mirror of https://github.com/apache/cloudstack.git
bug 12306: list* command revamp
This commit is contained in:
Alena Prokharchyk
parent
5dc4a70b90
commit
c581506103
|
|
@ -321,6 +321,8 @@ public class ApiConstants {
|
|||
public static final String ALLOW_USER_CREATE_PROJECTS = "allowusercreateprojects";
|
||||
public static final String CONSERVE_MODE = "conservemode";
|
||||
public static final String TRAFFIC_TYPE_IMPLEMENTOR = "traffictypeimplementor";
|
||||
public static final String KEYWORD = "keyword";
|
||||
public static final String LIST_ALL = "listall";
|
||||
|
||||
public enum HostDetails {
|
||||
all, capacity, events, stats, min;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
/**
|
||||
* Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
|
||||
*
|
||||
* This software is licensed under the GNU General Public License v3 or later.
|
||||
*
|
||||
* It is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or any later version.
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package com.cloud.api;
|
||||
|
||||
public abstract class BaseListAccountResourcesCmd extends BaseListDomainResourcesCmd{
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List resources by account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
}
|
||||
|
|
@ -29,7 +29,7 @@ public abstract class BaseListCmd extends BaseCmd {
|
|||
// ///////// BaseList API parameters /////////////////
|
||||
// ///////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name = "keyword", type = CommandType.STRING, description = "List by keyword")
|
||||
@Parameter(name = ApiConstants.KEYWORD, type = CommandType.STRING, description = "List by keyword")
|
||||
private String keyword;
|
||||
|
||||
// FIXME: Need to be able to specify next/prev/first/last, so Integer might not be right
|
||||
|
|
@ -38,6 +38,8 @@ public abstract class BaseListCmd extends BaseCmd {
|
|||
|
||||
@Parameter(name = ApiConstants.PAGE_SIZE, type = CommandType.INTEGER)
|
||||
private Integer pageSize;
|
||||
|
||||
|
||||
|
||||
// ///////////////////////////////////////////////////
|
||||
// ///////////////// Accessors ///////////////////////
|
||||
|
|
|
|||
|
|
@ -0,0 +1,44 @@
|
|||
/**
|
||||
* Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
|
||||
*
|
||||
* This software is licensed under the GNU General Public License v3 or later.
|
||||
*
|
||||
* It is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or any later version.
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package com.cloud.api;
|
||||
|
||||
public abstract class BaseListDomainResourcesCmd extends BaseListCmd{
|
||||
|
||||
@Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
|
||||
private Boolean listAll;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list only resources belonging to the domain specified")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all resources from the parent specified by the domainId till leaves.")
|
||||
private Boolean recursive;
|
||||
|
||||
public boolean listAll() {
|
||||
return listAll == null ? false : listAll;
|
||||
}
|
||||
|
||||
public boolean isRecursive() {
|
||||
return recursive == null ? false : recursive;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
/**
|
||||
* Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
|
||||
*
|
||||
* This software is licensed under the GNU General Public License v3 or later.
|
||||
*
|
||||
* It is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or any later version.
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
package com.cloud.api;
|
||||
|
||||
public abstract class BaseListProjectAndAccountResourcesCmd extends BaseListAccountResourcesCmd{
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
|
||||
private Long projectId;
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
}
|
||||
|
|
@ -19,7 +19,6 @@
|
|||
package com.cloud.api.commands;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
|
@ -30,7 +29,6 @@ import com.cloud.api.IdentityMapper;
|
|||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.ServerApiException;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.AccountResponse;
|
||||
import com.cloud.api.response.UserResponse;
|
||||
import com.cloud.user.Account;
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListDomainResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -32,7 +32,7 @@ import com.cloud.api.response.ListResponse;
|
|||
import com.cloud.user.Account;
|
||||
|
||||
@Implementation(description="Lists accounts and provides detailed account information for listed accounts", responseObject=AccountResponse.class)
|
||||
public class ListAccountsCmd extends BaseListCmd {
|
||||
public class ListAccountsCmd extends BaseListDomainResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListAccountsCmd.class.getName());
|
||||
private static final String s_name = "listaccountsresponse";
|
||||
|
||||
|
|
@ -43,10 +43,6 @@ public class ListAccountsCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, description="list accounts by account type. Valid account types are 1 (admin), 2 (domain-admin), and 0 (user).")
|
||||
private Long accountType;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all accounts in specified domain. If used with the name parameter, retrieves account information for the account with specified name in specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="account")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list account by account ID")
|
||||
private Long id;
|
||||
|
|
@ -59,9 +55,6 @@ public class ListAccountsCmd extends BaseListCmd {
|
|||
|
||||
@Parameter(name=ApiConstants.STATE, type=CommandType.STRING, description="list accounts by state. Valid states are enabled, disabled, and locked.")
|
||||
private String state;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all accounts from the parent specified by the domain id till leaves.")
|
||||
private Boolean recursive;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
|
|
@ -71,10 +64,6 @@ public class ListAccountsCmd extends BaseListCmd {
|
|||
return accountType;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -91,9 +80,6 @@ public class ListAccountsCmd extends BaseListCmd {
|
|||
return state;
|
||||
}
|
||||
|
||||
public Boolean isRecursive() {
|
||||
return recursive;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -22,8 +22,7 @@ import java.util.Date;
|
|||
import java.util.List;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.BaseListAccountResourcesCmd;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.response.AsyncJobResponse;
|
||||
|
|
@ -31,20 +30,13 @@ import com.cloud.api.response.ListResponse;
|
|||
import com.cloud.async.AsyncJob;
|
||||
|
||||
@Implementation(description="Lists all pending asynchronous jobs for the account.", responseObject=AsyncJobResponse.class)
|
||||
public class ListAsyncJobsCmd extends BaseListCmd {
|
||||
public class ListAsyncJobsCmd extends BaseListAccountResourcesCmd {
|
||||
private static final String s_name = "listasyncjobsresponse";
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the async job (this account is the job initiator). Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the async job. If used with the account parameter, returns async jobs for the account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.START_DATE, type=CommandType.TZDATE, description="the start date of the async job")
|
||||
private Date startDate;
|
||||
|
||||
|
|
@ -53,14 +45,6 @@ public class ListAsyncJobsCmd extends BaseListCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Date getStartDate() {
|
||||
return startDate;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,11 +45,14 @@ public class ListDomainChildrenCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list children domain by parent domain ID.")
|
||||
private Long id;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="to return the entire tree, use the value \"true\". To return the first level children, use the value \"false\".")
|
||||
private Boolean recursive;
|
||||
|
||||
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list children domains by name")
|
||||
private String domainName;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="to return the entire tree, use the value \"true\". To return the first level children, use the value \"false\".")
|
||||
private Boolean recursive;
|
||||
|
||||
@Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
|
||||
private Boolean listAll;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
|
|
@ -59,13 +62,17 @@ public class ListDomainChildrenCmd extends BaseListCmd {
|
|||
return id;
|
||||
}
|
||||
|
||||
public Boolean isRecursive() {
|
||||
return recursive;
|
||||
}
|
||||
|
||||
public String getDomainName() {
|
||||
return domainName;
|
||||
}
|
||||
|
||||
public boolean listAll() {
|
||||
return listAll == null ? false : listAll;
|
||||
}
|
||||
|
||||
public boolean isRecursive() {
|
||||
return recursive == null ? false : recursive;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -50,6 +50,9 @@ public class ListDomainsCmd extends BaseListCmd {
|
|||
|
||||
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="List domain by domain name.")
|
||||
private String domainName;
|
||||
|
||||
@Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
|
||||
private Boolean listAll;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
|
|
@ -66,6 +69,10 @@ public class ListDomainsCmd extends BaseListCmd {
|
|||
public String getDomainName() {
|
||||
return domainName;
|
||||
}
|
||||
|
||||
public boolean listAll() {
|
||||
return listAll == null ? false : listAll;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -24,17 +24,16 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.EventResponse;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.event.Event;
|
||||
|
||||
@Implementation(description="A command to list events.", responseObject=EventResponse.class)
|
||||
public class ListEventsCmd extends BaseListCmd {
|
||||
public class ListEventsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListEventsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listeventsresponse";
|
||||
|
|
@ -43,13 +42,6 @@ public class ListEventsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account for the event. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID for the event. If used with the account parameter, returns all events for an account in the specified domain ID.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="event")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the event")
|
||||
private Long id;
|
||||
|
|
@ -71,23 +63,11 @@ public class ListEventsCmd extends BaseListCmd {
|
|||
|
||||
@Parameter(name=ApiConstants.TYPE, type=CommandType.STRING, description="the event type (see event types)")
|
||||
private String type;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list events by projectId")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -115,10 +95,6 @@ public class ListEventsCmd extends BaseListCmd {
|
|||
public String getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -23,7 +23,8 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -32,7 +33,7 @@ import com.cloud.api.response.ListResponse;
|
|||
import com.cloud.network.rules.FirewallRule;
|
||||
|
||||
@Implementation(description="Lists all firewall rules for an IP address.", responseObject=FirewallResponse.class)
|
||||
public class ListFirewallRulesCmd extends BaseListCmd {
|
||||
public class ListFirewallRulesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListFirewallRulesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listfirewallrulesresponse";
|
||||
|
|
@ -47,29 +48,10 @@ public class ListFirewallRulesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="user_ip_address")
|
||||
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="the id of IP address of the firwall services")
|
||||
private Long ipAddressId;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists firewall rules for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getIpAddressId() {
|
||||
return ipAddressId;
|
||||
|
|
@ -78,10 +60,6 @@ public class ListFirewallRulesCmd extends BaseListCmd {
|
|||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -23,11 +23,11 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.FirewallRuleResponse;
|
||||
import com.cloud.api.response.IpForwardingRuleResponse;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
|
|
@ -35,7 +35,7 @@ import com.cloud.network.rules.FirewallRule;
|
|||
import com.cloud.network.rules.StaticNatRule;
|
||||
|
||||
@Implementation(description="List the ip forwarding rules", responseObject=FirewallRuleResponse.class)
|
||||
public class ListIpForwardingRulesCmd extends BaseListCmd {
|
||||
public class ListIpForwardingRulesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListIpForwardingRulesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listipforwardingrulesresponse";
|
||||
|
|
@ -47,13 +47,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="user_ip_address")
|
||||
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="list the rule belonging to this public ip address")
|
||||
private Long publicIpAddressId;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the ip forwarding rule. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists all rules for this id. If used with the account parameter, returns all rules for an account in the specified domain ID.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="firewall_rules")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="Lists rule with the specified ID.")
|
||||
|
|
@ -62,10 +55,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="vm_instance")
|
||||
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, description="Lists all rules applied to the specified Vm.")
|
||||
private Long vmId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list static nat rules by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
|
|
@ -84,14 +73,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
|
|||
return publicIpAddressId;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -100,13 +81,9 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
|
|||
return vmId;
|
||||
}
|
||||
|
||||
private Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<? extends FirewallRule> result = _rulesService.searchStaticNatRules(publicIpAddressId, id, vmId, this.getStartIndex(), this.getPageSizeVal(), this.getAccountName(), this.getDomainId(), this.getProjectId());
|
||||
List<? extends FirewallRule> result = _rulesService.searchStaticNatRules(publicIpAddressId, id, vmId, this.getStartIndex(), this.getPageSizeVal(), this.getAccountName(), this.getDomainId(), this.getProjectId(), this.isRecursive(), this.listAll());
|
||||
ListResponse<IpForwardingRuleResponse> response = new ListResponse<IpForwardingRuleResponse>();
|
||||
List<IpForwardingRuleResponse> ipForwardingResponses = new ArrayList<IpForwardingRuleResponse>();
|
||||
for (FirewallRule rule : result) {
|
||||
|
|
|
|||
|
|
@ -25,7 +25,8 @@ import java.util.Set;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -38,7 +39,7 @@ import com.cloud.user.UserContext;
|
|||
import com.cloud.utils.Pair;
|
||||
|
||||
@Implementation(description="Lists all available ISO files.", responseObject=TemplateResponse.class)
|
||||
public class ListIsosCmd extends BaseListCmd {
|
||||
public class ListIsosCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListIsosCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listisosresponse";
|
||||
|
|
@ -47,16 +48,9 @@ public class ListIsosCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the ISO file. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@Parameter(name=ApiConstants.BOOTABLE, type=CommandType.BOOLEAN, description="true if the ISO is bootable, false otherwise")
|
||||
private Boolean bootable;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all available ISO files by ID of a domain. If used with the account parameter, lists all available ISO files for the account in the ID of a domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.HYPERVISOR, type=CommandType.STRING, description="the hypervisor for which to restrict the search")
|
||||
private String hypervisor;
|
||||
|
||||
|
|
@ -84,26 +78,15 @@ public class ListIsosCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the ID of the zone")
|
||||
private Long zoneId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list isos by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Boolean isBootable() {
|
||||
return bootable;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public String getHypervisor() {
|
||||
return hypervisor;
|
||||
}
|
||||
|
|
@ -132,10 +115,6 @@ public class ListIsosCmd extends BaseListCmd {
|
|||
return zoneId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
public boolean listInReadyState() {
|
||||
Account account = UserContext.current().getCaller();
|
||||
// It is account specific if account is admin type and domainId and accountName are not null
|
||||
|
|
|
|||
|
|
@ -30,9 +30,10 @@ import com.cloud.api.Implementation;
|
|||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.response.LBStickinessResponse;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.network.rules.StickinessPolicy;
|
||||
import com.cloud.network.rules.LoadBalancer;
|
||||
|
||||
import com.cloud.network.rules.StickinessPolicy;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.UserContext;
|
||||
|
||||
@Implementation(description = "Lists LBStickiness policies.", responseObject = LBStickinessResponse.class)
|
||||
public class ListLBStickinessPoliciesCmd extends BaseListCmd {
|
||||
|
|
@ -75,8 +76,10 @@ public class ListLBStickinessPoliciesCmd extends BaseListCmd {
|
|||
ListResponse<LBStickinessResponse> response = new ListResponse<LBStickinessResponse>();
|
||||
|
||||
if (lb != null) {
|
||||
//check permissions
|
||||
Account caller = UserContext.current().getCaller();
|
||||
_accountService.checkAccess(caller, null, lb);
|
||||
List<? extends StickinessPolicy> stickinessPolicies = _lbService.searchForLBStickinessPolicies(this);
|
||||
|
||||
LBStickinessResponse spResponse = _responseGenerator.createLBStickinessPolicyResponse(stickinessPolicies, lb);
|
||||
spResponses.add(spResponse);
|
||||
response.setResponses(spResponses);
|
||||
|
|
|
|||
|
|
@ -24,17 +24,17 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.api.response.LoadBalancerResponse;
|
||||
import com.cloud.network.rules.LoadBalancer;
|
||||
|
||||
@Implementation(description = "Lists load balancer rules.", responseObject = LoadBalancerResponse.class)
|
||||
public class ListLoadBalancerRulesCmd extends BaseListCmd {
|
||||
public class ListLoadBalancerRulesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListLoadBalancerRulesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listloadbalancerrulesresponse";
|
||||
|
|
@ -43,13 +43,6 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
|
|||
// ////////////// API parameters /////////////////////
|
||||
// ///////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "the account of the load balancer rule. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.LONG, description = "the domain ID of the load balancer rule. If used with the account parameter, lists load balancer rules for the account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="firewall_rules")
|
||||
@Parameter(name = ApiConstants.ID, type = CommandType.LONG, description = "the ID of the load balancer rule")
|
||||
private Long id;
|
||||
|
|
@ -68,23 +61,11 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="data_center")
|
||||
@Parameter(name = ApiConstants.ZONE_ID, type = CommandType.LONG, description = "the availability zone ID")
|
||||
private Long zoneId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list port forwarding rules by project")
|
||||
private Long projectId;
|
||||
|
||||
// ///////////////////////////////////////////////////
|
||||
// ///////////////// Accessors ///////////////////////
|
||||
// ///////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -104,10 +85,6 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
|
|||
public Long getZoneId() {
|
||||
return zoneId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
// ///////////////////////////////////////////////////
|
||||
// ///////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -34,7 +34,7 @@ import com.cloud.network.Network;
|
|||
|
||||
|
||||
@Implementation(description="Lists all available networks.", responseObject=NetworkResponse.class)
|
||||
public class ListNetworksCmd extends BaseListCmd {
|
||||
public class ListNetworksCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListNetworksCmd.class.getName());
|
||||
private static final String _name = "listnetworksresponse";
|
||||
|
||||
|
|
@ -45,13 +45,6 @@ public class ListNetworksCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list networks by id")
|
||||
private Long id;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account who will own the VLAN. If VLAN is Zone wide, this parameter should be ommited")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="domain ID of the account owning a VLAN")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="data_center")
|
||||
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the Zone ID of the network")
|
||||
private Long zoneId;
|
||||
|
|
@ -68,10 +61,6 @@ public class ListNetworksCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="type of the traffic")
|
||||
private String trafficType;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list networks by project id")
|
||||
private Long projectId;
|
||||
|
||||
@IdentityMapper(entityTableName="physical_network")
|
||||
@Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.LONG, description="list networks by physical network id")
|
||||
private Long physicalNetworkId;
|
||||
|
|
@ -90,14 +79,6 @@ public class ListNetworksCmd extends BaseListCmd {
|
|||
return id;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getZoneId() {
|
||||
return zoneId;
|
||||
}
|
||||
|
|
@ -117,10 +98,6 @@ public class ListNetworksCmd extends BaseListCmd {
|
|||
public String getTrafficType() {
|
||||
return trafficType;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
public Long getPhysicalNetworkId() {
|
||||
return physicalNetworkId;
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -32,7 +32,7 @@ import com.cloud.api.response.ListResponse;
|
|||
import com.cloud.network.rules.PortForwardingRule;
|
||||
|
||||
@Implementation(description="Lists all port forwarding rules for an IP address.", responseObject=FirewallRuleResponse.class)
|
||||
public class ListPortForwardingRulesCmd extends BaseListCmd {
|
||||
public class ListPortForwardingRulesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListPortForwardingRulesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listportforwardingrulesresponse";
|
||||
|
|
@ -48,29 +48,10 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="user_ip_address")
|
||||
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="the id of IP address of the port forwarding services")
|
||||
private Long ipAddressId;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists port forwarding rules for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list port forwarding rules by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getIpAddressId() {
|
||||
return ipAddressId;
|
||||
|
|
@ -79,10 +60,6 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
|
|||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -32,7 +32,7 @@ import com.cloud.api.response.ProjectInvitationResponse;
|
|||
import com.cloud.projects.ProjectInvitation;
|
||||
|
||||
@Implementation(description="Lists projects and provides detailed information for listed projects", responseObject=ProjectInvitationResponse.class)
|
||||
public class ListProjectInvitationsCmd extends BaseListCmd {
|
||||
public class ListProjectInvitationsCmd extends BaseListAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListProjectInvitationsCmd.class.getName());
|
||||
private static final String s_name = "listprojectinvitationsresponse";
|
||||
|
||||
|
|
@ -42,13 +42,6 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list by project id")
|
||||
private Long projectId;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list invitations for specified account; this parameter has to be specified with domainId")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all invitations in specified domain")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.ACTIVE_ONLY, type=CommandType.BOOLEAN, description="if true, list only active invitations - having Pending state and ones that are not timed out yet")
|
||||
private boolean activeOnly;
|
||||
|
|
@ -66,14 +59,6 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
|
|||
return projectId;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public boolean isActiveOnly() {
|
||||
return activeOnly;
|
||||
}
|
||||
|
|
@ -97,7 +82,7 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
|
|||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<? extends ProjectInvitation> invites = _projectService.listProjectInvitations(id, projectId, accountName, domainId, state, activeOnly, this.getStartIndex(), this.getPageSizeVal());
|
||||
List<? extends ProjectInvitation> invites = _projectService.listProjectInvitations(id, projectId, this.getAccountName(), this.getDomainId(), state, activeOnly, this.getStartIndex(), this.getPageSizeVal(), this.isRecursive(), this.listAll());
|
||||
ListResponse<ProjectInvitationResponse> response = new ListResponse<ProjectInvitationResponse>();
|
||||
List<ProjectInvitationResponse> projectInvitationResponses = new ArrayList<ProjectInvitationResponse>();
|
||||
for (ProjectInvitation invite : invites) {
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -32,7 +32,7 @@ import com.cloud.api.response.ProjectResponse;
|
|||
import com.cloud.projects.Project;
|
||||
|
||||
@Implementation(description="Lists projects and provides detailed information for listed projects", responseObject=ProjectResponse.class)
|
||||
public class ListProjectsCmd extends BaseListCmd {
|
||||
public class ListProjectsCmd extends BaseListAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListProjectsCmd.class.getName());
|
||||
private static final String s_name = "listprojectsresponse";
|
||||
|
||||
|
|
@ -44,13 +44,6 @@ public class ListProjectsCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list projects by project ID")
|
||||
private Long id;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list projects availabe for specified account")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list projects for the domain specified")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list projects by name")
|
||||
private String name;
|
||||
|
||||
|
|
@ -68,14 +61,6 @@ public class ListProjectsCmd extends BaseListCmd {
|
|||
return id;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
|
@ -95,7 +80,7 @@ public class ListProjectsCmd extends BaseListCmd {
|
|||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<? extends Project> projects = _projectService.listProjects(id, name, displayText, state, accountName, domainId, this.getKeyword(), this.getStartIndex(), this.getPageSizeVal());
|
||||
List<? extends Project> projects = _projectService.listProjects(id, name, displayText, state, this.getAccountName(), this.getDomainId(), this.getKeyword(), this.getStartIndex(), this.getPageSizeVal(), this.listAll(), this.isRecursive());
|
||||
ListResponse<ProjectResponse> response = new ListResponse<ProjectResponse>();
|
||||
List<ProjectResponse> projectResponses = new ArrayList<ProjectResponse>();
|
||||
for (Project project : projects) {
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -34,7 +34,7 @@ import com.cloud.async.AsyncJob;
|
|||
import com.cloud.network.IpAddress;
|
||||
|
||||
@Implementation(description="Lists all public ip addresses", responseObject=IPAddressResponse.class)
|
||||
public class ListPublicIpAddressesCmd extends BaseListCmd {
|
||||
public class ListPublicIpAddressesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListPublicIpAddressesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listpublicipaddressesresponse";
|
||||
|
|
@ -43,15 +43,8 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists all public IP addresses by account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@Parameter(name=ApiConstants.ALLOCATED_ONLY, type=CommandType.BOOLEAN, description="limits search results to allocated public IP addresses")
|
||||
private Boolean allocatedOnly;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all public IP addresses by domain ID. If used with the account parameter, lists all public IP addresses by account for specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.FOR_VIRTUAL_NETWORK, type=CommandType.BOOLEAN, description="the virtual network for the IP address")
|
||||
private Boolean forVirtualNetwork;
|
||||
|
|
@ -74,10 +67,6 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.FOR_LOAD_BALANCING, type=CommandType.BOOLEAN, description="list only ips used for load balancing")
|
||||
private Boolean forLoadBalancing;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list ips by project")
|
||||
private Long projectId;
|
||||
|
||||
@IdentityMapper(entityTableName="physical_network")
|
||||
@Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.LONG, description="lists all public IP addresses by physical network id")
|
||||
private Long physicalNetworkId;
|
||||
|
|
@ -93,18 +82,10 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
|
|||
return id;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Boolean isAllocatedOnly() {
|
||||
return allocatedOnly;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Boolean isForVirtualNetwork() {
|
||||
return forVirtualNetwork;
|
||||
}
|
||||
|
|
@ -121,10 +102,6 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
|
|||
return zoneId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
public Long getPhysicalNetworkId() {
|
||||
return physicalNetworkId;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -33,7 +33,7 @@ import com.cloud.api.response.RemoteAccessVpnResponse;
|
|||
import com.cloud.network.RemoteAccessVpn;
|
||||
|
||||
@Implementation(description="Lists remote access vpns", responseObject=RemoteAccessVpnResponse.class)
|
||||
public class ListRemoteAccessVpnsCmd extends BaseListCmd {
|
||||
public class ListRemoteAccessVpnsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger (ListRemoteAccessVpnsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listremoteaccessvpnsresponse";
|
||||
|
|
@ -42,40 +42,18 @@ public class ListRemoteAccessVpnsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the remote access vpn. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of the remote access vpn rule. If used with the account parameter, lists remote access vpns for the account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="user_ip_address")
|
||||
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn server")
|
||||
private Long publicIpId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list remote access vpn by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getPublicIpId() {
|
||||
return publicIpId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -24,8 +24,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
|
|
@ -33,7 +32,7 @@ import com.cloud.api.response.ResourceLimitResponse;
|
|||
import com.cloud.configuration.ResourceLimit;
|
||||
|
||||
@Implementation(description="Lists resource limits.", responseObject=ResourceLimitResponse.class)
|
||||
public class ListResourceLimitsCmd extends BaseListCmd {
|
||||
public class ListResourceLimitsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListResourceLimitsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listresourcelimitsresponse";
|
||||
|
|
@ -42,17 +41,6 @@ public class ListResourceLimitsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="Lists resource limits by account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="Lists resource limits by project")
|
||||
private Long projectId;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists resource limits by domain ID. If used with the account parameter, lists resource limits for a specified account in a specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="Lists resource limits by ID.")
