From abfbac792877f3226c42ea7f4a599cfa37e9978a Mon Sep 17 00:00:00 2001 From: Alena Prokharchyk Date: Mon, 28 Nov 2011 15:30:43 -0800 Subject: [PATCH] Moved listAccount/listDomains/listDomainChildren methods from ManagementServer to Account/Domain managers --- .../cloud/api/commands/ListAccountsCmd.java | 4 +- .../api/commands/ListDomainChildrenCmd.java | 2 +- .../cloud/api/commands/ListDomainsCmd.java | 2 +- .../com/cloud/api/commands/ListUsersCmd.java | 2 +- .../com/cloud/server/ManagementService.java | 32 -- api/src/com/cloud/user/AccountService.java | 8 + api/src/com/cloud/user/DomainService.java | 11 + client/tomcatconf/commands.properties.in | 1 - .../cloud/server/ManagementServerImpl.java | 346 ------------------ .../com/cloud/user/AccountManagerImpl.java | 235 ++++++++++++ .../src/com/cloud/user/DomainManagerImpl.java | 114 ++++++ 11 files changed, 372 insertions(+), 385 deletions(-) diff --git a/api/src/com/cloud/api/commands/ListAccountsCmd.java b/api/src/com/cloud/api/commands/ListAccountsCmd.java index 2e662c7ce5b..e8c31496de8 100755 --- a/api/src/com/cloud/api/commands/ListAccountsCmd.java +++ b/api/src/com/cloud/api/commands/ListAccountsCmd.java @@ -19,7 +19,6 @@ package com.cloud.api.commands; import java.util.ArrayList; import java.util.List; -import java.util.Map; import org.apache.log4j.Logger; @@ -28,7 +27,6 @@ import com.cloud.api.BaseListCmd; import com.cloud.api.IdentityMapper; import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.BaseCmd.CommandType; import com.cloud.api.response.AccountResponse; import com.cloud.api.response.ListResponse; import com.cloud.user.Account; @@ -108,7 +106,7 @@ public class ListAccountsCmd extends BaseListCmd { @Override public void execute(){ - List accounts = _mgr.searchForAccounts(this); + List accounts = _accountService.searchForAccounts(this); ListResponse response = new ListResponse(); List accountResponses = new ArrayList(); for (Account account : accounts) { diff --git a/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java b/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java index 3f3f93e9fac..6162dd0985a 100644 --- a/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java +++ b/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java @@ -78,7 +78,7 @@ public class ListDomainChildrenCmd extends BaseListCmd { @Override public void execute(){ - List result = _mgr.searchForDomainChildren(this); + List result = _domainService.searchForDomainChildren(this); ListResponse response = new ListResponse(); List domainResponses = new ArrayList(); for (Domain domain : result) { diff --git a/api/src/com/cloud/api/commands/ListDomainsCmd.java b/api/src/com/cloud/api/commands/ListDomainsCmd.java index 1512659c119..5285152271a 100644 --- a/api/src/com/cloud/api/commands/ListDomainsCmd.java +++ b/api/src/com/cloud/api/commands/ListDomainsCmd.java @@ -78,7 +78,7 @@ public class ListDomainsCmd extends BaseListCmd { @Override public void execute(){ - List result = _mgr.searchForDomains(this); + List result = _domainService.searchForDomains(this); ListResponse response = new ListResponse(); List domainResponses = new ArrayList(); for (Domain domain : result) { diff --git a/api/src/com/cloud/api/commands/ListUsersCmd.java b/api/src/com/cloud/api/commands/ListUsersCmd.java index 666630ed732..82d83878675 100644 --- a/api/src/com/cloud/api/commands/ListUsersCmd.java +++ b/api/src/com/cloud/api/commands/ListUsersCmd.java @@ -101,7 +101,7 @@ public class ListUsersCmd extends BaseListCmd { @Override public void execute(){ - List result = _mgr.searchForUsers(this); + List result = _accountService.searchForUsers(this); ListResponse response = new ListResponse(); List userResponses = new ArrayList(); for (UserAccount user : result) { diff --git a/api/src/com/cloud/server/ManagementService.java b/api/src/com/cloud/server/ManagementService.java index cc375e6e70b..462ecb58261 100755 --- a/api/src/com/cloud/server/ManagementService.java +++ b/api/src/com/cloud/server/ManagementService.java @@ -30,7 +30,6 @@ import com.cloud.api.commands.DeleteSSHKeyPairCmd; import com.cloud.api.commands.DestroySystemVmCmd; import com.cloud.api.commands.ExtractVolumeCmd; import com.cloud.api.commands.GetVMPasswordCmd; -import com.cloud.api.commands.ListAccountsCmd; import com.cloud.api.commands.ListAlertsCmd; import com.cloud.api.commands.ListAsyncJobsCmd; import com.cloud.api.commands.ListCapabilitiesCmd; @@ -38,8 +37,6 @@ import com.cloud.api.commands.ListCapacityCmd; import