mirror of https://github.com/apache/cloudstack.git
Fix some issues in renaming iam api, also fix marvin library.
This commit is contained in:
Min Chen
parent
45a96e4e4c
commit
9f47466fea
|
|
@ -719,21 +719,21 @@ listLdapUsers=3
|
|||
ldapCreateAccount=3
|
||||
importLdapUsers=3
|
||||
|
||||
### Acl commands
|
||||
createAclPolicy=1
|
||||
deleteAclPolicy=1
|
||||
listAclPolicies=1
|
||||
addAclPermissionToAclPolicy=1
|
||||
removeAclPermissionFromAclPolicy=1
|
||||
createAclGroup=1
|
||||
deleteAclGroup=1
|
||||
listAclGroups=1
|
||||
addAccountToAclGroup=1
|
||||
removeAccountFromAclGroup=1
|
||||
attachAclPolicyToAclGroup=1
|
||||
removeAclPolicyFromAclGroup=1
|
||||
attachAclPolicyToAccount=1
|
||||
removeAclPolicyFromAccount=1
|
||||
### IAM commands
|
||||
createIAMPolicy=1
|
||||
deleteIAMPolicy=1
|
||||
listIAMPolicies=1
|
||||
addIAMPermissionToIAMPolicy=1
|
||||
removeIAMPermissionFromIAMPolicy=1
|
||||
createIAMGroup=1
|
||||
deleteIAMGroup=1
|
||||
listIAMGroups=1
|
||||
addAccountToIAMGroup=1
|
||||
removeAccountFromIAMGroup=1
|
||||
attachIAMPolicyToIAMGroup=1
|
||||
removeIAMPolicyFromIAMGroup=1
|
||||
attachIAMPolicyToAccount=1
|
||||
removeIAMPolicyFromAccount=1
|
||||
|
||||
#### juniper-contrail commands
|
||||
createServiceInstance=1
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import javax.inject.Inject;
|
|||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import org.apache.cloudstack.iam.IAMApiService;
|
||||
import org.apache.cloudstack.api.ACL;
|
||||
import org.apache.cloudstack.api.APICommand;
|
||||
import org.apache.cloudstack.api.ApiCommandJobType;
|
||||
|
|
@ -31,11 +30,12 @@ import org.apache.cloudstack.api.Parameter;
|
|||
import org.apache.cloudstack.api.ServerApiException;
|
||||
import org.apache.cloudstack.api.response.SuccessResponse;
|
||||
import org.apache.cloudstack.api.response.iam.IAMGroupResponse;
|
||||
import org.apache.cloudstack.iam.IAMApiService;
|
||||
|
||||
import com.cloud.event.EventTypes;
|
||||
import com.cloud.user.Account;
|
||||
|
||||
@APICommand(name = "deleteAclGroup", description = "Deletes acl group", responseObject = SuccessResponse.class)
|
||||
@APICommand(name = "deleteIAMGroup", description = "Deletes acl group", responseObject = SuccessResponse.class)
|
||||
public class DeleteIAMGroupCmd extends BaseAsyncCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(DeleteIAMGroupCmd.class.getName());
|
||||
private static final String s_name = "deleteaclgroupresponse";
|
||||
|
|
|
|||
|
|
@ -226,12 +226,12 @@ class TestVMIam(cloudstackTestCase):
|
|||
templateid=self.template.id
|
||||
)
|
||||
|
||||
self.srv_desk_grp = AclGroup.create(
|
||||
self.srv_desk_grp = IAMGroup.create(
|
||||
self.apiclient,
|
||||
self.services["service_desk_iam_grp"]
|
||||
)
|
||||
|
||||
self.vm_read_policy = AclPolicy.create(
|
||||
self.vm_read_policy = IAMPolicy.create(
|
||||
self.apiclient,
|
||||
self.services["vm_readonly_iam_policy"]
|
||||
)
|
||||
|
|
@ -239,7 +239,7 @@ class TestVMIam(cloudstackTestCase):
|
|||
vm_grant_policy_params = {}
|
||||
vm_grant_policy_params['name'] = "policyGrantVirtualMachine" + self.virtual_machine_1A.id
|
||||
vm_grant_policy_params['description'] = "Policy to grant permission to VirtualMachine " + self.virtual_machine_1A.id
|
||||
self.vm_grant_policy = AclPolicy.create(
|
||||
self.vm_grant_policy = IAMPolicy.create(
|
||||
self.apiclient,
|
||||
vm_grant_policy_params
|
||||
)
|
||||
|
|
|
|||
|
|
@ -160,7 +160,7 @@ known_categories = {
|
|||