|
||||
private Long id;
|
||||
|
||||
|
|
@ -67,14 +55,6 @@ public class ListResourceLimitsCmd extends BaseListCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -94,7 +74,7 @@ public class ListResourceLimitsCmd extends BaseListCmd {
|
|||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<? extends ResourceLimit> result = _resourceLimitService.searchForLimits(id, finalyzeAccountId(accountName, domainId, projectId, false), domainId, resourceType, this.getStartIndex(), this.getPageSizeVal());
|
||||
List<? extends ResourceLimit> result = _resourceLimitService.searchForLimits(id, finalyzeAccountId(this.getAccountName(), this.getDomainId(), this.getProjectId(), false), this.getDomainId(), resourceType, this.getStartIndex(), this.getPageSizeVal());
|
||||
ListResponse<ResourceLimitResponse> response = new ListResponse<ResourceLimitResponse>();
|
||||
List<ResourceLimitResponse> limitResponses = new ArrayList<ResourceLimitResponse>();
|
||||
for (ResourceLimit limit : result) {
|
||||
|
|
|
|||
|
|
@ -24,7 +24,8 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -34,7 +35,7 @@ import com.cloud.async.AsyncJob;
|
|||
import com.cloud.network.router.VirtualRouter;
|
||||
|
||||
@Implementation(description="List routers.", responseObject=DomainRouterResponse.class)
|
||||
public class ListRoutersCmd extends BaseListCmd {
|
||||
public class ListRoutersCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListRoutersCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listroutersresponse";
|
||||
|
|
@ -43,13 +44,6 @@ public class ListRoutersCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the name of the account associated with the router. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the router. If used with the account parameter, lists all routers associated with an account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="host")
|
||||
@Parameter(name=ApiConstants.HOST_ID, type=CommandType.LONG, description="the host ID of the router")
|
||||
private Long hostId;
|
||||
|
|
@ -75,23 +69,11 @@ public class ListRoutersCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="networks")
|
||||
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.LONG, description="list by network id")
|
||||
private Long networkId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getHostId() {
|
||||
return hostId;
|
||||
}
|
||||
|
|
@ -119,10 +101,6 @@ public class ListRoutersCmd extends BaseListCmd {
|
|||
public Long getNetworkId() {
|
||||
return networkId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -24,7 +24,8 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
|
|
@ -32,7 +33,7 @@ import com.cloud.api.response.SSHKeyPairResponse;
|
|||
import com.cloud.user.SSHKeyPair;
|
||||
|
||||
@Implementation(description="List registered keypairs", responseObject=SSHKeyPairResponse.class)
|
||||
public class ListSSHKeyPairsCmd extends BaseListCmd {
|
||||
public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListSSHKeyPairsCmd.class.getName());
|
||||
private static final String s_name = "listsshkeypairsresponse";
|
||||
|
||||
|
|
|
|||
|
|
@ -17,23 +17,23 @@
|
|||
*/
|
||||
package com.cloud.api.commands;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.api.response.SecurityGroupResponse;
|
||||
import com.cloud.async.AsyncJob;
|
||||
import com.cloud.network.security.SecurityGroupRules;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.api.response.SecurityGroupResponse;
|
||||
import com.cloud.async.AsyncJob;
|
||||
import com.cloud.network.security.SecurityGroupRules;
|
||||
|
||||
@Implementation(description="Lists security groups", responseObject=SecurityGroupResponse.class)
|
||||
public class ListSecurityGroupsCmd extends BaseListCmd {
|
||||
public class ListSecurityGroupsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListSecurityGroupsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listsecuritygroupsresponse";
|
||||
|
|
@ -42,13 +42,6 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists all available port security groups for the account. Must be used with domainID parameter")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all available security groups for the domain ID. If used with the account parameter, lists all available security groups for the account in the specified domain ID.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.SECURITY_GROUP_NAME, type=CommandType.STRING, description="lists security groups by name")
|
||||
private String securityGroupName;
|
||||
|
||||
|
|
@ -58,24 +51,11 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
|
|||
|
||||
@IdentityMapper(entityTableName="security_group")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list the security group by the id provided")
|
||||
private Long id;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list security groups by project")
|
||||
private Long projectId;
|
||||
private Long id;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public String getSecurityGroupName() {
|
||||
return securityGroupName;
|
||||
}
|
||||
|
|
@ -86,10 +66,6 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
|
|||
|
||||
public Long getId(){
|
||||
return id;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
|
|
|
|||
|
|
@ -42,13 +42,6 @@ public class ListSnapshotPoliciesCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists snapshot policies for the specified account. Must be used with domainid parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists snapshot policies for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="volumes")
|
||||
@Parameter(name=ApiConstants.VOLUME_ID, type=CommandType.LONG, required=true, description="the ID of the disk volume")
|
||||
private Long volumeId;
|
||||
|
|
@ -57,14 +50,6 @@ public class ListSnapshotPoliciesCmd extends BaseListCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getVolumeId() {
|
||||
return volumeId;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -33,7 +33,7 @@ import com.cloud.async.AsyncJob;
|
|||
import com.cloud.storage.Snapshot;
|
||||
|
||||
@Implementation(description="Lists all available snapshots for the account.", responseObject=SnapshotResponse.class)
|
||||
public class ListSnapshotsCmd extends BaseListCmd {
|
||||
public class ListSnapshotsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListSnapshotsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listsnapshotsresponse";
|
||||
|
|
@ -42,13 +42,6 @@ public class ListSnapshotsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists snapshot belongig to the specified account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists snapshots for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="snapshots")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="lists snapshot by snapshot ID")
|
||||
private Long id;
|
||||
|
|
@ -66,25 +59,10 @@ public class ListSnapshotsCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.VOLUME_ID, type=CommandType.LONG, description="the ID of the disk volume")
|
||||
private Long volumeId;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all snapshots from the parent specified by the domain id till leaves.")
|
||||
private Boolean recursive;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list snapshots by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -104,14 +82,6 @@ public class ListSnapshotsCmd extends BaseListCmd {
|
|||
public Long getVolumeId() {
|
||||
return volumeId;
|
||||
}
|
||||
|
||||
public Boolean isRecursive() {
|
||||
return recursive;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
|
|||
|
|
@ -40,13 +40,6 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List template visibility and permissions for the specified account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="List template visibility and permissions by domain. If used with the account parameter, specifies in which domain the specified account exists.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="vm_template")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="the template ID")
|
||||
private Long id;
|
||||
|
|
@ -55,14 +48,6 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -99,7 +84,7 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
|
|||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<String> accountNames = _mgr.listTemplatePermissions(this);
|
||||
List<String> accountNames = _templateService.listTemplatePermissions(this);
|
||||
|
||||
Account account = UserContext.current().getCaller();
|
||||
boolean isAdmin = (isAdmin(account.getType()));
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ import java.util.Set;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -38,7 +38,7 @@ import com.cloud.user.UserContext;
|
|||
import com.cloud.utils.Pair;
|
||||
|
||||
@Implementation(description="List all public, private, and privileged templates.", responseObject=TemplateResponse.class)
|
||||
public class ListTemplatesCmd extends BaseListCmd {
|
||||
public class ListTemplatesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListTemplatesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listtemplatesresponse";
|
||||
|
|
@ -47,13 +47,6 @@ public class ListTemplatesCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list template by account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all templates in specified domain. If used with the account parameter, lists all templates for an account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.HYPERVISOR, type=CommandType.STRING, description="the hypervisor for which to restrict the search")
|
||||
private String hypervisor;
|
||||
|
||||
|
|
@ -74,23 +67,10 @@ public class ListTemplatesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="data_center")
|
||||
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="list templates by zoneId")
|
||||
private Long zoneId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list templates by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public String getHypervisor() {
|
||||
return hypervisor;
|
||||
}
|
||||
|
|
@ -111,10 +91,6 @@ public class ListTemplatesCmd extends BaseListCmd {
|
|||
return zoneId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
public boolean listInReadyState() {
|
||||
|
||||
Account account = UserContext.current().getCaller();
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -33,7 +33,7 @@ import com.cloud.api.response.UserResponse;
|
|||
import com.cloud.user.UserAccount;
|
||||
|
||||
@Implementation(description="Lists user accounts", responseObject=UserResponse.class)
|
||||
public class ListUsersCmd extends BaseListCmd {
|
||||
public class ListUsersCmd extends BaseListAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListUsersCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listusersresponse";
|
||||
|
|
@ -42,16 +42,9 @@ public class ListUsersCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List user by account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, description="List users by account type. Valid types include admin, domain-admin, read-only-admin, or user.")
|
||||
private Long accountType;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="List all users in a domain. If used with the account parameter, lists an account in a specific domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="user")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="List user by ID.")
|
||||
private Long id;
|
||||
|
|
@ -66,18 +59,11 @@ public class ListUsersCmd extends BaseListCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -94,7 +80,7 @@ public class ListUsersCmd extends BaseListCmd {
|
|||
/////////////// API Implementation///////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Override
|
||||
@Override
|
||||
public String getCommandName() {
|
||||
return s_name;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,17 +23,16 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.response.InstanceGroupResponse;
|
||||
import com.cloud.api.response.ListResponse;
|
||||
import com.cloud.vm.InstanceGroup;
|
||||
|
||||
@Implementation(description="Lists vm groups", responseObject=InstanceGroupResponse.class)
|
||||
public class ListVMGroupsCmd extends BaseListCmd {
|
||||
public class ListVMGroupsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListVMGroupsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listinstancegroupsresponse";
|
||||
|
|
@ -49,17 +48,6 @@ public class ListVMGroupsCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list instance groups by name")
|
||||
private String groupName;
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list instance group belonging to the specified account. Must be used with domainid parameter")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists virtual machines for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list instance group belonging to the specified project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
|
@ -72,18 +60,6 @@ public class ListVMGroupsCmd extends BaseListCmd {
|
|||
return groupName;
|
||||
}
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ import org.apache.log4j.Logger;
|
|||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.ApiConstants.VMDetails;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -36,7 +36,7 @@ import com.cloud.exception.InvalidParameterValueException;
|
|||
import com.cloud.uservm.UserVm;
|
||||
|
||||
@Implementation(description="List the virtual machines owned by the account.", responseObject=UserVmResponse.class)
|
||||
public class ListVMsCmd extends BaseListCmd {
|
||||
public class ListVMsCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListVMsCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listvirtualmachinesresponse";
|
||||
|
|
@ -45,16 +45,6 @@ public class ListVMsCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists virtual machines for the specified account in this domain.")
|
||||
private Long domainId;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="Must be used with domainId parameter. Defaults to false, but if true, lists all vms from the parent specified by the domain id till leaves.")
|
||||
private Boolean recursive;
|
||||
|
||||
@IdentityMapper(entityTableName="instance_group")
|
||||
@Parameter(name=ApiConstants.GROUP_ID, type=CommandType.LONG, description="the group ID")
|
||||
private Long groupId;
|
||||
|
|
@ -94,10 +84,6 @@ public class ListVMsCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="storage_pool")
|
||||
@Parameter(name=ApiConstants.STORAGE_ID, type=CommandType.LONG, description="the storage ID where vm's volumes belong to")
|
||||
private Long storageId;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list vms by project")
|
||||
private Long projectId;
|
||||
|
||||
@Parameter(name=ApiConstants.DETAILS, type=CommandType.LIST, collectionType=CommandType.STRING, description="comma separated list of host details requested, value can be a list of [all, group, nics, stats, secgrp, tmpl, servoff, iso, volume, min]" )
|
||||
private List<String> viewDetails;
|
||||
|
|
@ -107,14 +93,6 @@ public class ListVMsCmd extends BaseListCmd {
|
|||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getGroupId() {
|
||||
return groupId;
|
||||
}
|
||||
|
|
@ -154,10 +132,6 @@ public class ListVMsCmd extends BaseListCmd {
|
|||
public Long getNetworkId() {
|
||||
return networkId;
|
||||
}
|
||||
|
||||
public Boolean isRecursive() {
|
||||
return recursive;
|
||||
}
|
||||
|
||||
public String getHypervisor() {
|
||||
return hypervisor;
|
||||
|
|
@ -166,11 +140,6 @@ public class ListVMsCmd extends BaseListCmd {
|
|||
public Long getStorageId() {
|
||||
return storageId;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
|
||||
public EnumSet<VMDetails> getDetails() throws InvalidParameterValueException {
|
||||
EnumSet<VMDetails> dv;
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -33,7 +33,7 @@ import com.cloud.async.AsyncJob;
|
|||
import com.cloud.storage.Volume;
|
||||
|
||||
@Implementation(description="Lists all volumes.", responseObject=VolumeResponse.class)
|
||||
public class ListVolumesCmd extends BaseListCmd {
|
||||
public class ListVolumesCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(ListVolumesCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listvolumesresponse";
|
||||
|
|
@ -42,13 +42,6 @@ public class ListVolumesCmd extends BaseListCmd {
|
|||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the disk volume. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists all disk volumes for the specified domain ID. If used with the account parameter, returns all disk volumes for an account in the specified domain ID.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="host")
|
||||
@Parameter(name=ApiConstants.HOST_ID, type=CommandType.LONG, description="list volumes on specified host")
|
||||
private Long hostId;
|
||||
|
|
@ -74,25 +67,11 @@ public class ListVolumesCmd extends BaseListCmd {
|
|||
@IdentityMapper(entityTableName="data_center")
|
||||
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the ID of the availability zone")
|
||||
private Long zoneId;
|
||||
|
||||
@Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all volumes from the parent specified by the domain id till leaves.")
|
||||
private Boolean recursive;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
|
||||
private Long projectId;
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getHostId() {
|
||||
return hostId;
|
||||
|
|
@ -121,14 +100,6 @@ public class ListVolumesCmd extends BaseListCmd {
|
|||
public Long getZoneId() {
|
||||
return zoneId;
|
||||
}
|
||||
|
||||
public Boolean isRecursive() {
|
||||
return recursive;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
|
|
@ -146,7 +117,7 @@ public class ListVolumesCmd extends BaseListCmd {
|
|||
|
||||
@Override
|
||||
public void execute(){
|
||||
List<? extends Volume> volumes = _mgr.searchForVolumes(this);
|
||||
List<? extends Volume> volumes = _storageService.searchForVolumes(this);
|
||||
|
||||
ListResponse<VolumeResponse> response = new ListResponse<VolumeResponse>();
|
||||
List<VolumeResponse> volResponses = new ArrayList<VolumeResponse>();
|
||||
|
|
|
|||
|
|
@ -24,7 +24,8 @@ import java.util.List;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.ApiConstants;
|
||||
import com.cloud.api.BaseListCmd;
|
||||
import com.cloud.api.BaseCmd.CommandType;
|
||||
import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.Parameter;
|
||||
|
|
@ -33,7 +34,7 @@ import com.cloud.api.response.VpnUsersResponse;
|
|||
import com.cloud.network.VpnUser;
|
||||
|
||||
@Implementation(description="Lists vpn users", responseObject=VpnUsersResponse.class)
|
||||
public class ListVpnUsersCmd extends BaseListCmd {
|
||||
public class ListVpnUsersCmd extends BaseListProjectAndAccountResourcesCmd {
|
||||
public static final Logger s_logger = Logger.getLogger (ListVpnUsersCmd.class.getName());
|
||||
|
||||
private static final String s_name = "listvpnusersresponse";
|
||||
|
|
@ -41,14 +42,6 @@ public class ListVpnUsersCmd extends BaseListCmd {
|
|||
/////////////////////////////////////////////////////
|
||||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the remote access vpn. Must be used with the domainId parameter.")
|
||||
private String accountName;
|
||||
|
||||
@IdentityMapper(entityTableName="domain")
|
||||
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of the remote access vpn. If used with the account parameter, lists remote access vpns for the account in the specified domain.")
|
||||
private Long domainId;
|
||||
|
||||
@IdentityMapper(entityTableName="vpn_users")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the vpn user")
|
||||
private Long id;
|
||||
|
|
@ -56,21 +49,10 @@ public class ListVpnUsersCmd extends BaseListCmd {
|
|||
@Parameter(name=ApiConstants.USERNAME, type=CommandType.STRING, description="the username of the vpn user.")
