentity; @Entity @Table(name = "project_invitations") @@ -147,4 +146,9 @@ public class ProjectInvitationVO implements ProjectInvitation { public long getAccountId() { return forAccountId == null ? -1 : forAccountId; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.ProjectInvitation; + } } diff --git a/engine/schema/src/com/cloud/storage/SnapshotVO.java b/engine/schema/src/com/cloud/storage/SnapshotVO.java index e3912740a48..eeb1ebb70b2 100644 --- a/engine/schema/src/com/cloud/storage/SnapshotVO.java +++ b/engine/schema/src/com/cloud/storage/SnapshotVO.java @@ -21,6 +21,9 @@ import com.cloud.utils.db.GenericDao; import com.google.gson.annotations.Expose; import javax.persistence.*; + +import org.apache.cloudstack.acl.AclEntityType; + import java.util.Date; import java.util.UUID; @@ -226,4 +229,9 @@ public class SnapshotVO implements Snapshot { public void setUuid(String uuid) { this.uuid = uuid; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Snapshot; + } } diff --git a/engine/schema/src/com/cloud/storage/VMTemplateVO.java b/engine/schema/src/com/cloud/storage/VMTemplateVO.java index 6c2447c3388..418f0d16c66 100755 --- a/engine/schema/src/com/cloud/storage/VMTemplateVO.java +++ b/engine/schema/src/com/cloud/storage/VMTemplateVO.java @@ -31,6 +31,8 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.storage.Storage.ImageFormat; import com.cloud.storage.Storage.TemplateType; @@ -573,4 +575,9 @@ public class VMTemplateVO implements VirtualMachineTemplate { this.updated = updated; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.VirtualMachineTemplate; + } + } diff --git a/engine/schema/src/com/cloud/storage/VolumeVO.java b/engine/schema/src/com/cloud/storage/VolumeVO.java index 1bdd09f9ab6..9a05d5d036f 100755 --- a/engine/schema/src/com/cloud/storage/VolumeVO.java +++ b/engine/schema/src/com/cloud/storage/VolumeVO.java @@ -32,10 +32,11 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.storage.Storage.StoragePoolType; import com.cloud.utils.NumbersUtil; import com.cloud.utils.db.GenericDao; -import com.cloud.vm.VirtualMachine.State; @Entity @Table(name = "volumes") @@ -156,7 +157,7 @@ public class VolumeVO implements Volume { @Column(name = "iso_id") private Long isoId; - + @Transient // @Column(name="reservation") String reservationId; @@ -558,7 +559,7 @@ public class VolumeVO implements Volume { public void setFormat(Storage.ImageFormat format) { this.format = format; } - + public void setVmSnapshotChainSize(Long vmSnapshotChainSize){ this.vmSnapshotChainSize = vmSnapshotChainSize; } @@ -574,10 +575,15 @@ public class VolumeVO implements Volume { public void setIsoId(Long isoId) { this.isoId =isoId; } - + // don't use this directly, use volume state machine instead // This method is used by UpdateVolume as a part of "Better control over first class objects in CS" public void setState(State state) { this.state = state; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Volume; + } } diff --git a/engine/schema/src/com/cloud/tags/ResourceTagVO.java b/engine/schema/src/com/cloud/tags/ResourceTagVO.java index 6130390aa4c..19851c47201 100644 --- a/engine/schema/src/com/cloud/tags/ResourceTagVO.java +++ b/engine/schema/src/com/cloud/tags/ResourceTagVO.java @@ -27,53 +27,52 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; -import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.acl.AclEntityType; import com.cloud.server.ResourceTag; -import org.apache.cloudstack.api.InternalIdentity; @Entity @Table(name="resource_tags") public class ResourceTagVO implements ResourceTag { - + @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name="uuid") private String uuid; - + @Column(name="key") private String key; - + @Column(name="value") String value; - + @Column(name="domain_id") long domainId; @Column(name="account_id") long accountId; - + @Column(name="resource_id") long resourceId; - + @Column(name="resource_uuid") private String resourceUuid; - + @Column(name="resource_type") @Enumerated(value=EnumType.STRING) private ResourceObjectType resourceType; - + @Column(name="customer") String customer; - + protected ResourceTagVO(){ this.uuid = UUID.randomUUID().toString(); } - + /** * @param key * @param value @@ -84,7 +83,7 @@ public class