'Ucs' : 'UCS',
|
||||
'CacheStores' : 'Cache Stores',
|
||||
'CacheStore' : 'Cache Store',
|
||||
'Acl' : 'Acl',
|
||||
'IAM' : 'IAM',
|
||||
'OvsElement' : 'Ovs Element',
|
||||
'StratosphereSsp' : ' Stratosphere SSP'
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3624,130 +3624,130 @@ class Resources:
|
|||
[setattr(cmd, k, v) for k, v in kwargs.items()]
|
||||
return(apiclient.updateResourceCount(cmd))
|
||||
|
||||
class AclGroup:
|
||||
class IAMGroup:
|
||||
def __init__(self, items):
|
||||
self.__dict__.update(items)
|
||||
|
||||
@classmethod
|
||||
def create(cls, apiclient, iam_grp, account=None, domainid=None):
|
||||
cmd = createAclGroup.createAclGroupCmd()
|
||||
cmd = createIAMGroup.createIAMGroupCmd()
|
||||
cmd.name = iam_grp['name']
|
||||
cmd.description = iam_grp['description']
|
||||
if account:
|
||||
cmd.account = account
|
||||
if domainid:
|
||||
cmd.domainid = domainid
|
||||
return AclGroup(apiclient.createAclGroup(cmd).__dict__)
|
||||
return IAMGroup(apiclient.createIAMGroup(cmd).__dict__)
|
||||
|
||||
def update(self, apiclient):
|
||||
pass
|
||||
|
||||
def delete(self, apiclient):
|
||||
cmd = deleteAclGroup.deleteAclGroupCmd()
|
||||
cmd = deleteIAMGroup.deleteIAMGroupCmd()
|
||||
cmd.id = self.id
|
||||
return apiclient.deleteAclGroup(cmd)
|
||||
return apiclient.deleteIAMGroup(cmd)
|
||||
|
||||
@classmethod
|
||||
def list(cls, apiclient, **kwargs):
|
||||
cmd = listAclGroups.listAclGroupsCmd()
|
||||
cmd = listIAMGroups.listIAMGroupsCmd()
|
||||
[setattr(cmd, k, v) for k, v in kwargs.items()]
|
||||
return apiclient.listAclGroupsCmd(cmd)
|
||||
return apiclient.listIAMGroupsCmd(cmd)
|
||||
|
||||
def addAccount(self, apiclient, accts):
|
||||
"""Add accounts to acl group"""
|
||||
cmd = addAccountToAclGroup.addAccountToAclGroupCmd()
|
||||
"""Add accounts to iam group"""
|
||||
cmd = addAccountToIAMGroup.addAccountToIAMGroupCmd()
|
||||
cmd.id = self.id
|
||||
cmd.accounts = [str(acct.id) for acct in accts]
|
||||
apiclient.addAccountToAclGroup(cmd)
|
||||
apiclient.addAccountToIAMGroup(cmd)
|
||||
return
|
||||
|
||||
def removeAccount(self, apiclient, accts):
|
||||
""" Remove accounts from acl group"""
|
||||
cmd = removeAccountFromAclGroup.removeAccountFromAclGroupCmd()
|
||||
""" Remove accounts from iam group"""
|
||||
cmd = removeAccountFromIAMGroup.removeAccountFromIAMGroupCmd()
|
||||
cmd.id = self.id
|
||||
cmd.accounts = [str(acct.id) for acct in accts]
|
||||
apiclient.removeAccountFromAclGroup(cmd)
|
||||
apiclient.removeAccountFromIAMGroup(cmd)
|
||||
return
|
||||
|
||||
def attachPolicy(self, apiclient, policies):
|
||||
"""Add policies to acl group"""
|
||||
cmd = attachAclPolicyToAclGroup.attachAclPolicyToAclGroupCmd()
|
||||
"""Add policies to iam group"""
|
||||
cmd = attachIAMPolicyToIAMGroup.attachIAMPolicyToIAMGroupCmd()
|
||||
cmd.id = self.id
|
||||
cmd.policies = [str(policy.id) for policy in policies]
|
||||
apiclient.attachAclPolicyToAclGroup(cmd)
|
||||
apiclient.attachIAMPolicyToIAMGroup(cmd)
|
||||
return
|
||||
|
||||
def detachPolicy(self, apiclient, policies):
|
||||
"""Remove policies from acl group"""
|
||||
cmd = removeAclPolicyFromAclGroup.removeAclPolicyFromAclGroupCmd()
|
||||
"""Remove policies from iam group"""
|
||||
cmd = removeIAMPolicyFromIAMGroup.removeIAMPolicyFromIAMGroupCmd()
|
||||
cmd.id = self.id
|
||||
cmd.policies = [str(policy.id) for policy in policies]
|
||||
apiclient.removeAclPolicyFromAclGroup(cmd)
|
||||
apiclient.removeIAMPolicyFromIAMGroup(cmd)