|
||||
private String userName;
|
||||
|
||||
@IdentityMapper(entityTableName="projects")
|
||||
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
|
||||
private Long projectId;
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public String getAccountName() {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
|
@ -79,10 +61,6 @@ public class ListVpnUsersCmd extends BaseListCmd {
|
|||
return userName;
|
||||
}
|
||||
|
||||
public Long getProjectId() {
|
||||
return projectId;
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
/////////////// API Implementation///////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
|
|
|||
|
|
@ -20,9 +20,7 @@ package com.cloud.api.commands;
|
|||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.BaseCmd;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.ServerApiException;
|
||||
import com.cloud.api.response.SuccessResponse;
|
||||
import com.cloud.template.VirtualMachineTemplate;
|
||||
import com.cloud.user.Account;
|
||||
|
|
@ -46,15 +44,4 @@ public class UpdateIsoPermissionsCmd extends UpdateTemplateOrIsoPermissionsCmd {
|
|||
|
||||
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
|
||||
}
|
||||
|
||||
@Override
|
||||
public void execute(){
|
||||
boolean result = _mgr.updateTemplatePermissions(this);
|
||||
if (result) {
|
||||
SuccessResponse response = new SuccessResponse(getCommandName());
|
||||
this.setResponseObject(response);
|
||||
} else {
|
||||
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to update iso permissinos");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
|
|||
public long getEntityOwnerId() {
|
||||
IpAddress addr = _entityMgr.findById(IpAddress.class, getPublicIpId());
|
||||
if (addr != null) {
|
||||
return addr.getAllocatedToAccountId();
|
||||
return addr.getAccountId();
|
||||
}
|
||||
|
||||
// bad address given, parent this command to SYSTEM so ERROR events are tracked
|
||||
|
|
|
|||
|
|
@ -26,6 +26,8 @@ import com.cloud.api.ApiConstants;
|
|||
import com.cloud.api.BaseCmd;
|
||||
import com.cloud.api.IdentityMapper;
|
||||
import com.cloud.api.Parameter;
|
||||
import com.cloud.api.ServerApiException;
|
||||
import com.cloud.api.response.SuccessResponse;
|
||||
import com.cloud.exception.InvalidParameterValueException;
|
||||
|
||||
public abstract class UpdateTemplateOrIsoPermissionsCmd extends BaseCmd {
|
||||
|
|
@ -116,7 +118,13 @@ public abstract class UpdateTemplateOrIsoPermissionsCmd extends BaseCmd {
|
|||
}
|
||||
|
||||
@Override
|
||||
public void execute() {
|
||||
// method is implemented in updateTemplate/updateIsoPermissions
|
||||
public void execute(){
|
||||
boolean result = _templateService.updateTemplateOrIsoPermissions(this);
|
||||
if (result) {
|
||||
SuccessResponse response = new SuccessResponse(getCommandName());
|
||||
this.setResponseObject(response);
|
||||
} else {
|
||||
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to update template/iso permissions");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,9 +20,7 @@ package com.cloud.api.commands;
|
|||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.BaseCmd;
|
||||
import com.cloud.api.Implementation;
|
||||
import com.cloud.api.ServerApiException;
|
||||
import com.cloud.api.response.SuccessResponse;
|
||||
import com.cloud.template.VirtualMachineTemplate;
|
||||
import com.cloud.user.Account;
|
||||
|
|
@ -50,16 +48,5 @@ public class UpdateTemplatePermissionsCmd extends UpdateTemplateOrIsoPermissions
|
|||
|
||||
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
|
||||
}
|
||||
|
||||
@Override
|
||||
public void execute(){
|
||||
boolean result = _mgr.updateTemplatePermissions(this);
|
||||
if (result) {
|
||||
SuccessResponse response = new SuccessResponse(getCommandName());
|
||||
this.setResponseObject(response);
|
||||
} else {
|
||||
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to delete template permissions");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ import com.cloud.utils.net.Ip;
|
|||
* - DomainId = domain of the account owner.
|
||||
* - Allocated = time it was allocated.
|
||||
*/
|
||||
public interface IpAddress extends ControlledEntity {
|
||||
public interface IpAddress extends ControlledEntity{
|
||||
enum State {
|
||||
Allocating, // The IP Address is being propagated to other network elements and is not ready for use yet.
|
||||
Allocated, // The IP address is in used.
|
||||
|
|
@ -49,10 +49,6 @@ public interface IpAddress extends ControlledEntity {
|
|||
|
||||
Ip getAddress();
|
||||
|
||||
Long getAllocatedToAccountId();
|
||||
|
||||
Long getAllocatedInDomainId();
|
||||
|
||||
Date getAllocatedTime();
|
||||
|
||||
boolean isSourceNat();
|
||||
|
|
@ -77,4 +73,8 @@ public interface IpAddress extends ControlledEntity {
|
|||
long getId();
|
||||
|
||||
void setState(IpAddress.State state);
|
||||
|
||||
Long getAllocatedToAccountId();
|
||||
|
||||
Long getAllocatedInDomainId();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ import com.cloud.exception.ResourceUnavailableException;
|
|||
import com.cloud.user.Account;
|
||||
|
||||
public interface RulesService {
|
||||
List<? extends FirewallRule> searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId);
|
||||
List<? extends FirewallRule> searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId, boolean isRecursive, boolean listAll);
|
||||
|
||||
/**
|
||||
* Creates a port forwarding rule between two ip addresses or between
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import com.cloud.domain.PartOf;
|
|||
|
||||
public interface Project extends PartOf, Identity {
|
||||
public enum State {Active, Disabled, Suspended}
|
||||
public enum ListProjectResourcesCriteria {ListProjectResourcesOnly, SkipProjectResources}
|
||||
|
||||
String getDisplayText();
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,16 @@ package com.cloud.projects;
|
|||
|
||||
import java.util.Date;
|
||||
|
||||
public interface ProjectInvitation {
|
||||
import com.cloud.acl.ControlledEntity;
|
||||
|
||||
public interface ProjectInvitation extends ControlledEntity{
|
||||
public enum State {Pending, Completed, Expired, Declined}
|
||||
|
||||
long getId();
|
||||
|
||||
long getProjectId();
|
||||
|
||||
Long getAccountId();
|
||||
Long getForAccountId();
|
||||
|
||||
String getToken();
|
||||
|
||||
|
|
@ -19,6 +21,6 @@ public interface ProjectInvitation {
|
|||
|
||||
State getState();
|
||||
|
||||
Long getDomainId();
|
||||
Long getInDomainId();
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ public interface ProjectService {
|
|||
*/
|
||||
Project getProject(long id);
|
||||
|
||||
List<? extends Project> listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize);
|
||||
List<? extends Project> listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize, boolean listAll, boolean isRecursive);
|
||||
|
||||
ProjectAccount assignAccountToProject(Project project, long accountId, Role accountRole);
|
||||
|
||||
|
|
@ -58,7 +58,7 @@ public interface ProjectService {
|
|||
|
||||
List<? extends ProjectAccount> listProjectAccounts(long projectId, String accountName, String role, Long startIndex, Long pageSizeVal);
|
||||
|
||||
List<? extends ProjectInvitation> listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal);
|
||||
List<? extends ProjectInvitation> listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal, boolean isRecursive, boolean listAll);
|
||||
|
||||
boolean updateInvitation(long projectId, String accountName, String token, boolean accept);
|
||||
|
||||
|
|
|
|||
|
|
@ -49,11 +49,9 @@ import com.cloud.api.commands.ListSSHKeyPairsCmd;
|
|||
import com.cloud.api.commands.ListServiceOfferingsCmd;
|
||||
import com.cloud.api.commands.ListStoragePoolsCmd;
|
||||
import com.cloud.api.commands.ListSystemVMsCmd;
|
||||
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.ListTemplatesCmd;
|
||||
import com.cloud.api.commands.ListVMGroupsCmd;
|
||||
import com.cloud.api.commands.ListVlanIpRangesCmd;
|
||||
import com.cloud.api.commands.ListVolumesCmd;
|
||||
import com.cloud.api.commands.ListZonesByCmd;
|
||||
import com.cloud.api.commands.RebootSystemVmCmd;
|
||||
import com.cloud.api.commands.RegisterSSHKeyPairCmd;
|
||||
|
|
@ -61,9 +59,7 @@ import com.cloud.api.commands.StopSystemVmCmd;
|
|||
import com.cloud.api.commands.UpdateDomainCmd;
|
||||
import com.cloud.api.commands.UpdateHostPasswordCmd;
|
||||
import com.cloud.api.commands.UpdateIsoCmd;
|
||||
import com.cloud.api.commands.UpdateIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.UpdateTemplateCmd;
|
||||
import com.cloud.api.commands.UpdateTemplatePermissionsCmd;
|
||||
import com.cloud.api.commands.UpdateVMGroupCmd;
|
||||
import com.cloud.api.commands.UploadCustomCertificateCmd;
|
||||
import com.cloud.async.AsyncJob;
|
||||
|
|
@ -89,7 +85,6 @@ import com.cloud.org.Cluster;
|
|||
import com.cloud.storage.GuestOS;
|
||||
import com.cloud.storage.GuestOsCategory;
|
||||
import com.cloud.storage.StoragePool;
|
||||
import com.cloud.storage.Volume;
|
||||
import com.cloud.template.VirtualMachineTemplate;
|
||||
import com.cloud.user.SSHKeyPair;
|
||||
import com.cloud.utils.Pair;
|
||||
|
|
@ -180,14 +175,6 @@ public interface ManagementService {
|
|||
*/
|
||||
List<? extends VirtualRouter> searchForRouters(ListRoutersCmd cmd);
|
||||
|
||||
/**
|
||||
* revisit Obtains a list of storage volumes by the specified search criteria. Can search by: "userId", "vType",
|
||||
* "instanceId", "dataCenterId", "podId", "hostId"
|
||||
*
|
||||
* @param cmd
|
||||
* @return List of Volumes.
|
||||
*/
|
||||
List<? extends Volume> searchForVolumes(ListVolumesCmd cmd);
|
||||
|
||||
/**
|
||||
* Obtains a list of IP Addresses by the specified search criteria. Can search by: "userId", "dataCenterId", "address"
|
||||
|
|
@ -245,16 +232,6 @@ public interface ManagementService {
|
|||
*/
|
||||
List<? extends Capacity> listCapacities(ListCapacityCmd cmd);
|
||||
|
||||
/**
|
||||
* List the permissions on a template. This will return a list of account names that have been granted permission to launch
|
||||
* instances from the template.
|
||||
*
|
||||
* @param cmd
|
||||
* the command wrapping the search criteria (template id)
|
||||
* @return list of account names that have been granted permission to launch instances from the template
|
||||
*/
|
||||
List<String> listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd);
|
||||
|
||||
/**
|
||||
* List ISOs that match the specified criteria.
|
||||
*
|
||||
|
|
@ -311,10 +288,6 @@ public interface ManagementService {
|
|||
*/
|
||||
ArrayList<String> getCloudIdentifierResponse(long userId);
|
||||
|
||||
boolean updateTemplatePermissions(UpdateTemplatePermissionsCmd cmd);
|
||||
|
||||
boolean updateTemplatePermissions(UpdateIsoPermissionsCmd cmd);
|
||||
|
||||
boolean updateHostPassword(UpdateHostPasswordCmd cmd);
|
||||
|
||||
InstanceGroup updateVmGroup(UpdateVMGroupCmd cmd);
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ import com.cloud.api.commands.CancelPrimaryStorageMaintenanceCmd;
|
|||
import com.cloud.api.commands.CreateStoragePoolCmd;
|
||||
import com.cloud.api.commands.CreateVolumeCmd;
|
||||
import com.cloud.api.commands.DeletePoolCmd;
|
||||
import com.cloud.api.commands.PreparePrimaryStorageForMaintenanceCmd;
|
||||
import com.cloud.api.commands.ListVolumesCmd;
|
||||
import com.cloud.api.commands.UpdateStoragePoolCmd;
|
||||
import com.cloud.exception.ConcurrentOperationException;
|
||||
import com.cloud.exception.InsufficientCapacityException;
|
||||
|
|
@ -32,7 +32,6 @@ import com.cloud.exception.PermissionDeniedException;
|
|||
import com.cloud.exception.ResourceAllocationException;
|
||||
import com.cloud.exception.ResourceInUseException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
import com.cloud.host.Host;
|
||||
|
||||
public interface StorageService {
|
||||
/**
|
||||
|
|
@ -109,4 +108,6 @@ public interface StorageService {
|
|||
|
||||
Volume migrateVolume(Long volumeId, Long storagePoolId) throws ConcurrentOperationException;
|
||||
|
||||
List<? extends Volume> searchForVolumes(ListVolumesCmd cmd);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,16 +18,11 @@
|
|||
package com.cloud.storage;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import com.cloud.acl.ControlledEntity;
|
||||
import com.cloud.template.BasedOn;
|
||||
import com.cloud.utils.fsm.FiniteState;
|
||||
import com.cloud.utils.fsm.StateMachine;
|
||||
import com.cloud.utils.fsm.StateMachine2;
|
||||
import com.cloud.utils.fsm.StateObject;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
|
||||
public interface Volume extends ControlledEntity, BasedOn, StateObject<Volume.State> {
|
||||
enum Type {
|
||||
|
|
|
|||
|
|
@ -18,14 +18,17 @@
|
|||
package com.cloud.template;
|
||||
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.List;
|
||||
|
||||
import com.cloud.api.commands.CopyTemplateCmd;
|
||||
import com.cloud.api.commands.DeleteIsoCmd;
|
||||
import com.cloud.api.commands.DeleteTemplateCmd;
|
||||
import com.cloud.api.commands.ExtractIsoCmd;
|
||||
import com.cloud.api.commands.ExtractTemplateCmd;
|
||||
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.RegisterIsoCmd;
|
||||
import com.cloud.api.commands.RegisterTemplateCmd;
|
||||
import com.cloud.api.commands.UpdateTemplateOrIsoPermissionsCmd;
|
||||
import com.cloud.exception.InternalErrorException;
|
||||
import com.cloud.exception.ResourceAllocationException;
|
||||
import com.cloud.exception.StorageUnavailableException;
|
||||
|
|
@ -80,4 +83,8 @@ public interface TemplateService {
|
|||
Long extract(ExtractTemplateCmd cmd) throws InternalErrorException;
|
||||
|
||||
VirtualMachineTemplate getTemplate(long templateId);
|
||||
|
||||
List<String> listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd);
|
||||
|
||||
boolean updateTemplateOrIsoPermissions(UpdateTemplateOrIsoPermissionsCmd cmd);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ public interface VirtualMachineTemplate extends ControlledEntity {
|
|||
sharedexecutable, // ready templates that have been granted to the calling user by another user
|
||||
executable, // templates that are owned by the calling user, or public templates, that can be used to deploy a new VM
|
||||
community, // returns templates that have been marked as public but not featured
|
||||
all // all templates (only usable by ROOT admins)
|
||||
all // all templates (only usable by admins)
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -20,12 +20,15 @@ package com.cloud.user;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import com.cloud.acl.ControlledEntity;
|
||||
import com.cloud.acl.SecurityChecker.AccessType;
|
||||
import com.cloud.api.commands.DeleteUserCmd;
|
||||
import com.cloud.api.commands.ListAccountsCmd;
|
||||
import com.cloud.api.commands.ListUsersCmd;
|
||||
import com.cloud.api.commands.RegisterCmd;
|
||||
import com.cloud.api.commands.UpdateAccountCmd;
|
||||
import com.cloud.api.commands.UpdateUserCmd;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.exception.ConcurrentOperationException;
|
||||
import com.cloud.exception.PermissionDeniedException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
|
|
@ -155,7 +158,7 @@ public interface AccountService {
|
|||
|
||||
User getActiveUser(long userId);
|
||||
|
||||
User getUser(long userId);
|
||||
User getUserIncludingRemoved(long userId);
|
||||
|
||||
boolean isRootAdmin(short accountType);
|
||||
|
||||
|
|
@ -169,5 +172,9 @@ public interface AccountService {
|
|||
|
||||
List<? extends UserAccount> searchForUsers(ListUsersCmd cmd)
|
||||
throws PermissionDeniedException;
|
||||
|
||||
void checkAccess(Account account, Domain domain) throws PermissionDeniedException;
|
||||
|
||||
void checkAccess(Account account, AccessType accessType, ControlledEntity... entities) throws PermissionDeniedException;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,5 +25,6 @@ public interface InstanceGroup extends ControlledEntity {
|
|||
long getId();
|
||||
String getName();
|
||||
Date getCreated();
|
||||
Short getAccountType();
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -61,6 +61,9 @@ public class InstanceGroupVO implements InstanceGroup, Identity {
|
|||
@Column(name="uuid")
|
||||
private String uuid;
|
||||
|
||||
@Column(name="type", table="account", insertable=false, updatable=false)
|
||||
private short accountType;
|
||||
|
||||
public InstanceGroupVO(String name, long accountId) {
|
||||
this.name = name;
|
||||
this.accountId = accountId;
|
||||
|
|
@ -110,4 +113,9 @@ public class InstanceGroupVO implements InstanceGroup, Identity {
|
|||
public void setUuid(String uuid) {
|
||||
this.uuid = uuid;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Short getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ import com.cloud.domain.dao.DomainDao;
|
|||
import com.cloud.exception.PermissionDeniedException;
|
||||
import com.cloud.offering.DiskOffering;
|
||||
import com.cloud.offering.ServiceOffering;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.projects.dao.ProjectAccountDao;
|
||||
import com.cloud.storage.LaunchPermissionVO;
|
||||
|
|
|
|||
|
|
@ -1488,4 +1488,7 @@ public class AgentManagerImpl implements AgentManager, HandlerFactory, Manager {
|
|||
attache.setMaintenanceMode(false);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -288,8 +288,8 @@ public class ApiDBUtils {
|
|||
return _ms.getVersion();
|
||||
}
|
||||
|
||||
public static List<UserVmVO> searchForUserVMs(Criteria c) {
|
||||
return _userVmMgr.searchForUserVMs(c, true);
|
||||
public static List<UserVmVO> searchForUserVMs(Criteria c, List<Long> permittedAccounts) {
|
||||
return _userVmMgr.searchForUserVMs(c, _accountDao.findById(Account.ACCOUNT_ID_SYSTEM), null, false, permittedAccounts, false, null);
|
||||
}
|
||||
|
||||
public static List<? extends StoragePoolVO> searchForStoragePools(Criteria c) {
|
||||
|
|
|
|||
|
|
@ -319,13 +319,11 @@ public class ApiResponseHelper implements ResponseGenerator {
|
|||
// Get stopped and running VMs
|
||||
int vmStopped = 0;
|
||||
int vmRunning = 0;
|
||||
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
permittedAccounts.add(account.getId());
|
||||
|
||||
Long[] accountIds = new Long[1];
|
||||
accountIds[0] = account.getId();
|
||||
|
||||
Criteria c1 = new Criteria();
|
||||
c1.addCriteria(Criteria.ACCOUNTID, accountIds);
|
||||
List<? extends UserVm> virtualMachines = ApiDBUtils.searchForUserVMs(c1);
|
||||
List<? extends UserVm> virtualMachines = ApiDBUtils.searchForUserVMs(new Criteria(), permittedAccounts);
|
||||
|
||||
// get Running/Stopped VMs
|
||||
for (Iterator<? extends UserVm> iter = virtualMachines.iterator(); iter.hasNext();) {
|
||||
|
|
@ -3026,15 +3024,15 @@ public class ApiResponseHelper implements ResponseGenerator {
|
|||
response.setProjectName(ApiDBUtils.findProjectById(invite.getProjectId()).getName());
|
||||
response.setInvitationState(invite.getState().toString());
|
||||
|
||||
if (invite.getAccountId() != null) {
|
||||
Account account = ApiDBUtils.findAccountById(invite.getAccountId());
|
||||
if (invite.getForAccountId() != null) {
|
||||
Account account = ApiDBUtils.findAccountById(invite.getForAccountId());
|
||||
response.setAccountName(account.getAccountName());
|
||||
|
||||
} else {
|
||||
response.setEmail(invite.getEmail());
|
||||
}
|
||||
|
||||
populateDomain(response, invite.getDomainId());
|
||||
populateDomain(response, invite.getInDomainId());
|
||||
|
||||
response.setObjectName("projectinvitation");
|
||||
return response;
|
||||
|
|
|
|||
|
|
@ -798,7 +798,7 @@ public class ApiServer implements HttpRequestHandler {
|
|||
}
|
||||
|
||||
public boolean verifyUser(Long userId) {
|
||||
User user = _accountMgr.getUser(userId);
|
||||
User user = _accountMgr.getUserIncludingRemoved(userId);
|
||||
Account account = null;
|
||||
if (user != null) {
|
||||
account = _accountMgr.getAccount(user.getAccountId());
|
||||
|
|
|
|||
|
|
@ -297,7 +297,7 @@ public class AsyncJobManagerImpl implements AsyncJobManager, ClusterManagerListe
|
|||
throw new InvalidParameterValueException("Unable to find a job by id " + cmd.getId());
|
||||
}
|
||||
|
||||
User userJobOwner = _accountMgr.getUser(job.getUserId());
|
||||
User userJobOwner = _accountMgr.getUserIncludingRemoved(job.getUserId());
|
||||
Account jobOwner = _accountMgr.getAccount(userJobOwner.getAccountId());
|
||||
|
||||
//check permissions
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ import javax.persistence.Id;
|
|||
import javax.persistence.Table;
|
||||
import javax.persistence.Temporal;
|
||||
import javax.persistence.TemporalType;
|
||||
import javax.persistence.Transient;
|
||||
|
||||
import com.cloud.api.Identity;
|
||||
import com.cloud.utils.net.Ip;
|
||||
|
|
@ -94,6 +95,14 @@ public class IPAddressVO implements IpAddress, Identity {
|
|||
|
||||
@Column(name="physical_network_id")
|
||||
private Long physicalNetworkId;
|
||||
|
||||
@Column(name="account_id")
|
||||
@Transient
|
||||
private Long accountId = null;
|
||||
|
||||
@Transient
|
||||
@Column(name="domain_id")
|
||||
private Long domainId = null;
|
||||
|
||||
protected IPAddressVO() {
|
||||
this.uuid = UUID.randomUUID().toString();
|
||||
|
|
@ -136,6 +145,11 @@ public class IPAddressVO implements IpAddress, Identity {
|
|||
return allocatedToAccountId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedInDomainId() {
|
||||
return allocatedInDomainId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAssociatedWithNetworkId() {
|
||||
return associatedWithNetworkId;
|
||||
|
|
@ -153,11 +167,6 @@ public class IPAddressVO implements IpAddress, Identity {
|
|||
public void setAssociatedWithVmId(Long associatedWithVmId) {
|
||||
this.associatedWithVmId = associatedWithVmId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedInDomainId() {
|
||||
return allocatedInDomainId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Date getAllocatedTime() {
|
||||
|
|
|
|||
|
|
@ -431,7 +431,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
|
||||
Account owner = _accountMgr.getAccount(addr.getAccountId());
|
||||
Account owner = _accountMgr.getAccount(addr.getAllocatedToAccountId());
|
||||
long isSourceNat = (addr.isSourceNat()) ? 1 : 0;
|
||||
|
||||
txn.start();
|
||||
|
|
@ -1044,7 +1044,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
IpAddress ipToAssoc = getIp(cmd.getEntityId());
|
||||
if (ipToAssoc != null) {
|
||||
_accountMgr.checkAccess(caller, null, ipToAssoc);
|
||||
owner = _accountMgr.getAccount(ipToAssoc.getAccountId());
|
||||
owner = _accountMgr.getAccount(ipToAssoc.getAllocatedToAccountId());
|
||||
} else {
|
||||
s_logger.debug("Unable to find ip address by id: " + cmd.getEntityId());
|
||||
return null;
|
||||
|
|
@ -1931,7 +1931,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
}
|
||||
|
||||
// Check for account wide pool. It will have an entry for account_vlan_map.