com.cloud.api.commands.ListCfgsByCmd; import com.cloud.api.commands.ListClustersCmd; import com.cloud.api.commands.ListDiskOfferingsCmd; -import com.cloud.api.commands.ListDomainChildrenCmd; -import com.cloud.api.commands.ListDomainsCmd; import com.cloud.api.commands.ListEventsCmd; import com.cloud.api.commands.ListGuestOsCategoriesCmd; import com.cloud.api.commands.ListGuestOsCmd; @@ -54,7 +51,6 @@ import com.cloud.api.commands.ListStoragePoolsCmd; import com.cloud.api.commands.ListSystemVMsCmd; import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd; import com.cloud.api.commands.ListTemplatesCmd; -import com.cloud.api.commands.ListUsersCmd; import com.cloud.api.commands.ListVMGroupsCmd; import com.cloud.api.commands.ListVlanIpRangesCmd; import com.cloud.api.commands.ListVolumesCmd; @@ -95,9 +91,7 @@ import com.cloud.storage.GuestOsCategory; import com.cloud.storage.StoragePool; import com.cloud.storage.Volume; import com.cloud.template.VirtualMachineTemplate; -import com.cloud.user.Account; import com.cloud.user.SSHKeyPair; -import com.cloud.user.UserAccount; import com.cloud.utils.Pair; import com.cloud.vm.InstanceGroup; import com.cloud.vm.VirtualMachine; @@ -126,15 +120,6 @@ public interface ManagementService { */ List searchForConfigurations(ListCfgsByCmd c); - /** - * revisit Searches for users by the specified search criteria Can search by: "id", "username", "account", "domainId", - * "type" - * - * @param cmd - * @return List of UserAccounts - */ - List searchForUsers(ListUsersCmd cmd); - /** * Searches for Service Offerings by the specified search criteria Can search by: "name" * @@ -235,15 +220,6 @@ public interface ManagementService { VirtualMachine destroySystemVM(DestroySystemVmCmd cmd); - /** - * Search for domains owned by the given domainId/domainName (those parameters are wrapped in a command object. - * - * @return list of domains owned by the given user - */ - List searchForDomains(ListDomainsCmd c); - - List searchForDomainChildren(ListDomainChildrenCmd cmd); - /** * update an existing domain * @@ -253,14 +229,6 @@ public interface ManagementService { */ Domain updateDomain(UpdateDomainCmd cmd); - /** - * Searches for accounts by the specified search criteria Can search by: "id", "name", "domainid", "type" - * - * @param cmd - * @return List of Accounts - */ - List searchForAccounts(ListAccountsCmd cmd); - /** * Searches for alerts * diff --git a/api/src/com/cloud/user/AccountService.java b/api/src/com/cloud/user/AccountService.java index 1029f80ee85..711974d6738 100755 --- a/api/src/com/cloud/user/AccountService.java +++ b/api/src/com/cloud/user/AccountService.java @@ -21,10 +21,13 @@ import java.util.List; import java.util.Map; import com.cloud.api.commands.DeleteUserCmd; +import com.cloud.api.commands.ListAccountsCmd; +import com.cloud.api.commands.ListUsersCmd; import com.cloud.api.commands.RegisterCmd; import com.cloud.api.commands.UpdateAccountCmd; import com.cloud.api.commands.UpdateUserCmd; import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.utils.Pair; @@ -159,4 +162,9 @@ public interface AccountService { public String[] createApiKeyAndSecretKey(RegisterCmd cmd); + List searchForAccounts(ListAccountsCmd cmd); + + List searchForUsers(ListUsersCmd cmd) + throws PermissionDeniedException; + } diff --git a/api/src/com/cloud/user/DomainService.java b/api/src/com/cloud/user/DomainService.java index cbeae1b07f4..6b4f83f832f 100644 --- a/api/src/com/cloud/user/DomainService.java +++ b/api/src/com/cloud/user/DomainService.java @@ -17,7 +17,12 @@ */ package com.cloud.user; +import java.util.List; + +import com.cloud.api.commands.ListDomainChildrenCmd; +import com.cloud.api.commands.ListDomainsCmd; import com.cloud.domain.Domain; +import com.cloud.exception.PermissionDeniedException; public interface DomainService { @@ -35,4 +40,10 @@ public interface DomainService { boolean isChildDomain(Long parentId, Long childId); boolean deleteDomain(long domainId, Boolean cleanup); + + List searchForDomains(ListDomainsCmd cmd) + throws PermissionDeniedException; + + List searchForDomainChildren(ListDomainChildrenCmd cmd) + throws PermissionDeniedException; } diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in index 8f5341313a0..6b60edaebe4 100755 --- a/client/tomcatconf/commands.properties.in +++ b/client/tomcatconf/commands.properties.in @@ -19,7 +19,6 @@ listUsers=com.cloud.api.commands.ListUsersCmd;7 disableUser=com.cloud.api.commands.DisableUserCmd;7 enableUser=com.cloud.api.commands.EnableUserCmd;7 - #### Domain commands createDomain=com.cloud.api.commands.CreateDomainCmd;1 updateDomain=com.cloud.api.commands.UpdateDomainCmd;1 diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index a66ffe3314b..90cc7e9987f 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -63,7 +63,6 @@ import com.cloud.api.commands.DeleteSSHKeyPairCmd; import com.cloud.api.commands.DestroySystemVmCmd; import com.cloud.api.commands.ExtractVolumeCmd; import com.cloud.api.commands.GetVMPasswordCmd; -import com.cloud.api.commands.ListAccountsCmd; import com.cloud.api.commands.ListAlertsCmd; import com.cloud.api.commands.ListAsyncJobsCmd; import com.cloud.api.commands.ListCapabilitiesCmd; @@ -71,8 +70,6 @@ import com.cloud.api.commands.ListCapacityCmd; import com.cloud.api.commands.ListCfgsByCmd; import com.cloud.api.commands.ListClustersCmd; import com.cloud.api.commands.ListDiskOfferingsCmd; -import com.cloud.api.commands.ListDomainChildrenCmd; -import com.cloud.api.commands.ListDomainsCmd; import com.cloud.api.commands.ListEventsCmd; import com.cloud.api.commands.ListGuestOsCategoriesCmd; import com.cloud.api.commands.ListGuestOsCmd; @@ -87,7 +84,6 @@ import com.cloud.api.commands.ListStoragePoolsCmd; import com.cloud.api.commands.ListSystemVMsCmd; import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd; import com.cloud.api.commands.ListTemplatesCmd; -import com.cloud.api.commands.ListUsersCmd; import com.cloud.api.commands.ListVMGroupsCmd; import com.cloud.api.commands.ListVlanIpRangesCmd; import com.cloud.api.commands.ListVolumesCmd; @@ -209,11 +205,9 @@ import com.cloud.user.AccountVO; import com.cloud.user.SSHKeyPair; import com.cloud.user.SSHKeyPairVO; import com.cloud.user.User; -import com.cloud.user.UserAccountVO; import com.cloud.user.UserContext; import com.cloud.user.dao.AccountDao; import com.cloud.user.dao.SSHKeyPairDao; -import com.cloud.user.dao.UserAccountDao; import com.cloud.user.dao.UserDao; import com.cloud.utils.EnumUtils; import com.cloud.utils.NumbersUtil; @@ -289,7 +283,6 @@ public class ManagementServerImpl implements ManagementServer { private final LaunchPermissionDao _launchPermissionDao; private final DomainDao _domainDao; private final AccountDao _accountDao; - private final UserAccountDao _userAccountDao; private final AlertDao _alertDao; private final CapacityDao _capacityDao; private final GuestOSDao _guestOSDao; @@ -367,7 +360,6 @@ public class ManagementServerImpl implements ManagementServer { _launchPermissionDao = locator.getDao(LaunchPermissionDao.class); _domainDao = locator.getDao(DomainDao.class); _accountDao = locator.getDao(AccountDao.class); - _userAccountDao = locator.getDao(UserAccountDao.class); _alertDao = locator.getDao(AlertDao.class); _capacityDao = locator.getDao(CapacityDao.class); _guestOSDao = locator.getDao(GuestOSDao.class); @@ -597,102 +589,6 @@ public class ManagementServerImpl implements ManagementServer { return cal.getTime(); } - @Override - public List searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException { - Account caller = UserContext.current().getCaller(); - Long domainId = cmd.getDomainId(); - if (domainId != null) { - Domain domain = _domainDao.findById(domainId); - if (domain == null) { - throw new InvalidParameterValueException("Unable to find domain by id=" + domainId); - } - - _accountMgr.checkAccess(caller, domain); - } else { - // default domainId to the admin's domain - domainId = caller.getDomainId(); - } - - Filter searchFilter = new Filter(UserAccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); - - Long id = cmd.getId(); - Object username = cmd.getUsername(); - Object type = cmd.getAccountType(); - Object accountName = cmd.getAccountName(); - Object state = cmd.getState(); - Object keyword = cmd.getKeyword(); - - SearchBuilder sb = _userAccountDao.createSearchBuilder(); - sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.LIKE); - if (id != null && id == 1) { - // system user should NOT be searchable - List emptyList = new ArrayList(); - return emptyList; - } else if (id != null) { - sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); - } else { - // this condition is used to exclude system user from the search results - sb.and("id", sb.entity().getId(), SearchCriteria.Op.NEQ); - } - - sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ); - sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ); - sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ); - sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ); - - if ((accountName == null) && (domainId != null)) { - SearchBuilder domainSearch = _domainDao.createSearchBuilder(); - domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE); - sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); - } - - SearchCriteria sc = sb.create(); - if (keyword != null) { - SearchCriteria ssc = _userAccountDao.createSearchCriteria(); - ssc.addOr("username", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("firstname", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("lastname", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("email", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("type", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("accountState", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - - sc.addAnd("username", SearchCriteria.Op.SC, ssc); - } - - if (username != null) { - sc.setParameters("username", username); - } - - if (id != null) { - sc.setParameters("id", id); - } else { - // Don't return system user, search builder with NEQ - sc.setParameters("id", 1); - } - - if (type != null) { - sc.setParameters("type", type); - } - - if (accountName != null) { - sc.setParameters("accountName", accountName); - if (domainId != null) { - sc.setParameters("domainId", domainId); - } - } else if (domainId != null) { - DomainVO domainVO = _domainDao.findById(domainId); - sc.setJoinParameters("domainSearch", "path", domainVO.getPath() + "%"); - } - - if (state != null) { - sc.setParameters("state", state); - } - - return _userAccountDao.search(sc, searchFilter); - } - // This method is used for permissions check for both disk and service offerings private boolean isPermissible(Long accountDomainId, Long offeringDomainId) { @@ -1433,136 +1329,6 @@ public class ManagementServerImpl implements ManagementServer { return templateZonePairSet; } - @Override - public List searchForAccounts(ListAccountsCmd cmd) { - Account caller = UserContext.current().getCaller(); - Long domainId = cmd.getDomainId(); - Long accountId = cmd.getId(); - String accountName = cmd.getSearchName(); - Boolean isRecursive = cmd.isRecursive(); - - if (isRecursive == null) { - isRecursive = false; - } - - if (accountId != null && accountId.longValue() == 1L) { - // system account should NOT be searchable - List emptyList = new ArrayList(); - return emptyList; - } - - if (accountId != null) { - Account account = _accountDao.findById(accountId); - if (account == null) { - throw new InvalidParameterValueException("Unable to find account by id " + accountId); - } - - _accountMgr.checkAccess(caller, null, account); - } - - if (domainId != null) { - Domain domain = _domainDao.findById(domainId); - if (domain == null) { - throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist"); - } - _accountMgr.checkAccess(caller, domain); - - if (accountName != null) { - Account account = _accountDao.findActiveAccount(accountName, domainId); - if (account == null) { - throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId); - } - - _accountMgr.checkAccess(caller, null, account); - } - } - - if (isAdmin(caller.getType())) { - if (domainId == null) { - domainId = caller.getDomainId(); - isRecursive = true; - } - } else { - // regular user is constraint to only his account - accountId = caller.getId(); - } - - Filter searchFilter = new Filter(AccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); - - Object type = cmd.getAccountType(); - Object state = cmd.getState(); - Object isCleanupRequired = cmd.isCleanupRequired(); - Object keyword = cmd.getKeyword(); - - SearchBuilder sb = _accountDao.createSearchBuilder(); - sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ); - sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); - sb.and("nid", sb.entity().getId(), SearchCriteria.Op.NEQ); - sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ); - sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ); - sb.and("needsCleanup", sb.entity().getNeedsCleanup(), SearchCriteria.Op.EQ); - sb.and("typeNEQ", sb.entity().getType(), SearchCriteria.Op.NEQ); - - if ((domainId != null) && isRecursive) { - // do a domain LIKE match for the admin case if isRecursive is true - SearchBuilder domainSearch = _domainDao.createSearchBuilder(); - domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE); - sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); - } else if ((domainId != null) && !isRecursive) { - // do a domain EXACT match for the admin case if isRecursive is true - SearchBuilder domainSearch = _domainDao.createSearchBuilder(); - domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ); - sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); - } - - SearchCriteria sc = sb.create(); - if (keyword != null) { - SearchCriteria ssc = _accountDao.createSearchCriteria(); - ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - sc.addAnd("accountName", SearchCriteria.Op.SC, ssc); - } - - if (accountName != null) { - sc.setParameters("accountName", accountName); - } - - if (accountId != null) { - sc.setParameters("id", accountId); - } - - if (domainId != null) { - DomainVO domain = _domainDao.findById(domainId); - - // I want to join on user_vm.domain_id = domain.id where domain.path like 'foo%' - if (isRecursive) { - sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%"); - } else { - sc.setJoinParameters("domainSearch", "path", domain.getPath()); - } - - sc.setParameters("nid", 1L); - } else { - sc.setParameters("nid", 1L); - } - - if (type != null) { - sc.setParameters("type", type); - } - - if (state != null) { - sc.setParameters("state", state); - } - - if (isCleanupRequired != null) { - sc.setParameters("needsCleanup", isCleanupRequired); - } - - //don't return account of type project to the end user - sc.setParameters("typeNEQ", 5); - - return _accountDao.search(sc, searchFilter); - } @Override public VMTemplateVO updateTemplate(UpdateIsoCmd cmd) { @@ -2298,118 +2064,6 @@ public class ManagementServerImpl implements ManagementServer { return new Pair(null, -1); } - @Override - public List searchForDomains(ListDomainsCmd cmd) throws PermissionDeniedException { - Long domainId = cmd.getId(); - Account account = UserContext.current().getCaller(); - String path = null; - - if (account != null && (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) { - DomainVO domain = _domainDao.findById(account.getDomainId()); - if (domain != null) { - path = domain.getPath(); - } - } - - Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); - String domainName = cmd.getDomainName(); - Integer level = cmd.getLevel(); - Object keyword = cmd.getKeyword(); - - SearchBuilder sb = _domainDao.createSearchBuilder(); - sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); - sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE); - sb.and("level", sb.entity().getLevel(), SearchCriteria.Op.EQ); - sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE); - - SearchCriteria sc = sb.create(); - - if (keyword != null) { - SearchCriteria ssc = _domainDao.createSearchCriteria(); - ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - sc.addAnd("name", SearchCriteria.Op.SC, ssc); - } - - if (domainName != null) { - sc.setParameters("name", "%" + domainName + "%"); - } - - if (level != null) { - sc.setParameters("level", level); - } - - if (domainId != null) { - sc.setParameters("id", domainId); - } - - if (path != null) { - sc.setParameters("path", "%" + path + "%"); - } - - return _domainDao.search(sc, searchFilter); - } - - @Override - public List searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException { - Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); - Long domainId = cmd.getId(); - String domainName = cmd.getDomainName(); - Boolean isRecursive = cmd.isRecursive(); - Object keyword = cmd.getKeyword(); - String path = null; - - if (isRecursive == null) { - isRecursive = false; - } - - Account account = UserContext.current().getCaller(); - if (account != null) { - if (domainId != null) { - if (!_domainDao.isChildDomain(account.getDomainId(), domainId)) { - throw new PermissionDeniedException("Unable to list domains children for domain id " + domainId + ", permission denied."); - } - } else { - domainId = account.getDomainId(); - } - } - - DomainVO domain = _domainDao.findById(domainId); - if (domain != null && isRecursive) { - path = domain.getPath(); - domainId = null; - } - - List domainList = searchForDomainChildren(searchFilter, domainId, domainName, keyword, path); - - return domainList; - } - - private List searchForDomainChildren(Filter searchFilter, Long domainId, String domainName, Object keyword, String path) { - SearchCriteria sc = _domainDao.createSearchCriteria(); - - if (keyword != null) { - SearchCriteria ssc = _domainDao.createSearchCriteria(); - ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); - - sc.addAnd("name", SearchCriteria.Op.SC, ssc); - } - - if (domainId != null) { - sc.addAnd("parent", SearchCriteria.Op.EQ, domainId); - } - - if (domainName != null) { - sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + domainName + "%"); - } - - if (path != null) { - sc.addAnd("path", SearchCriteria.Op.NEQ, path); - sc.addAnd("path", SearchCriteria.Op.LIKE, path + "%"); - } - - return _domainDao.search(sc, searchFilter); - } - @Override @ActionEvent(eventType = EventTypes.EVENT_DOMAIN_UPDATE, eventDescription = "updating Domain") @DB diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index 5bec7b7393d..490c73a728f 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -46,6 +46,8 @@ import com.cloud.acl.SecurityChecker; import com.cloud.acl.SecurityChecker.AccessType; import com.cloud.api.ApiDBUtils; import com.cloud.api.commands.DeleteUserCmd; +import com.cloud.api.commands.ListAccountsCmd; +import com.cloud.api.commands.ListUsersCmd; import com.cloud.api.commands.RegisterCmd; import com.cloud.api.commands.UpdateAccountCmd; import com.cloud.api.commands.UpdateUserCmd; @@ -58,6 +60,7 @@ import com.cloud.dc.DataCenterVO; import com.cloud.dc.dao.DataCenterDao; import com.cloud.domain.Domain; import com.cloud.domain.DomainVO; +import com.cloud.domain.dao.DomainDao; import com.cloud.event.ActionEvent; import com.cloud.event.EventTypes; import com.cloud.event.EventUtils; @@ -104,7 +107,11 @@ import com.cloud.utils.component.Inject; import com.cloud.utils.component.Manager; import com.cloud.utils.concurrency.NamedThreadFactory; import com.cloud.utils.db.DB; +import com.cloud.utils.db.Filter; import com.cloud.utils.db.GlobalLock; +import com.cloud.utils.db.JoinBuilder; +import com.cloud.utils.db.SearchBuilder; +import com.cloud.utils.db.SearchCriteria; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; @@ -185,6 +192,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag private ProjectDao _projectDao; @Inject private AccountDetailsDao _accountDetailsDao; + @Inject + private DomainDao _domainDao; private Adapters _userAuthenticators; @@ -1714,5 +1723,231 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag return null; } + @Override + public List searchForAccounts(ListAccountsCmd cmd) { + Account caller = UserContext.current().getCaller(); + Long domainId = cmd.getDomainId(); + Long accountId = cmd.getId(); + String accountName = cmd.getSearchName(); + Boolean isRecursive = cmd.isRecursive(); + + if (isRecursive == null) { + isRecursive = false; + } + + if (accountId != null && accountId.longValue() == 1L) { + // system account should NOT be searchable + List emptyList = new ArrayList(); + return emptyList; + } + + if (accountId != null) { + Account account = _accountDao.findById(accountId); + if (account == null) { + throw new InvalidParameterValueException("Unable to find account by id " + accountId); + } + + checkAccess(caller, null, account); + } + + if (domainId != null) { + Domain domain = _domainMgr.getDomain(domainId); + if (domain == null) { + throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist"); + } + checkAccess(caller, domain); + + if (accountName != null) { + Account account = _accountDao.findActiveAccount(accountName, domainId); + if (account == null) { + throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId); + } + + checkAccess(caller, null, account); + } + } + + if (isAdmin(caller.getType())) { + if (domainId == null) { + domainId = caller.getDomainId(); + isRecursive = true; + } + } else { + // regular user is constraint to only his account + accountId = caller.getId(); + } + + Filter searchFilter = new Filter(AccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); + + Object type = cmd.getAccountType(); + Object state = cmd.getState(); + Object isCleanupRequired = cmd.isCleanupRequired(); + Object keyword = cmd.getKeyword(); + + SearchBuilder sb = _accountDao.createSearchBuilder(); + sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ); + sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); + sb.and("nid", sb.entity().getId(), SearchCriteria.Op.NEQ); + sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ); + sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ); + sb.and("needsCleanup", sb.entity().getNeedsCleanup(), SearchCriteria.Op.EQ); + sb.and("typeNEQ", sb.entity().getType(), SearchCriteria.Op.NEQ); + + if ((domainId != null) && isRecursive) { + // do a domain LIKE match for the admin case if isRecursive is true + SearchBuilder domainSearch = _domainDao.createSearchBuilder(); + domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE); + sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); + } else if ((domainId != null) && !isRecursive) { + // do a domain EXACT match for the admin case if isRecursive is true + SearchBuilder domainSearch = _domainDao.createSearchBuilder(); + domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ); + sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); + } + + SearchCriteria sc = sb.create(); + if (keyword != null) { + SearchCriteria ssc = _accountDao.createSearchCriteria(); + ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + sc.addAnd("accountName", SearchCriteria.Op.SC, ssc); + } + + if (accountName != null) { + sc.setParameters("accountName", accountName); + } + + if (accountId != null) { + sc.setParameters("id", accountId); + } + + if (domainId != null) { + DomainVO domain = _domainDao.findById(domainId); + + // I want to join on user_vm.domain_id = domain.id where domain.path like 'foo%' + if (isRecursive) { + sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%"); + } else { + sc.setJoinParameters("domainSearch", "path", domain.getPath()); + } + + sc.setParameters("nid", 1L); + } else { + sc.setParameters("nid", 1L); + } + + if (type != null) { + sc.setParameters("type", type); + } + + if (state != null) { + sc.setParameters("state", state); + } + + if (isCleanupRequired != null) { + sc.setParameters("needsCleanup", isCleanupRequired); + } + + //don't return account of type project to the end user + sc.setParameters("typeNEQ", 5); + + return _accountDao.search(sc, searchFilter); + } + + @Override + public List searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException { + Account caller = UserContext.current().getCaller(); + Long domainId = cmd.getDomainId(); + if (domainId != null) { + Domain domain = _domainDao.findById(domainId); + if (domain == null) { + throw new InvalidParameterValueException("Unable to find domain by id=" + domainId); + } + + checkAccess(caller, domain); + } else { + // default domainId to the caller's domain + domainId = caller.getDomainId(); + } + + Filter searchFilter = new Filter(UserAccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); + + Long id = cmd.getId(); + Object username = cmd.getUsername(); + Object type = cmd.getAccountType(); + Object accountName = cmd.getAccountName(); + Object state = cmd.getState(); + Object keyword = cmd.getKeyword(); + + SearchBuilder sb = _userAccountDao.createSearchBuilder(); + sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.LIKE); + if (id != null && id == 1) { + // system user should NOT be searchable + List emptyList = new ArrayList(); + return emptyList; + } else if (id != null) { + sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); + } else { + // this condition is used to exclude system user from the search results + sb.and("id", sb.entity().getId(), SearchCriteria.Op.NEQ); + } + + sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ); + sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ); + sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ); + sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ); + + if ((accountName == null) && (domainId != null)) { + SearchBuilder domainSearch = _domainDao.createSearchBuilder(); + domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE); + sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER); + } + + SearchCriteria sc = sb.create(); + if (keyword != null) { + SearchCriteria ssc = _userAccountDao.createSearchCriteria(); + ssc.addOr("username", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("firstname", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("lastname", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("email", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("type", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + ssc.addOr("accountState", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + + sc.addAnd("username", SearchCriteria.Op.SC, ssc); + } + + if (username != null) { + sc.setParameters("username", username); + } + + if (id != null) { + sc.setParameters("id", id); + } else { + // Don't return system user, search builder with NEQ + sc.setParameters("id", 1); + } + + if (type != null) { + sc.setParameters("type", type); + } + + if (accountName != null) { + sc.setParameters("accountName", accountName); + if (domainId != null) { + sc.setParameters("domainId", domainId); + } + } else if (domainId != null) { + DomainVO domainVO = _domainDao.findById(domainId); + sc.setJoinParameters("domainSearch", "path", domainVO.getPath() + "%"); + } + + if (state != null) { + sc.setParameters("state", state); + } + + return _userAccountDao.search(sc, searchFilter); + } } diff --git a/server/src/com/cloud/user/DomainManagerImpl.java b/server/src/com/cloud/user/DomainManagerImpl.java index 85a6b396973..97462421da0 100644 --- a/server/src/com/cloud/user/DomainManagerImpl.java +++ b/server/src/com/cloud/user/DomainManagerImpl.java @@ -28,6 +28,8 @@ import javax.naming.ConfigurationException; import org.apache.log4j.Logger; +import com.cloud.api.commands.ListDomainChildrenCmd; +import com.cloud.api.commands.ListDomainsCmd; import com.cloud.configuration.ResourceLimit; import com.cloud.configuration.dao.ResourceCountDao; import com.cloud.domain.Domain; @@ -47,6 +49,8 @@ import com.cloud.user.dao.AccountDao; import com.cloud.utils.component.Inject; import com.cloud.utils.component.Manager; import com.cloud.utils.db.DB; +import com.cloud.utils.db.Filter; +import com.cloud.utils.db.SearchBuilder; import com.cloud.utils.db.SearchCriteria; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; @@ -314,4 +318,114 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager{ return success && deleteDomainSuccess; } + + @Override + public List searchForDomains(ListDomainsCmd cmd) throws PermissionDeniedException { + Long domainId = cmd.getId(); + Account caller = UserContext.current().getCaller(); + String path = null; + + if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) { + DomainVO domain = _domainDao.findById(caller.getDomainId()); + if (domain != null) { + path = domain.getPath(); + } + } + + Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); + String domainName = cmd.getDomainName(); + Integer level = cmd.getLevel(); + Object keyword = cmd.getKeyword(); + + SearchBuilder sb = _domainDao.createSearchBuilder(); + sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); + sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE); + sb.and("level", sb.entity().getLevel(), SearchCriteria.Op.EQ); + sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE); + + SearchCriteria sc = sb.create(); + + if (keyword != null) { + SearchCriteria ssc = _domainDao.createSearchCriteria(); + ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + sc.addAnd("name", SearchCriteria.Op.SC, ssc); + } + + if (domainName != null) { + sc.setParameters("name", "%" + domainName + "%"); + } + + if (level != null) { + sc.setParameters("level", level); + } + + if (domainId != null) { + sc.setParameters("id", domainId); + } + + if (path != null) { + sc.setParameters("path", "%" + path + "%"); + } + + return _domainDao.search(sc, searchFilter); + } + + @Override + public List searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException { + Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal()); + Long domainId = cmd.getId(); + String domainName = cmd.getDomainName(); + Boolean isRecursive = cmd.isRecursive(); + Object keyword = cmd.getKeyword(); + String path = null; + + if (isRecursive == null) { + isRecursive = false; + } + + Account caller = UserContext.current().getCaller(); + if (domainId != null) { + if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) { + throw new PermissionDeniedException("Unable to list domains children for domain id " + domainId + ", permission denied."); + } + } else { + domainId = caller.getDomainId(); + } + + DomainVO domain = _domainDao.findById(domainId); + if (domain != null && isRecursive) { + path = domain.getPath(); + domainId = null; + } + + List domainList = searchForDomainChildren(searchFilter, domainId, domainName, keyword, path); + + return domainList; + } + + private List searchForDomainChildren(Filter searchFilter, Long domainId, String domainName, Object keyword, String path) { + SearchCriteria sc = _domainDao.createSearchCriteria(); + + if (keyword != null) { + SearchCriteria ssc = _domainDao.createSearchCriteria(); + ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); + + sc.addAnd("name", SearchCriteria.Op.SC, ssc); + } + + if (domainId != null) { + sc.addAnd("parent", SearchCriteria.Op.EQ, domainId); + } + + if (domainName != null) { + sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + domainName + "%"); + } + + if (path != null) { + sc.addAnd("path", SearchCriteria.Op.NEQ, path); + sc.addAnd("path", SearchCriteria.Op.LIKE, path + "%"); + } + + return _domainDao.search(sc, searchFilter); + } }