|
||||
return
|
||||
|
||||
class AclPolicy:
|
||||
class IAMPolicy:
|
||||
def __init__(self, items):
|
||||
self.__dict__.update(items)
|
||||
|
||||
@classmethod
|
||||
def create(cls, apiclient, iam_policy, account=None, domainid=None):
|
||||
cmd = createAclPolicy.createAclPolicyCmd()
|
||||
cmd = createIAMPolicy.createIAMPolicyCmd()
|
||||
cmd.name = iam_policy['name']
|
||||
cmd.description = iam_policy['description']
|
||||
if account:
|
||||
cmd.account = account
|
||||
if domainid:
|
||||
cmd.domainid = domainid
|
||||
return AclGroup(apiclient.createAclPolicy(cmd).__dict__)
|
||||
return AclGroup(apiclient.createIAMPolicy(cmd).__dict__)
|
||||
|
||||
def update(self, apiclient):
|
||||
pass
|
||||
|
||||
def delete(self, apiclient):
|
||||
cmd = deleteAclPolicy.deleteAclPolicyCmd()
|
||||
cmd = deleteIAMPolicy.deleteIAMPolicyCmd()
|
||||
cmd.id = self.id
|
||||
return apiclient.deleteAclPolicy(cmd)
|
||||
return apiclient.deleteIAMPolicy(cmd)
|
||||
|
||||
@classmethod
|
||||
def list(cls, apiclient, **kwargs):
|
||||
cmd = listAclPolicies.listAclPoliciesCmd()
|
||||
cmd = listIAMPolicies.listIAMPoliciesCmd()
|
||||
[setattr(cmd, k, v) for k, v in kwargs.items()]
|
||||
return apiclient.listAclPoliciesCmd(cmd)
|
||||
return apiclient.listIAMPoliciesCmd(cmd)
|
||||
|
||||
def addPermission(self, apiclient, permission):
|
||||
"""Add permission to acl policy"""
|
||||
cmd = addAclPermissionToAclPolicy.addAclPermissionToAclPolicyCmd()
|
||||
"""Add permission to iam policy"""
|
||||
cmd = addIAMPermissionToIAMPolicy.addIAMPermissionToIAMPolicyCmd()
|
||||
cmd.id = self.id
|
||||
cmd.action = permission['action']
|
||||
cmd.entitytype = permission['entitytype']
|
||||
cmd.scope = permission['scope']
|
||||
cmd.scopeid = permission['scopeid']
|
||||
apiclient.addAclPermissionToAclPolicy(cmd)
|
||||
apiclient.addIAMPermissionToIAMPolicy(cmd)
|
||||
return
|
||||
|
||||
def removePermission(self, apiclient, permission):
|
||||
"""Remove permission from acl policy"""
|
||||
cmd = removeAclPermissionFromAclPolicy.removeAclPermissionFromAclPolicyCmd()
|
||||
"""Remove permission from iam policy"""
|
||||
cmd = removeIAMPermissionFromIAMPolicy.removeIAMPermissionFromIAMPolicyCmd()
|
||||
cmd.id = self.id
|
||||
cmd.action = permission['action']
|
||||
cmd.entitytype = permission['entitytype']
|
||||
cmd.scope = permission['scope']
|
||||
cmd.scopeid = permission['scopeid']
|
||||
apiclient.addAclPermissionToAclPolicy(cmd)
|
||||
apiclient.addIAMPermissionToIAMPolicy(cmd)
|
||||
return
|
||||
|
||||
def attachAccount(self, apiclient, accts):
|
||||
"""Attach policy to accounts"""
|
||||
cmd = attachAclPolicyToAccount.attachAclPolicyToAccountCmd()
|
||||
"""Attach iam policy to accounts"""
|
||||
cmd = attachIAMPolicyToAccount.attachIAMPolicyToAccountCmd()
|
||||
cmd.id = self.id
|
||||
cmd.accounts = [str(acct.id) for acct in accts]
|
||||
apiclient.attachAclPolicyToAccount(cmd)
|
||||
apiclient.attachIAMPolicyToAccount(cmd)
|
||||
return
|
||||
|
||||
def detachAccount(self, apiclient, accts):
|
||||
"""Detach policy from accounts"""
|
||||
cmd = removeAclPolicyFromAccount.removeAclPolicyFromAccountCmd()
|
||||
"""Detach iam policy from accounts"""
|
||||
cmd = removeIAMPolicyFromAccount.removeIAMPolicyFromAccountCmd()
|
||||
cmd.id = self.id
|
||||
cmd.accounts = [str(acct.id) for acct in accts]
|
||||
apiclient.removeAclPolicyFromAccount(cmd)
|
||||
apiclient.removeIAMPolicyFromAccount(cmd)
|
||||
return
|
||||
Loading…
Reference in New Issue