|
||||
if (_accountVlanMapDao.findAccountVlanMap(ipVO.getAccountId(), ipVO.getVlanId()) != null) {
|
||||
if (_accountVlanMapDao.findAccountVlanMap(ipVO.getAllocatedToAccountId(), ipVO.getVlanId()) != null) {
|
||||
throw new InvalidParameterValueException("Ip address id=" + ipAddressId + " belongs to Account wide IP pool and cannot be disassociated");
|
||||
}
|
||||
|
||||
|
|
@ -2410,6 +2410,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
Long physicalNetworkId = cmd.getPhysicalNetworkId();
|
||||
List<String> supportedServicesStr = cmd.getSupportedServices();
|
||||
Boolean restartRequired= cmd.getRestartRequired();
|
||||
boolean listAll = cmd.listAll();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
|
||||
//1) default is system to false if not specified
|
||||
//2) reset parameter to false if it's specified by the regular user
|
||||
|
|
@ -2440,7 +2442,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
}
|
||||
}
|
||||
|
||||
if (!_accountMgr.isAdmin(caller.getType())) {
|
||||
if (!_accountMgr.isAdmin(caller.getType()) || !listAll) {
|
||||
permittedAccounts.add(caller.getId());
|
||||
domainId = caller.getDomainId();
|
||||
}
|
||||
|
|
@ -2498,10 +2500,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
|
||||
if (isSystem == null || !isSystem) {
|
||||
//Get domain level networks
|
||||
if (domainId != null) {
|
||||
if (domainId != null && !listAll) {
|
||||
networksToReturn.addAll(listDomainLevelNetworks(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, domainId));
|
||||
} else if (permittedAccounts.isEmpty()){
|
||||
networksToReturn.addAll(listAccountSpecificNetworksByDomainPath(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, path));
|
||||
networksToReturn.addAll(listAccountSpecificNetworksByDomainPath(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, path, isRecursive));
|
||||
}
|
||||
|
||||
//get account specific networks
|
||||
|
|
@ -2623,12 +2625,16 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
return _networksDao.search(sc, searchFilter);
|
||||
}
|
||||
|
||||
private List<NetworkVO> listAccountSpecificNetworksByDomainPath(SearchCriteria<NetworkVO> sc, Filter searchFilter, String path) {
|
||||
private List<NetworkVO> listAccountSpecificNetworksByDomainPath(SearchCriteria<NetworkVO> sc, Filter searchFilter, String path, boolean isRecursive) {
|
||||
SearchCriteria<NetworkVO> accountSC = _networksDao.createSearchCriteria();
|
||||
accountSC.addAnd("aclType", SearchCriteria.Op.EQ, ACLType.Account.toString());
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
if (isRecursive) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
} else {
|
||||
sc.setJoinParameters("domainSearch", "path", path);
|
||||
}
|
||||
}
|
||||
|
||||
return _networksDao.search(sc, searchFilter);
|
||||
|
|
@ -3599,18 +3605,18 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
|||
|
||||
// don't decrement resource count for direct ips
|
||||
if (ip.getAssociatedWithNetworkId() != null) {
|
||||
_resourceLimitMgr.decrementResourceCount(_ipAddressDao.findById(addrId).getAccountId(), ResourceType.public_ip);
|
||||
_resourceLimitMgr.decrementResourceCount(_ipAddressDao.findById(addrId).getAllocatedToAccountId(), ResourceType.public_ip);
|
||||
}
|
||||
|
||||
long isSourceNat = (ip.isSourceNat()) ? 1 : 0;
|
||||
|
||||
// Save usage event
|
||||
if (ip.getAccountId() != Account.ACCOUNT_ID_SYSTEM) {
|
||||
if (ip.getAllocatedToAccountId() != Account.ACCOUNT_ID_SYSTEM) {
|
||||
VlanVO vlan = _vlanDao.findById(ip.getVlanId());
|
||||
|
||||
String guestType = vlan.getVlanType().toString();
|
||||
|
||||
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAccountId(), ip.getDataCenterId(), addrId, ip.getAddress().addr(), isSourceNat, guestType);
|
||||
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAllocatedToAccountId(), ip.getDataCenterId(), addrId, ip.getAddress().addr(), isSourceNat, guestType);
|
||||
_usageEventDao.persist(usageEvent);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -354,17 +354,17 @@ public class NetworkUsageManagerImpl implements NetworkUsageManager, ResourceSta
|
|||
|
||||
List<String> IpList = new ArrayList<String>() ;
|
||||
for(IPAddressVO ip : allocatedIps){
|
||||
if(ip.getAccountId() == AccountVO.ACCOUNT_ID_SYSTEM){
|
||||
if(ip.getAllocatedToAccountId() == AccountVO.ACCOUNT_ID_SYSTEM){
|
||||
//Ignore usage for system account
|
||||
continue;
|
||||
}
|
||||
String address = (ip.getAddress()).toString();
|
||||
if(ipAssigment.containsKey(address)){
|
||||
// Ip was assigned during the current period but not release till Date now
|
||||
IpPartialUsage.add(new UsageIPAddressVO(ip.getAccountId(), address, ipAssigment.get(address), now));
|
||||
IpPartialUsage.add(new UsageIPAddressVO(ip.getAllocatedToAccountId(), address, ipAssigment.get(address), now));
|
||||
} else {
|
||||
// Ip was not assigned or released during current period. Consider entire duration for usage calculation (lastCollection to now)
|
||||
fullDurationIpUsage.add(new UsageIPAddressVO(ip.getAccountId(), address, lastCollection, now));
|
||||
fullDurationIpUsage.add(new UsageIPAddressVO(ip.getAllocatedToAccountId(), address, lastCollection, now));
|
||||
//Store just the Ips to send the list as part of DirectNetworkUsageCommand
|
||||
IpList.add(address);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -99,16 +99,6 @@ public class PublicIp implements PublicIpAddress {
|
|||
return _addr.getDomainId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedToAccountId() {
|
||||
return _addr.getAllocatedToAccountId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedInDomainId() {
|
||||
return _addr.getAllocatedInDomainId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getVlanId() {
|
||||
return _vlan.getId();
|
||||
|
|
@ -181,4 +171,14 @@ public class PublicIp implements PublicIpAddress {
|
|||
public void setState(State state) {
|
||||
_addr.setState(state);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedToAccountId() {
|
||||
return _addr.getAllocatedToAccountId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getAllocatedInDomainId() {
|
||||
return _addr.getAllocatedInDomainId();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@
|
|||
*/
|
||||
package com.cloud.network.dao;
|
||||
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
|
|
@ -32,7 +31,6 @@ import com.cloud.utils.db.GenericDaoBase;
|
|||
import com.cloud.utils.db.GenericSearchBuilder;
|
||||
import com.cloud.utils.db.SearchBuilder;
|
||||
import com.cloud.utils.db.SearchCriteria;
|
||||
import com.cloud.utils.db.SearchCriteria.Func;
|
||||
|
||||
@Local(value=NetworkServiceMapDao.class) @DB(txn=false)
|
||||
public class NetworkServiceMapDaoImpl extends GenericDaoBase<NetworkServiceMapVO, Long> implements NetworkServiceMapDao {
|
||||
|
|
@ -59,7 +57,6 @@ public class NetworkServiceMapDaoImpl extends GenericDaoBase<NetworkServiceMapVO
|
|||
DistinctProvidersSearch.and("provider", DistinctProvidersSearch.entity().getProvider(), SearchCriteria.Op.EQ);
|
||||
DistinctProvidersSearch.selectField(DistinctProvidersSearch.entity().getProvider());
|
||||
DistinctProvidersSearch.done();
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -33,8 +33,6 @@ import org.apache.log4j.Logger;
|
|||
import com.cloud.api.commands.ListFirewallRulesCmd;
|
||||
import com.cloud.configuration.Config;
|
||||
import com.cloud.configuration.dao.ConfigurationDao;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -61,16 +59,15 @@ import com.cloud.network.rules.FirewallRule.State;
|
|||
import com.cloud.network.rules.FirewallRuleVO;
|
||||
import com.cloud.network.rules.PortForwardingRuleVO;
|
||||
import com.cloud.network.rules.dao.PortForwardingRulesDao;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.AccountManager;
|
||||
import com.cloud.user.DomainManager;
|
||||
import com.cloud.user.UserContext;
|
||||
import com.cloud.utils.Pair;
|
||||
import com.cloud.utils.component.Inject;
|
||||
import com.cloud.utils.component.Manager;
|
||||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.db.Filter;
|
||||
import com.cloud.utils.db.JoinBuilder;
|
||||
import com.cloud.utils.db.SearchBuilder;
|
||||
import com.cloud.utils.db.SearchCriteria;
|
||||
import com.cloud.utils.db.SearchCriteria.Op;
|
||||
|
|
@ -170,8 +167,8 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
|
|||
|
||||
if (ipAddress != null) {
|
||||
networkId = ipAddress.getAssociatedWithNetworkId();
|
||||
accountId = ipAddress.getAccountId();
|
||||
domainId = ipAddress.getDomainId();
|
||||
accountId = ipAddress.getAllocatedToAccountId();
|
||||
domainId = ipAddress.getAllocatedInDomainId();
|
||||
}
|
||||
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
|
|
@ -196,14 +193,13 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
|
|||
|
||||
@Override
|
||||
public List<? extends FirewallRule> listFirewallRules(ListFirewallRulesCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long ipId = cmd.getIpAddressId();
|
||||
Long id = cmd.getId();
|
||||
String path = null;
|
||||
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
Long domainId = accountDomainPair.second();
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
if (ipId != null) {
|
||||
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
|
||||
|
|
@ -213,27 +209,17 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
|
|||
_accountMgr.checkAccess(caller, null, ipAddressVO);
|
||||
}
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter filter = new Filter(FirewallRuleVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
SearchBuilder<FirewallRuleVO> sb = _firewallDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("id", sb.entity().getId(), Op.EQ);
|
||||
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
|
||||
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
// for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<FirewallRuleVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (id != null) {
|
||||
sc.setParameters("id", id);
|
||||
|
|
@ -243,20 +229,8 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
|
|||
sc.setParameters("ip", ipId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
sc.setParameters("purpose", Purpose.Firewall);
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
return _firewallDao.search(sc, filter);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -40,8 +40,6 @@ import com.cloud.api.commands.ListLoadBalancerRulesCmd;
|
|||
import com.cloud.api.commands.UpdateLoadBalancerRuleCmd;
|
||||
import com.cloud.api.response.ServiceResponse;
|
||||
import com.cloud.dc.dao.VlanDao;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -80,13 +78,13 @@ import com.cloud.network.rules.LbStickinessMethod.LbStickinessMethodParam;
|
|||
import com.cloud.network.rules.LoadBalancer;
|
||||
import com.cloud.network.rules.RulesManager;
|
||||
import com.cloud.network.rules.StickinessPolicy;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.AccountManager;
|
||||
import com.cloud.user.DomainService;
|
||||
import com.cloud.user.UserContext;
|
||||
import com.cloud.user.dao.AccountDao;
|
||||
import com.cloud.uservm.UserVm;
|
||||
import com.cloud.utils.Pair;
|
||||
import com.cloud.utils.component.Inject;
|
||||
import com.cloud.utils.component.Manager;
|
||||
import com.cloud.utils.db.DB;
|
||||
|
|
@ -646,7 +644,7 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
|
|||
txn.start();
|
||||
|
||||
LoadBalancerVO newRule = new LoadBalancerVO(lb.getXid(), lb.getName(), lb.getDescription(), lb.getSourceIpAddressId(), lb.getSourcePortEnd(), lb.getDefaultPortStart(),
|
||||
lb.getAlgorithm(), network.getId(), ipAddr.getAccountId(), ipAddr.getDomainId());
|
||||
lb.getAlgorithm(), network.getId(), ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId());
|
||||
|
||||
newRule = _lbDao.persist(newRule);
|
||||
|
||||
|
|
@ -976,33 +974,26 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
|
|||
|
||||
@Override
|
||||
public List<LoadBalancerVO> searchForLoadBalancers(ListLoadBalancerRulesCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long ipId = cmd.getPublicIpId();
|
||||
Long zoneId = cmd.getZoneId();
|
||||
String path = null;
|
||||
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
Long domainId = accountDomainPair.second();
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
Long id = cmd.getId();
|
||||
String name = cmd.getLoadBalancerRuleName();
|
||||
String keyword = cmd.getKeyword();
|
||||
Long instanceId = cmd.getVirtualMachineId();
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter searchFilter = new Filter(LoadBalancerVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
|
||||
Object id = cmd.getId();
|
||||
Object name = cmd.getLoadBalancerRuleName();
|
||||
Object keyword = cmd.getKeyword();
|
||||
Object instanceId = cmd.getVirtualMachineId();
|
||||
|
||||
SearchBuilder<LoadBalancerVO> sb = _lbDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
|
||||
sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
|
||||
if (instanceId != null) {
|
||||
SearchBuilder<LoadBalancerVMMapVO> lbVMSearch = _lb2VmMapDao.createSearchBuilder();
|
||||
|
|
@ -1010,13 +1001,6 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
|
|||
sb.join("lbVMSearch", lbVMSearch, sb.entity().getId(), lbVMSearch.entity().getLoadBalancerId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
// for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
if (zoneId != null) {
|
||||
SearchBuilder<IPAddressVO> ipSearch = _ipAddressDao.createSearchBuilder();
|
||||
ipSearch.and("zoneId", ipSearch.entity().getDataCenterId(), SearchCriteria.Op.EQ);
|
||||
|
|
@ -1024,11 +1008,12 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
|
|||
}
|
||||
|
||||
SearchCriteria<LoadBalancerVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (keyword != null) {
|
||||
SearchCriteria<LoadBalancerVO> ssc = _lbDao.createSearchCriteria();
|
||||
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
|
||||
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
|
||||
}
|
||||
|
||||
|
|
@ -1048,18 +1033,6 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
|
|||
sc.setJoinParameters("lbVMSearch", "instanceId", instanceId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
if (zoneId != null) {
|
||||
sc.setJoinParameters("ipSearch", "zoneId", zoneId);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,8 +29,6 @@ import javax.naming.ConfigurationException;
|
|||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.api.commands.ListPortForwardingRulesCmd;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -45,22 +43,18 @@ import com.cloud.network.IpAddress;
|
|||
import com.cloud.network.Network;
|
||||
import com.cloud.network.Network.Service;
|
||||
import com.cloud.network.NetworkManager;
|
||||
import com.cloud.network.PublicIpAddress;
|
||||
import com.cloud.network.dao.FirewallRulesCidrsDao;
|
||||
import com.cloud.network.dao.FirewallRulesDao;
|
||||
import com.cloud.network.dao.IPAddressDao;
|
||||
import com.cloud.network.dao.NetworkDao;
|
||||
import com.cloud.network.rules.FirewallRule.FirewallRuleType;
|
||||
import com.cloud.network.rules.FirewallRule.Purpose;
|
||||
import com.cloud.network.rules.dao.PortForwardingRulesDao;
|
||||
import com.cloud.offering.NetworkOffering;
|
||||
import com.cloud.offerings.dao.NetworkOfferingDao;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.AccountManager;
|
||||
import com.cloud.user.DomainManager;
|
||||
import com.cloud.user.UserContext;
|
||||
import com.cloud.uservm.UserVm;
|
||||
import com.cloud.utils.Pair;
|
||||
import com.cloud.utils.component.Inject;
|
||||
import com.cloud.utils.component.Manager;
|
||||
import com.cloud.utils.db.DB;
|
||||
|
|
@ -174,8 +168,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
_firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.PortForwarding, FirewallRuleType.User);
|
||||
|
||||
Long networkId = ipAddress.getAssociatedWithNetworkId();
|
||||
Long accountId = ipAddress.getAccountId();
|
||||
Long domainId = ipAddress.getDomainId();
|
||||
Long accountId = ipAddress.getAllocatedToAccountId();
|
||||
Long domainId = ipAddress.getAllocatedInDomainId();
|
||||
|
||||
// start port can't be bigger than end port
|
||||
if (rule.getDestinationPortStart() > rule.getDestinationPortEnd()) {
|
||||
|
|
@ -267,8 +261,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
_firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.StaticNat, FirewallRuleType.User);
|
||||
|
||||
Long networkId = ipAddress.getAssociatedWithNetworkId();
|
||||
Long accountId = ipAddress.getAccountId();
|
||||
Long domainId = ipAddress.getDomainId();
|
||||
Long accountId = ipAddress.getAllocatedToAccountId();
|
||||
Long domainId = ipAddress.getAllocatedInDomainId();
|
||||
|
||||
_networkMgr.checkIpForService(ipAddress, Service.StaticNat);
|
||||
|
||||
|
|
@ -547,14 +541,13 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
|
||||
@Override
|
||||
public List<? extends PortForwardingRule> listPortForwardingRules(ListPortForwardingRulesCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long ipId = cmd.getIpAddressId();
|
||||
Long id = cmd.getId();
|
||||
String path = null;
|
||||
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
Long domainId = accountDomainPair.second();
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
if (ipId != null) {
|
||||
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
|
||||
|
|
@ -564,27 +557,17 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
_accountMgr.checkAccess(caller, null, ipAddressVO);
|
||||
}
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter filter = new Filter(PortForwardingRuleVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
SearchBuilder<PortForwardingRuleVO> sb = _portForwardingDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("id", sb.entity().getId(), Op.EQ);
|
||||
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
|
||||
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
// for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<PortForwardingRuleVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (id != null) {
|
||||
sc.setParameters("id", id);
|
||||
|
|
@ -594,20 +577,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
sc.setParameters("ip", ipId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
sc.setParameters("purpose", Purpose.PortForwarding);
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
return _portForwardingDao.search(sc, filter);
|
||||
}
|
||||
|
||||
|
|
@ -743,7 +714,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
for (IPAddressVO ip : ips) {
|
||||
// Get nic IP4 address
|
||||
String dstIp = _networkMgr.getIpInNetwork(ip.getAssociatedWithVmId(), networkId);
|
||||
StaticNatImpl staticNat = new StaticNatImpl(ip.getAccountId(), ip.getDomainId(), networkId, ip.getId(), dstIp, false);
|
||||
StaticNatImpl staticNat = new StaticNatImpl(ip.getAllocatedToAccountId(), ip.getAllocatedInDomainId(), networkId, ip.getId(), dstIp, false);
|
||||
staticNats.add(staticNat);
|
||||
}
|
||||
|
||||
|
|
@ -760,13 +731,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<? extends FirewallRule> searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
String path = null;
|
||||
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, accountName, domainId, projectId);
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
domainId = accountDomainPair.second();
|
||||
public List<? extends FirewallRule> searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId, boolean isRecursive, boolean listAll) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
if (ipId != null) {
|
||||
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
|
||||
|
|
@ -776,25 +743,15 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
_accountMgr.checkAccess(caller, null, ipAddressVO);
|
||||
}
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, accountName, projectId, permittedAccounts, listAll, id);
|
||||
Filter filter = new Filter(PortForwardingRuleVO.class, "id", false, start, size);
|
||||
SearchBuilder<FirewallRuleVO> sb = _firewallDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
|
||||
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
|
||||
sb.and("id", sb.entity().getId(), Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
// for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
if (vmId != null) {
|
||||
SearchBuilder<IPAddressVO> ipSearch = _ipAddressDao.createSearchBuilder();
|
||||
|
|
@ -803,7 +760,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
}
|
||||
|
||||
SearchCriteria<FirewallRuleVO> sc = sb.create();
|
||||
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
sc.setParameters("purpose", Purpose.StaticNat);
|
||||
|
||||
if (id != null) {
|
||||
sc.setParameters("id", id);
|
||||
}
|
||||
|
|
@ -812,20 +771,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
sc.setParameters("ip", ipId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
sc.setParameters("purpose", Purpose.StaticNat);
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
if (vmId != null) {
|
||||
sc.setJoinParameters("ipSearch", "associatedWithVmId", vmId);
|
||||
}
|
||||
|
|
@ -1128,7 +1073,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
|
|||
dstIp = _networkMgr.getIpInNetwork(sourceIp.getAssociatedWithVmId(), networkId);
|
||||
}
|
||||
|
||||
StaticNatImpl staticNat = new StaticNatImpl(sourceIp.getAccountId(), sourceIp.getDomainId(), networkId, sourceIpId, dstIp, forRevoke);
|
||||
StaticNatImpl staticNat = new StaticNatImpl(sourceIp.getAllocatedToAccountId(), sourceIp.getAllocatedInDomainId(), networkId, sourceIpId, dstIp, forRevoke);
|
||||
staticNats.add(staticNat);
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -45,17 +45,15 @@ import com.cloud.agent.api.NetworkRulesSystemVmCommand;
|
|||
import com.cloud.agent.api.SecurityGroupRulesCmd;
|
||||
import com.cloud.agent.api.SecurityGroupRulesCmd.IpPortAndProto;
|
||||
import com.cloud.agent.manager.Commands;
|
||||
import com.cloud.api.commands.AuthorizeSecurityGroupIngressCmd;
|
||||
import com.cloud.api.commands.AuthorizeSecurityGroupEgressCmd;
|
||||
import com.cloud.api.commands.AuthorizeSecurityGroupIngressCmd;
|
||||
import com.cloud.api.commands.CreateSecurityGroupCmd;
|
||||
import com.cloud.api.commands.DeleteSecurityGroupCmd;
|
||||
import com.cloud.api.commands.ListSecurityGroupsCmd;
|
||||
import com.cloud.api.commands.RevokeSecurityGroupIngressCmd;
|
||||
import com.cloud.api.commands.RevokeSecurityGroupEgressCmd;
|
||||
import com.cloud.api.commands.RevokeSecurityGroupIngressCmd;
|
||||
import com.cloud.configuration.Config;
|
||||
import com.cloud.configuration.dao.ConfigurationDao;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -68,13 +66,14 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
|||
import com.cloud.network.Network;
|
||||
import com.cloud.network.NetworkManager;
|
||||
import com.cloud.network.security.SecurityGroupWork.Step;
|
||||
import com.cloud.network.security.dao.SecurityGroupRuleDao;
|
||||
import com.cloud.network.security.SecurityRule.SecurityRuleType;
|
||||
import com.cloud.network.security.dao.SecurityGroupDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupRuleDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupRulesDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupVMMapDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupWorkDao;
|
||||
import com.cloud.network.security.dao.VmRulesetLogDao;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.server.ManagementServer;
|
||||
import com.cloud.user.Account;
|
||||
|
|
@ -92,7 +91,6 @@ import com.cloud.utils.concurrency.NamedThreadFactory;
|
|||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.db.Filter;
|
||||
