@ACL and EntityType for Network commands

2014-01-24 22:27:13 -08:00 · 2014-01-24 22:27:13 -08:00 · bc45d33f19
parent 4808c0fdcb
commit bc45d33f19
5 changed files with 19 additions and 7 deletions
--- a/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.network;

 import org.apache.log4j.Logger;

+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
@ -43,7 +44,7 @@ import com.cloud.network.Network;
 import com.cloud.network.Network.GuestType;
 import com.cloud.offering.NetworkOffering;

-@APICommand(name = "createNetwork", description = "Creates a network", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted)
+@APICommand(name = "createNetwork", description = "Creates a network", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted, entityType = { AclEntityType.Network })
 public class CreateNetworkCmd extends BaseCmd {
    public static final Logger s_logger = Logger.getLogger(CreateNetworkCmd.class.getName());

--- a/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.network;

 import org.apache.log4j.Logger;

+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
@ -33,7 +36,7 @@ import com.cloud.event.EventTypes;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.network.Network;

-@APICommand(name = "deleteNetwork", description = "Deletes a network", responseObject = SuccessResponse.class)
+@APICommand(name = "deleteNetwork", description = "Deletes a network", responseObject = SuccessResponse.class, entityType = { AclEntityType.Network })
 public class DeleteNetworkCmd extends BaseAsyncCmd {
    public static final Logger s_logger = Logger.getLogger(DeleteNetworkOfferingCmd.class.getName());
    private static final String s_name = "deletenetworkresponse";
@ -41,7 +44,7 @@ public class DeleteNetworkCmd extends BaseAsyncCmd {
    /////////////////////////////////////////////////////
    //////////////// API parameters /////////////////////
    /////////////////////////////////////////////////////
-
+    @ACL(accessType = AccessType.OperateEntry)
    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = NetworkResponse.class, required = true, description = "the ID of the network")
    private Long id;

--- a/api/src/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
@ -21,6 +21,7 @@ import java.util.List;

 import org.apache.log4j.Logger;

+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
@ -35,7 +36,7 @@ import org.apache.cloudstack.api.response.ZoneResponse;
 import com.cloud.network.Network;
 import com.cloud.utils.Pair;

-@APICommand(name = "listNetworks", description = "Lists all available networks.", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted)
+@APICommand(name = "listNetworks", description = "Lists all available networks.", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted, entityType = { AclEntityType.Network })
 public class ListNetworksCmd extends BaseListTaggedResourcesCmd {
    public static final Logger s_logger = Logger.getLogger(ListNetworksCmd.class.getName());
    private static final String Name = "listnetworksresponse";
--- a/api/src/org/apache/cloudstack/api/command/user/network/RestartNetworkCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/RestartNetworkCmd.java
@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.network;

 import org.apache.log4j.Logger;

+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
@ -38,7 +41,7 @@ import com.cloud.network.Network;

@APICommand(name = "restartNetwork",
            description = "Restarts the network; includes 1) restarting network elements - virtual routers, dhcp servers 2) reapplying all public ips 3) reapplying loadBalancing/portForwarding rules",
-            responseObject = IPAddressResponse.class)
+            responseObject = IPAddressResponse.class, entityType = { AclEntityType.Network })
 public class RestartNetworkCmd extends BaseAsyncCmd {
    public static final Logger s_logger = Logger.getLogger(RestartNetworkCmd.class.getName());
    private static final String s_name = "restartnetworkresponse";
@ -46,7 +49,7 @@ public class RestartNetworkCmd extends BaseAsyncCmd {
    /////////////////////////////////////////////////////
    //////////////// API parameters /////////////////////
    /////////////////////////////////////////////////////
-
+    @ACL(accessType = AccessType.OperateEntry)
    @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = NetworkResponse.class, required = true, description = "The id of the network to restart.")
    private Long id;

--- a/api/src/org/apache/cloudstack/api/command/user/network/UpdateNetworkCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/network/UpdateNetworkCmd.java
@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.network;

 import org.apache.log4j.Logger;

+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiErrorCode;
@ -38,7 +41,7 @@ import com.cloud.offering.NetworkOffering;
 import com.cloud.user.Account;
 import com.cloud.user.User;

-@APICommand(name = "updateNetwork", description = "Updates a network", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted)
+@APICommand(name = "updateNetwork", description = "Updates a network", responseObject = NetworkResponse.class, responseView = ResponseView.Restricted, entityType = { AclEntityType.Network })
 public class UpdateNetworkCmd extends BaseAsyncCmd {
    public static final Logger s_logger = Logger.getLogger(UpdateNetworkCmd.class.getName());

@ -47,6 +50,7 @@ public class UpdateNetworkCmd extends BaseAsyncCmd {
    /////////////////////////////////////////////////////
    //////////////// API parameters /////////////////////
    /////////////////////////////////////////////////////
+    @ACL(accessType = AccessType.OperateEntry)
    @Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkResponse.class,
            required=true, description="the ID of the network")
    protected Long id;