etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactoring listTemplatePermissions and listIsoPermissions to new API framework.

This commit is contained in:
Kris McQueen 2010-09-08 15:13:04 -07:00
parent 5204349fef
commit b40f496f80
6 changed files with 142 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/com/cloud/api/commands/ListIsoPermissionsCmd.java
View File

@ -10,7 +10,7 @@ public class ListIsoPermissionsCmd extends ListTemplateOrIsoPermissionsCmd {
return "listisopermissionsresponse";
}
protected String getMediaType() {
public String getMediaType() {
return "iso";
}

129
server/src/com/cloud/api/commands/ListTemplateOrIsoPermissionsCmd.java
View File

@ -1,31 +1,23 @@
package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
import com.cloud.api.BaseCmd;
import com.cloud.api.BaseListCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.domain.DomainVO;
import com.cloud.api.response.TemplatePermissionsResponse;
import com.cloud.serializer.SerializerHelper;
import com.cloud.storage.VMTemplateVO;
import com.cloud.user.Account;
import com.cloud.utils.Pair;
import com.cloud.user.UserContext;
public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
@Implementation(method="listTemplatePermissions")
public class ListTemplateOrIsoPermissionsCmd extends BaseListCmd {
public Logger s_logger = getLogger();
protected static final List<Pair<Enum, Boolean>> s_properties = new ArrayList<Pair<Enum, Boolean>>();
protected String s_name = getResponseName();
static {
s_properties.add(new Pair<Enum, Boolean>(BaseCmd.Properties.ACCOUNT_OBJ, Boolean.FALSE));
s_properties.add(new Pair<Enum, Boolean>(BaseCmd.Properties.ACCOUNT, Boolean.FALSE));
s_properties.add(new Pair<Enum, Boolean>(BaseCmd.Properties.DOMAIN_ID, Boolean.FALSE));
s_properties.add(new Pair<Enum, Boolean>(BaseCmd.Properties.ID, Boolean.TRUE));
}
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@ -63,9 +55,32 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
public String getName() {
return s_name;
}
@Override
public List<Pair<Enum, Boolean>> getProperties() {
return s_properties;
@Override @SuppressWarnings("unchecked")
public String getResponse() {
List<String> accountNames = (List<String>)getResponseObject();
Account account = (Account)UserContext.current().getAccountObject();
boolean isAdmin = ((account == null) || isAdmin(account.getType()));
Long templateOwnerDomain = null;
VMTemplateVO template = getManagementServer().findTemplateById(id);
if (isAdmin) {
// FIXME: we have just template id and need to get template owner from that
Account templateOwner = getManagementServer().findAccountById(template.getAccountId());
if (templateOwner != null) {
templateOwnerDomain = templateOwner.getDomainId();
}
}
TemplatePermissionsResponse response = new TemplatePermissionsResponse();
response.setId(template.getId());
response.setPublicTemplate(template.isPublicTemplate());
if (isAdmin && (templateOwnerDomain != null)) {
response.setDomainId(templateOwnerDomain);
}
response.setAccountNames(accountNames);
return SerializerHelper.toSerializedString(response);
}
protected boolean templateIsCorrectType(VMTemplateVO template) {
@ -76,87 +91,11 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
return "updatetemplateorisopermissionsresponse";
}
protected String getMediaType() {
public String getMediaType() {
return "templateOrIso";
}
protected Logger getLogger() {
return Logger.getLogger(UpdateTemplateOrIsoPermissionsCmd.class.getName());
}
@Override
public List<Pair<String, Object>> execute(Map<String, Object> params) {
Long id = (Long)params.get(BaseCmd.Properties.ID.getName());
Account account = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName());
String acctName = (String)params.get(BaseCmd.Properties.ACCOUNT.getName());
Long domainId = (Long)params.get(BaseCmd.Properties.DOMAIN_ID.getName());
Long accountId = null;
if ((account == null) || account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
// validate domainId before proceeding
if (domainId != null) {
if ((account != null) && !getManagementServer().isChildDomain(account.getDomainId(), domainId)) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Invalid domain id (" + domainId + ") given, unable to list " + getMediaType() + " permissions.");
}
if (acctName != null) {
Account userAccount = getManagementServer().findAccountByName(acctName, domainId);
if (userAccount != null) {
accountId = userAccount.getId();
} else {
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to find account " + acctName + " in domain " + domainId);
}
}
}
} else {
accountId = account.getId();
}
VMTemplateVO template = getManagementServer().findTemplateById(id.longValue());
if (template == null || !templateIsCorrectType(template)) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "unable to find " + getMediaType() + " with id " + id);
}
if (accountId != null && !template.isPublicTemplate()) {
if (account.getType() == Account.ACCOUNT_TYPE_NORMAL && template.getAccountId() != accountId) {
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "unable to list permissions for " + getMediaType() + " with id " + id);
} else if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
DomainVO accountDomain = getManagementServer().findDomainIdById(account.getDomainId());
Account templateAccount = getManagementServer().findAccountById(template.getAccountId());
DomainVO templateDomain = getManagementServer().findDomainIdById(templateAccount.getDomainId());
if (!templateDomain.getPath().contains(accountDomain.getPath())) {
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "unable to list permissions for " + getMediaType() + " with id " + id);
}
}
}
if (id == Long.valueOf(1)) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "unable to list permissions for " + getMediaType() + " with id " + id);
}
List<String> accountNames = getManagementServer().listTemplatePermissions(id);
boolean isAdmin = ((account == null) || isAdmin(account.getType()));
Long templateOwnerDomain = null;
if (isAdmin) {
Account templateOwner = getManagementServer().findAccountById(template.getAccountId());
if (templateOwner != null) {
templateOwnerDomain = templateOwner.getDomainId();
}
}
List<Pair<String, Object>> embeddedObject = new ArrayList<Pair<String, Object>>();
List<Pair<String, Object>> returnValues = new ArrayList<Pair<String, Object>>();
returnValues.add(new Pair<String, Object>(BaseCmd.Properties.ID.getName(), template.getId().toString()));
returnValues.add(new Pair<String, Object>(BaseCmd.Properties.IS_PUBLIC.getName(), Boolean.valueOf(template.isPublicTemplate()).toString()));
if (isAdmin && (templateOwnerDomain != null)) {
returnValues.add(new Pair<String, Object>(BaseCmd.Properties.DOMAIN_ID.getName(), templateOwnerDomain.toString()));
}
if ((accountNames != null) && !accountNames.isEmpty()) {
for (String accountName : accountNames) {
returnValues.add(new Pair<String, Object>(BaseCmd.Properties.ACCOUNT.getName(), accountName));
}
}
embeddedObject.add(new Pair<String, Object>(getMediaType() + "permission", new Object[] { returnValues } ));
return embeddedObject;
}
}

2
server/src/com/cloud/api/commands/ListTemplatePermissionsCmd.java
View File

@ -28,7 +28,7 @@ public class ListTemplatePermissionsCmd extends ListTemplateOrIsoPermissionsCmd
return "listtemplatepermissionsresponse";
}
protected String getMediaType() {
public String getMediaType() {
return "template";
}

52
server/src/com/cloud/api/response/TemplatePermissionsResponse.java Normal file
View File

@ -0,0 +1,52 @@
package com.cloud.api.response;
import java.util.List;
import com.cloud.api.ResponseObject;
import com.cloud.serializer.Param;
public class TemplatePermissionsResponse implements ResponseObject {
@Param(name="id")
private Long id;
@Param(name="ispublic")
private Boolean publicTemplate;
@Param(name="domainid")
private Long domainId;
@Param(name="account")
private List<String> accountNames;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public Boolean getPublicTemplate() {
return publicTemplate;
}
public void setPublicTemplate(Boolean publicTemplate) {
this.publicTemplate = publicTemplate;
}
public Long getDomainId() {
return domainId;
}
public void setDomainId(Long domainId) {
this.domainId = domainId;
}
public List<String> getAccountNames() {
return accountNames;
}
public void setAccountNames(List<String> accountNames) {
this.accountNames = accountNames;
}
}

19
server/src/com/cloud/server/ManagementServer.java
View File

@ -57,6 +57,7 @@ import com.cloud.api.commands.ListServiceOfferingsCmd;
import com.cloud.api.commands.ListSnapshotsCmd;
import com.cloud.api.commands.ListStoragePoolsCmd;
import com.cloud.api.commands.ListSystemVMsCmd;
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.ListTemplatesCmd;
import com.cloud.api.commands.LockAccountCmd;
import com.cloud.api.commands.LockUserCmd;
@ -1594,26 +1595,12 @@ public interface ManagementServer {
*/
List<DiskOfferingVO> findPrivateDiskOffering();
/**
* Update the permissions on a template. A private template can be made public, or individual accounts can be granted permission to launch instances from the template.
* @param templateId
* @param operation
* @param isPublic
* @param isFeatured
* @param accountNames
* @return
* @throws InvalidParameterValueException
* @throws PermissionDeniedException
* @throws InternalErrorException
*/
// boolean updateTemplatePermissions(long templateId, String operation, Boolean isPublic, Boolean isFeatured, List<String> accountNames) throws InvalidParameterValueException, PermissionDeniedException, InternalErrorException;
/**
* List the permissions on a template. This will return a list of account names that have been granted permission to launch instances from the template.
* @param templateId
* @param cmd the command wrapping the search criteria (template id)
* @return list of account names that have been granted permission to launch instances from the template
*/
List<String> listTemplatePermissions(long templateId);
List<String> listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* List private templates for which the given account/domain has been granted permission to launch instances

55
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -93,6 +93,7 @@ import com.cloud.api.commands.ListServiceOfferingsCmd;
import com.cloud.api.commands.ListSnapshotsCmd;
import com.cloud.api.commands.ListStoragePoolsCmd;
import com.cloud.api.commands.ListSystemVMsCmd;
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.ListTemplatesCmd;
import com.cloud.api.commands.LockAccountCmd;
import com.cloud.api.commands.LockUserCmd;
@ -6861,10 +6862,56 @@ public class ManagementServerImpl implements ManagementServer {
}
@Override
public List<String> listTemplatePermissions(long templateId) {
List<String> accountNames = new ArrayList<String>();
List<LaunchPermissionVO> permissions = _launchPermissionDao.findByTemplate(templateId);
public List<String> listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd) throws InvalidParameterValueException, PermissionDeniedException {
Account account = (Account)UserContext.current().getAccountObject();
Long domainId = cmd.getDomainId();
String acctName = cmd.getAccountName();
Long id = cmd.getId();
Long accountId = null;
if ((account == null) || account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
// validate domainId before proceeding
if (domainId != null) {
if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) {
throw new PermissionDeniedException("Invalid domain id (" + domainId + ") given, unable to list " + cmd.getMediaType() + " permissions.");
}
if (acctName != null) {
Account userAccount = _accountDao.findActiveAccount(acctName, domainId);
if (userAccount != null) {
accountId = userAccount.getId();
} else {
throw new PermissionDeniedException("Unable to find account " + acctName + " in domain " + domainId);
}
}
}
} else {
accountId = account.getId();
}
VMTemplateVO template = _templateDao.findById(id.longValue());
if (template == null || !templateIsCorrectType(template)) {
throw new InvalidParameterValueException("unable to find " + cmd.getMediaType() + " with id " + id);
}
if (accountId != null && !template.isPublicTemplate()) {
if (account.getType() == Account.ACCOUNT_TYPE_NORMAL && template.getAccountId() != accountId) {
throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
} else if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
DomainVO accountDomain = _domainDao.findById(account.getDomainId());
Account templateAccount = _accountDao.findById(template.getAccountId());
DomainVO templateDomain = _domainDao.findById(templateAccount.getDomainId());
if (!templateDomain.getPath().contains(accountDomain.getPath())) {
throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
}
}
}
if (id == Long.valueOf(1)) {
throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
}
List<String> accountNames = new ArrayList<String>();
List<LaunchPermissionVO> permissions = _launchPermissionDao.findByTemplate(id);
if ((permissions != null) && !permissions.isEmpty()) {
for (LaunchPermissionVO permission : permissions) {
Account acct = _accountDao.findById(permission.getAccountId());