import com.cloud.utils.db.GlobalLock;
|
||||
import com.cloud.utils.db.JoinBuilder;
|
||||
import com.cloud.utils.db.SearchBuilder;
|
||||
import com.cloud.utils.db.SearchCriteria;
|
||||
import com.cloud.utils.db.Transaction;
|
||||
|
|
@ -110,7 +108,6 @@ import com.cloud.vm.VirtualMachine.State;
|
|||
import com.cloud.vm.VirtualMachineManager;
|
||||
import com.cloud.vm.dao.UserVmDao;
|
||||
import com.cloud.vm.dao.VMInstanceDao;
|
||||
import com.cloud.network.security.SecurityRule.SecurityRuleType;
|
||||
|
||||
import edu.emory.mathcs.backport.java.util.Collections;
|
||||
|
||||
|
|
@ -1079,12 +1076,13 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
|
|||
@Override
|
||||
public List<SecurityGroupRulesVO> searchForSecurityGroupRules(ListSecurityGroupsCmd cmd) throws PermissionDeniedException, InvalidParameterValueException {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
String accountName = cmd.getAccountName();
|
||||
Long instanceId = cmd.getVirtualMachineId();
|
||||
String securityGroup = cmd.getSecurityGroupName();
|
||||
Long projectId = cmd.getProjectId();
|
||||
Long id = cmd.getId();
|
||||
Object keyword = cmd.getKeyword();
|
||||
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
if (instanceId != null) {
|
||||
|
|
@ -1096,60 +1094,18 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
|
|||
return listSecurityGroupRulesByVM(instanceId.longValue());
|
||||
}
|
||||
|
||||
if (_accountMgr.isAdmin(caller.getType())) {
|
||||
if (domainId != null) {
|
||||
Domain domain = _domainMgr.getDomain(domainId);
|
||||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
|
||||
}
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
if (accountName != null) {
|
||||
Account account = _accountMgr.getActiveAccountByName(accountName, domainId);
|
||||
if (account == null) {
|
||||
throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
|
||||
}
|
||||
_accountMgr.checkAccess(caller, null, account);
|
||||
permittedAccounts.add(account.getId());
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// regular user can see only his own security groups
|
||||
permittedAccounts.add(caller.getId());
|
||||
}
|
||||
|
||||
//set project information
|
||||
if (projectId != null) {
|
||||
permittedAccounts.clear();
|
||||
Project project = _projectMgr.getProject(projectId);
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
|
||||
}
|
||||
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
|
||||
throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
|
||||
}
|
||||
permittedAccounts.add(project.getProjectAccountId());
|
||||
} else if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
|
||||
permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
|
||||
}
|
||||
|
||||
List<SecurityGroupRulesVO> securityRulesList = new ArrayList<SecurityGroupRulesVO>();
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter searchFilter = new Filter(SecurityGroupVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
Object keyword = cmd.getKeyword();
|
||||
|
||||
SearchBuilder<SecurityGroupVO> sb = _securityGroupDao.createSearchBuilder();
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
// only do a recursive domain search if the search is not limited by account or instance
|
||||
if (permittedAccounts.isEmpty() && instanceId == null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
|
||||
|
||||
SearchCriteria<SecurityGroupVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (id != null) {
|
||||
sc.setParameters("id", id);
|
||||
|
|
@ -1159,16 +1115,6 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
|
|||
sc.setParameters("name", securityGroup);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
// only do a recursive domain search if the search is not limited by account or instance
|
||||
if (permittedAccounts.isEmpty() && instanceId == null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
DomainVO domain = _domainDao.findById(caller.getDomainId());
|
||||
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
|
||||
}
|
||||
|
||||
if (keyword != null) {
|
||||
SearchCriteria<SecurityGroupRulesVO> ssc = _securityGroupRulesDao.createSearchCriteria();
|
||||
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
|
|
|
|||
|
|
@ -30,7 +30,6 @@ import com.cloud.api.commands.ListRemoteAccessVpnsCmd;
|
|||
import com.cloud.api.commands.ListVpnUsersCmd;
|
||||
import com.cloud.configuration.Config;
|
||||
import com.cloud.configuration.dao.ConfigurationDao;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -61,6 +60,7 @@ import com.cloud.network.rules.FirewallRule;
|
|||
import com.cloud.network.rules.FirewallRule.Purpose;
|
||||
import com.cloud.network.rules.FirewallRuleVO;
|
||||
import com.cloud.network.rules.RulesManager;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.AccountManager;
|
||||
import com.cloud.user.DomainManager;
|
||||
|
|
@ -136,7 +136,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
}
|
||||
|
||||
// TODO: assumes one virtual network / domr per account per zone
|
||||
vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAllocatedToAccountId(), ipAddr.getAssociatedWithNetworkId());
|
||||
vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAccountId(), ipAddr.getAssociatedWithNetworkId());
|
||||
if (vpnVO != null) {
|
||||
//if vpn is in Added state, return it to the api
|
||||
if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
|
||||
|
|
@ -181,7 +181,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
String newIpRange = NetUtils.long2Ip(++startIp) + "-" + range[1];
|
||||
String sharedSecret = PasswordGenerator.generatePresharedKey(_pskLength);
|
||||
_rulesMgr.reservePorts(ipAddr, NetUtils.UDP_PROTO, Purpose.Vpn, openFirewall, caller, NetUtils.VPN_PORT, NetUtils.VPN_L2TP_PORT, NetUtils.VPN_NATT_PORT);
|
||||
vpnVO = new RemoteAccessVpnVO(ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId(), ipAddr.getAssociatedWithNetworkId(),
|
||||
vpnVO = new RemoteAccessVpnVO(ipAddr.getAccountId(), ipAddr.getDomainId(), ipAddr.getAssociatedWithNetworkId(),
|
||||
publicIpId, range[0], newIpRange, sharedSecret);
|
||||
return _remoteAccessVpnDao.persist(vpnVO);
|
||||
}
|
||||
|
|
@ -473,40 +473,26 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
|
||||
@Override
|
||||
public List<VpnUserVO> searchForVpnUsers(ListVpnUsersCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
String username = cmd.getUsername();
|
||||
String path = null;
|
||||
Long id = cmd.getId();
|
||||
|
||||
//Verify account information
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), null);
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
Long domainId = accountDomainPair.second();
|
||||
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter searchFilter = new Filter(VpnUserVO.class, "username", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
|
||||
Object id = cmd.getId();
|
||||
|
||||
SearchBuilder<VpnUserVO> sb = _vpnUsersDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
//for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<VpnUserVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
//list only active users
|
||||
sc.setParameters("state", State.Active);
|
||||
|
|
@ -519,18 +505,6 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
sc.setParameters("username", username);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
return _vpnUsersDao.search(sc, searchFilter);
|
||||
}
|
||||
|
||||
|
|
@ -538,24 +512,17 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
public List<RemoteAccessVpnVO> searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd) {
|
||||
// do some parameter validation
|
||||
Account caller = UserContext.current().getCaller();
|
||||
String path = null;
|
||||
|
||||
Pair<List<Long>, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
|
||||
List<Long> permittedAccounts = accountDomainPair.first();
|
||||
Long domainId = accountDomainPair.second();
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
Domain domain = _domainMgr.getDomain(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
|
||||
Long ipAddressId = cmd.getPublicIpId();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
if (ipAddressId != null) {
|
||||
PublicIpAddress publicIp = _networkMgr.getPublicIpAddress(ipAddressId);
|
||||
if (publicIp == null) {
|
||||
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId + " not found.");
|
||||
} else {
|
||||
Long ipAddrAcctId = publicIp.getAllocatedToAccountId();
|
||||
Long ipAddrAcctId = publicIp.getAccountId();
|
||||
if (ipAddrAcctId == null) {
|
||||
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId
|
||||
+ " is not associated with an account.");
|
||||
|
|
@ -563,41 +530,24 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
|
|||
}
|
||||
_accountMgr.checkAccess(caller, null, publicIp);
|
||||
}
|
||||
|
||||
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), null);
|
||||
Filter filter = new Filter(RemoteAccessVpnVO.class, "serverAddressId", false, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
SearchBuilder<RemoteAccessVpnVO> sb = _remoteAccessVpnDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("serverAddressId", sb.entity().getServerAddressId(), Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
|
||||
sb.and("state", sb.entity().getState(), Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
//for domain admin we should show only subdomains information
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<RemoteAccessVpnVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
|
||||
sc.setParameters("state", RemoteAccessVpn.State.Running);
|
||||
|
||||
if (ipAddressId != null) {
|
||||
sc.setParameters("serverAddressId", ipAddressId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
return _remoteAccessVpnDao.search(sc, filter);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,10 +27,10 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
|
|||
private long projectId;
|
||||
|
||||
@Column(name="account_id")
|
||||
private Long accountId;
|
||||
private Long forAccountId;
|
||||
|
||||
@Column(name="domain_id")
|
||||
private Long domainId;
|
||||
private Long inDomainId;
|
||||
|
||||
@Column(name="token")
|
||||
private String token;
|
||||
|
|
@ -53,8 +53,8 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
|
|||
}
|
||||
|
||||
public ProjectInvitationVO(long projectId, Long accountId, Long domainId, String email, String token) {
|
||||
this.accountId = accountId;
|
||||
this.domainId = domainId;
|
||||
this.forAccountId = accountId;
|
||||
this.inDomainId = domainId;
|
||||
this.projectId = projectId;
|
||||
this.email = email;
|
||||
this.token = token;
|
||||
|
|
@ -72,8 +72,8 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
|
|||
}
|
||||
|
||||
@Override
|
||||
public Long getAccountId() {
|
||||
return accountId;
|
||||
public Long getForAccountId() {
|
||||
return forAccountId;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -103,13 +103,13 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
|
|||
@Override
|
||||
public String toString() {
|
||||
StringBuilder buf = new StringBuilder("ProjectInvitation[");
|
||||
buf.append(id).append("|projectId=").append(projectId).append("|accountId=").append(accountId).append("]");
|
||||
buf.append(id).append("|projectId=").append(projectId).append("|accountId=").append(forAccountId).append("]");
|
||||
return buf.toString();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getDomainId() {
|
||||
return domainId;
|
||||
public Long getInDomainId() {
|
||||
return inDomainId;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -120,4 +120,14 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
|
|||
public void setUuid(String uuid) {
|
||||
this.uuid = uuid;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getDomainId() {
|
||||
return inDomainId == null ? -1 : inDomainId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getAccountId() {
|
||||
return forAccountId == null ? -1 : forAccountId;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@
|
|||
package com.cloud.projects;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
|
@ -45,7 +46,6 @@ import com.cloud.configuration.Config;
|
|||
import com.cloud.configuration.ConfigurationManager;
|
||||
import com.cloud.configuration.Resource.ResourceType;
|
||||
import com.cloud.configuration.dao.ConfigurationDao;
|
||||
import com.cloud.domain.Domain;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
|
|
@ -55,6 +55,7 @@ import com.cloud.exception.InvalidParameterValueException;
|
|||
import com.cloud.exception.PermissionDeniedException;
|
||||
import com.cloud.exception.ResourceAllocationException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.projects.Project.State;
|
||||
import com.cloud.projects.ProjectAccount.Role;
|
||||
import com.cloud.projects.dao.ProjectAccountDao;
|
||||
|
|
@ -337,7 +338,7 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<? extends Project> listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize) {
|
||||
public List<? extends Project> listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize, boolean listAll, boolean isRecursive) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long accountId = null;
|
||||
String path = null;
|
||||
|
|
@ -362,11 +363,6 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
|
|||
accountId = owner.getId();
|
||||
}
|
||||
}
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
DomainVO domain = _domainDao.findById(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
} else {
|
||||
if (accountName != null && !accountName.equals(caller.getAccountName())) {
|
||||
throw new PermissionDeniedException("Can't list account " + accountName + " projects; unauthorized");
|
||||
|
|
@ -379,6 +375,17 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
|
|||
accountId = caller.getId();
|
||||
}
|
||||
|
||||
if (!listAll) {
|
||||
if (domainId == null && accountId == null) {
|
||||
accountId = caller.getId();
|
||||
} else {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || !isRecursive) {
|
||||
DomainVO domain = _domainDao.findById(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
|
|
@ -397,6 +404,10 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
|
|||
sc.addAnd("id", Op.EQ, id);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.addAnd("domainId", Op.EQ, domainId);
|
||||
}
|
||||
|
||||
if (name != null) {
|
||||
sc.addAnd("name", Op.EQ, name);
|
||||
}
|
||||
|
|
@ -757,64 +768,23 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<? extends ProjectInvitation> listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long accountId = null;
|
||||
String domainPath = null;
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (domainId == null) {
|
||||
domainPath = _domainMgr.getDomain(caller.getDomainId()).getPath();
|
||||
}
|
||||
} else if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
|
||||
// regular user is constraint to only his account
|
||||
accountId = caller.getId();
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
Domain domain = _domainDao.findById(domainId);
|
||||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
|
||||
}
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
|
||||
if (accountName != null) {
|
||||
Account account = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (account == null) {
|
||||
throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
|
||||
}
|
||||
|
||||
_accountMgr.checkAccess(caller, null, account);
|
||||
accountId = account.getId();
|
||||
}
|
||||
}
|
||||
public List<? extends ProjectInvitation> listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal, boolean isRecursive, boolean listAll) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, accountName, null, permittedAccounts, listAll, id);
|
||||
Filter searchFilter = new Filter(ProjectInvitationVO.class, "id", true, startIndex, pageSizeVal);
|
||||
|
||||
SearchBuilder<ProjectInvitationVO> sb = _projectInvitationDao.createSearchBuilder();
|
||||
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("projectId", sb.entity().getProjectId(), SearchCriteria.Op.EQ);
|
||||
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
|
||||
sb.and("created", sb.entity().getCreated(), SearchCriteria.Op.GT);
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
|
||||
if (domainPath != null) {
|
||||
// do a domain LIKE match for the admin case if isRecursive is true
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<ProjectInvitationVO> sc = sb.create();
|
||||
|
||||
if (domainPath != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", domainPath);
|
||||
}
|
||||
|
||||
if (accountId != null) {
|
||||
sc.setParameters("accountId", accountId);
|
||||
}
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
|
||||
if (projectId != null){
|
||||
sc.setParameters("projectId", projectId);
|
||||
|
|
|
|||
|
|
@ -32,5 +32,4 @@ public interface ProjectDao extends GenericDao<ProjectVO, Long>{
|
|||
ProjectVO findByProjectAccountId(long projectAccountId);
|
||||
|
||||
List<ProjectVO> listByState(Project.State state);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ public class ProjectDaoImpl extends GenericDaoBase<ProjectVO, Long> implements P
|
|||
private static final Logger s_logger = Logger.getLogger(ProjectDaoImpl.class);
|
||||
protected final SearchBuilder<ProjectVO> AllFieldsSearch;
|
||||
protected GenericSearchBuilder<ProjectVO, Long> CountByDomain;
|
||||
protected GenericSearchBuilder<ProjectVO, Long> ProjectAccountSearch;
|
||||
|
||||
protected ProjectDaoImpl() {
|
||||
AllFieldsSearch = createSearchBuilder();
|
||||
|
|
@ -84,7 +85,6 @@ public class ProjectDaoImpl extends GenericDaoBase<ProjectVO, Long> implements P
|
|||
public List<ProjectVO> listByState(Project.State state) {
|
||||
SearchCriteria<ProjectVO> sc = AllFieldsSearch.create();
|
||||
sc.setParameters("state", state);
|
||||
|
||||
return listBy(sc);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ public class ProjectInvitationDaoImpl extends GenericDaoBase<ProjectInvitationVO
|
|||
|
||||
protected ProjectInvitationDaoImpl() {
|
||||
AllFieldsSearch = createSearchBuilder();
|
||||
AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
|
||||
AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getForAccountId(), SearchCriteria.Op.EQ);
|
||||
AllFieldsSearch.and("projectId", AllFieldsSearch.entity().getProjectId(), SearchCriteria.Op.EQ);
|
||||
AllFieldsSearch.and("created", AllFieldsSearch.entity().getCreated(), SearchCriteria.Op.EQ);
|
||||
AllFieldsSearch.and("projectAccountId", AllFieldsSearch.entity().getState(), SearchCriteria.Op.EQ);
|
||||
|
|
@ -34,7 +34,7 @@ public class ProjectInvitationDaoImpl extends GenericDaoBase<ProjectInvitationVO
|
|||
|
||||
InactiveSearch = createSearchBuilder();
|
||||
InactiveSearch.and("id", InactiveSearch.entity().getId(), SearchCriteria.Op.EQ);
|
||||
InactiveSearch.and("accountId", InactiveSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
|
||||
InactiveSearch.and("accountId", InactiveSearch.entity().getForAccountId(), SearchCriteria.Op.EQ);
|
||||
InactiveSearch.and("projectId", InactiveSearch.entity().getProjectId(), SearchCriteria.Op.EQ);
|
||||
InactiveSearch.and("created", InactiveSearch.entity().getCreated(), SearchCriteria.Op.LTEQ);
|
||||
InactiveSearch.and("state", InactiveSearch.entity().getState(), SearchCriteria.Op.EQ);
|
||||
|
|
|
|||
|
|
@ -339,7 +339,7 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
|
|||
|
||||
_accountMgr.checkAccess(caller, null, account);
|
||||
domainId = null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -440,7 +440,7 @@ public class ConsoleProxyServlet extends HttpServlet {
|
|||
|
||||
public boolean verifyUser(Long userId) {
|
||||
// copy from ApiServer.java, a bit ugly here
|
||||
User user = _accountMgr.getUser(userId);
|
||||
User user = _accountMgr.getUserIncludingRemoved(userId);
|
||||
Account account = null;
|
||||
if (user != null) {
|
||||
account = _accountMgr.getAccount(user.getAccountId());
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@ import com.cloud.api.commands.CancelPrimaryStorageMaintenanceCmd;
|
|||
import com.cloud.api.commands.CreateStoragePoolCmd;
|
||||
import com.cloud.api.commands.CreateVolumeCmd;
|
||||
import com.cloud.api.commands.DeletePoolCmd;
|
||||
import com.cloud.api.commands.ListVolumesCmd;
|
||||
import com.cloud.api.commands.UpdateStoragePoolCmd;
|
||||
import com.cloud.async.AsyncJobManager;
|
||||
import com.cloud.capacity.Capacity;
|
||||
|
|
@ -117,6 +118,7 @@ import com.cloud.hypervisor.HypervisorGuruManager;
|
|||
import com.cloud.network.NetworkManager;
|
||||
import com.cloud.network.router.VirtualNetworkApplianceManager;
|
||||
import com.cloud.org.Grouping;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.resource.ResourceManager;
|
||||
import com.cloud.resource.ResourceState;
|
||||
import com.cloud.server.ManagementServer;
|
||||
|
|
@ -159,6 +161,7 @@ import com.cloud.utils.component.Inject;
|
|||
import com.cloud.utils.component.Manager;
|
||||
import com.cloud.utils.concurrency.NamedThreadFactory;
|
||||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.db.Filter;
|
||||
import com.cloud.utils.db.GenericSearchBuilder;
|
||||
import com.cloud.utils.db.GlobalLock;
|
||||
import com.cloud.utils.db.JoinBuilder;
|
||||
|
|
@ -3273,4 +3276,97 @@ public class StorageManagerImpl implements StorageManager, StorageService, Manag
|
|||
_hostDao.update(secHost.getId(), secHost);
|
||||
return secHost;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<VolumeVO> searchForVolumes(ListVolumesCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
Long id = cmd.getId();
|
||||
Long vmInstanceId = cmd.getVirtualMachineId();
|
||||
String name = cmd.getVolumeName();
|
||||
String keyword = cmd.getKeyword();
|
||||
String type = cmd.getType();
|
||||
|
||||
Long zoneId = cmd.getZoneId();
|
||||
Long podId = null;
|
||||
// Object host = null; TODO
|
||||
if (_accountMgr.isAdmin(caller.getType())) {
|
||||
podId = cmd.getPodId();
|
||||
// host = cmd.getHostId(); TODO
|
||||
}
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
|
||||
Filter searchFilter = new Filter(VolumeVO.class, "created", false, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
|
||||
// hack for now, this should be done better but due to needing a join I opted to
|
||||
// do this quickly and worry about making it pretty later
|
||||
SearchBuilder<VolumeVO> sb = _volumeDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("volumeType", sb.entity().getVolumeType(), SearchCriteria.Op.LIKE);
|
||||
sb.and("instanceId", sb.entity().getInstanceId(), SearchCriteria.Op.EQ);
|
||||
sb.and("dataCenterId", sb.entity().getDataCenterId(), SearchCriteria.Op.EQ);
|
||||
sb.and("podId", sb.entity().getPodId(), SearchCriteria.Op.EQ);
|
||||
// Only return volumes that are not destroyed
|
||||
sb.and("state", sb.entity().getState(), SearchCriteria.Op.NEQ);
|
||||
|
||||
SearchBuilder<DiskOfferingVO> diskOfferingSearch = _diskOfferingDao.createSearchBuilder();
|
||||
diskOfferingSearch.and("systemUse", diskOfferingSearch.entity().getSystemUse(), SearchCriteria.Op.NEQ);
|
||||
sb.join("diskOfferingSearch", diskOfferingSearch, sb.entity().getDiskOfferingId(), diskOfferingSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
|
||||
|
||||
// display UserVM volumes only
|
||||
SearchBuilder<VMInstanceVO> vmSearch = _vmInstanceDao.createSearchBuilder();
|
||||
vmSearch.and("type", vmSearch.entity().getType(), SearchCriteria.Op.NIN);
|
||||
vmSearch.or("nulltype", vmSearch.entity().getType(), SearchCriteria.Op.NULL);
|
||||
sb.join("vmSearch", vmSearch, sb.entity().getInstanceId(), vmSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
|
||||
|
||||
// now set the SC criteria...
