etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Moved listAccount/listDomains/listDomainChildren methods from ManagementServer to Account/Domain managers

This commit is contained in:
Alena Prokharchyk 2011-11-28 15:30:43 -08:00
parent 4676d2b487
commit abfbac7928
11 changed files with 372 additions and 385 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/com/cloud/api/commands/ListAccountsCmd.java
View File

@ -19,7 +19,6 @@ package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
@ -28,7 +27,6 @@ import com.cloud.api.BaseListCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.AccountResponse;
import com.cloud.api.response.ListResponse;
import com.cloud.user.Account;
@ -108,7 +106,7 @@ public class ListAccountsCmd extends BaseListCmd {
@Override
public void execute(){
List<? extends Account> accounts = _mgr.searchForAccounts(this);
List<? extends Account> accounts = _accountService.searchForAccounts(this);
ListResponse<AccountResponse> response = new ListResponse<AccountResponse>();
List<AccountResponse> accountResponses = new ArrayList<AccountResponse>();
for (Account account : accounts) {

2
api/src/com/cloud/api/commands/ListDomainChildrenCmd.java
View File

@ -78,7 +78,7 @@ public class ListDomainChildrenCmd extends BaseListCmd {
@Override
public void execute(){
List<? extends Domain> result = _mgr.searchForDomainChildren(this);
List<? extends Domain> result = _domainService.searchForDomainChildren(this);
ListResponse<DomainResponse> response = new ListResponse<DomainResponse>();
List<DomainResponse> domainResponses = new ArrayList<DomainResponse>();
for (Domain domain : result) {

2
api/src/com/cloud/api/commands/ListDomainsCmd.java
View File

@ -78,7 +78,7 @@ public class ListDomainsCmd extends BaseListCmd {
@Override
public void execute(){
List<? extends Domain> result = _mgr.searchForDomains(this);
List<? extends Domain> result = _domainService.searchForDomains(this);
ListResponse<DomainResponse> response = new ListResponse<DomainResponse>();
List<DomainResponse> domainResponses = new ArrayList<DomainResponse>();
for (Domain domain : result) {

2
api/src/com/cloud/api/commands/ListUsersCmd.java
View File

@ -101,7 +101,7 @@ public class ListUsersCmd extends BaseListCmd {
@Override
public void execute(){
List<? extends UserAccount> result = _mgr.searchForUsers(this);
List<? extends UserAccount> result = _accountService.searchForUsers(this);
ListResponse<UserResponse> response = new ListResponse<UserResponse>();
List<UserResponse> userResponses = new ArrayList<UserResponse>();
for (UserAccount user : result) {

32
api/src/com/cloud/server/ManagementService.java
View File

@ -30,7 +30,6 @@ import com.cloud.api.commands.DeleteSSHKeyPairCmd;
import com.cloud.api.commands.DestroySystemVmCmd;
import com.cloud.api.commands.ExtractVolumeCmd;
import com.cloud.api.commands.GetVMPasswordCmd;
import com.cloud.api.commands.ListAccountsCmd;
import com.cloud.api.commands.ListAlertsCmd;
import com.cloud.api.commands.ListAsyncJobsCmd;
import com.cloud.api.commands.ListCapabilitiesCmd;
@ -38,8 +37,6 @@ import com.cloud.api.commands.ListCapacityCmd;
import com.cloud.api.commands.ListCfgsByCmd;
import com.cloud.api.commands.ListClustersCmd;
import com.cloud.api.commands.ListDiskOfferingsCmd;
import com.cloud.api.commands.ListDomainChildrenCmd;
import com.cloud.api.commands.ListDomainsCmd;
import com.cloud.api.commands.ListEventsCmd;
import com.cloud.api.commands.ListGuestOsCategoriesCmd;
import com.cloud.api.commands.ListGuestOsCmd;
@ -54,7 +51,6 @@ import com.cloud.api.commands.ListStoragePoolsCmd;
import com.cloud.api.commands.ListSystemVMsCmd;
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.ListTemplatesCmd;
import com.cloud.api.commands.ListUsersCmd;
import com.cloud.api.commands.ListVMGroupsCmd;
import com.cloud.api.commands.ListVlanIpRangesCmd;
import com.cloud.api.commands.ListVolumesCmd;
@ -95,9 +91,7 @@ import com.cloud.storage.GuestOsCategory;
import com.cloud.storage.StoragePool;
import com.cloud.storage.Volume;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.Account;
import com.cloud.user.SSHKeyPair;
import com.cloud.user.UserAccount;
import com.cloud.utils.Pair;
import com.cloud.vm.InstanceGroup;
import com.cloud.vm.VirtualMachine;
@ -126,15 +120,6 @@ public interface ManagementService {
*/
List<? extends Configuration> searchForConfigurations(ListCfgsByCmd c);
/**
* revisit Searches for users by the specified search criteria Can search by: "id", "username", "account", "domainId",
* "type"
*
* @param cmd
* @return List of UserAccounts
*/
List<? extends UserAccount> searchForUsers(ListUsersCmd cmd);
/**
* Searches for Service Offerings by the specified search criteria Can search by: "name"
*
@ -235,15 +220,6 @@ public interface ManagementService {
VirtualMachine destroySystemVM(DestroySystemVmCmd cmd);
/**
* Search for domains owned by the given domainId/domainName (those parameters are wrapped in a command object.
*
* @return list of domains owned by the given user
*/
List<? extends Domain> searchForDomains(ListDomainsCmd c);
List<? extends Domain> searchForDomainChildren(ListDomainChildrenCmd cmd);
/**
* update an existing domain
*
@ -253,14 +229,6 @@ public interface ManagementService {
*/
Domain updateDomain(UpdateDomainCmd cmd);
/**
* Searches for accounts by the specified search criteria Can search by: "id", "name", "domainid", "type"
*
* @param cmd
* @return List of Accounts
*/
List<? extends Account> searchForAccounts(ListAccountsCmd cmd);
/**
* Searches for alerts
*

8
api/src/com/cloud/user/AccountService.java
View File

@ -21,10 +21,13 @@ import java.util.List;
import java.util.Map;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.ListAccountsCmd;
import com.cloud.api.commands.ListUsersCmd;
import com.cloud.api.commands.RegisterCmd;
import com.cloud.api.commands.UpdateAccountCmd;
import com.cloud.api.commands.UpdateUserCmd;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.utils.Pair;
@ -159,4 +162,9 @@ public interface AccountService {
public String[] createApiKeyAndSecretKey(RegisterCmd cmd);
List<? extends Account> searchForAccounts(ListAccountsCmd cmd);
List<? extends UserAccount> searchForUsers(ListUsersCmd cmd)
throws PermissionDeniedException;
}

11
api/src/com/cloud/user/DomainService.java
View File

@ -17,7 +17,12 @@
*/
package com.cloud.user;
import java.util.List;
import com.cloud.api.commands.ListDomainChildrenCmd;
import com.cloud.api.commands.ListDomainsCmd;
import com.cloud.domain.Domain;
import com.cloud.exception.PermissionDeniedException;
public interface DomainService {
@ -35,4 +40,10 @@ public interface DomainService {
boolean isChildDomain(Long parentId, Long childId);
boolean deleteDomain(long domainId, Boolean cleanup);
List<? extends Domain> searchForDomains(ListDomainsCmd cmd)
throws PermissionDeniedException;
List<? extends Domain> searchForDomainChildren(ListDomainChildrenCmd cmd)
throws PermissionDeniedException;
}

1
client/tomcatconf/commands.properties.in
View File

@ -19,7 +19,6 @@ listUsers=com.cloud.api.commands.ListUsersCmd;7
disableUser=com.cloud.api.commands.DisableUserCmd;7
enableUser=com.cloud.api.commands.EnableUserCmd;7
#### Domain commands
createDomain=com.cloud.api.commands.CreateDomainCmd;1
updateDomain=com.cloud.api.commands.UpdateDomainCmd;1

346
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -63,7 +63,6 @@ import com.cloud.api.commands.DeleteSSHKeyPairCmd;
import com.cloud.api.commands.DestroySystemVmCmd;
import com.cloud.api.commands.ExtractVolumeCmd;
import com.cloud.api.commands.GetVMPasswordCmd;
import com.cloud.api.commands.ListAccountsCmd;
import com.cloud.api.commands.ListAlertsCmd;
import com.cloud.api.commands.ListAsyncJobsCmd;
import com.cloud.api.commands.ListCapabilitiesCmd;
@ -71,8 +70,6 @@ import com.cloud.api.commands.ListCapacityCmd;
import com.cloud.api.commands.ListCfgsByCmd;
import com.cloud.api.commands.ListClustersCmd;
import com.cloud.api.commands.ListDiskOfferingsCmd;
import com.cloud.api.commands.ListDomainChildrenCmd;
import com.cloud.api.commands.ListDomainsCmd;
import com.cloud.api.commands.ListEventsCmd;
import com.cloud.api.commands.ListGuestOsCategoriesCmd;
import com.cloud.api.commands.ListGuestOsCmd;
@ -87,7 +84,6 @@ import com.cloud.api.commands.ListStoragePoolsCmd;
import com.cloud.api.commands.ListSystemVMsCmd;
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.ListTemplatesCmd;
import com.cloud.api.commands.ListUsersCmd;
import com.cloud.api.commands.ListVMGroupsCmd;
import com.cloud.api.commands.ListVlanIpRangesCmd;
import com.cloud.api.commands.ListVolumesCmd;
@ -209,11 +205,9 @@ import com.cloud.user.AccountVO;
import com.cloud.user.SSHKeyPair;
import com.cloud.user.SSHKeyPairVO;
import com.cloud.user.User;
import com.cloud.user.UserAccountVO;
import com.cloud.user.UserContext;
import com.cloud.user.dao.AccountDao;
import com.cloud.user.dao.SSHKeyPairDao;
import com.cloud.user.dao.UserAccountDao;
import com.cloud.user.dao.UserDao;
import com.cloud.utils.EnumUtils;
import com.cloud.utils.NumbersUtil;
@ -289,7 +283,6 @@ public class ManagementServerImpl implements ManagementServer {
private final LaunchPermissionDao _launchPermissionDao;
private final DomainDao _domainDao;
private final AccountDao _accountDao;
private final UserAccountDao _userAccountDao;
private final AlertDao _alertDao;
private final CapacityDao _capacityDao;
private final GuestOSDao _guestOSDao;
@ -367,7 +360,6 @@ public class ManagementServerImpl implements ManagementServer {
_launchPermissionDao = locator.getDao(LaunchPermissionDao.class);
_domainDao = locator.getDao(DomainDao.class);
_accountDao = locator.getDao(AccountDao.class);
_userAccountDao = locator.getDao(UserAccountDao.class);
_alertDao = locator.getDao(AlertDao.class);
_capacityDao = locator.getDao(CapacityDao.class);
_guestOSDao = locator.getDao(GuestOSDao.class);
@ -597,102 +589,6 @@ public class ManagementServerImpl implements ManagementServer {
return cal.getTime();
}
@Override
public List<UserAccountVO> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException {
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
if (domainId != null) {
Domain domain = _domainDao.findById(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Unable to find domain by id=" + domainId);
}
_accountMgr.checkAccess(caller, domain);
} else {
// default domainId to the admin's domain
domainId = caller.getDomainId();
}
Filter searchFilter = new Filter(UserAccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Long id = cmd.getId();
Object username = cmd.getUsername();
Object type = cmd.getAccountType();
Object accountName = cmd.getAccountName();
Object state = cmd.getState();
Object keyword = cmd.getKeyword();
SearchBuilder<UserAccountVO> sb = _userAccountDao.createSearchBuilder();
sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.LIKE);
if (id != null && id == 1) {
// system user should NOT be searchable
List<UserAccountVO> emptyList = new ArrayList<UserAccountVO>();
return emptyList;
} else if (id != null) {
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
} else {
// this condition is used to exclude system user from the search results
sb.and("id", sb.entity().getId(), SearchCriteria.Op.NEQ);
}
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
if ((accountName == null) && (domainId != null)) {
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
SearchCriteria<UserAccountVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<UserAccountVO> ssc = _userAccountDao.createSearchCriteria();
ssc.addOr("username", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("firstname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("lastname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("email", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("type", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("accountState", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("username", SearchCriteria.Op.SC, ssc);
}
if (username != null) {
sc.setParameters("username", username);
}
if (id != null) {
sc.setParameters("id", id);
} else {
// Don't return system user, search builder with NEQ
sc.setParameters("id", 1);
}
if (type != null) {
sc.setParameters("type", type);
}
if (accountName != null) {
sc.setParameters("accountName", accountName);
if (domainId != null) {
sc.setParameters("domainId", domainId);
}
} else if (domainId != null) {
DomainVO domainVO = _domainDao.findById(domainId);
sc.setJoinParameters("domainSearch", "path", domainVO.getPath() + "%");
}
if (state != null) {
sc.setParameters("state", state);
}
return _userAccountDao.search(sc, searchFilter);
}
// This method is used for permissions check for both disk and service offerings
private boolean isPermissible(Long accountDomainId, Long offeringDomainId) {
@ -1433,136 +1329,6 @@ public class ManagementServerImpl implements ManagementServer {
return templateZonePairSet;
}
@Override
public List<AccountVO> searchForAccounts(ListAccountsCmd cmd) {
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
Long accountId = cmd.getId();
String accountName = cmd.getSearchName();
Boolean isRecursive = cmd.isRecursive();
if (isRecursive == null) {
isRecursive = false;
}
if (accountId != null && accountId.longValue() == 1L) {
// system account should NOT be searchable
List<AccountVO> emptyList = new ArrayList<AccountVO>();
return emptyList;
}
if (accountId != null) {
Account account = _accountDao.findById(accountId);
if (account == null) {
throw new InvalidParameterValueException("Unable to find account by id " + accountId);
}
_accountMgr.checkAccess(caller, null, account);
}
if (domainId != null) {
Domain domain = _domainDao.findById(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
}
_accountMgr.checkAccess(caller, domain);
if (accountName != null) {
Account account = _accountDao.findActiveAccount(accountName, domainId);
if (account == null) {
throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
}
_accountMgr.checkAccess(caller, null, account);
}
}
if (isAdmin(caller.getType())) {
if (domainId == null) {
domainId = caller.getDomainId();
isRecursive = true;
}
} else {
// regular user is constraint to only his account
accountId = caller.getId();
}
Filter searchFilter = new Filter(AccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Object type = cmd.getAccountType();
Object state = cmd.getState();
Object isCleanupRequired = cmd.isCleanupRequired();
Object keyword = cmd.getKeyword();
SearchBuilder<AccountVO> sb = _accountDao.createSearchBuilder();
sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("nid", sb.entity().getId(), SearchCriteria.Op.NEQ);
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
sb.and("needsCleanup", sb.entity().getNeedsCleanup(), SearchCriteria.Op.EQ);
sb.and("typeNEQ", sb.entity().getType(), SearchCriteria.Op.NEQ);
if ((domainId != null) && isRecursive) {
// do a domain LIKE match for the admin case if isRecursive is true
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
} else if ((domainId != null) && !isRecursive) {
// do a domain EXACT match for the admin case if isRecursive is true
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
SearchCriteria<AccountVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<AccountVO> ssc = _accountDao.createSearchCriteria();
ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("accountName", SearchCriteria.Op.SC, ssc);
}
if (accountName != null) {
sc.setParameters("accountName", accountName);
}
if (accountId != null) {
sc.setParameters("id", accountId);
}
if (domainId != null) {
DomainVO domain = _domainDao.findById(domainId);
// I want to join on user_vm.domain_id = domain.id where domain.path like 'foo%'
if (isRecursive) {
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
} else {
sc.setJoinParameters("domainSearch", "path", domain.getPath());
}
sc.setParameters("nid", 1L);
} else {
sc.setParameters("nid", 1L);
}
if (type != null) {
sc.setParameters("type", type);
}
if (state != null) {
sc.setParameters("state", state);
}
if (isCleanupRequired != null) {
sc.setParameters("needsCleanup", isCleanupRequired);
}
//don't return account of type project to the end user
sc.setParameters("typeNEQ", 5);
return _accountDao.search(sc, searchFilter);
}
@Override
public VMTemplateVO updateTemplate(UpdateIsoCmd cmd) {
@ -2298,118 +2064,6 @@ public class ManagementServerImpl implements ManagementServer {
return new Pair<String, Integer>(null, -1);
}
@Override
public List<DomainVO> searchForDomains(ListDomainsCmd cmd) throws PermissionDeniedException {
Long domainId = cmd.getId();
Account account = UserContext.current().getCaller();
String path = null;
if (account != null && (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
DomainVO domain = _domainDao.findById(account.getDomainId());
if (domain != null) {
path = domain.getPath();
}
}
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
String domainName = cmd.getDomainName();
Integer level = cmd.getLevel();
Object keyword = cmd.getKeyword();
SearchBuilder<DomainVO> sb = _domainDao.createSearchBuilder();
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
sb.and("level", sb.entity().getLevel(), SearchCriteria.Op.EQ);
sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
SearchCriteria<DomainVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<DomainVO> ssc = _domainDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (domainName != null) {
sc.setParameters("name", "%" + domainName + "%");
}
if (level != null) {
sc.setParameters("level", level);
}
if (domainId != null) {
sc.setParameters("id", domainId);
}
if (path != null) {
sc.setParameters("path", "%" + path + "%");
}
return _domainDao.search(sc, searchFilter);
}
@Override
public List<DomainVO> searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException {
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Long domainId = cmd.getId();
String domainName = cmd.getDomainName();
Boolean isRecursive = cmd.isRecursive();
Object keyword = cmd.getKeyword();
String path = null;
if (isRecursive == null) {
isRecursive = false;
}
Account account = UserContext.current().getCaller();
if (account != null) {
if (domainId != null) {
if (!_domainDao.isChildDomain(account.getDomainId(), domainId)) {
throw new PermissionDeniedException("Unable to list domains children for domain id " + domainId + ", permission denied.");
}
} else {
domainId = account.getDomainId();
}
}
DomainVO domain = _domainDao.findById(domainId);
if (domain != null && isRecursive) {
path = domain.getPath();
domainId = null;
}
List<DomainVO> domainList = searchForDomainChildren(searchFilter, domainId, domainName, keyword, path);
return domainList;
}
private List<DomainVO> searchForDomainChildren(Filter searchFilter, Long domainId, String domainName, Object keyword, String path) {
SearchCriteria<DomainVO> sc = _domainDao.createSearchCriteria();
if (keyword != null) {
SearchCriteria<DomainVO> ssc = _domainDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (domainId != null) {
sc.addAnd("parent", SearchCriteria.Op.EQ, domainId);
}
if (domainName != null) {
sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + domainName + "%");
}
if (path != null) {
sc.addAnd("path", SearchCriteria.Op.NEQ, path);
sc.addAnd("path", SearchCriteria.Op.LIKE, path + "%");
}
return _domainDao.search(sc, searchFilter);
}
@Override
@ActionEvent(eventType = EventTypes.EVENT_DOMAIN_UPDATE, eventDescription = "updating Domain")
@DB

235
server/src/com/cloud/user/AccountManagerImpl.java
View File

@ -46,6 +46,8 @@ import com.cloud.acl.SecurityChecker;
import com.cloud.acl.SecurityChecker.AccessType;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.ListAccountsCmd;
import com.cloud.api.commands.ListUsersCmd;
import com.cloud.api.commands.RegisterCmd;
import com.cloud.api.commands.UpdateAccountCmd;
import com.cloud.api.commands.UpdateUserCmd;
@ -58,6 +60,7 @@ import com.cloud.dc.DataCenterVO;
import com.cloud.dc.dao.DataCenterDao;
import com.cloud.domain.Domain;
import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
import com.cloud.event.EventUtils;
@ -104,7 +107,11 @@ import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GlobalLock;
import com.cloud.utils.db.JoinBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils;
@ -185,6 +192,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
private ProjectDao _projectDao;
@Inject
private AccountDetailsDao _accountDetailsDao;
@Inject
private DomainDao _domainDao;
private Adapters<UserAuthenticator> _userAuthenticators;
@ -1714,5 +1723,231 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
return null;
}
@Override
public List<AccountVO> searchForAccounts(ListAccountsCmd cmd) {
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
Long accountId = cmd.getId();
String accountName = cmd.getSearchName();
Boolean isRecursive = cmd.isRecursive();
if (isRecursive == null) {
isRecursive = false;
}
if (accountId != null && accountId.longValue() == 1L) {
// system account should NOT be searchable
List<AccountVO> emptyList = new ArrayList<AccountVO>();
return emptyList;
}
if (accountId != null) {
Account account = _accountDao.findById(accountId);
if (account == null) {
throw new InvalidParameterValueException("Unable to find account by id " + accountId);
}
checkAccess(caller, null, account);
}
if (domainId != null) {
Domain domain = _domainMgr.getDomain(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
}
checkAccess(caller, domain);
if (accountName != null) {
Account account = _accountDao.findActiveAccount(accountName, domainId);
if (account == null) {
throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
}
checkAccess(caller, null, account);
}
}
if (isAdmin(caller.getType())) {
if (domainId == null) {
domainId = caller.getDomainId();
isRecursive = true;
}
} else {
// regular user is constraint to only his account
accountId = caller.getId();
}
Filter searchFilter = new Filter(AccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Object type = cmd.getAccountType();
Object state = cmd.getState();
Object isCleanupRequired = cmd.isCleanupRequired();
Object keyword = cmd.getKeyword();
SearchBuilder<AccountVO> sb = _accountDao.createSearchBuilder();
sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("nid", sb.entity().getId(), SearchCriteria.Op.NEQ);
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
sb.and("needsCleanup", sb.entity().getNeedsCleanup(), SearchCriteria.Op.EQ);
sb.and("typeNEQ", sb.entity().getType(), SearchCriteria.Op.NEQ);
if ((domainId != null) && isRecursive) {
// do a domain LIKE match for the admin case if isRecursive is true
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
} else if ((domainId != null) && !isRecursive) {
// do a domain EXACT match for the admin case if isRecursive is true
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
SearchCriteria<AccountVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<AccountVO> ssc = _accountDao.createSearchCriteria();
ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("accountName", SearchCriteria.Op.SC, ssc);
}
if (accountName != null) {
sc.setParameters("accountName", accountName);
}
if (accountId != null) {
sc.setParameters("id", accountId);
}
if (domainId != null) {
DomainVO domain = _domainDao.findById(domainId);
// I want to join on user_vm.domain_id = domain.id where domain.path like 'foo%'
if (isRecursive) {
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
} else {
sc.setJoinParameters("domainSearch", "path", domain.getPath());
}
sc.setParameters("nid", 1L);
} else {
sc.setParameters("nid", 1L);
}
if (type != null) {
sc.setParameters("type", type);
}
if (state != null) {
sc.setParameters("state", state);
}
if (isCleanupRequired != null) {
sc.setParameters("needsCleanup", isCleanupRequired);
}
//don't return account of type project to the end user
sc.setParameters("typeNEQ", 5);
return _accountDao.search(sc, searchFilter);
}
@Override
public List<UserAccountVO> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException {
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
if (domainId != null) {
Domain domain = _domainDao.findById(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Unable to find domain by id=" + domainId);
}
checkAccess(caller, domain);
} else {
// default domainId to the caller's domain
domainId = caller.getDomainId();
}
Filter searchFilter = new Filter(UserAccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Long id = cmd.getId();
Object username = cmd.getUsername();
Object type = cmd.getAccountType();
Object accountName = cmd.getAccountName();
Object state = cmd.getState();
Object keyword = cmd.getKeyword();
SearchBuilder<UserAccountVO> sb = _userAccountDao.createSearchBuilder();
sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.LIKE);
if (id != null && id == 1) {
// system user should NOT be searchable
List<UserAccountVO> emptyList = new ArrayList<UserAccountVO>();
return emptyList;
} else if (id != null) {
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
} else {
// this condition is used to exclude system user from the search results
sb.and("id", sb.entity().getId(), SearchCriteria.Op.NEQ);
}
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
if ((accountName == null) && (domainId != null)) {
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
SearchCriteria<UserAccountVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<UserAccountVO> ssc = _userAccountDao.createSearchCriteria();
ssc.addOr("username", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("firstname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("lastname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("email", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("type", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("accountState", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("username", SearchCriteria.Op.SC, ssc);
}
if (username != null) {
sc.setParameters("username", username);
}
if (id != null) {
sc.setParameters("id", id);
} else {
// Don't return system user, search builder with NEQ
sc.setParameters("id", 1);
}
if (type != null) {
sc.setParameters("type", type);
}
if (accountName != null) {
sc.setParameters("accountName", accountName);
if (domainId != null) {
sc.setParameters("domainId", domainId);
}
} else if (domainId != null) {
DomainVO domainVO = _domainDao.findById(domainId);
sc.setJoinParameters("domainSearch", "path", domainVO.getPath() + "%");
}
if (state != null) {
sc.setParameters("state", state);
}
return _userAccountDao.search(sc, searchFilter);
}
}

114
server/src/com/cloud/user/DomainManagerImpl.java
View File

@ -28,6 +28,8 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import com.cloud.api.commands.ListDomainChildrenCmd;
import com.cloud.api.commands.ListDomainsCmd;
import com.cloud.configuration.ResourceLimit;
import com.cloud.configuration.dao.ResourceCountDao;
import com.cloud.domain.Domain;
@ -47,6 +49,8 @@ import com.cloud.user.dao.AccountDao;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
@ -314,4 +318,114 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager{
return success && deleteDomainSuccess;
}
@Override
public List<DomainVO> searchForDomains(ListDomainsCmd cmd) throws PermissionDeniedException {
Long domainId = cmd.getId();
Account caller = UserContext.current().getCaller();
String path = null;
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
DomainVO domain = _domainDao.findById(caller.getDomainId());
if (domain != null) {
path = domain.getPath();
}
}
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
String domainName = cmd.getDomainName();
Integer level = cmd.getLevel();
Object keyword = cmd.getKeyword();
SearchBuilder<DomainVO> sb = _domainDao.createSearchBuilder();
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
sb.and("level", sb.entity().getLevel(), SearchCriteria.Op.EQ);
sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
SearchCriteria<DomainVO> sc = sb.create();
if (keyword != null) {
SearchCriteria<DomainVO> ssc = _domainDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (domainName != null) {
sc.setParameters("name", "%" + domainName + "%");
}
if (level != null) {
sc.setParameters("level", level);
}
if (domainId != null) {
sc.setParameters("id", domainId);
}
if (path != null) {
sc.setParameters("path", "%" + path + "%");
}
return _domainDao.search(sc, searchFilter);
}
@Override
public List<DomainVO> searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException {
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
Long domainId = cmd.getId();
String domainName = cmd.getDomainName();
Boolean isRecursive = cmd.isRecursive();
Object keyword = cmd.getKeyword();
String path = null;
if (isRecursive == null) {
isRecursive = false;
}
Account caller = UserContext.current().getCaller();
if (domainId != null) {
if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
throw new PermissionDeniedException("Unable to list domains children for domain id " + domainId + ", permission denied.");
}
} else {
domainId = caller.getDomainId();
}
DomainVO domain = _domainDao.findById(domainId);
if (domain != null && isRecursive) {
path = domain.getPath();
domainId = null;
}
List<DomainVO> domainList = searchForDomainChildren(searchFilter, domainId, domainName, keyword, path);
return domainList;
}
private List<DomainVO> searchForDomainChildren(Filter searchFilter, Long domainId, String domainName, Object keyword, String path) {
SearchCriteria<DomainVO> sc = _domainDao.createSearchCriteria();
if (keyword != null) {
SearchCriteria<DomainVO> ssc = _domainDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (domainId != null) {
sc.addAnd("parent", SearchCriteria.Op.EQ, domainId);
}
if (domainName != null) {
sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + domainName + "%");
}
if (path != null) {
sc.addAnd("path", SearchCriteria.Op.NEQ, path);
sc.addAnd("path", SearchCriteria.Op.LIKE, path + "%");
}
return _domainDao.search(sc, searchFilter);
}
}