ResourceTagVO implements ResourceTag { * @param customer TODO * @param resourceUuid TODO */ - public ResourceTagVO(String key, String value, long accountId, long domainId, long resourceId, + public ResourceTagVO(String key, String value, long accountId, long domainId, long resourceId, ResourceObjectType resourceType, String customer, String resourceUuid) { super(); this.key = key; @@ -97,8 +96,8 @@ public class ResourceTagVO implements ResourceTag { this.customer = customer; this.resourceUuid = resourceUuid; } - - + + @Override public String toString() { StringBuilder buf = new StringBuilder("Tag["); @@ -107,7 +106,7 @@ public class ResourceTagVO implements ResourceTag { .append("|accountId=").append(accountId).append("]"); return buf.toString(); } - + @Override public long getId() { return id; @@ -147,7 +146,7 @@ public class ResourceTagVO implements ResourceTag { public String getUuid() { return uuid; } - + @Override public String getCustomer() { return customer; @@ -157,4 +156,9 @@ public class ResourceTagVO implements ResourceTag { public String getResourceUuid() { return resourceUuid; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.ResourceTag; + } } diff --git a/engine/schema/src/com/cloud/user/AccountVO.java b/engine/schema/src/com/cloud/user/AccountVO.java index 4a7e73bb304..2a0bbde95f7 100644 --- a/engine/schema/src/com/cloud/user/AccountVO.java +++ b/engine/schema/src/com/cloud/user/AccountVO.java @@ -28,6 +28,8 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.utils.db.GenericDao; @Entity @@ -186,4 +188,9 @@ public class AccountVO implements Account { public boolean isDefault() { return isDefault; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.Account; + } } diff --git a/engine/schema/src/com/cloud/user/SSHKeyPairVO.java b/engine/schema/src/com/cloud/user/SSHKeyPairVO.java index ab7eb8ea0b5..26df45fe1a8 100644 --- a/engine/schema/src/com/cloud/user/SSHKeyPairVO.java +++ b/engine/schema/src/com/cloud/user/SSHKeyPairVO.java @@ -16,6 +16,7 @@ // under the License. package com.cloud.user; +import org.apache.cloudstack.acl.AclEntityType; import org.apache.cloudstack.api.InternalIdentity; import javax.persistence.Column; @@ -29,27 +30,27 @@ import javax.persistence.Transient; @Entity @Table(name="ssh_keypairs") public class SSHKeyPairVO implements SSHKeyPair { - + @Id @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private Long id = null; - + @Column(name="account_id") private long accountId; - + @Column(name="domain_id") private long domainId; - + @Column(name="keypair_name") private String name; - + @Column(name="fingerprint") private String fingerprint; - + @Column(name="public_key", length=5120) private String publicKey; - + @Transient private String privateKey; @@ -57,7 +58,7 @@ public class SSHKeyPairVO implements SSHKeyPair { public long getId() { return id; } - + @Override public long getAccountId() { return accountId; @@ -67,7 +68,7 @@ public class SSHKeyPairVO implements SSHKeyPair { public long getDomainId() { return domainId; } - + @Override public String getFingerprint() { return fingerprint; @@ -82,7 +83,7 @@ public class SSHKeyPairVO implements SSHKeyPair { public String getPublicKey() { return publicKey; } - + @Override public String getPrivateKey() { return privateKey; @@ -111,9 +112,14 @@ public class SSHKeyPairVO implements SSHKeyPair { public void setPublicKey(String publicKey) { this.publicKey = publicKey; } - + public void setPrivateKey(String privateKey) { this.privateKey = privateKey; } + @Override + public AclEntityType getEntityType() { + return AclEntityType.SSHKeyPair; + } + } diff --git a/engine/schema/src/com/cloud/vm/InstanceGroupVO.java b/engine/schema/src/com/cloud/vm/InstanceGroupVO.java index ad66b5a4b2c..e9e2c8f9263 100644 --- a/engine/schema/src/com/cloud/vm/InstanceGroupVO.java +++ b/engine/schema/src/com/cloud/vm/InstanceGroupVO.java @@ -28,9 +28,8 @@ import javax.persistence.PrimaryKeyJoinColumn; import javax.persistence.SecondaryTable; import javax.persistence.Table; -import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.acl.AclEntityType; import com.cloud.utils.db.GenericDao; -import org.apache.cloudstack.api.InternalIdentity; @Entity @Table(name="instance_group") @@ -41,16 +40,16 @@ public class InstanceGroupVO implements InstanceGroup { @GeneratedValue(strategy=GenerationType.IDENTITY) @Column(name="id") private long id; - + @Column(name="name") String name; - + @Column(name="account_id") private long accountId; - + @Column(name="domain_id", table="account", insertable=false, updatable=false) private long domainId; - + @Column(name=GenericDao.REMOVED_COLUMN) private Date removed; @@ -59,47 +58,47 @@ public class InstanceGroupVO implements InstanceGroup { @Column(name="uuid") private String uuid; - + @Column(name="type", table="account", insertable=false, updatable=false) private short accountType; - + public InstanceGroupVO(String name, long accountId) { this.name = name; this.accountId = accountId; this.uuid = UUID.randomUUID().toString(); } - + protected InstanceGroupVO() { super(); } - + @Override public long getId() { return id; } - + @Override public String getName() { - return name; + return name; } - + @Override public long getAccountId() { return accountId; } - + public long getDomainId() { return domainId; } - + public Date getRemoved() { return removed; } - + public Date getCreated() { return created; } - + public void setName(String name) { this.name = name; } @@ -108,13 +107,18 @@ public class InstanceGroupVO implements InstanceGroup { public String getUuid() { return this.uuid; } - + public void setUuid(String uuid) { this.uuid = uuid; } - + @Override public Short getAccountType() { return accountType; } + + @Override + public AclEntityType getEntityType() { + return AclEntityType.InstanceGroup; + } } diff --git a/engine/schema/src/com/cloud/vm/VMInstanceVO.java b/engine/schema/src/com/cloud/vm/VMInstanceVO.java index 8cf7fd0dd87..81226580b06 100644 --- a/engine/schema/src/com/cloud/vm/VMInstanceVO.java +++ b/engine/schema/src/com/cloud/vm/VMInstanceVO.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -36,6 +36,8 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.utils.db.Encrypt; import com.cloud.utils.db.GenericDao; @@ -153,7 +155,7 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject details; @@ -162,7 +164,7 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject listGrantedByActionAndScope(long policyId, String action, PermissionScope scope); + List listByPolicyActionAndEntity(long policyId, String action, String entityType); } diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java index fefafde4a06..fc7b0a9128f 100644 --- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java +++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java @@ -92,4 +92,13 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase listByPolicyActionAndEntity(long policyId, String action, String entityType) { + SearchCriteria sc = fullSearch.create(); + sc.setParameters("policyId", policyId); + sc.setParameters("entityType", entityType); + sc.setParameters("action", action); + return listBy(sc); + } + } diff --git a/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java b/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java index 44f8dd85c5b..879d98a18bb 100644 --- a/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java +++ b/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java @@ -28,6 +28,7 @@ import javax.persistence.Id; import javax.persistence.Table; import org.apache.cloudstack.acl.ControlledEntity; +import org.apache.cloudstack.acl.AclEntityType; @Entity @Table(name = ("affinity_group")) @@ -124,4 +125,9 @@ public class AffinityGroupVO implements AffinityGroup { return buf.toString(); } + @Override + public AclEntityType getEntityType() { + return AclEntityType.AffinityGroup; + } + } diff --git a/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java b/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java index b1df9675894..e9b455bb48f 100644 --- a/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java +++ b/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java @@ -37,6 +37,8 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; +import org.apache.cloudstack.acl.AclEntityType; + import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.utils.db.Encrypt; import com.cloud.utils.db.GenericDao; @@ -574,4 +576,9 @@ public class VMEntityVO implements VirtualMachine, FiniteStateObject