|
||||
SearchCriteria<VolumeVO> sc = sb.create();
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (keyword != null) {
|
||||
SearchCriteria<VolumeVO> ssc = _volumeDao.createSearchCriteria();
|
||||
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
ssc.addOr("volumeType", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
|
||||
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
|
||||
}
|
||||
|
||||
if (name != null) {
|
||||
sc.setParameters("name", "%" + name + "%");
|
||||
}
|
||||
|
||||
sc.setJoinParameters("diskOfferingSearch", "systemUse", 1);
|
||||
|
||||
if (id != null) {
|
||||
sc.setParameters("id", id);
|
||||
}
|
||||
|
||||
if (type != null) {
|
||||
sc.setParameters("volumeType", "%" + type + "%");
|
||||
}
|
||||
if (vmInstanceId != null) {
|
||||
sc.setParameters("instanceId", vmInstanceId);
|
||||
}
|
||||
if (zoneId != null) {
|
||||
sc.setParameters("dataCenterId", zoneId);
|
||||
}
|
||||
if (podId != null) {
|
||||
sc.setParameters("podId", podId);
|
||||
}
|
||||
|
||||
// Don't return DomR and ConsoleProxy volumes
|
||||
sc.setJoinParameters("vmSearch", "type", VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm, VirtualMachine.Type.DomainRouter);
|
||||
|
||||
// Only return volumes that are not destroyed
|
||||
sc.setParameters("state", Volume.State.Destroy);
|
||||
|
||||
return _volumeDao.search(sc, searchFilter);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,9 +21,8 @@ package com.cloud.storage.dao;
|
|||
import java.util.List;
|
||||
|
||||
import com.cloud.storage.Snapshot;
|
||||
import com.cloud.storage.Snapshot.Status;
|
||||
import com.cloud.storage.SnapshotVO;
|
||||
import com.cloud.storage.Snapshot.Type;
|
||||
import com.cloud.storage.SnapshotVO;
|
||||
import com.cloud.utils.db.Filter;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ import java.util.Set;
|
|||
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.storage.VMTemplateVO;
|
||||
import com.cloud.template.VirtualMachineTemplate.TemplateFilter;
|
||||
import com.cloud.user.Account;
|
||||
|
|
@ -51,7 +52,7 @@ public interface VMTemplateDao extends GenericDao<VMTemplateVO, Long> {
|
|||
public List<VMTemplateVO> listReadyTemplates();
|
||||
public List<VMTemplateVO> listByAccountId(long accountId);
|
||||
public Set<Pair<Long, Long>> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List<HypervisorType> hypers, Boolean bootable,
|
||||
DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List<Account> permittedAccounts, Account caller, boolean skipProjectTemplates);
|
||||
DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List<Account> permittedAccounts, Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria);
|
||||
|
||||
public Set<Pair<Long, Long>> searchSwiftTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List<HypervisorType> hypers, Boolean bootable, DomainVO domain,
|
||||
Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List<Account> permittedAccounts, Account caller);
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ import com.cloud.host.Host;
|
|||
import com.cloud.host.HostVO;
|
||||
import com.cloud.host.dao.HostDao;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.storage.Storage;
|
||||
import com.cloud.storage.Storage.TemplateType;
|
||||
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
|
||||
|
|
@ -429,8 +430,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
|||
}
|
||||
|
||||
@Override
|
||||
public Set<Pair<Long, Long>> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List<HypervisorType> hypers, Boolean bootable, DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr,List<Account> permittedAccounts, Account caller, boolean skipProjectTemplates) {
|
||||
|
||||
public Set<Pair<Long, Long>> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List<HypervisorType> hypers, Boolean bootable, DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr,List<Account> permittedAccounts, Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
for (Account permittedAccount : permittedAccounts) {
|
||||
|
|
@ -478,35 +478,20 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
|||
String whereClause = "";
|
||||
|
||||
//All joins have to be made before we start setting the condition settings
|
||||
boolean joinedWithAccounts = false;
|
||||
if (skipProjectTemplates || (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.featured))) {
|
||||
if ((listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources
|
||||
|| (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.featured))) &&
|
||||
!(caller.getType() != Account.ACCOUNT_TYPE_NORMAL && templateFilter == TemplateFilter.all)) {
|
||||
whereClause += " INNER JOIN account a on (t.account_id = a.id)";
|
||||
joinedWithAccounts = true;
|
||||
if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) && (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
|
||||
whereClause += " INNER JOIN domain d on (a.domain_id = d.id) WHERE d.path LIKE '" + domain.getPath() + "%'";
|
||||
if (skipProjectTemplates) {
|
||||
if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
|
||||
whereClause += " AND a.type != " + Account.ACCOUNT_TYPE_PROJECT;
|
||||
}
|
||||
}else if (skipProjectTemplates) {
|
||||
whereClause += " WHERE a.type != " + Account.ACCOUNT_TYPE_PROJECT;
|
||||
}else
|
||||
if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
|
||||
whereClause += " WHERE a.type != " + Account.ACCOUNT_TYPE_PROJECT;
|
||||
}
|
||||
}
|
||||
|
||||
if (!isIso) {
|
||||
if ( hypers.isEmpty() ) {
|
||||
return templateZonePairList;
|
||||
} else {
|
||||
StringBuilder relatedHypers = new StringBuilder();
|
||||
for (HypervisorType hyper : hypers ) {
|
||||
relatedHypers.append("'");
|
||||
relatedHypers.append(hyper.toString());
|
||||
relatedHypers.append("'");
|
||||
relatedHypers.append(",");
|
||||
}
|
||||
relatedHypers.setLength(relatedHypers.length()-1);
|
||||
whereClause += " AND t.hypervisor_type IN (" + relatedHypers + ")";
|
||||
}
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
for (Account account : permittedAccounts) {
|
||||
|
|
@ -543,6 +528,22 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
|||
attr += " WHERE ";
|
||||
}
|
||||
|
||||
if (!isIso) {
|
||||
if ( hypers.isEmpty() ) {
|
||||
return templateZonePairList;
|
||||
} else {
|
||||
StringBuilder relatedHypers = new StringBuilder();
|
||||
for (HypervisorType hyper : hypers ) {
|
||||
relatedHypers.append("'");
|
||||
relatedHypers.append(hyper.toString());
|
||||
relatedHypers.append("'");
|
||||
relatedHypers.append(",");
|
||||
}
|
||||
relatedHypers.setLength(relatedHypers.length()-1);
|
||||
whereClause += attr + " t.hypervisor_type IN (" + relatedHypers + ")";
|
||||
}
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.featured || templateFilter == TemplateFilter.community) && !isAdmin(caller.getType()) ) {
|
||||
whereClause += attr + "t.account_id IN (" + permittedAccountsStr + ")";
|
||||
}
|
||||
|
|
@ -552,29 +553,19 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
|||
if (!permittedAccounts.isEmpty()) {
|
||||
whereClause += attr + "(dc.domain_id IN (" + relatedDomainIds + ") OR dc.domain_id is NULL)";
|
||||
}
|
||||
} else if (templateFilter == TemplateFilter.sharedexecutable && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
} else if (templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) {
|
||||
whereClause += " AND t.account_id IN (" + permittedAccountsStr + ")";
|
||||
} else if (templateFilter == TemplateFilter.sharedexecutable) {
|
||||
whereClause += " LEFT JOIN launch_permission lp ON t.id = lp.template_id WHERE" +
|
||||
" (t.account_id IN (" + permittedAccountsStr + ") OR" +
|
||||
" lp.account_id IN (" + permittedAccountsStr + "))";
|
||||
} else {
|
||||
if (!joinedWithAccounts) {
|
||||
whereClause += " INNER JOIN account a on (t.account_id = a.id)";
|
||||
}
|
||||
whereClause += " INNER JOIN domain d on (a.domain_id = d.id) WHERE d.path LIKE '" + domain.getPath() + "%'";
|
||||
}
|
||||
}else if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
// This has been moved up since it involved Joins
|
||||
}
|
||||
else if (templateFilter == TemplateFilter.executable && !permittedAccounts.isEmpty()) {
|
||||
" lp.account_id IN (" + permittedAccountsStr + "))";
|
||||
} else if (templateFilter == TemplateFilter.executable && !permittedAccounts.isEmpty()) {
|
||||
whereClause += attr + "(t.public = 1 OR t.account_id IN (" + permittedAccountsStr + "))";
|
||||
} else if (templateFilter == TemplateFilter.community) {
|
||||
whereClause += attr + "t.public = 1 AND t.featured = 0";
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
whereClause += attr + "(dc.domain_id IN (" + relatedDomainIds + ") OR dc.domain_id is NULL)";
|
||||
}
|
||||
} else if (templateFilter == TemplateFilter.all && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
|
||||
whereClause += attr;
|
||||
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && !isIso) {
|
||||
return templateZonePairList;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,7 +53,6 @@ import com.cloud.configuration.dao.ConfigurationDao;
|
|||
import com.cloud.dc.ClusterVO;
|
||||
import com.cloud.dc.dao.ClusterDao;
|
||||
import com.cloud.dc.dao.DataCenterDao;
|
||||
import com.cloud.domain.DomainVO;
|
||||
import com.cloud.domain.dao.DomainDao;
|
||||
import com.cloud.event.ActionEvent;
|
||||
import com.cloud.event.EventTypes;
|
||||
|
|
@ -66,9 +65,8 @@ import com.cloud.exception.ResourceAllocationException;
|
|||
import com.cloud.exception.StorageUnavailableException;
|
||||
import com.cloud.host.HostVO;
|
||||
import com.cloud.host.dao.HostDao;
|
||||
import com.cloud.host.dao.HostDetailsDao;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.resource.ResourceManager;
|
||||
import com.cloud.storage.Snapshot;
|
||||
|
|
@ -111,8 +109,6 @@ import com.cloud.utils.component.Inject;
|
|||
import com.cloud.utils.component.Manager;
|
||||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.db.Filter;
|
||||
import com.cloud.utils.db.JoinBuilder;
|
||||
import com.cloud.utils.db.JoinBuilder.JoinType;
|
||||
import com.cloud.utils.db.SearchBuilder;
|
||||
import com.cloud.utils.db.SearchCriteria;
|
||||
import com.cloud.utils.db.Transaction;
|
||||
|
|
@ -886,8 +882,16 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
|
|||
@Override
|
||||
public List<SnapshotVO> listSnapshots(ListSnapshotsCmd cmd) {
|
||||
Long volumeId = cmd.getVolumeId();
|
||||
Boolean isRecursive = cmd.isRecursive();
|
||||
Long projectId = cmd.getProjectId();
|
||||
String name = cmd.getSnapshotName();
|
||||
Long id = cmd.getId();
|
||||
String keyword = cmd.getKeyword();
|
||||
String snapshotTypeStr = cmd.getSnapshotType();
|
||||
String intervalTypeStr = cmd.getIntervalType();
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
|
||||
// Verify parameters
|
||||
if (volumeId != null) {
|
||||
|
|
@ -897,98 +901,20 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
|
|||
}
|
||||
}
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
String accountName = cmd.getAccountName();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
if ((caller == null) || _accountMgr.isAdmin(caller.getType())) {
|
||||
if (domainId != null) {
|
||||
if ((caller != null) && !_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
|
||||
throw new PermissionDeniedException("Unable to list templates for domain " + domainId + ", permission denied.");
|
||||
}
|
||||
} else if ((caller != null) && ((caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || (caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN))) {
|
||||
domainId = caller.getDomainId();
|
||||
isRecursive = true;
|
||||
}
|
||||
|
||||
if (domainId != null && accountName != null) {
|
||||
Account userAccount = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (userAccount != null) {
|
||||
permittedAccounts.add(userAccount.getId());
|
||||
} else {
|
||||
throw new InvalidParameterValueException("Could not find account:" + accountName + " in domain:" + domainId);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
permittedAccounts.add(caller.getId());
|
||||
}
|
||||
|
||||
if (isRecursive == null) {
|
||||
isRecursive = false;
|
||||
}
|
||||
|
||||
//set project information
|
||||
boolean skipProjectSnapshots = true;
|
||||
if (projectId != null) {
|
||||
if (projectId == -1) {
|
||||
permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
|
||||
} else {
|
||||
permittedAccounts.clear();
|
||||
Project project = _projectMgr.getProject(projectId);
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
|
||||
}
|
||||
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
|
||||
throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
|
||||
}
|
||||
permittedAccounts.add(project.getProjectAccountId());
|
||||
}
|
||||
skipProjectSnapshots = false;
|
||||
}
|
||||
|
||||
Object name = cmd.getSnapshotName();
|
||||
Object id = cmd.getId();
|
||||
Object keyword = cmd.getKeyword();
|
||||
Object snapshotTypeStr = cmd.getSnapshotType();
|
||||
Object intervalTypeStr = cmd.getIntervalType();
|
||||
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
|
||||
Filter searchFilter = new Filter(SnapshotVO.class, "created", false, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
SearchBuilder<SnapshotVO> sb = _snapshotDao.createSearchBuilder();
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
sb.and("status", sb.entity().getStatus(), SearchCriteria.Op.EQ);
|
||||
sb.and("volumeId", sb.entity().getVolumeId(), SearchCriteria.Op.EQ);
|
||||
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("snapshotTypeEQ", sb.entity().getsnapshotType(), SearchCriteria.Op.IN);
|
||||
sb.and("snapshotTypeNEQ", sb.entity().getsnapshotType(), SearchCriteria.Op.NEQ);
|
||||
|
||||
SearchBuilder<AccountVO> accountSearch = null;
|
||||
if ((permittedAccounts.isEmpty()) && (domainId != null)) {
|
||||
// if accountId isn't specified, we can do a domain match for the admin case
|
||||
accountSearch = _accountDao.createSearchBuilder();
|
||||
sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinType.INNER);
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
if (isRecursive) {
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
} else {
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ);
|
||||
}
|
||||
accountSearch.join("domainSearch", domainSearch, accountSearch.entity().getDomainId(), domainSearch.entity().getId(), JoinType.INNER);
|
||||
}
|
||||
|
||||
if (skipProjectSnapshots) {
|
||||
if(accountSearch == null){
|
||||
accountSearch = _accountDao.createSearchBuilder();
|
||||
sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
|
||||
}
|
||||
|
||||
SearchCriteria<SnapshotVO> sc = sb.create();
|
||||
|
||||
if (skipProjectSnapshots) {
|
||||
sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
}
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (volumeId != null) {
|
||||
sc.setParameters("volumeId", volumeId);
|
||||
|
|
@ -1008,18 +934,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
|
|||
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountId", permittedAccounts.toArray());
|
||||
} else if (domainId != null) {
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
SearchCriteria<?> joinSearch = sc.getJoin("accountSearch");
|
||||
if (isRecursive) {
|
||||
joinSearch.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
|
||||
} else {
|
||||
joinSearch.setJoinParameters("domainSearch", "path", domain.getPath());
|
||||
}
|
||||
}
|
||||
|
||||
if (snapshotTypeStr != null) {
|
||||
Type snapshotType = SnapshotVO.getSnapshotType((String) snapshotTypeStr);
|
||||
if (snapshotType == null) {
|
||||
|
|
|
|||
|
|
@ -51,8 +51,14 @@ import com.cloud.api.commands.DeleteIsoCmd;
|
|||
import com.cloud.api.commands.DeleteTemplateCmd;
|
||||
import com.cloud.api.commands.ExtractIsoCmd;
|
||||
import com.cloud.api.commands.ExtractTemplateCmd;
|
||||
import com.cloud.api.commands.ListIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.ListTemplatePermissionsCmd;
|
||||
import com.cloud.api.commands.RegisterIsoCmd;
|
||||
import com.cloud.api.commands.RegisterTemplateCmd;
|
||||
import com.cloud.api.commands.UpdateIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.UpdateTemplateOrIsoPermissionsCmd;
|
||||
import com.cloud.api.commands.UpdateTemplatePermissionsCmd;
|
||||
import com.cloud.async.AsyncJobManager;
|
||||
import com.cloud.async.AsyncJobVO;
|
||||
import com.cloud.configuration.Config;
|
||||
|
|
@ -77,6 +83,9 @@ import com.cloud.host.dao.HostDao;
|
|||
import com.cloud.hypervisor.Hypervisor;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.hypervisor.HypervisorGuruManager;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.storage.LaunchPermissionVO;
|
||||
import com.cloud.storage.SnapshotVO;
|
||||
import com.cloud.storage.Storage;
|
||||
import com.cloud.storage.Storage.ImageFormat;
|
||||
|
|
@ -97,6 +106,7 @@ import com.cloud.storage.VMTemplateSwiftVO;
|
|||
import com.cloud.storage.VMTemplateVO;
|
||||
import com.cloud.storage.VMTemplateZoneVO;
|
||||
import com.cloud.storage.VolumeVO;
|
||||
import com.cloud.storage.dao.LaunchPermissionDao;
|
||||
import com.cloud.storage.dao.SnapshotDao;
|
||||
import com.cloud.storage.dao.StoragePoolDao;
|
||||
import com.cloud.storage.dao.StoragePoolHostDao;
|
||||
|
|
@ -186,6 +196,10 @@ public class TemplateManagerImpl implements TemplateManager, Manager, TemplateSe
|
|||
@Inject AccountService _accountService;
|
||||
@Inject ResourceLimitService _resourceLimitMgr;
|
||||
@Inject SecondaryStorageVmManager _ssvmMgr;
|
||||
@Inject LaunchPermissionDao _launchPermissionDao;
|
||||
@Inject ProjectManager _projectMgr;
|
||||
|
||||
|
||||
int _primaryStorageDownloadWait;
|
||||
protected SearchBuilder<VMTemplateHostVO> HostTemplateStatesSearch;
|
||||
|
||||
|
|
@ -1214,4 +1228,186 @@ public class TemplateManagerImpl implements TemplateManager, Manager, TemplateSe
|
|||
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long id = cmd.getId();
|
||||
|
||||
if (id == Long.valueOf(1)) {
|
||||
throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
|
||||
}
|
||||
|
||||
VirtualMachineTemplate template = getTemplate(id);
|
||||
if (template == null) {
|
||||
throw new InvalidParameterValueException("unable to find " + cmd.getMediaType() + " with id " + id);
|
||||
}
|
||||
|
||||
if (cmd instanceof ListTemplatePermissionsCmd) {
|
||||
if (template.getFormat().equals(ImageFormat.ISO)) {
|
||||
throw new InvalidParameterValueException("Please provide a valid template");
|
||||
}
|
||||
} else if (cmd instanceof ListIsoPermissionsCmd) {
|
||||
if (!template.getFormat().equals(ImageFormat.ISO)) {
|
||||
throw new InvalidParameterValueException("Please provide a valid iso");
|
||||
}
|
||||
}
|
||||
|
||||
if (!template.isPublicTemplate()) {
|
||||
_accountMgr.checkAccess(caller, null, template);
|
||||
}
|
||||
|
||||
List<String> accountNames = new ArrayList<String>();
|
||||
List<LaunchPermissionVO> permissions = _launchPermissionDao.findByTemplate(id);
|
||||
if ((permissions != null) && !permissions.isEmpty()) {
|
||||
for (LaunchPermissionVO permission : permissions) {
|
||||
Account acct = _accountDao.findById(permission.getAccountId());
|
||||
accountNames.add(acct.getAccountName());
|
||||
}
|
||||
}
|
||||
return accountNames;
|
||||
}
|
||||
|
||||
@DB
|
||||
@Override
|
||||
public boolean updateTemplateOrIsoPermissions(UpdateTemplateOrIsoPermissionsCmd cmd) {
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
|
||||
// Input validation
|
||||
Long id = cmd.getId();
|
||||
Account caller = UserContext.current().getCaller();
|
||||
List<String> accountNames = cmd.getAccountNames();
|
||||
List<Long> projectIds = cmd.getProjectIds();
|
||||
Boolean isFeatured = cmd.isFeatured();
|
||||
Boolean isPublic = cmd.isPublic();
|
||||
Boolean isExtractable = cmd.isExtractable();
|
||||
String operation = cmd.getOperation();
|
||||
String mediaType = "";
|
||||
|
||||
VMTemplateVO template = _tmpltDao.findById(id);
|
||||
|
||||
if (template == null) {
|
||||
throw new InvalidParameterValueException("unable to find " + mediaType + " with id " + id);
|
||||
}
|
||||
|
||||
if (cmd instanceof UpdateTemplatePermissionsCmd) {
|
||||
mediaType = "template";
|
||||
if (template.getFormat().equals(ImageFormat.ISO)) {
|
||||
throw new InvalidParameterValueException("Please provide a valid template");
|
||||
}
|
||||
}
|
||||
if (cmd instanceof UpdateIsoPermissionsCmd) {
|
||||
mediaType = "iso";
|
||||
if (!template.getFormat().equals(ImageFormat.ISO)) {
|
||||
throw new InvalidParameterValueException("Please provide a valid iso");
|
||||
}
|
||||
}
|
||||
|
||||
//convert projectIds to accountNames
|
||||
if (projectIds != null) {
|
||||
for (Long projectId : projectIds) {
|
||||
Project project = _projectMgr.getProject(projectId);
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
|
||||
}
|
||||
|
||||
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
|
||||
throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
|
||||
}
|
||||
accountNames.add(_accountMgr.getAccount(project.getProjectAccountId()).getAccountName());
|
||||
}
|
||||
}
|
||||
|
||||
_accountMgr.checkAccess(caller, AccessType.ModifyEntry, template);
|
||||
|
||||
// If the template is removed throw an error.
|
||||
if (template.getRemoved() != null) {
|
||||
s_logger.error("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
|
||||
throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
|
||||
}
|
||||
|
||||
if (id == Long.valueOf(1)) {
|
||||
throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id);
|
||||
}
|
||||
|
||||
boolean isAdmin = _accountMgr.isAdmin(caller.getType());
|
||||
boolean allowPublicUserTemplates = Boolean.valueOf(_configDao.getValue("allow.public.user.templates"));
|
||||
if (!isAdmin && !allowPublicUserTemplates && isPublic != null && isPublic) {
|
||||
throw new InvalidParameterValueException("Only private " + mediaType + "s can be created.");
|
||||
}
|
||||
|
||||
if (accountNames != null) {
|
||||
if ((operation == null) || (!operation.equalsIgnoreCase("add") && !operation.equalsIgnoreCase("remove") && !operation.equalsIgnoreCase("reset"))) {
|
||||
throw new InvalidParameterValueException("Invalid operation on accounts, the operation must be either 'add' or 'remove' in order to modify launch permissions."
|
||||
+ " Given operation is: '" + operation + "'");
|
||||
}
|
||||
}
|
||||
|
||||
Long accountId = template.getAccountId();
|
||||
if (accountId == null) {
|
||||
// if there is no owner of the template then it's probably already a public template (or domain private template) so
|
||||
// publishing to individual users is irrelevant
|
||||
throw new InvalidParameterValueException("Update template permissions is an invalid operation on template " + template.getName());
|
||||
}
|
||||
|
||||
VMTemplateVO updatedTemplate = _tmpltDao.createForUpdate();
|
||||
|
||||
if (isPublic != null) {
|
||||
updatedTemplate.setPublicTemplate(isPublic.booleanValue());
|
||||
}
|
||||
|
||||
if (isFeatured != null) {
|
||||
updatedTemplate.setFeatured(isFeatured.booleanValue());
|
||||
}
|
||||
|
||||
if (isExtractable != null && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {//Only ROOT admins allowed to change this powerful attribute
|
||||
updatedTemplate.setExtractable(isExtractable.booleanValue());
|
||||
}else if (isExtractable != null && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
throw new InvalidParameterValueException("Only ROOT admins are allowed to modify this attribute.");
|
||||
}
|
||||
|
||||
_tmpltDao.update(template.getId(), updatedTemplate);
|
||||
|
||||
Long domainId = caller.getDomainId();
|
||||
if ("add".equalsIgnoreCase(operation)) {
|
||||
txn.start();
|
||||
for (String accountName : accountNames) {
|
||||
Account permittedAccount = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (permittedAccount != null) {
|
||||
if (permittedAccount.getId() == caller.getId()) {
|
||||
continue; // don't grant permission to the template owner, they implicitly have permission
|
||||
}
|
||||
LaunchPermissionVO existingPermission = _launchPermissionDao.findByTemplateAndAccount(id, permittedAccount.getId());
|
||||
if (existingPermission == null) {
|
||||
LaunchPermissionVO launchPermission = new LaunchPermissionVO(id, permittedAccount.getId());
|
||||
_launchPermissionDao.persist(launchPermission);
|
||||
}
|
||||
} else {
|
||||
txn.rollback();
|
||||
throw new InvalidParameterValueException("Unable to grant a launch permission to account " + accountName + ", account not found. "
|
||||
+ "No permissions updated, please verify the account names and retry.");
|
||||
}
|
||||
}
|
||||
txn.commit();
|
||||
} else if ("remove".equalsIgnoreCase(operation)) {
|
||||
List<Long> accountIds = new ArrayList<Long>();
|
||||
for (String accountName : accountNames) {
|
||||
Account permittedAccount = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (permittedAccount != null) {
|
||||
accountIds.add(permittedAccount.getId());
|
||||
}
|
||||
}
|
||||
_launchPermissionDao.removePermissions(id, accountIds);
|
||||
} else if ("reset".equalsIgnoreCase(operation)) {
|
||||
// do we care whether the owning account is an admin? if the
|
||||
// owner is an admin, will we still set public to false?
|
||||
updatedTemplate = _tmpltDao.createForUpdate();
|
||||
updatedTemplate.setPublicTemplate(false);
|
||||
updatedTemplate.setFeatured(false);
|
||||
_tmpltDao.update(template.getId(), updatedTemplate);
|
||||
_launchPermissionDao.removeAllPermissions(id);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@
|
|||
|
||||
package com.cloud.user;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import com.cloud.acl.ControlledEntity;
|
||||
|
|
@ -26,7 +27,10 @@ import com.cloud.domain.Domain;
|
|||
import com.cloud.exception.ConcurrentOperationException;
|
||||
import com.cloud.exception.PermissionDeniedException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.utils.Pair;
|
||||
import com.cloud.utils.db.SearchBuilder;
|
||||
import com.cloud.utils.db.SearchCriteria;
|
||||
|
||||
/**
|
||||
* AccountManager includes logic that deals with accounts, domains, and users.
|
||||
|
|
@ -41,10 +45,6 @@ public interface AccountManager extends AccountService {
|
|||
boolean disableAccount(long accountId) throws ConcurrentOperationException, ResourceUnavailableException;
|
||||
|
||||
boolean deleteAccount(AccountVO account, long callerUserId, Account caller);
|
||||
|
||||
void checkAccess(Account account, Domain domain) throws PermissionDeniedException;
|
||||
|
||||
void checkAccess(Account account, AccessType accessType, ControlledEntity... entities) throws PermissionDeniedException;
|
||||
|
||||
boolean cleanupAccount(AccountVO account, long callerUserId, Account caller);
|
||||
|
||||
|
|
@ -90,5 +90,16 @@ public interface AccountManager extends AccountService {
|
|||
boolean lockAccount(long accountId);
|
||||
|
||||
boolean enableAccount(long accountId);
|
||||
|
||||
void buildACLSearchBuilder(SearchBuilder<? extends ControlledEntity> sb, Long domainId,
|
||||
boolean isRecursive, List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria);
|
||||
|
||||
void buildACLSearchCriteria(SearchCriteria<? extends ControlledEntity> sc,
|
||||
Long domainId, boolean isRecursive, List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria);
|
||||
|
||||
ListProjectResourcesCriteria buildACLSearchParameters(Account caller, Long domainId,
|
||||
boolean isRecursive, String accountName, Long projectId,
|
||||
List<Long> permittedAccounts,
|
||||
boolean listAll, Long id);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,6 +71,7 @@ import com.cloud.exception.InvalidParameterValueException;
|
|||
import com.cloud.exception.OperationTimedoutException;
|
||||
import com.cloud.exception.PermissionDeniedException;
|
||||
import com.cloud.exception.ResourceUnavailableException;
|
||||
import com.cloud.network.IPAddressVO;
|
||||
import com.cloud.network.NetworkManager;
|
||||
import com.cloud.network.NetworkVO;
|
||||
import com.cloud.network.RemoteAccessVpnVO;
|
||||
|
|
@ -82,6 +83,8 @@ import com.cloud.network.security.SecurityGroupManager;
|
|||
import com.cloud.network.security.dao.SecurityGroupDao;
|
||||
import com.cloud.network.vpn.RemoteAccessVpnService;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.projects.ProjectInvitationVO;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.projects.dao.ProjectAccountDao;
|
||||
import com.cloud.projects.dao.ProjectDao;
|
||||
|
|
@ -160,7 +163,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
protected SnapshotDao _snapshotDao;
|
||||
@Inject
|
||||
protected VMTemplateDao _vmTemplateDao;
|
||||
|
||||
@Inject
|
||||
private SecurityGroupManager _networkGroupMgr;
|
||||
@Inject
|
||||
|
|
@ -1366,7 +1368,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
}
|
||||
|
||||
@Override
|
||||
public User getUser(long userId) {
|
||||
public User getUserIncludingRemoved(long userId) {
|
||||
return _userDao.findByIdIncludingRemoved(userId);
|
||||
}
|
||||
|
||||
|
|
@ -1709,7 +1711,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
public String[] createApiKeyAndSecretKey(RegisterCmd cmd) {
|
||||
Long userId = cmd.getId();
|
||||
|
||||
if (getUser(userId) == null) {
|
||||
if (getUserIncludingRemoved(userId) == null) {
|
||||
throw new InvalidParameterValueException("unable to find user for id : " + userId);
|
||||
}
|
||||
|
||||
|
|
@ -1782,21 +1784,13 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
Long domainId = cmd.getDomainId();
|
||||
Long accountId = cmd.getId();
|
||||
String accountName = cmd.getSearchName();
|
||||
Boolean isRecursive = cmd.isRecursive();
|
||||
|
||||
if (isRecursive == null) {
|
||||
isRecursive = false;
|
||||
}
|
||||
|
||||
if (accountId != null && accountId.longValue() == 1L) {
|
||||
// system account should NOT be searchable
|
||||
List<AccountVO> emptyList = new ArrayList<AccountVO>();
|
||||
return emptyList;
|
||||
}
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
boolean listAll = cmd.listAll();
|
||||
Boolean listForDomain = false;
|
||||
|
||||
if (accountId != null) {
|
||||
Account account = _accountDao.findById(accountId);
|
||||
if (account == null) {
|
||||
if (account == null || account.getId() == Account.ACCOUNT_ID_SYSTEM) {
|
||||
throw new InvalidParameterValueException("Unable to find account by id " + accountId);
|
||||
}
|
||||
|
||||
|
|
@ -1808,26 +1802,29 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
|
||||
}
|
||||
|
||||
checkAccess(caller, domain);
|
||||
|
||||
if (accountName != null) {
|
||||
Account account = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (account == null) {
|
||||
if (account == null || account.getId() == Account.ACCOUNT_ID_SYSTEM) {
|
||||
throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
|
||||
}
|
||||
|
||||
checkAccess(caller, null, account);
|
||||
}
|
||||
}
|
||||
|
||||
if (isAdmin(caller.getType())) {
|
||||
if (domainId == null) {
|
||||
domainId = caller.getDomainId();
|
||||
isRecursive = true;
|
||||
|
||||
if (accountId == null) {
|
||||
if (isAdmin(caller.getType()) && listAll && domainId == null) {
|
||||
listForDomain = true;
|
||||
if (domainId == null) {
|
||||
domainId = caller.getDomainId();
|
||||
}
|
||||
} else if (domainId != null) {
|
||||
listForDomain = true;
|
||||
} else {
|
||||
accountId = caller.getAccountId();
|
||||
}
|
||||
} else {
|
||||
// regular user is constraint to only his account
|
||||
accountId = caller.getId();
|
||||
}
|
||||
|
||||
Filter searchFilter = new Filter(AccountVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
|
|
@ -1839,26 +1836,24 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
|
||||
SearchBuilder<AccountVO> sb = _accountDao.createSearchBuilder();
|
||||
sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("nid", sb.entity().getId(), SearchCriteria.Op.NEQ);
|
||||
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
|
||||
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
|
||||
sb.and("needsCleanup", sb.entity().getNeedsCleanup(), SearchCriteria.Op.EQ);
|
||||
sb.and("typeNEQ", sb.entity().getType(), SearchCriteria.Op.NEQ);
|
||||
|
||||
if ((domainId != null) && isRecursive) {
|
||||
// do a domain LIKE match for the admin case if isRecursive is true
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
} else if ((domainId != null) && !isRecursive) {
|
||||
// do a domain EXACT match for the admin case if isRecursive is true
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
sb.and("idNEQ", sb.entity().getId(), SearchCriteria.Op.NEQ);
|
||||
|
||||
if (listForDomain && isRecursive) {
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
SearchCriteria<AccountVO> sc = sb.create();
|
||||
|
||||
sc.setParameters("idNEQ", Account.ACCOUNT_ID_SYSTEM);
|
||||
|
||||
if (keyword != null) {
|
||||
SearchCriteria<AccountVO> ssc = _accountDao.createSearchCriteria();
|
||||
ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
|
||||
|
|
@ -1866,29 +1861,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
sc.addAnd("accountName", SearchCriteria.Op.SC, ssc);
|
||||
}
|
||||
|
||||
if (accountName != null) {
|
||||
sc.setParameters("accountName", accountName);
|
||||
}
|
||||
|
||||
if (accountId != null) {
|
||||
sc.setParameters("id", accountId);
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
|
||||
// I want to join on user_vm.domain_id = domain.id where domain.path like 'foo%'
|
||||
if (isRecursive) {
|
||||
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
|
||||
} else {
|
||||
sc.setJoinParameters("domainSearch", "path", domain.getPath());
|
||||
}
|
||||
|
||||
sc.setParameters("nid", 1L);
|
||||
} else {
|
||||
sc.setParameters("nid", 1L);
|
||||
}
|
||||
|
||||
if (type != null) {
|
||||
sc.setParameters("type", type);
|
||||
}
|
||||
|
|
@ -1901,8 +1873,25 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
sc.setParameters("needsCleanup", isCleanupRequired);
|
||||
}
|
||||
|
||||
if (accountName != null) {
|
||||
sc.setParameters("accountName", accountName);
|
||||
}
|
||||
|
||||
//don't return account of type project to the end user
|
||||
sc.setParameters("typeNEQ", 5);
|
||||
|
||||
if (accountId != null) {
|
||||
sc.setParameters("id", accountId);
|
||||
}
|
||||
|
||||
if (listForDomain) {
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
if (isRecursive) {
|
||||
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
|
||||
} else {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
}
|
||||
|
||||
return _accountDao.search(sc, searchFilter);
|
||||
}
|
||||
|
|
@ -1910,6 +1899,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
@Override
|
||||
public List<UserAccountVO> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
|
||||
|
||||
Long domainId = cmd.getDomainId();
|
||||
if (domainId != null) {
|
||||
Domain domain = _domainDao.findById(domainId);
|
||||
|
|
@ -2002,5 +1993,146 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
|
|||
|
||||
return _userAccountDao.search(sc, searchFilter);
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void buildACLSearchBuilder(SearchBuilder<? extends ControlledEntity> sb,
|
||||
Long domainId, boolean isRecursive, List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
|
||||
if (sb.entity() instanceof IPAddressVO) {
|
||||
sb.and("accountIdIN", ((IPAddressVO)sb.entity()).getAllocatedToAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", ((IPAddressVO)sb.entity()).getAllocatedInDomainId(), SearchCriteria.Op.EQ);
|
||||
} else if (sb.entity() instanceof ProjectInvitationVO) {
|
||||
sb.and("accountIdIN", ((ProjectInvitationVO)sb.entity()).getForAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", ((ProjectInvitationVO)sb.entity()).getInDomainId(), SearchCriteria.Op.EQ);
|
||||
} else {
|
||||
sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
}
|
||||
|
||||
if (((permittedAccounts.isEmpty()) && (domainId != null) && isRecursive)) {
|
||||
// if accountId isn't specified, we can do a domain match for the admin case if isRecursive is true
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
|
||||
if (sb.entity() instanceof IPAddressVO) {
|
||||
sb.join("domainSearch", domainSearch, ((IPAddressVO)sb.entity()).getAllocatedInDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
} else if (sb.entity() instanceof ProjectInvitationVO) {
|
||||
sb.join("domainSearch", domainSearch, ((ProjectInvitationVO)sb.entity()).getInDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}else {
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
}
|
||||
if (listProjectResourcesCriteria != null) {
|
||||
SearchBuilder<AccountVO> accountSearch = _accountDao.createSearchBuilder();
|
||||
if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.ListProjectResourcesOnly) {
|
||||
accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.EQ);
|
||||
} else if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.SkipProjectResources) {
|
||||
accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
|
||||
}
|
||||
|
||||
if (sb.entity() instanceof IPAddressVO) {
|
||||
sb.join("accountSearch", accountSearch, ((IPAddressVO)sb.entity()).getAllocatedToAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
} else if (sb.entity() instanceof ProjectInvitationVO) {
|
||||
sb.join("accountSearch", accountSearch, ((ProjectInvitationVO)sb.entity()).getForAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
} else {
|
||||
sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void buildACLSearchCriteria(SearchCriteria<? extends ControlledEntity> sc,
|
||||
Long domainId, boolean isRecursive, List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
|
||||
if (listProjectResourcesCriteria != null) {
|
||||
sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
sc.setParameters("accountIdIN", permittedAccounts.toArray());
|
||||
} else if (domainId != null) {
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
if (isRecursive) {
|
||||
sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
|
||||
} else {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public ListProjectResourcesCriteria buildACLSearchParameters(Account caller, Long domainId, boolean isRecursive, String accountName, Long projectId, List<Long> permittedAccounts, boolean listAll, Long id) {
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = null;
|
||||
if (domainId != null) {
|
||||
Domain domain = _domainDao.findById(domainId);
|
||||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
|
||||
}
|
||||
//check permissions
|
||||
checkAccess(caller, domain);
|
||||
}
|
||||
|
||||
if (accountName != null) {
|
||||
if (projectId != null) {
|
||||
throw new InvalidParameterValueException("Account and projectId can't be specified together");
|
||||
}
|
||||
|
||||
Account userAccount = null;
|
||||
if (domainId != null) {
|
||||
userAccount = _accountDao.findActiveAccount(accountName, domainId);
|
||||
} else {
|
||||
userAccount = _accountDao.findActiveAccount(accountName, caller.getDomainId());
|
||||
}
|
||||
|
||||
if (userAccount != null) {
|
||||
permittedAccounts.add(userAccount.getId());
|
||||
} else {
|
||||
throw new InvalidParameterValueException("could not find account " + accountName + " in domain " + domainId);
|
||||
}
|
||||
}
|
||||
|
||||
//set project information
|
||||
if (projectId != null) {
|
||||
if (projectId == -1) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
|
||||
} else {
|
||||
listProjectResourcesCriteria = Project.ListProjectResourcesCriteria.ListProjectResourcesOnly;
|
||||
}
|
||||
} else {
|
||||
Project project = _projectMgr.getProject(projectId);
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
|
||||
}
|
||||
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
|
||||
throw new PermissionDeniedException("Account " + caller + " can't access project id=" + projectId);
|
||||
}
|
||||
permittedAccounts.add(project.getProjectAccountId());
|
||||
}
|
||||
} else {
|
||||
if (id == null) {
|
||||
listProjectResourcesCriteria = Project.ListProjectResourcesCriteria.SkipProjectResources;
|
||||
}
|
||||
if (permittedAccounts.isEmpty() && domainId == null) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
permittedAccounts.add(caller.getId());
|
||||
} else if (!listAll) {
|
||||
if (id == null) {
|
||||
permittedAccounts.add(caller.getId());
|
||||
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
domainId = caller.getDomainId();
|
||||
isRecursive = true;
|
||||
}
|
||||
} else if (domainId == null){
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN){
|
||||
domainId = caller.getDomainId();
|
||||
isRecursive = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return listProjectResourcesCriteria;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -320,16 +320,23 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager{
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<DomainVO> searchForDomains(ListDomainsCmd cmd) throws PermissionDeniedException {
|
||||
Long domainId = cmd.getId();
|
||||
public List<DomainVO> searchForDomains(ListDomainsCmd cmd){
|
||||
Account caller = UserContext.current().getCaller();
|
||||
String path = null;
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
DomainVO domain = _domainDao.findById(caller.getDomainId());
|
||||
if (domain != null) {
|
||||
path = domain.getPath();
|
||||
Long domainId = cmd.getId();
|
||||
boolean listAll = cmd.listAll();
|
||||
boolean isRecursive = false;
|
||||
|
||||
if (domainId != null) {
|
||||
Domain domain = getDomain(domainId);
|
||||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
|
||||
}
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
} else {
|
||||
domainId = caller.getDomainId();
|
||||
if (listAll) {
|
||||
isRecursive = true;
|
||||
}
|
||||
}
|
||||
|
||||
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
|
|
@ -361,11 +368,11 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager{
|
|||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("id", domainId);
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
sc.setParameters("path", "%" + path + "%");
|
||||
if (isRecursive) {
|
||||
sc.setParameters("path", getDomain(domainId).getPath() + "%");
|
||||
} else {
|
||||
sc.setParameters("id", domainId);
|
||||
}
|
||||
}
|
||||
|
||||
//return only Active domains to the API
|
||||
|
|
@ -375,33 +382,28 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager{
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<DomainVO> searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException {
|
||||
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
public List<DomainVO> searchForDomainChildren(ListDomainChildrenCmd cmd) throws PermissionDeniedException {
|
||||
Long domainId = cmd.getId();
|
||||
String domainName = cmd.getDomainName();
|
||||
Boolean isRecursive = cmd.isRecursive();
|
||||
Object keyword = cmd.getKeyword();
|
||||
boolean listAll = cmd.listAll();
|
||||
String path = null;
|
||||
|
||||
if (isRecursive == null) {
|
||||
isRecursive = false;
|
||||
}
|
||||
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
if (domainId != null) {
|
||||
if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
|
||||
throw new PermissionDeniedException("Unable to list domains children for domain id " + domainId + ", permission denied.");
|
||||
}
|
||||
_accountMgr.checkAccess(caller, getDomain(domainId));
|
||||
} else {
|
||||
domainId = caller.getDomainId();
|
||||
}
|
||||
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
if (domain != null && isRecursive) {
|
||||
if (domain != null && isRecursive && !listAll) {
|
||||
path = domain.getPath();
|
||||
domainId = null;
|
||||
}
|
||||
|
||||
Filter searchFilter = new Filter(DomainVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
List<DomainVO> domainList = searchForDomainChildren(searchFilter, domainId, domainName, keyword, path, true);
|
||||
|
||||
return domainList;
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
|
||||
import com.cloud.agent.api.VmStatsEntry;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.server.Criteria;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.uservm.UserVm;
|
||||
|
|
@ -84,10 +85,15 @@ public interface UserVmManager extends VirtualMachineGuru<UserVmVO>, UserVmServi
|
|||
* Obtains a list of virtual machines by the specified search criteria.
|
||||
* Can search by: "userId", "name", "state", "dataCenterId", "podId", "hostId"
|
||||
* @param c
|
||||
* @param skipProjectVms TODO
|
||||
* @param caller TODO
|
||||
* @param domainId TODO
|
||||
* @param isRecursive TODO
|
||||
* @param permittedAccounts TODO
|
||||
* @param listAll TODO
|
||||
* @param listProjectResourcesCriteria TODO
|
||||
* @return List of UserVMs.
|
||||
*/
|
||||
List<UserVmVO> searchForUserVMs(Criteria c, boolean skipProjectVms);
|
||||
List<UserVmVO> searchForUserVMs(Criteria c, Account caller, Long domainId, boolean isRecursive, List<Long> permittedAccounts, boolean listAll, ListProjectResourcesCriteria listProjectResourcesCriteria);
|
||||
|
||||
String getChecksum(Long hostId, String templatePath);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,9 +18,6 @@
|
|||
package com.cloud.vm;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import com.cloud.network.rules.FirewallRule;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
|
|
@ -119,7 +116,6 @@ import com.cloud.ha.HighAvailabilityManager;
|
|||
import com.cloud.host.Host;
|
||||
import com.cloud.host.HostVO;
|
||||
import com.cloud.host.dao.HostDao;
|
||||
import com.cloud.host.dao.HostDetailsDao;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.hypervisor.dao.HypervisorCapabilitiesDao;
|
||||
import com.cloud.network.IPAddressVO;
|
||||
|
|
@ -140,6 +136,7 @@ import com.cloud.network.element.UserDataServiceProvider;
|
|||
import com.cloud.network.lb.LoadBalancingRulesManager;
|
||||
import com.cloud.network.router.VirtualNetworkApplianceManager;
|
||||
import com.cloud.network.rules.FirewallManager;
|
||||
import com.cloud.network.rules.FirewallRule;
|
||||
import com.cloud.network.rules.FirewallRuleVO;
|
||||
import com.cloud.network.rules.RulesManager;
|
||||
import com.cloud.network.security.SecurityGroup;
|
||||
|
|
@ -154,7 +151,7 @@ import com.cloud.offerings.NetworkOfferingVO;
|
|||
import com.cloud.offerings.dao.NetworkOfferingDao;
|
||||
import com.cloud.org.Cluster;
|
||||
import com.cloud.org.Grouping;
|
||||
import com.cloud.projects.Project;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.resource.ResourceManager;
|
||||
import com.cloud.resource.ResourceState;
|
||||
|
|
@ -2893,80 +2890,17 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
|
||||
@Override
|
||||
public List<UserVmVO> searchForUserVMs(ListVMsCmd cmd) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
String accountName = cmd.getAccountName();
|
||||
Boolean isRecursive = cmd.isRecursive();
|
||||
String hypervisor = cmd.getHypervisor();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
String path = null;
|
||||
Long projectId = cmd.getProjectId();
|
||||
Account caller = UserContext.current().getCaller();
|
||||
Long domainId = cmd.getDomainId();
|
||||
boolean isRecursive = cmd.isRecursive();
|
||||
List<Long> permittedAccounts = new ArrayList<Long>();
|
||||
String hypervisor = cmd.getHypervisor();
|
||||
String accountName = cmd.getAccountName();
|
||||
Long projectId = cmd.getProjectId();
|
||||
boolean listAll = cmd.listAll();
|
||||
Long id = cmd.getId();
|
||||
|
||||
if (isRecursive != null && isRecursive && domainId == null) {
|
||||
throw new InvalidParameterValueException("Please enter a parent domain id for listing vms recursively");
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
// Verify if user is authorized to see instances belonging to the domain
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
if (domain == null) {
|
||||
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
|
||||
}
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
}
|
||||
|
||||
boolean isAdmin = false;
|
||||
|
||||
if (_accountMgr.isAdmin(caller.getType())) {
|
||||
isAdmin = true;
|
||||
if (accountName != null && domainId != null) {
|
||||
Account account = _accountDao.findActiveAccount(accountName, domainId);
|
||||
if (account == null) {
|
||||
throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
|
||||
}
|
||||
permittedAccounts.add(account.getId());
|
||||
}
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
if (isRecursive == null) {
|
||||
DomainVO domain = _domainDao.findById(caller.getDomainId());
|
||||
path = domain.getPath();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
//regular user can't specify any other domain rather than his own
|
||||
if (domainId != null && domainId.longValue() != caller.getDomainId()) {
|
||||
throw new PermissionDeniedException("Caller is not authorised to see domain id=" + domainId + " entries");
|
||||
}
|
||||
permittedAccounts.add(caller.getId());
|
||||
}
|
||||
|
||||
if (isRecursive != null && isRecursive && isAdmin) {
|
||||
if (isRecursive) {
|
||||
DomainVO domain = _domainDao.findById(domainId);
|
||||
path = domain.getPath();
|
||||
domainId = null;
|
||||
}
|
||||
}
|
||||
|
||||
//set project information
|
||||
boolean skipProjectVms = true;
|
||||
if (projectId != null) {
|
||||
if (projectId == -1) {
|
||||
permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
|
||||
} else {
|
||||
permittedAccounts.clear();
|
||||
Project project = _projectMgr.getProject(projectId);
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
|
||||
}
|
||||
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
|
||||
throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
|
||||
}
|
||||
permittedAccounts.add(project.getProjectAccountId());
|
||||
}
|
||||
skipProjectVms = false;
|
||||
}
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, accountName, projectId, permittedAccounts, listAll, id);
|
||||
|
||||
Criteria c = new Criteria("id", Boolean.TRUE, cmd.getStartIndex(), cmd.getPageSizeVal());
|
||||
c.addCriteria(Criteria.KEYWORD, cmd.getKeyword());
|
||||
|
|
@ -2982,10 +2916,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
c.addCriteria(Criteria.DOMAINID, domainId);
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
c.addCriteria(Criteria.PATH, path);
|
||||
}
|
||||
|
||||
if (HypervisorType.getType(hypervisor) != HypervisorType.None) {
|
||||
c.addCriteria(Criteria.HYPERVISOR, hypervisor);
|
||||
} else if (hypervisor != null) {
|
||||
|
|
@ -2993,7 +2923,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
}
|
||||
|
||||
// ignore these search requests if it's not an admin
|
||||
if (isAdmin) {
|
||||
if (_accountMgr.isAdmin(caller.getType())) {
|
||||
c.addCriteria(Criteria.PODID, cmd.getPodId());
|
||||
c.addCriteria(Criteria.HOSTID, cmd.getHostId());
|
||||
c.addCriteria(Criteria.STORAGE_ID, cmd.getStorageId());
|
||||
|
|
@ -3002,18 +2932,18 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
if (!permittedAccounts.isEmpty()) {
|
||||
c.addCriteria(Criteria.ACCOUNTID, permittedAccounts.toArray());
|
||||
}
|
||||
c.addCriteria(Criteria.ISADMIN, isAdmin);
|
||||
c.addCriteria(Criteria.ISADMIN, _accountMgr.isAdmin(caller.getType()));
|
||||
|
||||
return searchForUserVMs(c, skipProjectVms);
|
||||
return searchForUserVMs(c, caller, domainId, isRecursive, permittedAccounts, listAll, listProjectResourcesCriteria);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<UserVmVO> searchForUserVMs(Criteria c, boolean skipProjectVms) {
|
||||
public List<UserVmVO> searchForUserVMs(Criteria c, Account caller, Long domainId, boolean isRecursive, List<Long> permittedAccounts, boolean listAll, ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
Filter searchFilter = new Filter(UserVmVO.class, c.getOrderBy(), c.getAscending(), c.getOffset(), c.getLimit());
|
||||
|
||||
SearchBuilder<UserVmVO> sb = _vmDao.createSearchBuilder();
|
||||
Object[] accountIds = (Object[]) c.getCriteria(Criteria.ACCOUNTID);
|
||||
Object domainId = c.getCriteria(Criteria.DOMAINID);
|
||||
_accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
Object id = c.getCriteria(Criteria.ID);
|
||||
Object name = c.getCriteria(Criteria.NAME);
|
||||
Object state = c.getCriteria(Criteria.STATE);
|
||||
|
|
@ -3026,15 +2956,12 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
Object isAdmin = c.getCriteria(Criteria.ISADMIN);
|
||||
assert c.getCriteria(Criteria.IPADDRESS) == null : "We don't support search by ip address on VM any more. If you see this assert, it means we have to find a different way to search by the nic table.";
|
||||
Object groupId = c.getCriteria(Criteria.GROUPID);
|
||||
Object path = c.getCriteria(Criteria.PATH);
|
||||
Object networkId = c.getCriteria(Criteria.NETWORKID);
|
||||
Object hypervisor = c.getCriteria(Criteria.HYPERVISOR);
|
||||
Object storageId = c.getCriteria(Criteria.STORAGE_ID);
|
||||
|
||||
sb.and("displayName", sb.entity().getDisplayName(), SearchCriteria.Op.LIKE);
|
||||
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountIdEQ", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
|
||||
sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
|
||||
sb.and("name", sb.entity().getHostName(), SearchCriteria.Op.LIKE);
|
||||
sb.and("stateEQ", sb.entity().getState(), SearchCriteria.Op.EQ);
|
||||
sb.and("stateNEQ", sb.entity().getState(), SearchCriteria.Op.NEQ);
|
||||
|
|
@ -3044,19 +2971,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
sb.and("hypervisorType", sb.entity().getHypervisorType(), SearchCriteria.Op.EQ);
|
||||
sb.and("hostIdEQ", sb.entity().getHostId(), SearchCriteria.Op.EQ);
|
||||
sb.and("hostIdIN", sb.entity().getHostId(), SearchCriteria.Op.IN);
|
||||
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
|
||||
|
||||
if (path != null) {
|
||||
SearchBuilder<DomainVO> domainSearch = _domainDao.createSearchBuilder();
|
||||
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
|
||||
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
if (skipProjectVms) {
|
||||
SearchBuilder<AccountVO> accountSearch = _accountDao.createSearchBuilder();
|
||||
accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
|
||||
sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
|
||||
}
|
||||
|
||||
if (groupId != null && (Long) groupId == -1) {
|
||||
SearchBuilder<InstanceGroupVMMapVO> vmSearch = _groupVMMapDao.createSearchBuilder();
|
||||
|
|
@ -3087,9 +3001,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
|
||||
// populate the search criteria with the values passed in
|
||||
SearchCriteria<UserVmVO> sc = sb.create();
|
||||
if (skipProjectVms) {
|
||||
sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
}
|
||||
_accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
|
||||
|
||||
if (groupId != null && (Long) groupId == -1) {
|
||||
sc.setJoinParameters("vmSearch", "instanceId", (Object) null);
|
||||
|
|
@ -3111,24 +3023,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
|
|||
sc.setParameters("id", id);
|
||||
}
|
||||
|
||||
if (accountIds != null) {
|
||||
if (accountIds.length == 1) {
|
||||
if (accountIds[0] != null) {
|
||||
sc.setParameters("accountIdEQ", accountIds[0]);
|
||||
}
|
||||
} else {
|
||||
sc.setParameters("accountIdIN", accountIds);
|
||||
}
|
||||
}
|
||||
|
||||
if (domainId != null) {
|
||||
sc.setParameters("domainId", domainId);
|
||||
}
|
||||
|
||||
if (path != null) {
|
||||
sc.setJoinParameters("domainSearch", "path", path + "%");
|
||||
}
|
||||
|
||||
if (networkId != null) {
|
||||
sc.setJoinParameters("nicSearch", "networkId", networkId);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ import org.junit.Before;
|
|||
|
||||
import com.cloud.upgrade.dao.VersionDaoImpl;
|
||||
import com.cloud.utils.component.ComponentLocator;
|
||||
import com.cloud.utils.db.DbTestUtils;
|
||||
|
||||
public class AdvanceZone223To224UpgradeTest extends TestCase {
|
||||
private static final Logger s_logger = Logger.getLogger(AdvanceZone217To224UpgradeTest.class);
|
||||
|
|
|
|||
|
|
@ -141,7 +141,7 @@ public class MockAccountManagerImpl implements Manager, AccountManager {
|
|||
}
|
||||
|
||||
@Override
|
||||
public User getUser(long userId) {
|
||||
public User getUserIncludingRemoved(long userId) {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ import com.cloud.exception.VirtualMachineMigrationException;
|
|||
import com.cloud.host.Host;
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.offering.ServiceOffering;
|
||||
import com.cloud.projects.Project.ListProjectResourcesCriteria;
|
||||
import com.cloud.server.Criteria;
|
||||
import com.cloud.storage.StoragePool;
|
||||
import com.cloud.storage.Volume;
|
||||
|
|
@ -171,7 +172,7 @@ public class MockUserVmManagerImpl implements UserVmManager, UserVmService, Mana
|
|||
}
|
||||
|
||||
@Override
|
||||
public List<UserVmVO> searchForUserVMs(Criteria c, boolean skipProjectVms) {
|
||||
public List<UserVmVO> searchForUserVMs(Criteria c, Account caller, Long domainId, boolean isRecursive, List<Long> permittedAccounts, boolean listAll, ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue