diff --git a/api/src/com/cloud/api/ApiConstants.java b/api/src/com/cloud/api/ApiConstants.java
index 3566b6da3c6..3647b76a159 100755
--- a/api/src/com/cloud/api/ApiConstants.java
+++ b/api/src/com/cloud/api/ApiConstants.java
@@ -321,6 +321,8 @@ public class ApiConstants {
public static final String ALLOW_USER_CREATE_PROJECTS = "allowusercreateprojects";
public static final String CONSERVE_MODE = "conservemode";
public static final String TRAFFIC_TYPE_IMPLEMENTOR = "traffictypeimplementor";
+ public static final String KEYWORD = "keyword";
+ public static final String LIST_ALL = "listall";
public enum HostDetails {
all, capacity, events, stats, min;
diff --git a/api/src/com/cloud/api/BaseListAccountResourcesCmd.java b/api/src/com/cloud/api/BaseListAccountResourcesCmd.java
new file mode 100644
index 00000000000..af119109bc2
--- /dev/null
+++ b/api/src/com/cloud/api/BaseListAccountResourcesCmd.java
@@ -0,0 +1,30 @@
+/**
+ * Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
+ *
+ * This software is licensed under the GNU General Public License v3 or later.
+ *
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+package com.cloud.api;
+
+public abstract class BaseListAccountResourcesCmd extends BaseListDomainResourcesCmd{
+
+ @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List resources by account. Must be used with the domainId parameter.")
+ private String accountName;
+
+
+ public String getAccountName() {
+ return accountName;
+ }
+}
diff --git a/api/src/com/cloud/api/BaseListCmd.java b/api/src/com/cloud/api/BaseListCmd.java
index dfd1b447956..6c4a743168f 100755
--- a/api/src/com/cloud/api/BaseListCmd.java
+++ b/api/src/com/cloud/api/BaseListCmd.java
@@ -29,7 +29,7 @@ public abstract class BaseListCmd extends BaseCmd {
// ///////// BaseList API parameters /////////////////
// ///////////////////////////////////////////////////
- @Parameter(name = "keyword", type = CommandType.STRING, description = "List by keyword")
+ @Parameter(name = ApiConstants.KEYWORD, type = CommandType.STRING, description = "List by keyword")
private String keyword;
// FIXME: Need to be able to specify next/prev/first/last, so Integer might not be right
@@ -38,6 +38,8 @@ public abstract class BaseListCmd extends BaseCmd {
@Parameter(name = ApiConstants.PAGE_SIZE, type = CommandType.INTEGER)
private Integer pageSize;
+
+
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
diff --git a/api/src/com/cloud/api/BaseListDomainResourcesCmd.java b/api/src/com/cloud/api/BaseListDomainResourcesCmd.java
new file mode 100644
index 00000000000..08cb00efadd
--- /dev/null
+++ b/api/src/com/cloud/api/BaseListDomainResourcesCmd.java
@@ -0,0 +1,44 @@
+/**
+ * Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
+ *
+ * This software is licensed under the GNU General Public License v3 or later.
+ *
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+package com.cloud.api;
+
+public abstract class BaseListDomainResourcesCmd extends BaseListCmd{
+
+ @Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
+ private Boolean listAll;
+
+ @IdentityMapper(entityTableName="domain")
+ @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list only resources belonging to the domain specified")
+ private Long domainId;
+
+ @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all resources from the parent specified by the domainId till leaves.")
+ private Boolean recursive;
+
+ public boolean listAll() {
+ return listAll == null ? false : listAll;
+ }
+
+ public boolean isRecursive() {
+ return recursive == null ? false : recursive;
+ }
+
+ public Long getDomainId() {
+ return domainId;
+ }
+}
diff --git a/api/src/com/cloud/api/BaseListProjectAndAccountResourcesCmd.java b/api/src/com/cloud/api/BaseListProjectAndAccountResourcesCmd.java
new file mode 100644
index 00000000000..7f30bfca218
--- /dev/null
+++ b/api/src/com/cloud/api/BaseListProjectAndAccountResourcesCmd.java
@@ -0,0 +1,30 @@
+/**
+ * Copyright (C) 2012 Citrix Systems, Inc. All rights reserved
+ *
+ * This software is licensed under the GNU General Public License v3 or later.
+ *
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+package com.cloud.api;
+
+public abstract class BaseListProjectAndAccountResourcesCmd extends BaseListAccountResourcesCmd{
+
+ @IdentityMapper(entityTableName="projects")
+ @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
+ private Long projectId;
+
+ public Long getProjectId() {
+ return projectId;
+ }
+}
diff --git a/api/src/com/cloud/api/commands/CreateAccountCmd.java b/api/src/com/cloud/api/commands/CreateAccountCmd.java
index 583f91e725b..aee6deb0492 100755
--- a/api/src/com/cloud/api/commands/CreateAccountCmd.java
+++ b/api/src/com/cloud/api/commands/CreateAccountCmd.java
@@ -19,7 +19,6 @@
package com.cloud.api.commands;
import java.util.Collection;
-import java.util.HashMap;
import java.util.Map;
import org.apache.log4j.Logger;
@@ -30,7 +29,6 @@ import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
-import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.AccountResponse;
import com.cloud.api.response.UserResponse;
import com.cloud.user.Account;
diff --git a/api/src/com/cloud/api/commands/ListAccountsCmd.java b/api/src/com/cloud/api/commands/ListAccountsCmd.java
index e8c31496de8..a00dc913ff2 100755
--- a/api/src/com/cloud/api/commands/ListAccountsCmd.java
+++ b/api/src/com/cloud/api/commands/ListAccountsCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListDomainResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -32,7 +32,7 @@ import com.cloud.api.response.ListResponse;
import com.cloud.user.Account;
@Implementation(description="Lists accounts and provides detailed account information for listed accounts", responseObject=AccountResponse.class)
-public class ListAccountsCmd extends BaseListCmd {
+public class ListAccountsCmd extends BaseListDomainResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListAccountsCmd.class.getName());
private static final String s_name = "listaccountsresponse";
@@ -43,10 +43,6 @@ public class ListAccountsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, description="list accounts by account type. Valid account types are 1 (admin), 2 (domain-admin), and 0 (user).")
private Long accountType;
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all accounts in specified domain. If used with the name parameter, retrieves account information for the account with specified name in specified domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="account")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list account by account ID")
private Long id;
@@ -59,9 +55,6 @@ public class ListAccountsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.STATE, type=CommandType.STRING, description="list accounts by state. Valid states are enabled, disabled, and locked.")
private String state;
-
- @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all accounts from the parent specified by the domain id till leaves.")
- private Boolean recursive;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@@ -71,10 +64,6 @@ public class ListAccountsCmd extends BaseListCmd {
return accountType;
}
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -91,9 +80,6 @@ public class ListAccountsCmd extends BaseListCmd {
return state;
}
- public Boolean isRecursive() {
- return recursive;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListAsyncJobsCmd.java b/api/src/com/cloud/api/commands/ListAsyncJobsCmd.java
index 25c7cfefa30..a43ee16f582 100644
--- a/api/src/com/cloud/api/commands/ListAsyncJobsCmd.java
+++ b/api/src/com/cloud/api/commands/ListAsyncJobsCmd.java
@@ -22,8 +22,7 @@ import java.util.Date;
import java.util.List;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
-import com.cloud.api.IdentityMapper;
+import com.cloud.api.BaseListAccountResourcesCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.AsyncJobResponse;
@@ -31,20 +30,13 @@ import com.cloud.api.response.ListResponse;
import com.cloud.async.AsyncJob;
@Implementation(description="Lists all pending asynchronous jobs for the account.", responseObject=AsyncJobResponse.class)
-public class ListAsyncJobsCmd extends BaseListCmd {
+public class ListAsyncJobsCmd extends BaseListAccountResourcesCmd {
private static final String s_name = "listasyncjobsresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the async job (this account is the job initiator). Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the async job. If used with the account parameter, returns async jobs for the account in the specified domain.")
- private Long domainId;
-
@Parameter(name=ApiConstants.START_DATE, type=CommandType.TZDATE, description="the start date of the async job")
private Date startDate;
@@ -53,14 +45,6 @@ public class ListAsyncJobsCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Date getStartDate() {
return startDate;
}
diff --git a/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java b/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java
index 6162dd0985a..35147cb1042 100644
--- a/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java
+++ b/api/src/com/cloud/api/commands/ListDomainChildrenCmd.java
@@ -45,11 +45,14 @@ public class ListDomainChildrenCmd extends BaseListCmd {
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list children domain by parent domain ID.")
private Long id;
- @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="to return the entire tree, use the value \"true\". To return the first level children, use the value \"false\".")
- private Boolean recursive;
-
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list children domains by name")
private String domainName;
+
+ @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="to return the entire tree, use the value \"true\". To return the first level children, use the value \"false\".")
+ private Boolean recursive;
+
+ @Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
+ private Boolean listAll;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@@ -59,13 +62,17 @@ public class ListDomainChildrenCmd extends BaseListCmd {
return id;
}
- public Boolean isRecursive() {
- return recursive;
- }
-
public String getDomainName() {
return domainName;
}
+
+ public boolean listAll() {
+ return listAll == null ? false : listAll;
+ }
+
+ public boolean isRecursive() {
+ return recursive == null ? false : recursive;
+ }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListDomainsCmd.java b/api/src/com/cloud/api/commands/ListDomainsCmd.java
index 5285152271a..7d07c0cfd8c 100644
--- a/api/src/com/cloud/api/commands/ListDomainsCmd.java
+++ b/api/src/com/cloud/api/commands/ListDomainsCmd.java
@@ -50,6 +50,9 @@ public class ListDomainsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="List domain by domain name.")
private String domainName;
+
+ @Parameter(name=ApiConstants.LIST_ALL, type=CommandType.BOOLEAN, description="If set to false, list only resources belonging to the command's caller; if set to true - list resources that the caller is authorized to see. Default value is false")
+ private Boolean listAll;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@@ -66,6 +69,10 @@ public class ListDomainsCmd extends BaseListCmd {
public String getDomainName() {
return domainName;
}
+
+ public boolean listAll() {
+ return listAll == null ? false : listAll;
+ }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListEventsCmd.java b/api/src/com/cloud/api/commands/ListEventsCmd.java
index e7aa9e21a9d..97861e33a0e 100755
--- a/api/src/com/cloud/api/commands/ListEventsCmd.java
+++ b/api/src/com/cloud/api/commands/ListEventsCmd.java
@@ -24,17 +24,16 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
-import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.EventResponse;
import com.cloud.api.response.ListResponse;
import com.cloud.event.Event;
@Implementation(description="A command to list events.", responseObject=EventResponse.class)
-public class ListEventsCmd extends BaseListCmd {
+public class ListEventsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListEventsCmd.class.getName());
private static final String s_name = "listeventsresponse";
@@ -43,13 +42,6 @@ public class ListEventsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account for the event. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID for the event. If used with the account parameter, returns all events for an account in the specified domain ID.")
- private Long domainId;
-
@IdentityMapper(entityTableName="event")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the event")
private Long id;
@@ -71,23 +63,11 @@ public class ListEventsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.TYPE, type=CommandType.STRING, description="the event type (see event types)")
private String type;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list events by projectId")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -115,10 +95,6 @@ public class ListEventsCmd extends BaseListCmd {
public String getType() {
return type;
}
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListFirewallRulesCmd.java b/api/src/com/cloud/api/commands/ListFirewallRulesCmd.java
index 888e451f1a5..58c6e93fbd4 100644
--- a/api/src/com/cloud/api/commands/ListFirewallRulesCmd.java
+++ b/api/src/com/cloud/api/commands/ListFirewallRulesCmd.java
@@ -23,7 +23,8 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -32,7 +33,7 @@ import com.cloud.api.response.ListResponse;
import com.cloud.network.rules.FirewallRule;
@Implementation(description="Lists all firewall rules for an IP address.", responseObject=FirewallResponse.class)
-public class ListFirewallRulesCmd extends BaseListCmd {
+public class ListFirewallRulesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListFirewallRulesCmd.class.getName());
private static final String s_name = "listfirewallrulesresponse";
@@ -47,29 +48,10 @@ public class ListFirewallRulesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="user_ip_address")
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="the id of IP address of the firwall services")
private Long ipAddressId;
-
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists firewall rules for the specified account in this domain.")
- private Long domainId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
-
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
public Long getIpAddressId() {
return ipAddressId;
@@ -78,10 +60,6 @@ public class ListFirewallRulesCmd extends BaseListCmd {
public Long getId() {
return id;
}
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListIpForwardingRulesCmd.java b/api/src/com/cloud/api/commands/ListIpForwardingRulesCmd.java
index b05936339a0..e064c5bdec4 100644
--- a/api/src/com/cloud/api/commands/ListIpForwardingRulesCmd.java
+++ b/api/src/com/cloud/api/commands/ListIpForwardingRulesCmd.java
@@ -23,11 +23,11 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
-import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.FirewallRuleResponse;
import com.cloud.api.response.IpForwardingRuleResponse;
import com.cloud.api.response.ListResponse;
@@ -35,7 +35,7 @@ import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.StaticNatRule;
@Implementation(description="List the ip forwarding rules", responseObject=FirewallRuleResponse.class)
-public class ListIpForwardingRulesCmd extends BaseListCmd {
+public class ListIpForwardingRulesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListIpForwardingRulesCmd.class.getName());
private static final String s_name = "listipforwardingrulesresponse";
@@ -47,13 +47,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="user_ip_address")
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="list the rule belonging to this public ip address")
private Long publicIpAddressId;
-
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the ip forwarding rule. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists all rules for this id. If used with the account parameter, returns all rules for an account in the specified domain ID.")
- private Long domainId;
@IdentityMapper(entityTableName="firewall_rules")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="Lists rule with the specified ID.")
@@ -62,10 +55,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="vm_instance")
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, description="Lists all rules applied to the specified Vm.")
private Long vmId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list static nat rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@@ -84,14 +73,6 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
return publicIpAddressId;
}
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -100,13 +81,9 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
return vmId;
}
- private Long getProjectId() {
- return projectId;
- }
-
@Override
public void execute(){
- List result = _rulesService.searchStaticNatRules(publicIpAddressId, id, vmId, this.getStartIndex(), this.getPageSizeVal(), this.getAccountName(), this.getDomainId(), this.getProjectId());
+ List result = _rulesService.searchStaticNatRules(publicIpAddressId, id, vmId, this.getStartIndex(), this.getPageSizeVal(), this.getAccountName(), this.getDomainId(), this.getProjectId(), this.isRecursive(), this.listAll());
ListResponse response = new ListResponse();
List ipForwardingResponses = new ArrayList();
for (FirewallRule rule : result) {
diff --git a/api/src/com/cloud/api/commands/ListIsosCmd.java b/api/src/com/cloud/api/commands/ListIsosCmd.java
index 523592a8a44..1d29cf43b95 100755
--- a/api/src/com/cloud/api/commands/ListIsosCmd.java
+++ b/api/src/com/cloud/api/commands/ListIsosCmd.java
@@ -25,7 +25,8 @@ import java.util.Set;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -38,7 +39,7 @@ import com.cloud.user.UserContext;
import com.cloud.utils.Pair;
@Implementation(description="Lists all available ISO files.", responseObject=TemplateResponse.class)
-public class ListIsosCmd extends BaseListCmd {
+public class ListIsosCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListIsosCmd.class.getName());
private static final String s_name = "listisosresponse";
@@ -47,16 +48,9 @@ public class ListIsosCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the ISO file. Must be used with the domainId parameter.")
- private String accountName;
-
@Parameter(name=ApiConstants.BOOTABLE, type=CommandType.BOOLEAN, description="true if the ISO is bootable, false otherwise")
private Boolean bootable;
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all available ISO files by ID of a domain. If used with the account parameter, lists all available ISO files for the account in the ID of a domain.")
- private Long domainId;
-
@Parameter(name=ApiConstants.HYPERVISOR, type=CommandType.STRING, description="the hypervisor for which to restrict the search")
private String hypervisor;
@@ -84,26 +78,15 @@ public class ListIsosCmd extends BaseListCmd {
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the ID of the zone")
private Long zoneId;
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list isos by project")
- private Long projectId;
-
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
public Boolean isBootable() {
return bootable;
}
- public Long getDomainId() {
- return domainId;
- }
-
public String getHypervisor() {
return hypervisor;
}
@@ -132,10 +115,6 @@ public class ListIsosCmd extends BaseListCmd {
return zoneId;
}
- public Long getProjectId() {
- return projectId;
- }
-
public boolean listInReadyState() {
Account account = UserContext.current().getCaller();
// It is account specific if account is admin type and domainId and accountName are not null
diff --git a/api/src/com/cloud/api/commands/ListLBStickinessPoliciesCmd.java b/api/src/com/cloud/api/commands/ListLBStickinessPoliciesCmd.java
index 552b1ccb5c7..6bad7e61c91 100644
--- a/api/src/com/cloud/api/commands/ListLBStickinessPoliciesCmd.java
+++ b/api/src/com/cloud/api/commands/ListLBStickinessPoliciesCmd.java
@@ -30,9 +30,10 @@ import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.LBStickinessResponse;
import com.cloud.api.response.ListResponse;
-import com.cloud.network.rules.StickinessPolicy;
import com.cloud.network.rules.LoadBalancer;
-
+import com.cloud.network.rules.StickinessPolicy;
+import com.cloud.user.Account;
+import com.cloud.user.UserContext;
@Implementation(description = "Lists LBStickiness policies.", responseObject = LBStickinessResponse.class)
public class ListLBStickinessPoliciesCmd extends BaseListCmd {
@@ -75,8 +76,10 @@ public class ListLBStickinessPoliciesCmd extends BaseListCmd {
ListResponse response = new ListResponse();
if (lb != null) {
+ //check permissions
+ Account caller = UserContext.current().getCaller();
+ _accountService.checkAccess(caller, null, lb);
List stickinessPolicies = _lbService.searchForLBStickinessPolicies(this);
-
LBStickinessResponse spResponse = _responseGenerator.createLBStickinessPolicyResponse(stickinessPolicies, lb);
spResponses.add(spResponse);
response.setResponses(spResponses);
diff --git a/api/src/com/cloud/api/commands/ListLoadBalancerRulesCmd.java b/api/src/com/cloud/api/commands/ListLoadBalancerRulesCmd.java
index b42b39ce8f6..0003a7d9832 100644
--- a/api/src/com/cloud/api/commands/ListLoadBalancerRulesCmd.java
+++ b/api/src/com/cloud/api/commands/ListLoadBalancerRulesCmd.java
@@ -24,17 +24,17 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
-import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.ListResponse;
import com.cloud.api.response.LoadBalancerResponse;
import com.cloud.network.rules.LoadBalancer;
@Implementation(description = "Lists load balancer rules.", responseObject = LoadBalancerResponse.class)
-public class ListLoadBalancerRulesCmd extends BaseListCmd {
+public class ListLoadBalancerRulesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListLoadBalancerRulesCmd.class.getName());
private static final String s_name = "listloadbalancerrulesresponse";
@@ -43,13 +43,6 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
// ////////////// API parameters /////////////////////
// ///////////////////////////////////////////////////
- @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "the account of the load balancer rule. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.LONG, description = "the domain ID of the load balancer rule. If used with the account parameter, lists load balancer rules for the account in the specified domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="firewall_rules")
@Parameter(name = ApiConstants.ID, type = CommandType.LONG, description = "the ID of the load balancer rule")
private Long id;
@@ -68,23 +61,11 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="data_center")
@Parameter(name = ApiConstants.ZONE_ID, type = CommandType.LONG, description = "the availability zone ID")
private Long zoneId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list port forwarding rules by project")
- private Long projectId;
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -104,10 +85,6 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
public Long getZoneId() {
return zoneId;
}
-
- public Long getProjectId() {
- return projectId;
- }
// ///////////////////////////////////////////////////
// ///////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListNetworksCmd.java b/api/src/com/cloud/api/commands/ListNetworksCmd.java
index 7087495e0ae..6795b9bbbb1 100644
--- a/api/src/com/cloud/api/commands/ListNetworksCmd.java
+++ b/api/src/com/cloud/api/commands/ListNetworksCmd.java
@@ -24,7 +24,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -34,7 +34,7 @@ import com.cloud.network.Network;
@Implementation(description="Lists all available networks.", responseObject=NetworkResponse.class)
-public class ListNetworksCmd extends BaseListCmd {
+public class ListNetworksCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListNetworksCmd.class.getName());
private static final String _name = "listnetworksresponse";
@@ -45,13 +45,6 @@ public class ListNetworksCmd extends BaseListCmd {
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list networks by id")
private Long id;
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account who will own the VLAN. If VLAN is Zone wide, this parameter should be ommited")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="domain ID of the account owning a VLAN")
- private Long domainId;
-
@IdentityMapper(entityTableName="data_center")
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the Zone ID of the network")
private Long zoneId;
@@ -68,10 +61,6 @@ public class ListNetworksCmd extends BaseListCmd {
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="type of the traffic")
private String trafficType;
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list networks by project id")
- private Long projectId;
-
@IdentityMapper(entityTableName="physical_network")
@Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.LONG, description="list networks by physical network id")
private Long physicalNetworkId;
@@ -90,14 +79,6 @@ public class ListNetworksCmd extends BaseListCmd {
return id;
}
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getZoneId() {
return zoneId;
}
@@ -117,10 +98,6 @@ public class ListNetworksCmd extends BaseListCmd {
public String getTrafficType() {
return trafficType;
}
-
- public Long getProjectId() {
- return projectId;
- }
public Long getPhysicalNetworkId() {
return physicalNetworkId;
diff --git a/api/src/com/cloud/api/commands/ListPortForwardingRulesCmd.java b/api/src/com/cloud/api/commands/ListPortForwardingRulesCmd.java
index ebcdf3c58af..f73b594b79d 100644
--- a/api/src/com/cloud/api/commands/ListPortForwardingRulesCmd.java
+++ b/api/src/com/cloud/api/commands/ListPortForwardingRulesCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -32,7 +32,7 @@ import com.cloud.api.response.ListResponse;
import com.cloud.network.rules.PortForwardingRule;
@Implementation(description="Lists all port forwarding rules for an IP address.", responseObject=FirewallRuleResponse.class)
-public class ListPortForwardingRulesCmd extends BaseListCmd {
+public class ListPortForwardingRulesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListPortForwardingRulesCmd.class.getName());
private static final String s_name = "listportforwardingrulesresponse";
@@ -48,29 +48,10 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="user_ip_address")
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="the id of IP address of the port forwarding services")
private Long ipAddressId;
-
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists port forwarding rules for the specified account in this domain.")
- private Long domainId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list port forwarding rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
-
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
public Long getIpAddressId() {
return ipAddressId;
@@ -79,10 +60,6 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
public Long getId() {
return id;
}
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListProjectInvitationsCmd.java b/api/src/com/cloud/api/commands/ListProjectInvitationsCmd.java
index 156e547de8f..9009c4b1f09 100644
--- a/api/src/com/cloud/api/commands/ListProjectInvitationsCmd.java
+++ b/api/src/com/cloud/api/commands/ListProjectInvitationsCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -32,7 +32,7 @@ import com.cloud.api.response.ProjectInvitationResponse;
import com.cloud.projects.ProjectInvitation;
@Implementation(description="Lists projects and provides detailed information for listed projects", responseObject=ProjectInvitationResponse.class)
-public class ListProjectInvitationsCmd extends BaseListCmd {
+public class ListProjectInvitationsCmd extends BaseListAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListProjectInvitationsCmd.class.getName());
private static final String s_name = "listprojectinvitationsresponse";
@@ -42,13 +42,6 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
@IdentityMapper(entityTableName="projects")
@Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list by project id")
private Long projectId;
-
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list invitations for specified account; this parameter has to be specified with domainId")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all invitations in specified domain")
- private Long domainId;
@Parameter(name=ApiConstants.ACTIVE_ONLY, type=CommandType.BOOLEAN, description="if true, list only active invitations - having Pending state and ones that are not timed out yet")
private boolean activeOnly;
@@ -66,14 +59,6 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
return projectId;
}
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public boolean isActiveOnly() {
return activeOnly;
}
@@ -97,7 +82,7 @@ public class ListProjectInvitationsCmd extends BaseListCmd {
@Override
public void execute(){
- List invites = _projectService.listProjectInvitations(id, projectId, accountName, domainId, state, activeOnly, this.getStartIndex(), this.getPageSizeVal());
+ List invites = _projectService.listProjectInvitations(id, projectId, this.getAccountName(), this.getDomainId(), state, activeOnly, this.getStartIndex(), this.getPageSizeVal(), this.isRecursive(), this.listAll());
ListResponse response = new ListResponse();
List projectInvitationResponses = new ArrayList();
for (ProjectInvitation invite : invites) {
diff --git a/api/src/com/cloud/api/commands/ListProjectsCmd.java b/api/src/com/cloud/api/commands/ListProjectsCmd.java
index fa0f83623e9..aaa883cf00d 100644
--- a/api/src/com/cloud/api/commands/ListProjectsCmd.java
+++ b/api/src/com/cloud/api/commands/ListProjectsCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -32,7 +32,7 @@ import com.cloud.api.response.ProjectResponse;
import com.cloud.projects.Project;
@Implementation(description="Lists projects and provides detailed information for listed projects", responseObject=ProjectResponse.class)
-public class ListProjectsCmd extends BaseListCmd {
+public class ListProjectsCmd extends BaseListAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListProjectsCmd.class.getName());
private static final String s_name = "listprojectsresponse";
@@ -44,13 +44,6 @@ public class ListProjectsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list projects by project ID")
private Long id;
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list projects availabe for specified account")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list projects for the domain specified")
- private Long domainId;
-
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list projects by name")
private String name;
@@ -68,14 +61,6 @@ public class ListProjectsCmd extends BaseListCmd {
return id;
}
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public String getName() {
return name;
}
@@ -95,7 +80,7 @@ public class ListProjectsCmd extends BaseListCmd {
@Override
public void execute(){
- List projects = _projectService.listProjects(id, name, displayText, state, accountName, domainId, this.getKeyword(), this.getStartIndex(), this.getPageSizeVal());
+ List projects = _projectService.listProjects(id, name, displayText, state, this.getAccountName(), this.getDomainId(), this.getKeyword(), this.getStartIndex(), this.getPageSizeVal(), this.listAll(), this.isRecursive());
ListResponse response = new ListResponse();
List projectResponses = new ArrayList();
for (Project project : projects) {
diff --git a/api/src/com/cloud/api/commands/ListPublicIpAddressesCmd.java b/api/src/com/cloud/api/commands/ListPublicIpAddressesCmd.java
index 6b1b834530d..0df343e0481 100644
--- a/api/src/com/cloud/api/commands/ListPublicIpAddressesCmd.java
+++ b/api/src/com/cloud/api/commands/ListPublicIpAddressesCmd.java
@@ -24,7 +24,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -34,7 +34,7 @@ import com.cloud.async.AsyncJob;
import com.cloud.network.IpAddress;
@Implementation(description="Lists all public ip addresses", responseObject=IPAddressResponse.class)
-public class ListPublicIpAddressesCmd extends BaseListCmd {
+public class ListPublicIpAddressesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListPublicIpAddressesCmd.class.getName());
private static final String s_name = "listpublicipaddressesresponse";
@@ -43,15 +43,8 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists all public IP addresses by account. Must be used with the domainId parameter.")
- private String accountName;
-
@Parameter(name=ApiConstants.ALLOCATED_ONLY, type=CommandType.BOOLEAN, description="limits search results to allocated public IP addresses")
private Boolean allocatedOnly;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all public IP addresses by domain ID. If used with the account parameter, lists all public IP addresses by account for specified domain.")
- private Long domainId;
@Parameter(name=ApiConstants.FOR_VIRTUAL_NETWORK, type=CommandType.BOOLEAN, description="the virtual network for the IP address")
private Boolean forVirtualNetwork;
@@ -74,10 +67,6 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
@Parameter(name=ApiConstants.FOR_LOAD_BALANCING, type=CommandType.BOOLEAN, description="list only ips used for load balancing")
private Boolean forLoadBalancing;
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list ips by project")
- private Long projectId;
-
@IdentityMapper(entityTableName="physical_network")
@Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.LONG, description="lists all public IP addresses by physical network id")
private Long physicalNetworkId;
@@ -93,18 +82,10 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
return id;
}
- public String getAccountName() {
- return accountName;
- }
-
public Boolean isAllocatedOnly() {
return allocatedOnly;
}
- public Long getDomainId() {
- return domainId;
- }
-
public Boolean isForVirtualNetwork() {
return forVirtualNetwork;
}
@@ -121,10 +102,6 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
return zoneId;
}
- public Long getProjectId() {
- return projectId;
- }
-
public Long getPhysicalNetworkId() {
return physicalNetworkId;
}
diff --git a/api/src/com/cloud/api/commands/ListRemoteAccessVpnsCmd.java b/api/src/com/cloud/api/commands/ListRemoteAccessVpnsCmd.java
index ab83663e0fb..d75f12ffab1 100644
--- a/api/src/com/cloud/api/commands/ListRemoteAccessVpnsCmd.java
+++ b/api/src/com/cloud/api/commands/ListRemoteAccessVpnsCmd.java
@@ -24,7 +24,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -33,7 +33,7 @@ import com.cloud.api.response.RemoteAccessVpnResponse;
import com.cloud.network.RemoteAccessVpn;
@Implementation(description="Lists remote access vpns", responseObject=RemoteAccessVpnResponse.class)
-public class ListRemoteAccessVpnsCmd extends BaseListCmd {
+public class ListRemoteAccessVpnsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger (ListRemoteAccessVpnsCmd.class.getName());
private static final String s_name = "listremoteaccessvpnsresponse";
@@ -42,40 +42,18 @@ public class ListRemoteAccessVpnsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the remote access vpn. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of the remote access vpn rule. If used with the account parameter, lists remote access vpns for the account in the specified domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="user_ip_address")
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn server")
private Long publicIpId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list remote access vpn by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
public Long getPublicIpId() {
return publicIpId;
}
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListResourceLimitsCmd.java b/api/src/com/cloud/api/commands/ListResourceLimitsCmd.java
index 45e6d11dfdb..6870a6498fb 100644
--- a/api/src/com/cloud/api/commands/ListResourceLimitsCmd.java
+++ b/api/src/com/cloud/api/commands/ListResourceLimitsCmd.java
@@ -24,8 +24,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
-import com.cloud.api.IdentityMapper;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
@@ -33,7 +32,7 @@ import com.cloud.api.response.ResourceLimitResponse;
import com.cloud.configuration.ResourceLimit;
@Implementation(description="Lists resource limits.", responseObject=ResourceLimitResponse.class)
-public class ListResourceLimitsCmd extends BaseListCmd {
+public class ListResourceLimitsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListResourceLimitsCmd.class.getName());
private static final String s_name = "listresourcelimitsresponse";
@@ -42,17 +41,6 @@ public class ListResourceLimitsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="Lists resource limits by account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="Lists resource limits by project")
- private Long projectId;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists resource limits by domain ID. If used with the account parameter, lists resource limits for a specified account in a specified domain.")
- private Long domainId;
-
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="Lists resource limits by ID.")
private Long id;
@@ -67,14 +55,6 @@ public class ListResourceLimitsCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -94,7 +74,7 @@ public class ListResourceLimitsCmd extends BaseListCmd {
@Override
public void execute(){
- List result = _resourceLimitService.searchForLimits(id, finalyzeAccountId(accountName, domainId, projectId, false), domainId, resourceType, this.getStartIndex(), this.getPageSizeVal());
+ List result = _resourceLimitService.searchForLimits(id, finalyzeAccountId(this.getAccountName(), this.getDomainId(), this.getProjectId(), false), this.getDomainId(), resourceType, this.getStartIndex(), this.getPageSizeVal());
ListResponse response = new ListResponse();
List limitResponses = new ArrayList();
for (ResourceLimit limit : result) {
diff --git a/api/src/com/cloud/api/commands/ListRoutersCmd.java b/api/src/com/cloud/api/commands/ListRoutersCmd.java
index e4502b64e7b..b62f1da5dcb 100644
--- a/api/src/com/cloud/api/commands/ListRoutersCmd.java
+++ b/api/src/com/cloud/api/commands/ListRoutersCmd.java
@@ -24,7 +24,8 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -34,7 +35,7 @@ import com.cloud.async.AsyncJob;
import com.cloud.network.router.VirtualRouter;
@Implementation(description="List routers.", responseObject=DomainRouterResponse.class)
-public class ListRoutersCmd extends BaseListCmd {
+public class ListRoutersCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListRoutersCmd.class.getName());
private static final String s_name = "listroutersresponse";
@@ -43,13 +44,6 @@ public class ListRoutersCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the name of the account associated with the router. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the router. If used with the account parameter, lists all routers associated with an account in the specified domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="host")
@Parameter(name=ApiConstants.HOST_ID, type=CommandType.LONG, description="the host ID of the router")
private Long hostId;
@@ -75,23 +69,11 @@ public class ListRoutersCmd extends BaseListCmd {
@IdentityMapper(entityTableName="networks")
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.LONG, description="list by network id")
private Long networkId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getHostId() {
return hostId;
}
@@ -119,10 +101,6 @@ public class ListRoutersCmd extends BaseListCmd {
public Long getNetworkId() {
return networkId;
}
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListSSHKeyPairsCmd.java b/api/src/com/cloud/api/commands/ListSSHKeyPairsCmd.java
index 0723a9e2e0e..868c4c3bd7f 100644
--- a/api/src/com/cloud/api/commands/ListSSHKeyPairsCmd.java
+++ b/api/src/com/cloud/api/commands/ListSSHKeyPairsCmd.java
@@ -24,7 +24,8 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
@@ -32,7 +33,7 @@ import com.cloud.api.response.SSHKeyPairResponse;
import com.cloud.user.SSHKeyPair;
@Implementation(description="List registered keypairs", responseObject=SSHKeyPairResponse.class)
-public class ListSSHKeyPairsCmd extends BaseListCmd {
+public class ListSSHKeyPairsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListSSHKeyPairsCmd.class.getName());
private static final String s_name = "listsshkeypairsresponse";
diff --git a/api/src/com/cloud/api/commands/ListSecurityGroupsCmd.java b/api/src/com/cloud/api/commands/ListSecurityGroupsCmd.java
index 96a5480afba..27e6936b600 100644
--- a/api/src/com/cloud/api/commands/ListSecurityGroupsCmd.java
+++ b/api/src/com/cloud/api/commands/ListSecurityGroupsCmd.java
@@ -17,23 +17,23 @@
*/
package com.cloud.api.commands;
-import java.util.List;
-
-import org.apache.log4j.Logger;
-
-import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
-import com.cloud.api.IdentityMapper;
-import com.cloud.api.Implementation;
-import com.cloud.api.Parameter;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import com.cloud.api.ApiConstants;
import com.cloud.api.BaseCmd.CommandType;
-import com.cloud.api.response.ListResponse;
-import com.cloud.api.response.SecurityGroupResponse;
-import com.cloud.async.AsyncJob;
-import com.cloud.network.security.SecurityGroupRules;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
+import com.cloud.api.IdentityMapper;
+import com.cloud.api.Implementation;
+import com.cloud.api.Parameter;
+import com.cloud.api.response.ListResponse;
+import com.cloud.api.response.SecurityGroupResponse;
+import com.cloud.async.AsyncJob;
+import com.cloud.network.security.SecurityGroupRules;
@Implementation(description="Lists security groups", responseObject=SecurityGroupResponse.class)
-public class ListSecurityGroupsCmd extends BaseListCmd {
+public class ListSecurityGroupsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListSecurityGroupsCmd.class.getName());
private static final String s_name = "listsecuritygroupsresponse";
@@ -42,13 +42,6 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists all available port security groups for the account. Must be used with domainID parameter")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all available security groups for the domain ID. If used with the account parameter, lists all available security groups for the account in the specified domain ID.")
- private Long domainId;
-
@Parameter(name=ApiConstants.SECURITY_GROUP_NAME, type=CommandType.STRING, description="lists security groups by name")
private String securityGroupName;
@@ -58,24 +51,11 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
@IdentityMapper(entityTableName="security_group")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="list the security group by the id provided")
- private Long id;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list security groups by project")
- private Long projectId;
+ private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
-
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public String getSecurityGroupName() {
return securityGroupName;
}
@@ -86,10 +66,6 @@ public class ListSecurityGroupsCmd extends BaseListCmd {
public Long getId(){
return id;
- }
-
- public Long getProjectId() {
- return projectId;
}
/////////////////////////////////////////////////////
diff --git a/api/src/com/cloud/api/commands/ListSnapshotPoliciesCmd.java b/api/src/com/cloud/api/commands/ListSnapshotPoliciesCmd.java
index 615551c3123..3ab3f4ae210 100644
--- a/api/src/com/cloud/api/commands/ListSnapshotPoliciesCmd.java
+++ b/api/src/com/cloud/api/commands/ListSnapshotPoliciesCmd.java
@@ -42,13 +42,6 @@ public class ListSnapshotPoliciesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists snapshot policies for the specified account. Must be used with domainid parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists snapshot policies for the specified account in this domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="volumes")
@Parameter(name=ApiConstants.VOLUME_ID, type=CommandType.LONG, required=true, description="the ID of the disk volume")
private Long volumeId;
@@ -57,14 +50,6 @@ public class ListSnapshotPoliciesCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getVolumeId() {
return volumeId;
}
diff --git a/api/src/com/cloud/api/commands/ListSnapshotsCmd.java b/api/src/com/cloud/api/commands/ListSnapshotsCmd.java
index e111e598f2a..61eb5ce96fd 100644
--- a/api/src/com/cloud/api/commands/ListSnapshotsCmd.java
+++ b/api/src/com/cloud/api/commands/ListSnapshotsCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -33,7 +33,7 @@ import com.cloud.async.AsyncJob;
import com.cloud.storage.Snapshot;
@Implementation(description="Lists all available snapshots for the account.", responseObject=SnapshotResponse.class)
-public class ListSnapshotsCmd extends BaseListCmd {
+public class ListSnapshotsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListSnapshotsCmd.class.getName());
private static final String s_name = "listsnapshotsresponse";
@@ -42,13 +42,6 @@ public class ListSnapshotsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists snapshot belongig to the specified account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists snapshots for the specified account in this domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="snapshots")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="lists snapshot by snapshot ID")
private Long id;
@@ -66,25 +59,10 @@ public class ListSnapshotsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.VOLUME_ID, type=CommandType.LONG, description="the ID of the disk volume")
private Long volumeId;
- @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all snapshots from the parent specified by the domain id till leaves.")
- private Boolean recursive;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list snapshots by project")
- private Long projectId;
-
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -104,14 +82,6 @@ public class ListSnapshotsCmd extends BaseListCmd {
public Long getVolumeId() {
return volumeId;
}
-
- public Boolean isRecursive() {
- return recursive;
- }
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
diff --git a/api/src/com/cloud/api/commands/ListTemplateOrIsoPermissionsCmd.java b/api/src/com/cloud/api/commands/ListTemplateOrIsoPermissionsCmd.java
index 0552dd70300..b90dafba01b 100644
--- a/api/src/com/cloud/api/commands/ListTemplateOrIsoPermissionsCmd.java
+++ b/api/src/com/cloud/api/commands/ListTemplateOrIsoPermissionsCmd.java
@@ -40,13 +40,6 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List template visibility and permissions for the specified account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="List template visibility and permissions by domain. If used with the account parameter, specifies in which domain the specified account exists.")
- private Long domainId;
-
@IdentityMapper(entityTableName="vm_template")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="the template ID")
private Long id;
@@ -55,14 +48,6 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -99,7 +84,7 @@ public class ListTemplateOrIsoPermissionsCmd extends BaseCmd {
@Override
public void execute(){
- List accountNames = _mgr.listTemplatePermissions(this);
+ List accountNames = _templateService.listTemplatePermissions(this);
Account account = UserContext.current().getCaller();
boolean isAdmin = (isAdmin(account.getType()));
diff --git a/api/src/com/cloud/api/commands/ListTemplatesCmd.java b/api/src/com/cloud/api/commands/ListTemplatesCmd.java
index ac0ff65d27c..13d8d23d1fa 100755
--- a/api/src/com/cloud/api/commands/ListTemplatesCmd.java
+++ b/api/src/com/cloud/api/commands/ListTemplatesCmd.java
@@ -25,7 +25,7 @@ import java.util.Set;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -38,7 +38,7 @@ import com.cloud.user.UserContext;
import com.cloud.utils.Pair;
@Implementation(description="List all public, private, and privileged templates.", responseObject=TemplateResponse.class)
-public class ListTemplatesCmd extends BaseListCmd {
+public class ListTemplatesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListTemplatesCmd.class.getName());
private static final String s_name = "listtemplatesresponse";
@@ -47,13 +47,6 @@ public class ListTemplatesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list template by account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="list all templates in specified domain. If used with the account parameter, lists all templates for an account in the specified domain.")
- private Long domainId;
-
@Parameter(name=ApiConstants.HYPERVISOR, type=CommandType.STRING, description="the hypervisor for which to restrict the search")
private String hypervisor;
@@ -74,23 +67,10 @@ public class ListTemplatesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="data_center")
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="list templates by zoneId")
private Long zoneId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list templates by project")
- private Long projectId;
-
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public String getHypervisor() {
return hypervisor;
}
@@ -111,10 +91,6 @@ public class ListTemplatesCmd extends BaseListCmd {
return zoneId;
}
- public Long getProjectId() {
- return projectId;
- }
-
public boolean listInReadyState() {
Account account = UserContext.current().getCaller();
diff --git a/api/src/com/cloud/api/commands/ListUsersCmd.java b/api/src/com/cloud/api/commands/ListUsersCmd.java
index 82d83878675..55f0a6c3138 100644
--- a/api/src/com/cloud/api/commands/ListUsersCmd.java
+++ b/api/src/com/cloud/api/commands/ListUsersCmd.java
@@ -24,7 +24,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -33,7 +33,7 @@ import com.cloud.api.response.UserResponse;
import com.cloud.user.UserAccount;
@Implementation(description="Lists user accounts", responseObject=UserResponse.class)
-public class ListUsersCmd extends BaseListCmd {
+public class ListUsersCmd extends BaseListAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListUsersCmd.class.getName());
private static final String s_name = "listusersresponse";
@@ -42,16 +42,9 @@ public class ListUsersCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="List user by account. Must be used with the domainId parameter.")
- private String accountName;
-
@Parameter(name=ApiConstants.ACCOUNT_TYPE, type=CommandType.LONG, description="List users by account type. Valid types include admin, domain-admin, read-only-admin, or user.")
private Long accountType;
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="List all users in a domain. If used with the account parameter, lists an account in a specific domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="user")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="List user by ID.")
private Long id;
@@ -66,18 +59,11 @@ public class ListUsersCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
public Long getAccountType() {
return accountType;
}
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -94,7 +80,7 @@ public class ListUsersCmd extends BaseListCmd {
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
- @Override
+ @Override
public String getCommandName() {
return s_name;
}
diff --git a/api/src/com/cloud/api/commands/ListVMGroupsCmd.java b/api/src/com/cloud/api/commands/ListVMGroupsCmd.java
index 909a65a8f89..77190274c90 100644
--- a/api/src/com/cloud/api/commands/ListVMGroupsCmd.java
+++ b/api/src/com/cloud/api/commands/ListVMGroupsCmd.java
@@ -23,17 +23,16 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
-import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.InstanceGroupResponse;
import com.cloud.api.response.ListResponse;
import com.cloud.vm.InstanceGroup;
@Implementation(description="Lists vm groups", responseObject=InstanceGroupResponse.class)
-public class ListVMGroupsCmd extends BaseListCmd {
+public class ListVMGroupsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListVMGroupsCmd.class.getName());
private static final String s_name = "listinstancegroupsresponse";
@@ -49,17 +48,6 @@ public class ListVMGroupsCmd extends BaseListCmd {
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list instance groups by name")
private String groupName;
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="list instance group belonging to the specified account. Must be used with domainid parameter")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists virtual machines for the specified account in this domain.")
- private Long domainId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list instance group belonging to the specified project")
- private Long projectId;
-
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@@ -72,18 +60,6 @@ public class ListVMGroupsCmd extends BaseListCmd {
return groupName;
}
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
- public Long getProjectId() {
- return projectId;
- }
-
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
diff --git a/api/src/com/cloud/api/commands/ListVMsCmd.java b/api/src/com/cloud/api/commands/ListVMsCmd.java
index d149b50964f..132953b2f5d 100755
--- a/api/src/com/cloud/api/commands/ListVMsCmd.java
+++ b/api/src/com/cloud/api/commands/ListVMsCmd.java
@@ -25,7 +25,7 @@ import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiConstants.VMDetails;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -36,7 +36,7 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.uservm.UserVm;
@Implementation(description="List the virtual machines owned by the account.", responseObject=UserVmResponse.class)
-public class ListVMsCmd extends BaseListCmd {
+public class ListVMsCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListVMsCmd.class.getName());
private static final String s_name = "listvirtualmachinesresponse";
@@ -45,16 +45,6 @@ public class ListVMsCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID. If used with the account parameter, lists virtual machines for the specified account in this domain.")
- private Long domainId;
-
- @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="Must be used with domainId parameter. Defaults to false, but if true, lists all vms from the parent specified by the domain id till leaves.")
- private Boolean recursive;
-
@IdentityMapper(entityTableName="instance_group")
@Parameter(name=ApiConstants.GROUP_ID, type=CommandType.LONG, description="the group ID")
private Long groupId;
@@ -94,10 +84,6 @@ public class ListVMsCmd extends BaseListCmd {
@IdentityMapper(entityTableName="storage_pool")
@Parameter(name=ApiConstants.STORAGE_ID, type=CommandType.LONG, description="the storage ID where vm's volumes belong to")
private Long storageId;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list vms by project")
- private Long projectId;
@Parameter(name=ApiConstants.DETAILS, type=CommandType.LIST, collectionType=CommandType.STRING, description="comma separated list of host details requested, value can be a list of [all, group, nics, stats, secgrp, tmpl, servoff, iso, volume, min]" )
private List viewDetails;
@@ -107,14 +93,6 @@ public class ListVMsCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getGroupId() {
return groupId;
}
@@ -154,10 +132,6 @@ public class ListVMsCmd extends BaseListCmd {
public Long getNetworkId() {
return networkId;
}
-
- public Boolean isRecursive() {
- return recursive;
- }
public String getHypervisor() {
return hypervisor;
@@ -166,11 +140,6 @@ public class ListVMsCmd extends BaseListCmd {
public Long getStorageId() {
return storageId;
}
-
- public Long getProjectId() {
- return projectId;
- }
-
public EnumSet getDetails() throws InvalidParameterValueException {
EnumSet dv;
diff --git a/api/src/com/cloud/api/commands/ListVolumesCmd.java b/api/src/com/cloud/api/commands/ListVolumesCmd.java
index 94e8448a5bd..89094d0533e 100755
--- a/api/src/com/cloud/api/commands/ListVolumesCmd.java
+++ b/api/src/com/cloud/api/commands/ListVolumesCmd.java
@@ -23,7 +23,7 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -33,7 +33,7 @@ import com.cloud.async.AsyncJob;
import com.cloud.storage.Volume;
@Implementation(description="Lists all volumes.", responseObject=VolumeResponse.class)
-public class ListVolumesCmd extends BaseListCmd {
+public class ListVolumesCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListVolumesCmd.class.getName());
private static final String s_name = "listvolumesresponse";
@@ -42,13 +42,6 @@ public class ListVolumesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the disk volume. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="Lists all disk volumes for the specified domain ID. If used with the account parameter, returns all disk volumes for an account in the specified domain ID.")
- private Long domainId;
-
@IdentityMapper(entityTableName="host")
@Parameter(name=ApiConstants.HOST_ID, type=CommandType.LONG, description="list volumes on specified host")
private Long hostId;
@@ -74,25 +67,11 @@ public class ListVolumesCmd extends BaseListCmd {
@IdentityMapper(entityTableName="data_center")
@Parameter(name=ApiConstants.ZONE_ID, type=CommandType.LONG, description="the ID of the availability zone")
private Long zoneId;
-
- @Parameter(name=ApiConstants.IS_RECURSIVE, type=CommandType.BOOLEAN, description="defaults to false, but if true, lists all volumes from the parent specified by the domain id till leaves.")
- private Boolean recursive;
-
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
public Long getHostId() {
return hostId;
@@ -121,14 +100,6 @@ public class ListVolumesCmd extends BaseListCmd {
public Long getZoneId() {
return zoneId;
}
-
- public Boolean isRecursive() {
- return recursive;
- }
-
- public Long getProjectId() {
- return projectId;
- }
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
@@ -146,7 +117,7 @@ public class ListVolumesCmd extends BaseListCmd {
@Override
public void execute(){
- List volumes = _mgr.searchForVolumes(this);
+ List volumes = _storageService.searchForVolumes(this);
ListResponse response = new ListResponse();
List volResponses = new ArrayList();
diff --git a/api/src/com/cloud/api/commands/ListVpnUsersCmd.java b/api/src/com/cloud/api/commands/ListVpnUsersCmd.java
index 98867db44fb..accfff6077b 100644
--- a/api/src/com/cloud/api/commands/ListVpnUsersCmd.java
+++ b/api/src/com/cloud/api/commands/ListVpnUsersCmd.java
@@ -24,7 +24,8 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
-import com.cloud.api.BaseListCmd;
+import com.cloud.api.BaseCmd.CommandType;
+import com.cloud.api.BaseListProjectAndAccountResourcesCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
@@ -33,7 +34,7 @@ import com.cloud.api.response.VpnUsersResponse;
import com.cloud.network.VpnUser;
@Implementation(description="Lists vpn users", responseObject=VpnUsersResponse.class)
-public class ListVpnUsersCmd extends BaseListCmd {
+public class ListVpnUsersCmd extends BaseListProjectAndAccountResourcesCmd {
public static final Logger s_logger = Logger.getLogger (ListVpnUsersCmd.class.getName());
private static final String s_name = "listvpnusersresponse";
@@ -41,14 +42,6 @@ public class ListVpnUsersCmd extends BaseListCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
-
- @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account of the remote access vpn. Must be used with the domainId parameter.")
- private String accountName;
-
- @IdentityMapper(entityTableName="domain")
- @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of the remote access vpn. If used with the account parameter, lists remote access vpns for the account in the specified domain.")
- private Long domainId;
-
@IdentityMapper(entityTableName="vpn_users")
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the vpn user")
private Long id;
@@ -56,21 +49,10 @@ public class ListVpnUsersCmd extends BaseListCmd {
@Parameter(name=ApiConstants.USERNAME, type=CommandType.STRING, description="the username of the vpn user.")
private String userName;
- @IdentityMapper(entityTableName="projects")
- @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.LONG, description="list firewall rules by project")
- private Long projectId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
- public String getAccountName() {
- return accountName;
- }
-
- public Long getDomainId() {
- return domainId;
- }
-
public Long getId() {
return id;
}
@@ -79,10 +61,6 @@ public class ListVpnUsersCmd extends BaseListCmd {
return userName;
}
- public Long getProjectId() {
- return projectId;
- }
-
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
diff --git a/api/src/com/cloud/api/commands/UpdateIsoPermissionsCmd.java b/api/src/com/cloud/api/commands/UpdateIsoPermissionsCmd.java
index 54d362614c6..8a7fcf52153 100644
--- a/api/src/com/cloud/api/commands/UpdateIsoPermissionsCmd.java
+++ b/api/src/com/cloud/api/commands/UpdateIsoPermissionsCmd.java
@@ -20,9 +20,7 @@ package com.cloud.api.commands;
import org.apache.log4j.Logger;
-import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
-import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.Account;
@@ -46,15 +44,4 @@ public class UpdateIsoPermissionsCmd extends UpdateTemplateOrIsoPermissionsCmd {
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
-
- @Override
- public void execute(){
- boolean result = _mgr.updateTemplatePermissions(this);
- if (result) {
- SuccessResponse response = new SuccessResponse(getCommandName());
- this.setResponseObject(response);
- } else {
- throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to update iso permissinos");
- }
- }
}
diff --git a/api/src/com/cloud/api/commands/UpdatePortForwardingRuleCmd.java b/api/src/com/cloud/api/commands/UpdatePortForwardingRuleCmd.java
index 923e790674b..7ab0a3ba27c 100644
--- a/api/src/com/cloud/api/commands/UpdatePortForwardingRuleCmd.java
+++ b/api/src/com/cloud/api/commands/UpdatePortForwardingRuleCmd.java
@@ -100,7 +100,7 @@ public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
public long getEntityOwnerId() {
IpAddress addr = _entityMgr.findById(IpAddress.class, getPublicIpId());
if (addr != null) {
- return addr.getAllocatedToAccountId();
+ return addr.getAccountId();
}
// bad address given, parent this command to SYSTEM so ERROR events are tracked
diff --git a/api/src/com/cloud/api/commands/UpdateTemplateOrIsoPermissionsCmd.java b/api/src/com/cloud/api/commands/UpdateTemplateOrIsoPermissionsCmd.java
index 27021ab9fd4..206d3ee4848 100755
--- a/api/src/com/cloud/api/commands/UpdateTemplateOrIsoPermissionsCmd.java
+++ b/api/src/com/cloud/api/commands/UpdateTemplateOrIsoPermissionsCmd.java
@@ -26,6 +26,8 @@ import com.cloud.api.ApiConstants;
import com.cloud.api.BaseCmd;
import com.cloud.api.IdentityMapper;
import com.cloud.api.Parameter;
+import com.cloud.api.ServerApiException;
+import com.cloud.api.response.SuccessResponse;
import com.cloud.exception.InvalidParameterValueException;
public abstract class UpdateTemplateOrIsoPermissionsCmd extends BaseCmd {
@@ -116,7 +118,13 @@ public abstract class UpdateTemplateOrIsoPermissionsCmd extends BaseCmd {
}
@Override
- public void execute() {
- // method is implemented in updateTemplate/updateIsoPermissions
+ public void execute(){
+ boolean result = _templateService.updateTemplateOrIsoPermissions(this);
+ if (result) {
+ SuccessResponse response = new SuccessResponse(getCommandName());
+ this.setResponseObject(response);
+ } else {
+ throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to update template/iso permissions");
+ }
}
}
diff --git a/api/src/com/cloud/api/commands/UpdateTemplatePermissionsCmd.java b/api/src/com/cloud/api/commands/UpdateTemplatePermissionsCmd.java
index 5d20da6b4b4..bcc4af50000 100644
--- a/api/src/com/cloud/api/commands/UpdateTemplatePermissionsCmd.java
+++ b/api/src/com/cloud/api/commands/UpdateTemplatePermissionsCmd.java
@@ -20,9 +20,7 @@ package com.cloud.api.commands;
import org.apache.log4j.Logger;
-import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
-import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.Account;
@@ -50,16 +48,5 @@ public class UpdateTemplatePermissionsCmd extends UpdateTemplateOrIsoPermissions
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
-
- @Override
- public void execute(){
- boolean result = _mgr.updateTemplatePermissions(this);
- if (result) {
- SuccessResponse response = new SuccessResponse(getCommandName());
- this.setResponseObject(response);
- } else {
- throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to delete template permissions");
- }
- }
}
diff --git a/api/src/com/cloud/network/IpAddress.java b/api/src/com/cloud/network/IpAddress.java
index e418da53969..9b3973de109 100644
--- a/api/src/com/cloud/network/IpAddress.java
+++ b/api/src/com/cloud/network/IpAddress.java
@@ -37,7 +37,7 @@ import com.cloud.utils.net.Ip;
* - DomainId = domain of the account owner.
* - Allocated = time it was allocated.
*/
-public interface IpAddress extends ControlledEntity {
+public interface IpAddress extends ControlledEntity{
enum State {
Allocating, // The IP Address is being propagated to other network elements and is not ready for use yet.
Allocated, // The IP address is in used.
@@ -49,10 +49,6 @@ public interface IpAddress extends ControlledEntity {
Ip getAddress();
- Long getAllocatedToAccountId();
-
- Long getAllocatedInDomainId();
-
Date getAllocatedTime();
boolean isSourceNat();
@@ -77,4 +73,8 @@ public interface IpAddress extends ControlledEntity {
long getId();
void setState(IpAddress.State state);
+
+ Long getAllocatedToAccountId();
+
+ Long getAllocatedInDomainId();
}
diff --git a/api/src/com/cloud/network/rules/RulesService.java b/api/src/com/cloud/network/rules/RulesService.java
index 2a5af3987f1..cbbd07024c2 100644
--- a/api/src/com/cloud/network/rules/RulesService.java
+++ b/api/src/com/cloud/network/rules/RulesService.java
@@ -25,7 +25,7 @@ import com.cloud.exception.ResourceUnavailableException;
import com.cloud.user.Account;
public interface RulesService {
- List searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId);
+ List searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId, boolean isRecursive, boolean listAll);
/**
* Creates a port forwarding rule between two ip addresses or between
diff --git a/api/src/com/cloud/projects/Project.java b/api/src/com/cloud/projects/Project.java
index 63f2c4ed95e..91d926e8503 100644
--- a/api/src/com/cloud/projects/Project.java
+++ b/api/src/com/cloud/projects/Project.java
@@ -24,6 +24,7 @@ import com.cloud.domain.PartOf;
public interface Project extends PartOf, Identity {
public enum State {Active, Disabled, Suspended}
+ public enum ListProjectResourcesCriteria {ListProjectResourcesOnly, SkipProjectResources}
String getDisplayText();
diff --git a/api/src/com/cloud/projects/ProjectInvitation.java b/api/src/com/cloud/projects/ProjectInvitation.java
index 608a3840559..0f6bdfa4cc1 100644
--- a/api/src/com/cloud/projects/ProjectInvitation.java
+++ b/api/src/com/cloud/projects/ProjectInvitation.java
@@ -2,14 +2,16 @@ package com.cloud.projects;
import java.util.Date;
-public interface ProjectInvitation {
+import com.cloud.acl.ControlledEntity;
+
+public interface ProjectInvitation extends ControlledEntity{
public enum State {Pending, Completed, Expired, Declined}
long getId();
long getProjectId();
- Long getAccountId();
+ Long getForAccountId();
String getToken();
@@ -19,6 +21,6 @@ public interface ProjectInvitation {
State getState();
- Long getDomainId();
+ Long getInDomainId();
}
diff --git a/api/src/com/cloud/projects/ProjectService.java b/api/src/com/cloud/projects/ProjectService.java
index 7593f65f13b..534ec0a6010 100644
--- a/api/src/com/cloud/projects/ProjectService.java
+++ b/api/src/com/cloud/projects/ProjectService.java
@@ -38,7 +38,7 @@ public interface ProjectService {
*/
Project getProject(long id);
- List listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize);
+ List listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize, boolean listAll, boolean isRecursive);
ProjectAccount assignAccountToProject(Project project, long accountId, Role accountRole);
@@ -58,7 +58,7 @@ public interface ProjectService {
List listProjectAccounts(long projectId, String accountName, String role, Long startIndex, Long pageSizeVal);
- List listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal);
+ List listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal, boolean isRecursive, boolean listAll);
boolean updateInvitation(long projectId, String accountName, String token, boolean accept);
diff --git a/api/src/com/cloud/server/ManagementService.java b/api/src/com/cloud/server/ManagementService.java
index a03ae2b7169..02217f4ff42 100755
--- a/api/src/com/cloud/server/ManagementService.java
+++ b/api/src/com/cloud/server/ManagementService.java
@@ -49,11 +49,9 @@ import com.cloud.api.commands.ListSSHKeyPairsCmd;
import com.cloud.api.commands.ListServiceOfferingsCmd;
import com.cloud.api.commands.ListStoragePoolsCmd;
import com.cloud.api.commands.ListSystemVMsCmd;
-import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.ListTemplatesCmd;
import com.cloud.api.commands.ListVMGroupsCmd;
import com.cloud.api.commands.ListVlanIpRangesCmd;
-import com.cloud.api.commands.ListVolumesCmd;
import com.cloud.api.commands.ListZonesByCmd;
import com.cloud.api.commands.RebootSystemVmCmd;
import com.cloud.api.commands.RegisterSSHKeyPairCmd;
@@ -61,9 +59,7 @@ import com.cloud.api.commands.StopSystemVmCmd;
import com.cloud.api.commands.UpdateDomainCmd;
import com.cloud.api.commands.UpdateHostPasswordCmd;
import com.cloud.api.commands.UpdateIsoCmd;
-import com.cloud.api.commands.UpdateIsoPermissionsCmd;
import com.cloud.api.commands.UpdateTemplateCmd;
-import com.cloud.api.commands.UpdateTemplatePermissionsCmd;
import com.cloud.api.commands.UpdateVMGroupCmd;
import com.cloud.api.commands.UploadCustomCertificateCmd;
import com.cloud.async.AsyncJob;
@@ -89,7 +85,6 @@ import com.cloud.org.Cluster;
import com.cloud.storage.GuestOS;
import com.cloud.storage.GuestOsCategory;
import com.cloud.storage.StoragePool;
-import com.cloud.storage.Volume;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.SSHKeyPair;
import com.cloud.utils.Pair;
@@ -180,14 +175,6 @@ public interface ManagementService {
*/
List searchForRouters(ListRoutersCmd cmd);
- /**
- * revisit Obtains a list of storage volumes by the specified search criteria. Can search by: "userId", "vType",
- * "instanceId", "dataCenterId", "podId", "hostId"
- *
- * @param cmd
- * @return List of Volumes.
- */
- List searchForVolumes(ListVolumesCmd cmd);
/**
* Obtains a list of IP Addresses by the specified search criteria. Can search by: "userId", "dataCenterId", "address"
@@ -245,16 +232,6 @@ public interface ManagementService {
*/
List listCapacities(ListCapacityCmd cmd);
- /**
- * List the permissions on a template. This will return a list of account names that have been granted permission to launch
- * instances from the template.
- *
- * @param cmd
- * the command wrapping the search criteria (template id)
- * @return list of account names that have been granted permission to launch instances from the template
- */
- List listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd);
-
/**
* List ISOs that match the specified criteria.
*
@@ -311,10 +288,6 @@ public interface ManagementService {
*/
ArrayList getCloudIdentifierResponse(long userId);
- boolean updateTemplatePermissions(UpdateTemplatePermissionsCmd cmd);
-
- boolean updateTemplatePermissions(UpdateIsoPermissionsCmd cmd);
-
boolean updateHostPassword(UpdateHostPasswordCmd cmd);
InstanceGroup updateVmGroup(UpdateVMGroupCmd cmd);
diff --git a/api/src/com/cloud/storage/StorageService.java b/api/src/com/cloud/storage/StorageService.java
index 2a4cc9abae2..a375b7c3b62 100644
--- a/api/src/com/cloud/storage/StorageService.java
+++ b/api/src/com/cloud/storage/StorageService.java
@@ -24,7 +24,7 @@ import com.cloud.api.commands.CancelPrimaryStorageMaintenanceCmd;
import com.cloud.api.commands.CreateStoragePoolCmd;
import com.cloud.api.commands.CreateVolumeCmd;
import com.cloud.api.commands.DeletePoolCmd;
-import com.cloud.api.commands.PreparePrimaryStorageForMaintenanceCmd;
+import com.cloud.api.commands.ListVolumesCmd;
import com.cloud.api.commands.UpdateStoragePoolCmd;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientCapacityException;
@@ -32,7 +32,6 @@ import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceInUseException;
import com.cloud.exception.ResourceUnavailableException;
-import com.cloud.host.Host;
public interface StorageService {
/**
@@ -109,4 +108,6 @@ public interface StorageService {
Volume migrateVolume(Long volumeId, Long storagePoolId) throws ConcurrentOperationException;
+ List searchForVolumes(ListVolumesCmd cmd);
+
}
diff --git a/api/src/com/cloud/storage/Volume.java b/api/src/com/cloud/storage/Volume.java
index 1bea520e148..262558cd100 100755
--- a/api/src/com/cloud/storage/Volume.java
+++ b/api/src/com/cloud/storage/Volume.java
@@ -18,16 +18,11 @@
package com.cloud.storage;
import java.util.Date;
-import java.util.List;
-import java.util.Set;
import com.cloud.acl.ControlledEntity;
import com.cloud.template.BasedOn;
-import com.cloud.utils.fsm.FiniteState;
-import com.cloud.utils.fsm.StateMachine;
import com.cloud.utils.fsm.StateMachine2;
import com.cloud.utils.fsm.StateObject;
-import com.cloud.vm.VirtualMachine;
public interface Volume extends ControlledEntity, BasedOn, StateObject {
enum Type {
diff --git a/api/src/com/cloud/template/TemplateService.java b/api/src/com/cloud/template/TemplateService.java
index 70d0517469f..5766df96e52 100755
--- a/api/src/com/cloud/template/TemplateService.java
+++ b/api/src/com/cloud/template/TemplateService.java
@@ -18,14 +18,17 @@
package com.cloud.template;
import java.net.URISyntaxException;
+import java.util.List;
import com.cloud.api.commands.CopyTemplateCmd;
import com.cloud.api.commands.DeleteIsoCmd;
import com.cloud.api.commands.DeleteTemplateCmd;
import com.cloud.api.commands.ExtractIsoCmd;
import com.cloud.api.commands.ExtractTemplateCmd;
+import com.cloud.api.commands.ListTemplateOrIsoPermissionsCmd;
import com.cloud.api.commands.RegisterIsoCmd;
import com.cloud.api.commands.RegisterTemplateCmd;
+import com.cloud.api.commands.UpdateTemplateOrIsoPermissionsCmd;
import com.cloud.exception.InternalErrorException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.StorageUnavailableException;
@@ -80,4 +83,8 @@ public interface TemplateService {
Long extract(ExtractTemplateCmd cmd) throws InternalErrorException;
VirtualMachineTemplate getTemplate(long templateId);
+
+ List listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd);
+
+ boolean updateTemplateOrIsoPermissions(UpdateTemplateOrIsoPermissionsCmd cmd);
}
diff --git a/api/src/com/cloud/template/VirtualMachineTemplate.java b/api/src/com/cloud/template/VirtualMachineTemplate.java
index 0abd2bb1e27..c9efabdf83c 100755
--- a/api/src/com/cloud/template/VirtualMachineTemplate.java
+++ b/api/src/com/cloud/template/VirtualMachineTemplate.java
@@ -35,7 +35,7 @@ public interface VirtualMachineTemplate extends ControlledEntity {
sharedexecutable, // ready templates that have been granted to the calling user by another user
executable, // templates that are owned by the calling user, or public templates, that can be used to deploy a new VM
community, // returns templates that have been marked as public but not featured
- all // all templates (only usable by ROOT admins)
+ all // all templates (only usable by admins)
}
/**
diff --git a/api/src/com/cloud/user/AccountService.java b/api/src/com/cloud/user/AccountService.java
index 75b4fa49339..a81bbd87600 100755
--- a/api/src/com/cloud/user/AccountService.java
+++ b/api/src/com/cloud/user/AccountService.java
@@ -20,12 +20,15 @@ package com.cloud.user;
import java.util.List;
import java.util.Map;
+import com.cloud.acl.ControlledEntity;
+import com.cloud.acl.SecurityChecker.AccessType;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.ListAccountsCmd;
import com.cloud.api.commands.ListUsersCmd;
import com.cloud.api.commands.RegisterCmd;
import com.cloud.api.commands.UpdateAccountCmd;
import com.cloud.api.commands.UpdateUserCmd;
+import com.cloud.domain.Domain;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceUnavailableException;
@@ -155,7 +158,7 @@ public interface AccountService {
User getActiveUser(long userId);
- User getUser(long userId);
+ User getUserIncludingRemoved(long userId);
boolean isRootAdmin(short accountType);
@@ -169,5 +172,9 @@ public interface AccountService {
List searchForUsers(ListUsersCmd cmd)
throws PermissionDeniedException;
+
+ void checkAccess(Account account, Domain domain) throws PermissionDeniedException;
+
+ void checkAccess(Account account, AccessType accessType, ControlledEntity... entities) throws PermissionDeniedException;
}
diff --git a/api/src/com/cloud/vm/InstanceGroup.java b/api/src/com/cloud/vm/InstanceGroup.java
index ee3ef6d61be..3f0e78a8e73 100644
--- a/api/src/com/cloud/vm/InstanceGroup.java
+++ b/api/src/com/cloud/vm/InstanceGroup.java
@@ -25,5 +25,6 @@ public interface InstanceGroup extends ControlledEntity {
long getId();
String getName();
Date getCreated();
+ Short getAccountType();
}
diff --git a/core/src/com/cloud/vm/InstanceGroupVO.java b/core/src/com/cloud/vm/InstanceGroupVO.java
index 9194971897a..1d3f9f1883b 100644
--- a/core/src/com/cloud/vm/InstanceGroupVO.java
+++ b/core/src/com/cloud/vm/InstanceGroupVO.java
@@ -61,6 +61,9 @@ public class InstanceGroupVO implements InstanceGroup, Identity {
@Column(name="uuid")
private String uuid;
+ @Column(name="type", table="account", insertable=false, updatable=false)
+ private short accountType;
+
public InstanceGroupVO(String name, long accountId) {
this.name = name;
this.accountId = accountId;
@@ -110,4 +113,9 @@ public class InstanceGroupVO implements InstanceGroup, Identity {
public void setUuid(String uuid) {
this.uuid = uuid;
}
+
+ @Override
+ public Short getAccountType() {
+ return accountType;
+ }
}
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index 38341df939a..e04af242bac 100755
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -27,7 +27,6 @@ import com.cloud.domain.dao.DomainDao;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.offering.DiskOffering;
import com.cloud.offering.ServiceOffering;
-import com.cloud.projects.Project;
import com.cloud.projects.ProjectManager;
import com.cloud.projects.dao.ProjectAccountDao;
import com.cloud.storage.LaunchPermissionVO;
diff --git a/server/src/com/cloud/agent/manager/AgentManagerImpl.java b/server/src/com/cloud/agent/manager/AgentManagerImpl.java
index 2395924b372..0194b3905d0 100755
--- a/server/src/com/cloud/agent/manager/AgentManagerImpl.java
+++ b/server/src/com/cloud/agent/manager/AgentManagerImpl.java
@@ -1488,4 +1488,7 @@ public class AgentManagerImpl implements AgentManager, HandlerFactory, Manager {
attache.setMaintenanceMode(false);
}
}
+
+
+
}
diff --git a/server/src/com/cloud/api/ApiDBUtils.java b/server/src/com/cloud/api/ApiDBUtils.java
index 79b4cd9770f..eb7393641f9 100755
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@ -288,8 +288,8 @@ public class ApiDBUtils {
return _ms.getVersion();
}
- public static List searchForUserVMs(Criteria c) {
- return _userVmMgr.searchForUserVMs(c, true);
+ public static List searchForUserVMs(Criteria c, List permittedAccounts) {
+ return _userVmMgr.searchForUserVMs(c, _accountDao.findById(Account.ACCOUNT_ID_SYSTEM), null, false, permittedAccounts, false, null);
}
public static List searchForStoragePools(Criteria c) {
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index 807a8d8c146..b82349e7644 100755
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -319,13 +319,11 @@ public class ApiResponseHelper implements ResponseGenerator {
// Get stopped and running VMs
int vmStopped = 0;
int vmRunning = 0;
+
+ List permittedAccounts = new ArrayList();
+ permittedAccounts.add(account.getId());
- Long[] accountIds = new Long[1];
- accountIds[0] = account.getId();
-
- Criteria c1 = new Criteria();
- c1.addCriteria(Criteria.ACCOUNTID, accountIds);
- List virtualMachines = ApiDBUtils.searchForUserVMs(c1);
+ List virtualMachines = ApiDBUtils.searchForUserVMs(new Criteria(), permittedAccounts);
// get Running/Stopped VMs
for (Iterator iter = virtualMachines.iterator(); iter.hasNext();) {
@@ -3026,15 +3024,15 @@ public class ApiResponseHelper implements ResponseGenerator {
response.setProjectName(ApiDBUtils.findProjectById(invite.getProjectId()).getName());
response.setInvitationState(invite.getState().toString());
- if (invite.getAccountId() != null) {
- Account account = ApiDBUtils.findAccountById(invite.getAccountId());
+ if (invite.getForAccountId() != null) {
+ Account account = ApiDBUtils.findAccountById(invite.getForAccountId());
response.setAccountName(account.getAccountName());
} else {
response.setEmail(invite.getEmail());
}
- populateDomain(response, invite.getDomainId());
+ populateDomain(response, invite.getInDomainId());
response.setObjectName("projectinvitation");
return response;
diff --git a/server/src/com/cloud/api/ApiServer.java b/server/src/com/cloud/api/ApiServer.java
index a37dc953745..aad5e4b379b 100755
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@ -798,7 +798,7 @@ public class ApiServer implements HttpRequestHandler {
}
public boolean verifyUser(Long userId) {
- User user = _accountMgr.getUser(userId);
+ User user = _accountMgr.getUserIncludingRemoved(userId);
Account account = null;
if (user != null) {
account = _accountMgr.getAccount(user.getAccountId());
diff --git a/server/src/com/cloud/async/AsyncJobManagerImpl.java b/server/src/com/cloud/async/AsyncJobManagerImpl.java
index e7700337e44..3d733d29e9d 100644
--- a/server/src/com/cloud/async/AsyncJobManagerImpl.java
+++ b/server/src/com/cloud/async/AsyncJobManagerImpl.java
@@ -297,7 +297,7 @@ public class AsyncJobManagerImpl implements AsyncJobManager, ClusterManagerListe
throw new InvalidParameterValueException("Unable to find a job by id " + cmd.getId());
}
- User userJobOwner = _accountMgr.getUser(job.getUserId());
+ User userJobOwner = _accountMgr.getUserIncludingRemoved(job.getUserId());
Account jobOwner = _accountMgr.getAccount(userJobOwner.getAccountId());
//check permissions
diff --git a/server/src/com/cloud/network/IPAddressVO.java b/server/src/com/cloud/network/IPAddressVO.java
index f0859b6b1be..e884d740df1 100644
--- a/server/src/com/cloud/network/IPAddressVO.java
+++ b/server/src/com/cloud/network/IPAddressVO.java
@@ -31,6 +31,7 @@ import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
+import javax.persistence.Transient;
import com.cloud.api.Identity;
import com.cloud.utils.net.Ip;
@@ -94,6 +95,14 @@ public class IPAddressVO implements IpAddress, Identity {
@Column(name="physical_network_id")
private Long physicalNetworkId;
+
+ @Column(name="account_id")
+ @Transient
+ private Long accountId = null;
+
+ @Transient
+ @Column(name="domain_id")
+ private Long domainId = null;
protected IPAddressVO() {
this.uuid = UUID.randomUUID().toString();
@@ -136,6 +145,11 @@ public class IPAddressVO implements IpAddress, Identity {
return allocatedToAccountId;
}
+ @Override
+ public Long getAllocatedInDomainId() {
+ return allocatedInDomainId;
+ }
+
@Override
public Long getAssociatedWithNetworkId() {
return associatedWithNetworkId;
@@ -153,11 +167,6 @@ public class IPAddressVO implements IpAddress, Identity {
public void setAssociatedWithVmId(Long associatedWithVmId) {
this.associatedWithVmId = associatedWithVmId;
}
-
- @Override
- public Long getAllocatedInDomainId() {
- return allocatedInDomainId;
- }
@Override
public Date getAllocatedTime() {
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index 9887452b798..ed12acc3251 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -431,7 +431,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
Transaction txn = Transaction.currentTxn();
- Account owner = _accountMgr.getAccount(addr.getAccountId());
+ Account owner = _accountMgr.getAccount(addr.getAllocatedToAccountId());
long isSourceNat = (addr.isSourceNat()) ? 1 : 0;
txn.start();
@@ -1044,7 +1044,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
IpAddress ipToAssoc = getIp(cmd.getEntityId());
if (ipToAssoc != null) {
_accountMgr.checkAccess(caller, null, ipToAssoc);
- owner = _accountMgr.getAccount(ipToAssoc.getAccountId());
+ owner = _accountMgr.getAccount(ipToAssoc.getAllocatedToAccountId());
} else {
s_logger.debug("Unable to find ip address by id: " + cmd.getEntityId());
return null;
@@ -1931,7 +1931,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
// Check for account wide pool. It will have an entry for account_vlan_map.
- if (_accountVlanMapDao.findAccountVlanMap(ipVO.getAccountId(), ipVO.getVlanId()) != null) {
+ if (_accountVlanMapDao.findAccountVlanMap(ipVO.getAllocatedToAccountId(), ipVO.getVlanId()) != null) {
throw new InvalidParameterValueException("Ip address id=" + ipAddressId + " belongs to Account wide IP pool and cannot be disassociated");
}
@@ -2410,6 +2410,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
Long physicalNetworkId = cmd.getPhysicalNetworkId();
List supportedServicesStr = cmd.getSupportedServices();
Boolean restartRequired= cmd.getRestartRequired();
+ boolean listAll = cmd.listAll();
+ boolean isRecursive = cmd.isRecursive();
//1) default is system to false if not specified
//2) reset parameter to false if it's specified by the regular user
@@ -2440,7 +2442,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
}
- if (!_accountMgr.isAdmin(caller.getType())) {
+ if (!_accountMgr.isAdmin(caller.getType()) || !listAll) {
permittedAccounts.add(caller.getId());
domainId = caller.getDomainId();
}
@@ -2498,10 +2500,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
if (isSystem == null || !isSystem) {
//Get domain level networks
- if (domainId != null) {
+ if (domainId != null && !listAll) {
networksToReturn.addAll(listDomainLevelNetworks(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, domainId));
} else if (permittedAccounts.isEmpty()){
- networksToReturn.addAll(listAccountSpecificNetworksByDomainPath(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, path));
+ networksToReturn.addAll(listAccountSpecificNetworksByDomainPath(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired), searchFilter, path, isRecursive));
}
//get account specific networks
@@ -2623,12 +2625,16 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return _networksDao.search(sc, searchFilter);
}
- private List listAccountSpecificNetworksByDomainPath(SearchCriteria sc, Filter searchFilter, String path) {
+ private List listAccountSpecificNetworksByDomainPath(SearchCriteria sc, Filter searchFilter, String path, boolean isRecursive) {
SearchCriteria accountSC = _networksDao.createSearchCriteria();
accountSC.addAnd("aclType", SearchCriteria.Op.EQ, ACLType.Account.toString());
if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
+ if (isRecursive) {
+ sc.setJoinParameters("domainSearch", "path", path + "%");
+ } else {
+ sc.setJoinParameters("domainSearch", "path", path);
+ }
}
return _networksDao.search(sc, searchFilter);
@@ -3599,18 +3605,18 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
// don't decrement resource count for direct ips
if (ip.getAssociatedWithNetworkId() != null) {
- _resourceLimitMgr.decrementResourceCount(_ipAddressDao.findById(addrId).getAccountId(), ResourceType.public_ip);
+ _resourceLimitMgr.decrementResourceCount(_ipAddressDao.findById(addrId).getAllocatedToAccountId(), ResourceType.public_ip);
}
long isSourceNat = (ip.isSourceNat()) ? 1 : 0;
// Save usage event
- if (ip.getAccountId() != Account.ACCOUNT_ID_SYSTEM) {
+ if (ip.getAllocatedToAccountId() != Account.ACCOUNT_ID_SYSTEM) {
VlanVO vlan = _vlanDao.findById(ip.getVlanId());
String guestType = vlan.getVlanType().toString();
- UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAccountId(), ip.getDataCenterId(), addrId, ip.getAddress().addr(), isSourceNat, guestType);
+ UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAllocatedToAccountId(), ip.getDataCenterId(), addrId, ip.getAddress().addr(), isSourceNat, guestType);
_usageEventDao.persist(usageEvent);
}
diff --git a/server/src/com/cloud/network/NetworkUsageManagerImpl.java b/server/src/com/cloud/network/NetworkUsageManagerImpl.java
index e45fe189b2f..fd8c7c11a83 100755
--- a/server/src/com/cloud/network/NetworkUsageManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkUsageManagerImpl.java
@@ -354,17 +354,17 @@ public class NetworkUsageManagerImpl implements NetworkUsageManager, ResourceSta
List IpList = new ArrayList() ;
for(IPAddressVO ip : allocatedIps){
- if(ip.getAccountId() == AccountVO.ACCOUNT_ID_SYSTEM){
+ if(ip.getAllocatedToAccountId() == AccountVO.ACCOUNT_ID_SYSTEM){
//Ignore usage for system account
continue;
}
String address = (ip.getAddress()).toString();
if(ipAssigment.containsKey(address)){
// Ip was assigned during the current period but not release till Date now
- IpPartialUsage.add(new UsageIPAddressVO(ip.getAccountId(), address, ipAssigment.get(address), now));
+ IpPartialUsage.add(new UsageIPAddressVO(ip.getAllocatedToAccountId(), address, ipAssigment.get(address), now));
} else {
// Ip was not assigned or released during current period. Consider entire duration for usage calculation (lastCollection to now)
- fullDurationIpUsage.add(new UsageIPAddressVO(ip.getAccountId(), address, lastCollection, now));
+ fullDurationIpUsage.add(new UsageIPAddressVO(ip.getAllocatedToAccountId(), address, lastCollection, now));
//Store just the Ips to send the list as part of DirectNetworkUsageCommand
IpList.add(address);
}
diff --git a/server/src/com/cloud/network/addr/PublicIp.java b/server/src/com/cloud/network/addr/PublicIp.java
index ffa1f2b5c04..a147aa96e3c 100644
--- a/server/src/com/cloud/network/addr/PublicIp.java
+++ b/server/src/com/cloud/network/addr/PublicIp.java
@@ -99,16 +99,6 @@ public class PublicIp implements PublicIpAddress {
return _addr.getDomainId();
}
- @Override
- public Long getAllocatedToAccountId() {
- return _addr.getAllocatedToAccountId();
- }
-
- @Override
- public Long getAllocatedInDomainId() {
- return _addr.getAllocatedInDomainId();
- }
-
@Override
public long getVlanId() {
return _vlan.getId();
@@ -181,4 +171,14 @@ public class PublicIp implements PublicIpAddress {
public void setState(State state) {
_addr.setState(state);
}
+
+ @Override
+ public Long getAllocatedToAccountId() {
+ return _addr.getAllocatedToAccountId();
+ }
+
+ @Override
+ public Long getAllocatedInDomainId() {
+ return _addr.getAllocatedInDomainId();
+ }
}
diff --git a/server/src/com/cloud/network/dao/NetworkServiceMapDaoImpl.java b/server/src/com/cloud/network/dao/NetworkServiceMapDaoImpl.java
index 26802c3bdc9..b2889c47814 100644
--- a/server/src/com/cloud/network/dao/NetworkServiceMapDaoImpl.java
+++ b/server/src/com/cloud/network/dao/NetworkServiceMapDaoImpl.java
@@ -17,7 +17,6 @@
*/
package com.cloud.network.dao;
-
import java.util.ArrayList;
import java.util.List;
@@ -32,7 +31,6 @@ import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.GenericSearchBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
-import com.cloud.utils.db.SearchCriteria.Func;
@Local(value=NetworkServiceMapDao.class) @DB(txn=false)
public class NetworkServiceMapDaoImpl extends GenericDaoBase implements NetworkServiceMapDao {
@@ -59,7 +57,6 @@ public class NetworkServiceMapDaoImpl extends GenericDaoBase listFirewallRules(ListFirewallRulesCmd cmd) {
- Account caller = UserContext.current().getCaller();
Long ipId = cmd.getIpAddressId();
Long id = cmd.getId();
- String path = null;
-
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
+
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
if (ipId != null) {
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
@@ -213,27 +209,17 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
_accountMgr.checkAccess(caller, null, ipAddressVO);
}
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
-
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter filter = new Filter(FirewallRuleVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder sb = _firewallDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("id", sb.entity().getId(), Op.EQ);
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
- if (path != null) {
- // for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (id != null) {
sc.setParameters("id", id);
@@ -243,20 +229,8 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
sc.setParameters("ip", ipId);
}
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
sc.setParameters("purpose", Purpose.Firewall);
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
return _firewallDao.search(sc, filter);
}
diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
index 9e5d79803c0..f4fbbf5fe8b 100755
--- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
+++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
@@ -40,8 +40,6 @@ import com.cloud.api.commands.ListLoadBalancerRulesCmd;
import com.cloud.api.commands.UpdateLoadBalancerRuleCmd;
import com.cloud.api.response.ServiceResponse;
import com.cloud.dc.dao.VlanDao;
-import com.cloud.domain.Domain;
-import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
@@ -80,13 +78,13 @@ import com.cloud.network.rules.LbStickinessMethod.LbStickinessMethodParam;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.network.rules.RulesManager;
import com.cloud.network.rules.StickinessPolicy;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.DomainService;
import com.cloud.user.UserContext;
import com.cloud.user.dao.AccountDao;
import com.cloud.uservm.UserVm;
-import com.cloud.utils.Pair;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.db.DB;
@@ -646,7 +644,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa
txn.start();
LoadBalancerVO newRule = new LoadBalancerVO(lb.getXid(), lb.getName(), lb.getDescription(), lb.getSourceIpAddressId(), lb.getSourcePortEnd(), lb.getDefaultPortStart(),
- lb.getAlgorithm(), network.getId(), ipAddr.getAccountId(), ipAddr.getDomainId());
+ lb.getAlgorithm(), network.getId(), ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId());
newRule = _lbDao.persist(newRule);
@@ -976,33 +974,26 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa
@Override
public List searchForLoadBalancers(ListLoadBalancerRulesCmd cmd) {
- Account caller = UserContext.current().getCaller();
Long ipId = cmd.getPublicIpId();
Long zoneId = cmd.getZoneId();
- String path = null;
-
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
+ Long id = cmd.getId();
+ String name = cmd.getLoadBalancerRuleName();
+ String keyword = cmd.getKeyword();
+ Long instanceId = cmd.getVirtualMachineId();
+
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter searchFilter = new Filter(LoadBalancerVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
- Object name = cmd.getLoadBalancerRuleName();
- Object keyword = cmd.getKeyword();
- Object instanceId = cmd.getVirtualMachineId();
-
SearchBuilder sb = _lbDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
if (instanceId != null) {
SearchBuilder lbVMSearch = _lb2VmMapDao.createSearchBuilder();
@@ -1010,13 +1001,6 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa
sb.join("lbVMSearch", lbVMSearch, sb.entity().getId(), lbVMSearch.entity().getLoadBalancerId(), JoinBuilder.JoinType.INNER);
}
- if (path != null) {
- // for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
if (zoneId != null) {
SearchBuilder ipSearch = _ipAddressDao.createSearchBuilder();
ipSearch.and("zoneId", ipSearch.entity().getDataCenterId(), SearchCriteria.Op.EQ);
@@ -1024,11 +1008,12 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa
}
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
if (keyword != null) {
SearchCriteria ssc = _lbDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");
-
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
@@ -1048,18 +1033,6 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa
sc.setJoinParameters("lbVMSearch", "instanceId", instanceId);
}
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
if (zoneId != null) {
sc.setJoinParameters("ipSearch", "zoneId", zoneId);
}
diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java
index 66388d28c45..125f4002ff6 100755
--- a/server/src/com/cloud/network/rules/RulesManagerImpl.java
+++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java
@@ -29,8 +29,6 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
-import com.cloud.domain.Domain;
-import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
@@ -45,22 +43,18 @@ import com.cloud.network.IpAddress;
import com.cloud.network.Network;
import com.cloud.network.Network.Service;
import com.cloud.network.NetworkManager;
-import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.FirewallRulesCidrsDao;
import com.cloud.network.dao.FirewallRulesDao;
import com.cloud.network.dao.IPAddressDao;
-import com.cloud.network.dao.NetworkDao;
import com.cloud.network.rules.FirewallRule.FirewallRuleType;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.dao.PortForwardingRulesDao;
-import com.cloud.offering.NetworkOffering;
-import com.cloud.offerings.dao.NetworkOfferingDao;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.DomainManager;
import com.cloud.user.UserContext;
import com.cloud.uservm.UserVm;
-import com.cloud.utils.Pair;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.db.DB;
@@ -174,8 +168,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
_firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.PortForwarding, FirewallRuleType.User);
Long networkId = ipAddress.getAssociatedWithNetworkId();
- Long accountId = ipAddress.getAccountId();
- Long domainId = ipAddress.getDomainId();
+ Long accountId = ipAddress.getAllocatedToAccountId();
+ Long domainId = ipAddress.getAllocatedInDomainId();
// start port can't be bigger than end port
if (rule.getDestinationPortStart() > rule.getDestinationPortEnd()) {
@@ -267,8 +261,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
_firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.StaticNat, FirewallRuleType.User);
Long networkId = ipAddress.getAssociatedWithNetworkId();
- Long accountId = ipAddress.getAccountId();
- Long domainId = ipAddress.getDomainId();
+ Long accountId = ipAddress.getAllocatedToAccountId();
+ Long domainId = ipAddress.getAllocatedInDomainId();
_networkMgr.checkIpForService(ipAddress, Service.StaticNat);
@@ -547,14 +541,13 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
@Override
public List listPortForwardingRules(ListPortForwardingRulesCmd cmd) {
- Account caller = UserContext.current().getCaller();
Long ipId = cmd.getIpAddressId();
Long id = cmd.getId();
- String path = null;
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
if (ipId != null) {
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
@@ -564,27 +557,17 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
_accountMgr.checkAccess(caller, null, ipAddressVO);
}
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
-
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter filter = new Filter(PortForwardingRuleVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder sb = _portForwardingDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("id", sb.entity().getId(), Op.EQ);
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
- if (path != null) {
- // for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (id != null) {
sc.setParameters("id", id);
@@ -594,20 +577,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
sc.setParameters("ip", ipId);
}
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
sc.setParameters("purpose", Purpose.PortForwarding);
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
return _portForwardingDao.search(sc, filter);
}
@@ -743,7 +714,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
for (IPAddressVO ip : ips) {
// Get nic IP4 address
String dstIp = _networkMgr.getIpInNetwork(ip.getAssociatedWithVmId(), networkId);
- StaticNatImpl staticNat = new StaticNatImpl(ip.getAccountId(), ip.getDomainId(), networkId, ip.getId(), dstIp, false);
+ StaticNatImpl staticNat = new StaticNatImpl(ip.getAllocatedToAccountId(), ip.getAllocatedInDomainId(), networkId, ip.getId(), dstIp, false);
staticNats.add(staticNat);
}
@@ -760,13 +731,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
- public List searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId) {
- Account caller = UserContext.current().getCaller();
- String path = null;
-
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, accountName, domainId, projectId);
- List permittedAccounts = accountDomainPair.first();
- domainId = accountDomainPair.second();
+ public List searchStaticNatRules(Long ipId, Long id, Long vmId, Long start, Long size, String accountName, Long domainId, Long projectId, boolean isRecursive, boolean listAll) {
+ Account caller = UserContext.current().getCaller();
+ List permittedAccounts = new ArrayList();
if (ipId != null) {
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
@@ -776,25 +743,15 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
_accountMgr.checkAccess(caller, null, ipAddressVO);
}
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
-
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, accountName, projectId, permittedAccounts, listAll, id);
Filter filter = new Filter(PortForwardingRuleVO.class, "id", false, start, size);
SearchBuilder sb = _firewallDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
sb.and("purpose", sb.entity().getPurpose(), Op.EQ);
sb.and("id", sb.entity().getId(), Op.EQ);
- if (path != null) {
- // for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
if (vmId != null) {
SearchBuilder ipSearch = _ipAddressDao.createSearchBuilder();
@@ -803,7 +760,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
SearchCriteria sc = sb.create();
-
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+ sc.setParameters("purpose", Purpose.StaticNat);
+
if (id != null) {
sc.setParameters("id", id);
}
@@ -812,20 +771,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
sc.setParameters("ip", ipId);
}
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
- sc.setParameters("purpose", Purpose.StaticNat);
-
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
if (vmId != null) {
sc.setJoinParameters("ipSearch", "associatedWithVmId", vmId);
}
@@ -1128,7 +1073,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
dstIp = _networkMgr.getIpInNetwork(sourceIp.getAssociatedWithVmId(), networkId);
}
- StaticNatImpl staticNat = new StaticNatImpl(sourceIp.getAccountId(), sourceIp.getDomainId(), networkId, sourceIpId, dstIp, forRevoke);
+ StaticNatImpl staticNat = new StaticNatImpl(sourceIp.getAllocatedToAccountId(), sourceIp.getAllocatedInDomainId(), networkId, sourceIpId, dstIp, forRevoke);
staticNats.add(staticNat);
try {
diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
index 859e0628b8d..66e9ea3d86b 100755
--- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
+++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
@@ -45,17 +45,15 @@ import com.cloud.agent.api.NetworkRulesSystemVmCommand;
import com.cloud.agent.api.SecurityGroupRulesCmd;
import com.cloud.agent.api.SecurityGroupRulesCmd.IpPortAndProto;
import com.cloud.agent.manager.Commands;
-import com.cloud.api.commands.AuthorizeSecurityGroupIngressCmd;
import com.cloud.api.commands.AuthorizeSecurityGroupEgressCmd;
+import com.cloud.api.commands.AuthorizeSecurityGroupIngressCmd;
import com.cloud.api.commands.CreateSecurityGroupCmd;
import com.cloud.api.commands.DeleteSecurityGroupCmd;
import com.cloud.api.commands.ListSecurityGroupsCmd;
-import com.cloud.api.commands.RevokeSecurityGroupIngressCmd;
import com.cloud.api.commands.RevokeSecurityGroupEgressCmd;
+import com.cloud.api.commands.RevokeSecurityGroupIngressCmd;
import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
-import com.cloud.domain.Domain;
-import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
@@ -68,13 +66,14 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.network.Network;
import com.cloud.network.NetworkManager;
import com.cloud.network.security.SecurityGroupWork.Step;
-import com.cloud.network.security.dao.SecurityGroupRuleDao;
+import com.cloud.network.security.SecurityRule.SecurityRuleType;
import com.cloud.network.security.dao.SecurityGroupDao;
+import com.cloud.network.security.dao.SecurityGroupRuleDao;
import com.cloud.network.security.dao.SecurityGroupRulesDao;
import com.cloud.network.security.dao.SecurityGroupVMMapDao;
import com.cloud.network.security.dao.SecurityGroupWorkDao;
import com.cloud.network.security.dao.VmRulesetLogDao;
-import com.cloud.projects.Project;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.projects.ProjectManager;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
@@ -92,7 +91,6 @@ import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GlobalLock;
-import com.cloud.utils.db.JoinBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
@@ -110,7 +108,6 @@ import com.cloud.vm.VirtualMachine.State;
import com.cloud.vm.VirtualMachineManager;
import com.cloud.vm.dao.UserVmDao;
import com.cloud.vm.dao.VMInstanceDao;
-import com.cloud.network.security.SecurityRule.SecurityRuleType;
import edu.emory.mathcs.backport.java.util.Collections;
@@ -1079,12 +1076,13 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
@Override
public List searchForSecurityGroupRules(ListSecurityGroupsCmd cmd) throws PermissionDeniedException, InvalidParameterValueException {
Account caller = UserContext.current().getCaller();
- Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
Long instanceId = cmd.getVirtualMachineId();
String securityGroup = cmd.getSecurityGroupName();
- Long projectId = cmd.getProjectId();
Long id = cmd.getId();
+ Object keyword = cmd.getKeyword();
+
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
List permittedAccounts = new ArrayList();
if (instanceId != null) {
@@ -1096,60 +1094,18 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
return listSecurityGroupRulesByVM(instanceId.longValue());
}
- if (_accountMgr.isAdmin(caller.getType())) {
- if (domainId != null) {
- Domain domain = _domainMgr.getDomain(domainId);
- if (domain == null) {
- throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
- }
- _accountMgr.checkAccess(caller, domain);
- if (accountName != null) {
- Account account = _accountMgr.getActiveAccountByName(accountName, domainId);
- if (account == null) {
- throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
- }
- _accountMgr.checkAccess(caller, null, account);
- permittedAccounts.add(account.getId());
- }
- }
- } else {
- // regular user can see only his own security groups
- permittedAccounts.add(caller.getId());
- }
-
- //set project information
- if (projectId != null) {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(project.getProjectAccountId());
- } else if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- }
-
List securityRulesList = new ArrayList();
+
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter searchFilter = new Filter(SecurityGroupVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
- Object keyword = cmd.getKeyword();
-
SearchBuilder sb = _securityGroupDao.createSearchBuilder();
- sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
- sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
- // only do a recursive domain search if the search is not limited by account or instance
- if (permittedAccounts.isEmpty() && instanceId == null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
+ sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
+ sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (id != null) {
sc.setParameters("id", id);
@@ -1159,16 +1115,6 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
sc.setParameters("name", securityGroup);
}
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
- // only do a recursive domain search if the search is not limited by account or instance
- if (permittedAccounts.isEmpty() && instanceId == null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- DomainVO domain = _domainDao.findById(caller.getDomainId());
- sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
- }
-
if (keyword != null) {
SearchCriteria ssc = _securityGroupRulesDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
diff --git a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
index 54f5a6a8c6c..3c5d132e668 100755
--- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
@@ -30,7 +30,6 @@ import com.cloud.api.commands.ListRemoteAccessVpnsCmd;
import com.cloud.api.commands.ListVpnUsersCmd;
import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
-import com.cloud.domain.Domain;
import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.EventTypes;
@@ -61,6 +60,7 @@ import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.RulesManager;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.DomainManager;
@@ -136,7 +136,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
// TODO: assumes one virtual network / domr per account per zone
- vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAllocatedToAccountId(), ipAddr.getAssociatedWithNetworkId());
+ vpnVO = _remoteAccessVpnDao.findByAccountAndNetwork(ipAddr.getAccountId(), ipAddr.getAssociatedWithNetworkId());
if (vpnVO != null) {
//if vpn is in Added state, return it to the api
if (vpnVO.getState() == RemoteAccessVpn.State.Added) {
@@ -181,7 +181,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
String newIpRange = NetUtils.long2Ip(++startIp) + "-" + range[1];
String sharedSecret = PasswordGenerator.generatePresharedKey(_pskLength);
_rulesMgr.reservePorts(ipAddr, NetUtils.UDP_PROTO, Purpose.Vpn, openFirewall, caller, NetUtils.VPN_PORT, NetUtils.VPN_L2TP_PORT, NetUtils.VPN_NATT_PORT);
- vpnVO = new RemoteAccessVpnVO(ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId(), ipAddr.getAssociatedWithNetworkId(),
+ vpnVO = new RemoteAccessVpnVO(ipAddr.getAccountId(), ipAddr.getDomainId(), ipAddr.getAssociatedWithNetworkId(),
publicIpId, range[0], newIpRange, sharedSecret);
return _remoteAccessVpnDao.persist(vpnVO);
}
@@ -473,40 +473,26 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
@Override
public List searchForVpnUsers(ListVpnUsersCmd cmd) {
- Account caller = UserContext.current().getCaller();
String username = cmd.getUsername();
- String path = null;
+ Long id = cmd.getId();
- //Verify account information
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), null);
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
-
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter searchFilter = new Filter(VpnUserVO.class, "username", true, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
-
SearchBuilder sb = _vpnUsersDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
+
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
- if (path != null) {
- //for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
//list only active users
sc.setParameters("state", State.Active);
@@ -519,18 +505,6 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
sc.setParameters("username", username);
}
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
return _vpnUsersDao.search(sc, searchFilter);
}
@@ -538,24 +512,17 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
public List searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd) {
// do some parameter validation
Account caller = UserContext.current().getCaller();
- String path = null;
-
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- Domain domain = _domainMgr.getDomain(caller.getDomainId());
- path = domain.getPath();
- }
-
Long ipAddressId = cmd.getPublicIpId();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+
if (ipAddressId != null) {
PublicIpAddress publicIp = _networkMgr.getPublicIpAddress(ipAddressId);
if (publicIp == null) {
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId + " not found.");
} else {
- Long ipAddrAcctId = publicIp.getAllocatedToAccountId();
+ Long ipAddrAcctId = publicIp.getAccountId();
if (ipAddrAcctId == null) {
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId
+ " is not associated with an account.");
@@ -563,41 +530,24 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
_accountMgr.checkAccess(caller, null, publicIp);
}
-
-
+
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), null);
Filter filter = new Filter(RemoteAccessVpnVO.class, "serverAddressId", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder sb = _remoteAccessVpnDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("serverAddressId", sb.entity().getServerAddressId(), Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), Op.IN);
- sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
sb.and("state", sb.entity().getState(), Op.EQ);
- if (path != null) {
- //for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sc.setParameters("state", RemoteAccessVpn.State.Running);
if (ipAddressId != null) {
sc.setParameters("serverAddressId", ipAddressId);
}
-
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- }
-
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
return _remoteAccessVpnDao.search(sc, filter);
}
diff --git a/server/src/com/cloud/projects/ProjectInvitationVO.java b/server/src/com/cloud/projects/ProjectInvitationVO.java
index 26d14ed0f40..bbb42b70970 100644
--- a/server/src/com/cloud/projects/ProjectInvitationVO.java
+++ b/server/src/com/cloud/projects/ProjectInvitationVO.java
@@ -27,10 +27,10 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
private long projectId;
@Column(name="account_id")
- private Long accountId;
+ private Long forAccountId;
@Column(name="domain_id")
- private Long domainId;
+ private Long inDomainId;
@Column(name="token")
private String token;
@@ -53,8 +53,8 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
}
public ProjectInvitationVO(long projectId, Long accountId, Long domainId, String email, String token) {
- this.accountId = accountId;
- this.domainId = domainId;
+ this.forAccountId = accountId;
+ this.inDomainId = domainId;
this.projectId = projectId;
this.email = email;
this.token = token;
@@ -72,8 +72,8 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
}
@Override
- public Long getAccountId() {
- return accountId;
+ public Long getForAccountId() {
+ return forAccountId;
}
@Override
@@ -103,13 +103,13 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
@Override
public String toString() {
StringBuilder buf = new StringBuilder("ProjectInvitation[");
- buf.append(id).append("|projectId=").append(projectId).append("|accountId=").append(accountId).append("]");
+ buf.append(id).append("|projectId=").append(projectId).append("|accountId=").append(forAccountId).append("]");
return buf.toString();
}
@Override
- public Long getDomainId() {
- return domainId;
+ public Long getInDomainId() {
+ return inDomainId;
}
@Override
@@ -120,4 +120,14 @@ public class ProjectInvitationVO implements ProjectInvitation, Identity {
public void setUuid(String uuid) {
this.uuid = uuid;
}
+
+ @Override
+ public long getDomainId() {
+ return inDomainId == null ? -1 : inDomainId;
+ }
+
+ @Override
+ public long getAccountId() {
+ return forAccountId == null ? -1 : forAccountId;
+ }
}
diff --git a/server/src/com/cloud/projects/ProjectManagerImpl.java b/server/src/com/cloud/projects/ProjectManagerImpl.java
index b5a6b0ab60c..57e3bd543af 100755
--- a/server/src/com/cloud/projects/ProjectManagerImpl.java
+++ b/server/src/com/cloud/projects/ProjectManagerImpl.java
@@ -18,6 +18,7 @@
package com.cloud.projects;
import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
@@ -45,7 +46,6 @@ import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationManager;
import com.cloud.configuration.Resource.ResourceType;
import com.cloud.configuration.dao.ConfigurationDao;
-import com.cloud.domain.Domain;
import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
@@ -55,6 +55,7 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.projects.Project.State;
import com.cloud.projects.ProjectAccount.Role;
import com.cloud.projects.dao.ProjectAccountDao;
@@ -337,7 +338,7 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
}
@Override
- public List listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize) {
+ public List listProjects(Long id, String name, String displayText, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSize, boolean listAll, boolean isRecursive) {
Account caller = UserContext.current().getCaller();
Long accountId = null;
String path = null;
@@ -362,11 +363,6 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
accountId = owner.getId();
}
}
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- DomainVO domain = _domainDao.findById(caller.getDomainId());
- path = domain.getPath();
- }
} else {
if (accountName != null && !accountName.equals(caller.getAccountName())) {
throw new PermissionDeniedException("Can't list account " + accountName + " projects; unauthorized");
@@ -379,6 +375,17 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
accountId = caller.getId();
}
+ if (!listAll) {
+ if (domainId == null && accountId == null) {
+ accountId = caller.getId();
+ } else {
+ if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || !isRecursive) {
+ DomainVO domain = _domainDao.findById(caller.getDomainId());
+ path = domain.getPath();
+ }
+ }
+ }
+
if (path != null) {
SearchBuilder domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
@@ -397,6 +404,10 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
sc.addAnd("id", Op.EQ, id);
}
+ if (domainId != null) {
+ sc.addAnd("domainId", Op.EQ, domainId);
+ }
+
if (name != null) {
sc.addAnd("name", Op.EQ, name);
}
@@ -757,64 +768,23 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
}
@Override
- public List listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal) {
- Account caller = UserContext.current().getCaller();
- Long accountId = null;
- String domainPath = null;
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- if (domainId == null) {
- domainPath = _domainMgr.getDomain(caller.getDomainId()).getPath();
- }
- } else if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
- // regular user is constraint to only his account
- accountId = caller.getId();
- }
-
- if (domainId != null) {
- Domain domain = _domainDao.findById(domainId);
- if (domain == null) {
- throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
- }
- _accountMgr.checkAccess(caller, domain);
-
- if (accountName != null) {
- Account account = _accountDao.findActiveAccount(accountName, domainId);
- if (account == null) {
- throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
- }
-
- _accountMgr.checkAccess(caller, null, account);
- accountId = account.getId();
- }
- }
+ public List listProjectInvitations(Long id, Long projectId, String accountName, Long domainId, String state, boolean activeOnly, Long startIndex, Long pageSizeVal, boolean isRecursive, boolean listAll) {
+ Account caller = UserContext.current().getCaller();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, accountName, null, permittedAccounts, listAll, id);
Filter searchFilter = new Filter(ProjectInvitationVO.class, "id", true, startIndex, pageSizeVal);
-
SearchBuilder sb = _projectInvitationDao.createSearchBuilder();
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
- sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("projectId", sb.entity().getProjectId(), SearchCriteria.Op.EQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
sb.and("created", sb.entity().getCreated(), SearchCriteria.Op.GT);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
- if (domainPath != null) {
- // do a domain LIKE match for the admin case if isRecursive is true
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
-
- if (domainPath != null) {
- sc.setJoinParameters("domainSearch", "path", domainPath);
- }
-
- if (accountId != null) {
- sc.setParameters("accountId", accountId);
- }
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
if (projectId != null){
sc.setParameters("projectId", projectId);
diff --git a/server/src/com/cloud/projects/dao/ProjectDao.java b/server/src/com/cloud/projects/dao/ProjectDao.java
index 767dc369349..161995bb051 100644
--- a/server/src/com/cloud/projects/dao/ProjectDao.java
+++ b/server/src/com/cloud/projects/dao/ProjectDao.java
@@ -32,5 +32,4 @@ public interface ProjectDao extends GenericDao{
ProjectVO findByProjectAccountId(long projectAccountId);
List listByState(Project.State state);
-
}
diff --git a/server/src/com/cloud/projects/dao/ProjectDaoImpl.java b/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
index e0df0b98407..72fcc5aed2d 100644
--- a/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
+++ b/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
@@ -21,6 +21,7 @@ public class ProjectDaoImpl extends GenericDaoBase implements P
private static final Logger s_logger = Logger.getLogger(ProjectDaoImpl.class);
protected final SearchBuilder AllFieldsSearch;
protected GenericSearchBuilder CountByDomain;
+ protected GenericSearchBuilder ProjectAccountSearch;
protected ProjectDaoImpl() {
AllFieldsSearch = createSearchBuilder();
@@ -84,7 +85,6 @@ public class ProjectDaoImpl extends GenericDaoBase implements P
public List listByState(Project.State state) {
SearchCriteria sc = AllFieldsSearch.create();
sc.setParameters("state", state);
-
return listBy(sc);
}
}
diff --git a/server/src/com/cloud/projects/dao/ProjectInvitationDaoImpl.java b/server/src/com/cloud/projects/dao/ProjectInvitationDaoImpl.java
index 343e544871c..c260b64b92c 100644
--- a/server/src/com/cloud/projects/dao/ProjectInvitationDaoImpl.java
+++ b/server/src/com/cloud/projects/dao/ProjectInvitationDaoImpl.java
@@ -22,7 +22,7 @@ public class ProjectInvitationDaoImpl extends GenericDaoBase> listIsos(ListIsosCmd cmd) throws IllegalArgumentException, InvalidParameterValueException {
TemplateFilter isoFilter = TemplateFilter.valueOf(cmd.getIsoFilter());
- List permittedAccounts = new ArrayList();
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
- Long projectId = cmd.getProjectId();
+ boolean isRecursive = cmd.isRecursive();
- if (accountName != null && domainId != null) {
- permittedAccounts.add(_accountMgr.finalizeOwner(caller, accountName, domainId, null));
- }
-
- //set project information
- boolean skipProjectTemplates = true;
- if (projectId != null) {
- if (projectId == -1) {
- List permittedAccountIds = _projectMgr.listPermittedProjectAccounts(caller.getId());
- for (Long permittedAccountId : permittedAccountIds) {
- permittedAccounts.add(_accountMgr.getAccount(permittedAccountId));
- }
- } else {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(_accountMgr.getAccount(project.getProjectAccountId()));
- skipProjectTemplates = false;
- }
+ boolean listAll = (caller.getType() != Account.ACCOUNT_TYPE_NORMAL && (isoFilter != null && isoFilter == TemplateFilter.all));
+ List permittedAccountIds = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccountIds, listAll, cmd.getId());
+ List permittedAccounts = new ArrayList();
+ for (Long accountId : permittedAccountIds) {
+ permittedAccounts.add(_accountMgr.getAccount(accountId));
}
- // It is account specific if account is admin type and domainId and accountName are not null
- boolean isAccountSpecific = (isAdmin(caller.getType())) && (accountName != null) && (domainId != null);
-
HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
- return listTemplates(cmd.getId(), cmd.getIsoName(), cmd.getKeyword(), isoFilter, true, cmd.isBootable(), cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, isAccountSpecific,
- true, cmd.listInReadyState(), permittedAccounts, caller, skipProjectTemplates);
+ return listTemplates(cmd.getId(), cmd.getIsoName(), cmd.getKeyword(), isoFilter, true, cmd.isBootable(), cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, true,
+ cmd.listInReadyState(), permittedAccounts, caller, listProjectResourcesCriteria);
}
@Override
public Set> listTemplates(ListTemplatesCmd cmd) throws IllegalArgumentException, InvalidParameterValueException {
TemplateFilter templateFilter = TemplateFilter.valueOf(cmd.getTemplateFilter());
- List permittedAccounts = new ArrayList();
+ Long id = cmd.getId();
+
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
- Long projectId = cmd.getProjectId();
+ boolean isRecursive = cmd.isRecursive();
- if (accountName != null && domainId != null) {
- permittedAccounts.add(_accountMgr.finalizeOwner(caller, accountName, domainId, null));
- } else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN){
- permittedAccounts.add(caller);
+ boolean listAll = (caller.getType() != Account.ACCOUNT_TYPE_NORMAL && (templateFilter != null && templateFilter == TemplateFilter.all));
+ List permittedAccountIds = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccountIds, listAll, id);
+ List permittedAccounts = new ArrayList();
+ for (Long accountId : permittedAccountIds) {
+ permittedAccounts.add(_accountMgr.getAccount(accountId));
}
- //set project information
- boolean skipProjectTemplates = true;
- if (projectId != null) {
- if (projectId == -1) {
- List permittedAccountIds = _projectMgr.listPermittedProjectAccounts(caller.getId());
- for (Long permittedAccountId : permittedAccountIds) {
- permittedAccounts.add(_accountMgr.getAccount(permittedAccountId));
- }
- } else {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(_accountMgr.getAccount(project.getProjectAccountId()));
- skipProjectTemplates = false;
- }
- }
-
- // It is account specific if account is admin type and domainId and accountName are not null
- boolean isAccountSpecific = (caller == null || isAdmin(caller.getType())) && (accountName != null) && (domainId != null);
boolean showDomr = ((templateFilter != TemplateFilter.selfexecutable) && (templateFilter != TemplateFilter.featured));
HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
-
- return listTemplates(cmd.getId(), cmd.getTemplateName(), cmd.getKeyword(), templateFilter, false, null, cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, isAccountSpecific,
- showDomr, cmd.listInReadyState(), permittedAccounts, caller, skipProjectTemplates);
+
+ return listTemplates(id, cmd.getTemplateName(), cmd.getKeyword(), templateFilter, false, null, cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, showDomr,
+ cmd.listInReadyState(), permittedAccounts, caller, listProjectResourcesCriteria);
}
private Set> listTemplates(Long templateId, String name, String keyword, TemplateFilter templateFilter, boolean isIso, Boolean bootable, Long pageSize, Long startIndex,
- Long zoneId, HypervisorType hyperType, boolean isAccountSpecific, boolean showDomr, boolean onlyReady, List permittedAccounts, Account caller, boolean skipProjectTemplates) {
+ Long zoneId, HypervisorType hyperType, boolean showDomr, boolean onlyReady, List permittedAccounts, Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria) {
VMTemplateVO template = null;
if (templateId != null) {
@@ -1320,7 +1258,7 @@ public class ManagementServerImpl implements ManagementServer {
permittedAccounts, caller);
Set> templateZonePairSet2 = new HashSet>();
templateZonePairSet2 = _templateDao.searchTemplates(name, keyword, templateFilter, isIso, hypers, bootable, domain, pageSize, startIndex, zoneId, hyperType, onlyReady, showDomr,
- permittedAccounts, caller, skipProjectTemplates);
+ permittedAccounts, caller, listProjectResourcesCriteria);
for (Pair tmpltPair : templateZonePairSet2) {
if (!templateZonePairSet.contains(new Pair(tmpltPair.first(), -1L))) {
templateZonePairSet.add(tmpltPair);
@@ -1338,7 +1276,7 @@ public class ManagementServerImpl implements ManagementServer {
} else {
if (template == null) {
templateZonePairSet = _templateDao.searchTemplates(name, keyword, templateFilter, isIso, hypers, bootable, domain, pageSize, startIndex, zoneId, hyperType, onlyReady, showDomr,
- permittedAccounts, caller, skipProjectTemplates);
+ permittedAccounts, caller, listProjectResourcesCriteria);
} else {
// if template is not public, perform permission check here
if (!template.isPublicTemplate() && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
@@ -1444,107 +1382,66 @@ public class ManagementServerImpl implements ManagementServer {
@Override
public List searchForEvents(ListEventsCmd cmd) {
- Account caller = UserContext.current().getCaller();
- List permittedAccounts = new ArrayList();
- boolean isAdmin = false;
- String accountName = cmd.getAccountName();
+ Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
- Long projectId = cmd.getProjectId();
-
- if (_accountMgr.isAdmin(caller.getType())) {
- isAdmin = true;
- // validate domainId before proceeding
- if (domainId != null) {
- Domain domain = _domainDao.findById(domainId);
- if (domain == null) {
- throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
- }
- _accountMgr.checkAccess(caller, _domainDao.findById(domainId));
-
- if (accountName != null) {
- Account userAccount = _accountDao.findNonProjectAccountIncludingRemoved(accountName, domainId);
- if (userAccount == null) {
- throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
- }
-
- permittedAccounts.add(userAccount.getId());
- }
- } else {
- domainId = caller.getDomainId();
- if (accountName != null) {
- Account userAccount = _accountDao.findNonProjectAccountIncludingRemoved(accountName, domainId);
- if (userAccount == null) {
- throw new InvalidParameterValueException("Can't find account " + accountName + " in domain id=" + domainId);
- }
- permittedAccounts.add(userAccount.getId());
- }
- }
- } else {
- permittedAccounts.add(caller.getId());
- }
-
- //set project information
- boolean skipProjectEvents = true;
- if (projectId != null) {
- if (projectId == -1) {
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- } else {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(project.getProjectAccountId());
- }
- skipProjectEvents = false;
- }
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
- Filter searchFilter = new Filter(EventVO.class, "createDate", false, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
- Object type = cmd.getType();
- Object level = cmd.getLevel();
+ Long id = cmd.getId();
+ String type = cmd.getType();
+ String level = cmd.getLevel();
Date startDate = cmd.getStartDate();
Date endDate = cmd.getEndDate();
- Object keyword = cmd.getKeyword();
+ String keyword = cmd.getKeyword();
Integer entryTime = cmd.getEntryTime();
Integer duration = cmd.getDuration();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
+ Filter searchFilter = new Filter(EventVO.class, "createDate", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder sb = _eventDao.createSearchBuilder();
+
+ sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
+ sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
+ if (((permittedAccounts.isEmpty()) && (domainId != null) && isRecursive)) {
+ // if accountId isn't specified, we can do a domain match for the admin case if isRecursive is true
+ SearchBuilder domainSearch = _domainDao.createSearchBuilder();
+ domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
+ sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
+ }
+
+ if (listProjectResourcesCriteria != null) {
+ if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.ListProjectResourcesOnly) {
+ sb.and("accountType", sb.entity().getAccountType(), SearchCriteria.Op.EQ);
+ } else if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.SkipProjectResources) {
+ sb.and("accountType", sb.entity().getAccountType(), SearchCriteria.Op.NEQ);
+ }
+ }
+
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("levelL", sb.entity().getLevel(), SearchCriteria.Op.LIKE);
sb.and("levelEQ", sb.entity().getLevel(), SearchCriteria.Op.EQ);
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.LIKE);
- sb.and("domainIdEQ", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
sb.and("type", sb.entity().getType(), SearchCriteria.Op.EQ);
sb.and("createDateB", sb.entity().getCreateDate(), SearchCriteria.Op.BETWEEN);
sb.and("createDateG", sb.entity().getCreateDate(), SearchCriteria.Op.GTEQ);
sb.and("createDateL", sb.entity().getCreateDate(), SearchCriteria.Op.LTEQ);
- sb.and("accountType", sb.entity().getAccountType(), SearchCriteria.Op.NEQ);
sb.and("state", sb.entity().getState(),SearchCriteria.Op.NEQ);
sb.and("startId", sb.entity().getStartId(), SearchCriteria.Op.EQ);
sb.and("createDate", sb.entity().getCreateDate(), SearchCriteria.Op.BETWEEN);
- if (isAdmin && permittedAccounts.isEmpty() && domainId != null) {
- // if accountId isn't specified, we can do a domain match for the admin case
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- } else if (domainId != null) {
- sc.setJoinParameters("domainSearch", "path", _domainDao.findById(domainId).getPath() + "%");
+ if (listProjectResourcesCriteria != null) {
+ sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
}
- if (skipProjectEvents) {
- sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
+ if (!permittedAccounts.isEmpty()) {
+ sc.setParameters("accountIdIN", permittedAccounts.toArray());
+ } else if (domainId != null) {
+ DomainVO domain = _domainDao.findById(domainId);
+ if (isRecursive) {
+ sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
+ } else {
+ sc.setParameters("domainId", domainId);
+ }
}
if (id != null) {
@@ -1606,28 +1503,25 @@ public class ManagementServerImpl implements ManagementServer {
@Override
public List searchForRouters(ListRoutersCmd cmd) {
- Account caller = UserContext.current().getCaller();
- Pair, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- List permittedAccounts = accountDomainPair.first();
- Long domainId = accountDomainPair.second();
+ Long id = cmd.getId();
+ String name = cmd.getRouterName();
+ String state = cmd.getState();
+ Long zone = cmd.getZoneId();
+ Long pod = cmd.getPodId();
+ Long hostId = cmd.getHostId();
+ String keyword = cmd.getKeyword();
+ Long networkId = cmd.getNetworkId();
- boolean skipProjectRouters = true;
- if (cmd.getProjectId() != null) {
- skipProjectRouters = false;
- }
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter searchFilter = new Filter(DomainRouterVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
- Object name = cmd.getRouterName();
- Object state = cmd.getState();
- Object zone = cmd.getZoneId();
- Object pod = cmd.getPodId();
- Object hostId = cmd.getHostId();
- Object keyword = cmd.getKeyword();
- Object networkId = cmd.getNetworkId();
-
SearchBuilder sb = _routerDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("name", sb.entity().getHostName(), SearchCriteria.Op.LIKE);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
@@ -1636,23 +1530,9 @@ public class ManagementServerImpl implements ManagementServer {
sb.and("podId", sb.entity().getPodIdToDeployIn(), SearchCriteria.Op.EQ);
sb.and("hostId", sb.entity().getHostId(), SearchCriteria.Op.EQ);
- if ((permittedAccounts.isEmpty()) && (domainId != null)) {
- // if accountId isn't specified, we can do a domain match for the admin case
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
- if (skipProjectRouters) {
- SearchBuilder accountSearch = _accountDao.createSearchBuilder();
- accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
- sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
if (networkId != null) {
SearchBuilder nicSearch = _nicDao.createSearchBuilder();
nicSearch.and("networkId", nicSearch.entity().getNetworkId(), SearchCriteria.Op.EQ);
-
SearchBuilder networkSearch = _networkDao.createSearchBuilder();
networkSearch.and("networkId", networkSearch.entity().getId(), SearchCriteria.Op.EQ);
nicSearch.join("networkSearch", networkSearch, nicSearch.entity().getNetworkId(), networkSearch.entity().getId(), JoinBuilder.JoinType.INNER);
@@ -1661,10 +1541,7 @@ public class ManagementServerImpl implements ManagementServer {
}
SearchCriteria sc = sb.create();
-
- if (skipProjectRouters) {
- sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
- }
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (keyword != null) {
SearchCriteria ssc = _routerDao.createSearchCriteria();
@@ -1678,18 +1555,9 @@ public class ManagementServerImpl implements ManagementServer {
if (name != null) {
sc.setParameters("name", "%" + name + "%");
}
-
if (id != null) {
sc.setParameters("id", id);
}
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- } else if (domainId != null) {
- DomainVO domain = _domainDao.findById(domainId);
- sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
- }
-
if (state != null) {
sc.setParameters("state", state);
}
@@ -1702,7 +1570,6 @@ public class ManagementServerImpl implements ManagementServer {
if (hostId != null) {
sc.setParameters("hostId", hostId);
}
-
if (networkId != null) {
sc.setJoinParameters("nicSearch", "networkId", networkId);
}
@@ -1710,273 +1577,42 @@ public class ManagementServerImpl implements ManagementServer {
return _routerDao.search(sc, searchFilter);
}
- @Override
- public List searchForVolumes(ListVolumesCmd cmd) {
- Account caller = UserContext.current().getCaller();
- Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
- List permittedAccounts = new ArrayList();
- boolean isAdmin = false;
- Boolean isRecursive = cmd.isRecursive();
- Long projectId = cmd.getProjectId();
-
- if (isRecursive == null) {
- isRecursive = false;
- }
-
- if ((caller == null) || isAdmin(caller.getType())) {
- isAdmin = true;
- if (domainId != null) {
- if ((caller != null) && !_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
- throw new PermissionDeniedException("Invalid domain id (" + domainId + ") given, unable to list volumes.");
- }
- if (accountName != null) {
- Account userAccount = _accountDao.findActiveAccount(accountName, domainId);
- if (userAccount != null) {
- permittedAccounts.add(userAccount.getId());
- } else {
- throw new InvalidParameterValueException("could not find account " + accountName + " in domain " + domainId);
- }
- }
- } else {
- domainId = ((caller == null) ? DomainVO.ROOT_DOMAIN : caller.getDomainId());
- isRecursive = true;
- }
- } else {
- permittedAccounts.add(caller.getId());
- }
-
- //set project information
- boolean skipProjectVolumes = true;
- if (projectId != null) {
- if (projectId == -1) {
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- } else {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(project.getProjectAccountId());
- }
- skipProjectVolumes = false;
- }
-
- Filter searchFilter = new Filter(VolumeVO.class, "created", false, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
- Long vmInstanceId = cmd.getVirtualMachineId();
- Object name = cmd.getVolumeName();
- Object keyword = cmd.getKeyword();
- Object type = cmd.getType();
-
- Object zoneId = cmd.getZoneId();
- Object pod = null;
- // Object host = null; TODO
- if (isAdmin) {
- pod = cmd.getPodId();
- // host = cmd.getHostId(); TODO
- } else {
- domainId = null;
- }
-
- // hack for now, this should be done better but due to needing a join I opted to
- // do this quickly and worry about making it pretty later
- SearchBuilder sb = _volumeDao.createSearchBuilder();
- sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
- sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
- sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- sb.and("volumeType", sb.entity().getVolumeType(), SearchCriteria.Op.LIKE);
- sb.and("instanceId", sb.entity().getInstanceId(), SearchCriteria.Op.EQ);
- sb.and("dataCenterId", sb.entity().getDataCenterId(), SearchCriteria.Op.EQ);
- sb.and("podId", sb.entity().getPodId(), SearchCriteria.Op.EQ);
-
- // Only return volumes that are not destroyed
- sb.and("state", sb.entity().getState(), SearchCriteria.Op.NEQ);
-
- SearchBuilder diskOfferingSearch = _diskOfferingDao.createSearchBuilder();
- diskOfferingSearch.and("systemUse", diskOfferingSearch.entity().getSystemUse(), SearchCriteria.Op.NEQ);
- sb.join("diskOfferingSearch", diskOfferingSearch, sb.entity().getDiskOfferingId(), diskOfferingSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
-
- if (((permittedAccounts.isEmpty()) && (domainId != null) && isRecursive)) {
- // if accountId isn't specified, we can do a domain match for the admin case if isRecursive is true
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- } else if ((permittedAccounts.isEmpty()) && (domainId != null) && !isRecursive) {
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.EQ);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
- if (skipProjectVolumes) {
- SearchBuilder accountSearch = _accountDao.createSearchBuilder();
- accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
- sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
- // display user vm volumes only
- SearchBuilder vmSearch = _vmInstanceDao.createSearchBuilder();
- vmSearch.and("type", vmSearch.entity().getType(), SearchCriteria.Op.NIN);
- vmSearch.or("nulltype", vmSearch.entity().getType(), SearchCriteria.Op.NULL);
- sb.join("vmSearch", vmSearch, sb.entity().getInstanceId(), vmSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
-
- // now set the SC criteria...
- SearchCriteria sc = sb.create();
- if (keyword != null) {
- SearchCriteria ssc = _volumeDao.createSearchCriteria();
- ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
- ssc.addOr("volumeType", SearchCriteria.Op.LIKE, "%" + keyword + "%");
-
- sc.addAnd("name", SearchCriteria.Op.SC, ssc);
- }
-
- if (skipProjectVolumes) {
- sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
- }
-
- if (name != null) {
- sc.setParameters("name", "%" + name + "%");
- }
-
- if (id != null) {
- sc.setParameters("id", id);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountIdIN", permittedAccounts.toArray());
- sc.setJoinParameters("diskOfferingSearch", "systemUse", 1);
- } else if (domainId != null) {
- DomainVO domain = _domainDao.findById(domainId);
- if (isRecursive) {
- sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
- } else {
- sc.setJoinParameters("domainSearch", "path", domain.getPath());
- }
- }
- if (type != null) {
- sc.setParameters("volumeType", "%" + type + "%");
- }
- if (vmInstanceId != null) {
- sc.setParameters("instanceId", vmInstanceId);
- }
- if (zoneId != null) {
- sc.setParameters("dataCenterId", zoneId);
- }
- if (pod != null) {
- sc.setParameters("podId", pod);
- }
-
- // Don't return DomR and ConsoleProxy volumes
- sc.setJoinParameters("vmSearch", "type", VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm, VirtualMachine.Type.DomainRouter);
-
- // Only return volumes that are not destroyed
- sc.setParameters("state", Volume.State.Destroy);
-
- return _volumeDao.search(sc, searchFilter);
- }
-
@Override
public List searchForIPAddresses(ListPublicIpAddressesCmd cmd) {
- Account caller = UserContext.current().getCaller();
- Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
Object keyword = cmd.getKeyword();
- Long projectId = cmd.getProjectId();
Long physicalNetworkId = cmd.getPhysicalNetworkId();
Long associatedNetworkId = cmd.getAssociatedNetworkId();
+ Long zone = cmd.getZoneId();
+ String address = cmd.getIpAddress();
+ Long vlan = cmd.getVlanId();
+ Boolean forVirtualNetwork = cmd.isForVirtualNetwork();
+ Boolean forLoadBalancing = cmd.isForLoadBalancing();
+ Long ipId = cmd.getId();
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
List permittedAccounts = new ArrayList();
- if (isAdmin(caller.getType())) {
- // validate domainId before proceeding
- if (domainId != null) {
- Domain domain = _domainDao.findById(domainId);
- if (domain == null) {
- throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
- }
- _accountMgr.checkAccess(caller, domain);
-
- if (accountName != null) {
- Account userAccount = _accountDao.findActiveAccount(accountName, domainId);
- if (userAccount != null) {
- permittedAccounts.add(userAccount.getId());
- } else {
- throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
- }
- }
- } else if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- domainId = caller.getDomainId();
- }
- } else {
- permittedAccounts.add(caller.getId());
- }
-
- //set project information
- boolean skipProjectIps = true;
- if (projectId != null) {
- if (projectId == -1) {
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- } else {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(project.getProjectAccountId());
- }
- skipProjectIps = false;
- }
-
- if (permittedAccounts.isEmpty() && keyword != null) {
- Account userAccount = _accountDao.findActiveAccount((String) keyword, domainId);
- if (userAccount != null) {
- permittedAccounts.add(userAccount.getId());
- }
- }
-
+
Boolean isAllocated = cmd.isAllocatedOnly();
if (isAllocated == null) {
isAllocated = Boolean.TRUE;
}
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), ipId);
Filter searchFilter = new Filter(IPAddressVO.class, "address", false, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object zone = cmd.getZoneId();
- Object address = cmd.getIpAddress();
- Object vlan = cmd.getVlanId();
- Object forVirtualNetwork = cmd.isForVirtualNetwork();
- Object forLoadBalancing = cmd.isForLoadBalancing();
- Object ipId = cmd.getId();
-
SearchBuilder sb = _publicIpAddressDao.createSearchBuilder();
- sb.and("accountIdIN", sb.entity().getAllocatedToAccountId(), SearchCriteria.Op.IN);
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
sb.and("dataCenterId", sb.entity().getDataCenterId(), SearchCriteria.Op.EQ);
sb.and("address", sb.entity().getAddress(), SearchCriteria.Op.EQ);
sb.and("vlanDbId", sb.entity().getVlanId(), SearchCriteria.Op.EQ);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("physicalNetworkId", sb.entity().getPhysicalNetworkId(), SearchCriteria.Op.EQ);
sb.and("associatedNetworkIdEq", sb.entity().getAssociatedWithNetworkId(), SearchCriteria.Op.EQ);
-
- if ((permittedAccounts.isEmpty()) && (domainId != null)) {
- // if accountId isn't specified, we can do a domain match for the admin case
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getAllocatedInDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
- if (skipProjectIps) {
- SearchBuilder accountSearch = _accountDao.createSearchBuilder();
- accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
- sb.join("accountSearch", accountSearch, sb.entity().getAllocatedToAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
+
if (forLoadBalancing != null && (Boolean)forLoadBalancing) {
SearchBuilder lbSearch = _loadbalancerDao.createSearchBuilder();
@@ -2011,17 +1647,7 @@ public class ManagementServerImpl implements ManagementServer {
}
SearchCriteria sc = sb.create();
-
- if (skipProjectIps) {
- sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
- }
-
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountIdIN", permittedAccounts.toArray());
- } else if (domainId != null) {
- DomainVO domain = _domainDao.findById(domainId);
- sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
- }
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sc.setJoinParameters("vlanSearch", "vlanType", vlanType);
@@ -2331,219 +1957,11 @@ public class ManagementServerImpl implements ManagementServer {
}
- protected boolean templateIsCorrectType(VirtualMachineTemplate template) {
- return true;
- }
-
public static boolean isAdmin(short accountType) {
return ((accountType == Account.ACCOUNT_TYPE_ADMIN) || (accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
}
- @Override
- @DB
- public boolean updateTemplatePermissions(UpdateTemplatePermissionsCmd cmd) {
- return updateTemplateOrIsoPermissions(cmd);
- }
-
- @Override
- @DB
- public boolean updateTemplatePermissions(UpdateIsoPermissionsCmd cmd) {
- return updateTemplateOrIsoPermissions(cmd);
- }
-
- @DB
- protected boolean updateTemplateOrIsoPermissions(UpdateTemplateOrIsoPermissionsCmd cmd) {
- Transaction txn = Transaction.currentTxn();
-
- // Input validation
- Long id = cmd.getId();
- Account caller = UserContext.current().getCaller();
- List accountNames = cmd.getAccountNames();
- List projectIds = cmd.getProjectIds();
- Boolean isFeatured = cmd.isFeatured();
- Boolean isPublic = cmd.isPublic();
- Boolean isExtractable = cmd.isExtractable();
- String operation = cmd.getOperation();
- String mediaType = "";
-
- VMTemplateVO template = _templateDao.findById(id);
-
- if (template == null || !templateIsCorrectType(template)) {
- throw new InvalidParameterValueException("unable to find " + mediaType + " with id " + id);
- }
-
- if (cmd instanceof UpdateTemplatePermissionsCmd) {
- mediaType = "template";
- if (template.getFormat().equals(ImageFormat.ISO)) {
- throw new InvalidParameterValueException("Please provide a valid template");
- }
- }
- if (cmd instanceof UpdateIsoPermissionsCmd) {
- mediaType = "iso";
- if (!template.getFormat().equals(ImageFormat.ISO)) {
- throw new InvalidParameterValueException("Please provide a valid iso");
- }
- }
-
- //Can only assign pro
-
- //convert projectIds to accountNames
- if (projectIds != null) {
- for (Long projectId : projectIds) {
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
-
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- accountNames.add(_accountMgr.getAccount(project.getProjectAccountId()).getAccountName());
- }
- }
-
- _accountMgr.checkAccess(caller, AccessType.ModifyEntry, template);
-
- // If the template is removed throw an error.
- if (template.getRemoved() != null) {
- s_logger.error("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
- throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
- }
-
- if (id == Long.valueOf(1)) {
- throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id);
- }
-
- boolean isAdmin = isAdmin(caller.getType());
- boolean allowPublicUserTemplates = Boolean.valueOf(_configDao.getValue("allow.public.user.templates"));
- if (!isAdmin && !allowPublicUserTemplates && isPublic != null && isPublic) {
- throw new InvalidParameterValueException("Only private " + mediaType + "s can be created.");
- }
-
- if (accountNames != null) {
- if ((operation == null) || (!operation.equalsIgnoreCase("add") && !operation.equalsIgnoreCase("remove") && !operation.equalsIgnoreCase("reset"))) {
- throw new InvalidParameterValueException("Invalid operation on accounts, the operation must be either 'add' or 'remove' in order to modify launch permissions."
- + " Given operation is: '" + operation + "'");
- }
- }
-
- Long accountId = template.getAccountId();
- if (accountId == null) {
- // if there is no owner of the template then it's probably already a public template (or domain private template) so
- // publishing to individual users is irrelevant
- throw new InvalidParameterValueException("Update template permissions is an invalid operation on template " + template.getName());
- }
-
- VMTemplateVO updatedTemplate = _templateDao.createForUpdate();
-
- if (isPublic != null) {
- updatedTemplate.setPublicTemplate(isPublic.booleanValue());
- }
-
- if (isFeatured != null) {
- updatedTemplate.setFeatured(isFeatured.booleanValue());
- }
-
- if (isExtractable != null && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {//Only ROOT admins allowed to change this powerful attribute
- updatedTemplate.setExtractable(isExtractable.booleanValue());
- }else if (isExtractable != null && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
- throw new InvalidParameterValueException("Only ROOT admins are allowed to modify this attribute.");
- }
-
- _templateDao.update(template.getId(), updatedTemplate);
-
- Long domainId = caller.getDomainId();
- if ("add".equalsIgnoreCase(operation)) {
- txn.start();
- for (String accountName : accountNames) {
- Account permittedAccount = _accountDao.findActiveAccount(accountName, domainId);
- if (permittedAccount != null) {
- if (permittedAccount.getId() == caller.getId()) {
- continue; // don't grant permission to the template owner, they implicitly have permission
- }
- LaunchPermissionVO existingPermission = _launchPermissionDao.findByTemplateAndAccount(id, permittedAccount.getId());
- if (existingPermission == null) {
- LaunchPermissionVO launchPermission = new LaunchPermissionVO(id, permittedAccount.getId());
- _launchPermissionDao.persist(launchPermission);
- }
- } else {
- txn.rollback();
- throw new InvalidParameterValueException("Unable to grant a launch permission to account " + accountName + ", account not found. "
- + "No permissions updated, please verify the account names and retry.");
- }
- }
- txn.commit();
- } else if ("remove".equalsIgnoreCase(operation)) {
- List accountIds = new ArrayList();
- for (String accountName : accountNames) {
- Account permittedAccount = _accountDao.findActiveAccount(accountName, domainId);
- if (permittedAccount != null) {
- accountIds.add(permittedAccount.getId());
- }
- }
- _launchPermissionDao.removePermissions(id, accountIds);
- } else if ("reset".equalsIgnoreCase(operation)) {
- // do we care whether the owning account is an admin? if the
- // owner is an admin, will we still set public to false?
- updatedTemplate = _templateDao.createForUpdate();
- updatedTemplate.setPublicTemplate(false);
- updatedTemplate.setFeatured(false);
- _templateDao.update(template.getId(), updatedTemplate);
- _launchPermissionDao.removeAllPermissions(id);
- }
- return true;
- }
-
- @Override
- public List listTemplatePermissions(ListTemplateOrIsoPermissionsCmd cmd) {
- Account caller = UserContext.current().getCaller();
- Long domainId = cmd.getDomainId();
- String acctName = cmd.getAccountName();
- Long id = cmd.getId();
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
- // validate domainId before proceeding
- if (domainId != null) {
- DomainVO domain = _domainDao.findById(domainId);
- if (domain == null) {
- throw new InvalidParameterValueException("Unable to find domain by id " + domainId);
- }
-
- _accountMgr.checkAccess(caller, domain);
-
- if (acctName != null) {
- Account userAccount = _accountDao.findActiveAccount(acctName, domainId);
- if (userAccount == null) {
- throw new PermissionDeniedException("Unable to find account " + acctName + " in domain " + domainId);
- }
- }
- }
- }
-
- if (id == Long.valueOf(1)) {
- throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
- }
-
- VirtualMachineTemplate template = _templateMgr.getTemplate(id);
- if (template == null || !templateIsCorrectType(template)) {
- throw new InvalidParameterValueException("unable to find " + cmd.getMediaType() + " with id " + id);
- }
-
- if (!template.isPublicTemplate()) {
- _accountMgr.checkAccess(caller, null, template);
- }
-
- List accountNames = new ArrayList();
- List permissions = _launchPermissionDao.findByTemplate(id);
- if ((permissions != null) && !permissions.isEmpty()) {
- for (LaunchPermissionVO permission : permissions) {
- Account acct = _accountDao.findById(permission.getAccountId());
- accountNames.add(acct.getAccountName());
- }
- }
- return accountNames;
- }
-
+
private List searchDiskOfferingsInternal(Account account, Object name, Object id, Object keyword, Filter searchFilter) {
// it was decided to return all offerings for the user's domain, and everything above till root (for normal user or
// domain admin)
@@ -2800,85 +2218,73 @@ public class ManagementServerImpl implements ManagementServer {
@Override
public List searchForAsyncJobs(ListAsyncJobsCmd cmd) {
- Filter searchFilter = new Filter(AsyncJobVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
- SearchBuilder sb = _jobDao.createSearchBuilder();
-
- Object accountId = null;
- Long domainId = cmd.getDomainId();
- Account caller = UserContext.current().getCaller();
- if (isAdmin(caller.getType())) {
- String accountName = cmd.getAccountName();
-
- if ((accountName != null) && (domainId != null)) {
- Account userAccount = _accountDao.findActiveAccount(accountName, domainId);
- if (userAccount != null) {
- accountId = userAccount.getId();
- } else {
- throw new InvalidParameterValueException("Failed to list async jobs for account " + accountName + " in domain " + domainId + "; account not found.");
- }
- } else if (domainId != null) {
- if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
- throw new PermissionDeniedException("Failed to list async jobs for domain " + domainId + "; permission denied.");
- }
- }
-
- if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN && domainId == null) {
- domainId = caller.getDomainId();
- }
-
- } else {
- accountId = caller.getId();
- }
-
- // we should do domain based search for domain admin
- if (domainId != null) {
- sb.and("accountsIn", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- }
+
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), null, permittedAccounts, cmd.listAll(), null);
+ Filter searchFilter = new Filter(AsyncJobVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
+ SearchBuilder sb = _jobDao.createSearchBuilder();
+ sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
+ SearchBuilder accountSearch = null;
+ boolean accountJoinIsDone = false;
+ if (permittedAccounts.isEmpty() && domainId != null) {
+ accountSearch = _accountDao.createSearchBuilder();
+ // if accountId isn't specified, we can do a domain match for the admin case if isRecursive is true
+ SearchBuilder domainSearch = _domainDao.createSearchBuilder();
+ domainSearch.and("domainId", domainSearch.entity().getId(), SearchCriteria.Op.EQ);
+ domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
+ sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
+ accountJoinIsDone = true;
+ accountSearch.join("domainSearch", domainSearch, accountSearch.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
+ }
+
+ if (listProjectResourcesCriteria != null) {
+ if (accountSearch == null) {
+ accountSearch = _accountDao.createSearchBuilder();
+ }
+ if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.ListProjectResourcesOnly) {
+ accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.EQ);
+ } else if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.SkipProjectResources) {
+ accountSearch.and("type", accountSearch.entity().getType(), SearchCriteria.Op.NEQ);
+ }
+
+ if (!accountJoinIsDone) {
+ sb.join("accountSearch", accountSearch, sb.entity().getAccountId(), accountSearch.entity().getId(), JoinBuilder.JoinType.INNER);
+ }
+ }
- Object keyword = cmd.getKeyword();
- Object startDate = cmd.getStartDate();
+ Object keyword = cmd.getKeyword();
+ Object startDate = cmd.getStartDate();
- SearchCriteria sc = sb.create();
+ SearchCriteria sc = sb.create();
+ if (listProjectResourcesCriteria != null) {
+ sc.setJoinParameters("accountSearch", "type", Account.ACCOUNT_TYPE_PROJECT);
+ }
- if (keyword != null) {
- sc.addAnd("cmd", SearchCriteria.Op.LIKE, "%" + keyword + "%");
- }
-
- if (accountId != null) {
- sc.addAnd("accountId", SearchCriteria.Op.EQ, accountId);
- }
+ if (!permittedAccounts.isEmpty()) {
+ sc.setParameters("accountIdIN", permittedAccounts.toArray());
+ } else if (domainId != null) {
+ DomainVO domain = _domainDao.findById(domainId);
+ if (isRecursive) {
+ sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
+ } else {
+ sc.setJoinParameters("domainSearch", "domainId", domainId);
+ }
+ }
-
- if (domainId != null) {
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
-
- SearchBuilder accountSearch = _accountDao.createSearchBuilder();
- accountSearch.join("domainSearch", domainSearch, accountSearch.entity().getDomainId(), domainSearch.entity().getId(), JoinType.INNER);
-
- SearchCriteria accountSc = accountSearch.create();
- DomainVO domain = _domainDao.findById(domainId);
-
- accountSc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
-
- List allowedAccounts = _accountDao.search(accountSc, null);
- if (!allowedAccounts.isEmpty()) {
- Long[] accountIds = new Long[allowedAccounts.size()];
- for (int i = 0; i < allowedAccounts.size(); i++) {
- AccountVO allowedAccount = allowedAccounts.get(i);
- accountIds[i] = allowedAccount.getId();
- }
-
- sc.setParameters("accountsIn", (Object[])accountIds);
- }
- }
+ if (keyword != null) {
+ sc.addAnd("cmd", SearchCriteria.Op.LIKE, "%" + keyword + "%");
+ }
- if (startDate != null) {
- sc.addAnd("created", SearchCriteria.Op.GTEQ, startDate);
- }
+ if (startDate != null) {
+ sc.addAnd("created", SearchCriteria.Op.GTEQ, startDate);
+ }
- return _jobDao.search(sc, searchFilter);
- }
+ return _jobDao.search(sc, searchFilter);
+ }
@ActionEvent(eventType = EventTypes.EVENT_SSVM_START, eventDescription = "starting secondary storage Vm", async = true)
public SecondaryStorageVmVO startSecondaryStorageVm(long instanceId) {
@@ -3075,7 +2481,7 @@ public class ManagementServerImpl implements ManagementServer {
Account caller = UserContext.current().getCaller();
// verify that user exists
- User user = _accountMgr.getUser(userId);
+ User user = _accountMgr.getUserIncludingRemoved(userId);
if ((user == null) || (user.getRemoved() != null)) {
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
}
@@ -3341,67 +2747,56 @@ public class ManagementServerImpl implements ManagementServer {
@Override
public List searchForVmGroups(ListVMGroupsCmd cmd) {
+ Long id = cmd.getId();
+ String name = cmd.getGroupName();
+ String keyword = cmd.getKeyword();
+
Account caller = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
- String accountName = cmd.getAccountName();
- Long projectId = cmd.getProjectId();
- List permittedAccounts = new ArrayList();
-
- if ((caller == null) || isAdmin(caller.getType())) {
- if (domainId != null) {
- if ((caller != null) && !_domainDao.isChildDomain(caller.getDomainId(), domainId)) {
- throw new InvalidParameterValueException("Invalid domain id (" + domainId + ") given, unable to list vm groups.");
- }
-
- if (accountName != null) {
- caller = _accountDao.findActiveAccount(accountName, domainId);
- if (caller == null) {
- throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
- }
- permittedAccounts.add(caller.getId());
- }
- } else {
- domainId = ((caller == null) ? DomainVO.ROOT_DOMAIN : caller.getDomainId());
- }
- } else {
- permittedAccounts.add(caller.getId());
- domainId = caller.getDomainId();
- }
-
- //set project information
- if (projectId != null) {
- permittedAccounts.clear();
- Project project = _projectMgr.getProject(projectId);
- if (project == null) {
- throw new InvalidParameterValueException("Unable to find project by id " + projectId);
- }
- if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
- throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
- }
- permittedAccounts.add(project.getProjectAccountId());
- } else if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- }
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
Filter searchFilter = new Filter(InstanceGroupVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
-
- Object id = cmd.getId();
- Object name = cmd.getGroupName();
- Object keyword = cmd.getKeyword();
-
+
SearchBuilder sb = _vmGroupDao.createSearchBuilder();
- sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
- sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
- sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.IN);
-
- if ((permittedAccounts.isEmpty()) && (domainId != null)) {
- // if accountId isn't specified, we can do a domain match for the admin case
+
+ sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
+ sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
+ if (((permittedAccounts.isEmpty()) && (domainId != null) && isRecursive)) {
+ // if accountId isn't specified, we can do a domain match for the admin case if isRecursive is true
SearchBuilder domainSearch = _domainDao.createSearchBuilder();
domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
}
+
+ if (listProjectResourcesCriteria != null) {
+ if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.ListProjectResourcesOnly) {
+ sb.and("accountType", sb.entity().getAccountType(), SearchCriteria.Op.EQ);
+ } else if (listProjectResourcesCriteria == Project.ListProjectResourcesCriteria.SkipProjectResources) {
+ sb.and("accountType", sb.entity().getAccountType(), SearchCriteria.Op.NEQ);
+ }
+ }
+
+ sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
+ sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
SearchCriteria sc = sb.create();
+ if (listProjectResourcesCriteria != null) {
+ sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
+ }
+
+ if (!permittedAccounts.isEmpty()) {
+ sc.setParameters("accountIdIN", permittedAccounts.toArray());
+ } else if (domainId != null) {
+ DomainVO domain = _domainDao.findById(domainId);
+ if (isRecursive) {
+ sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
+ } else {
+ sc.setParameters("domainId", domainId);
+ }
+ }
+
if (keyword != null) {
SearchCriteria ssc = _vmGroupDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
@@ -3415,15 +2810,6 @@ public class ManagementServerImpl implements ManagementServer {
sc.setParameters("name", "%" + name + "%");
}
- if (!permittedAccounts.isEmpty()) {
- sc.setParameters("accountId", permittedAccounts.toArray());
- } else if (domainId != null) {
- DomainVO domain = _domainDao.findById(domainId);
- if (domain != null) {
- sc.setJoinParameters("domainSearch", "path", domain.getPath() + "%");
- }
- }
-
return _vmGroupDao.search(sc, searchFilter);
}
@@ -3549,57 +2935,30 @@ public class ManagementServerImpl implements ManagementServer {
@Override
public List listSSHKeyPairs(ListSSHKeyPairsCmd cmd) {
- Account caller = UserContext.current().getCaller();
String name = cmd.getName();
String fingerPrint = cmd.getFingerprint();
- List permittedAccounts = new ArrayList();
- Long domainId = null;
- String path = null;
-
- if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
- permittedAccounts.add(caller.getId());
- domainId = caller.getDomainId();
- } else if (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
- DomainVO domain = _domainDao.findById(caller.getDomainId());
- path = domain.getPath();
- }
- if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL){
- permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
- }
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), null);
SearchBuilder sb = _sshKeyPairDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
Filter searchFilter = new Filter(SSHKeyPairVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
- if (path != null) {
- // for domain admin we should show only subdomains information
- SearchBuilder domainSearch = _domainDao.createSearchBuilder();
- domainSearch.and("path", domainSearch.entity().getPath(), SearchCriteria.Op.LIKE);
- sb.join("domainSearch", domainSearch, sb.entity().getDomainId(), domainSearch.entity().getId(), JoinBuilder.JoinType.INNER);
- }
-
SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
if (name != null) {
sc.addAnd("name", SearchCriteria.Op.EQ, name);
}
- if (!permittedAccounts.isEmpty()) {
- sc.addAnd("accountId", SearchCriteria.Op.IN, permittedAccounts.toArray());
- }
-
- if (domainId != null) {
- sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
- }
-
if (fingerPrint != null) {
sc.addAnd("fingerprint", SearchCriteria.Op.EQ, fingerPrint);
}
- if (path != null) {
- sc.setJoinParameters("domainSearch", "path", path + "%");
- }
-
return _sshKeyPairDao.search(sc, searchFilter);
}
@@ -3766,19 +3125,19 @@ public class ManagementServerImpl implements ManagementServer {
hpvCapabilities = _hypervisorCapabilitiesDao.createForUpdate(id);
- if(maxGuestsLimit != null){
+ if (maxGuestsLimit != null){
hpvCapabilities.setMaxGuestsLimit(maxGuestsLimit);
}
- if(securityGroupEnabled != null){
+ if (securityGroupEnabled != null){
hpvCapabilities.setSecurityGroupEnabled(securityGroupEnabled);
}
- if(_hypervisorCapabilitiesDao.update(id, hpvCapabilities)){
+ if (_hypervisorCapabilitiesDao.update(id, hpvCapabilities)){
hpvCapabilities = _hypervisorCapabilitiesDao.findById(id);
UserContext.current().setEventDetails("Hypervisor Capabilities id=" + hpvCapabilities.getId());
return hpvCapabilities;
- }else{
+ } else {
return null;
}
}
diff --git a/server/src/com/cloud/servlet/ConsoleProxyServlet.java b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
index adaf1832e53..a83d92d3b1c 100644
--- a/server/src/com/cloud/servlet/ConsoleProxyServlet.java
+++ b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
@@ -440,7 +440,7 @@ public class ConsoleProxyServlet extends HttpServlet {
public boolean verifyUser(Long userId) {
// copy from ApiServer.java, a bit ugly here
- User user = _accountMgr.getUser(userId);
+ User user = _accountMgr.getUserIncludingRemoved(userId);
Account account = null;
if (user != null) {
account = _accountMgr.getAccount(user.getAccountId());
diff --git a/server/src/com/cloud/storage/StorageManagerImpl.java b/server/src/com/cloud/storage/StorageManagerImpl.java
index df7df1b0c9d..f380f376a38 100755
--- a/server/src/com/cloud/storage/StorageManagerImpl.java
+++ b/server/src/com/cloud/storage/StorageManagerImpl.java
@@ -69,6 +69,7 @@ import com.cloud.api.commands.CancelPrimaryStorageMaintenanceCmd;
import com.cloud.api.commands.CreateStoragePoolCmd;
import com.cloud.api.commands.CreateVolumeCmd;
import com.cloud.api.commands.DeletePoolCmd;
+import com.cloud.api.commands.ListVolumesCmd;
import com.cloud.api.commands.UpdateStoragePoolCmd;
import com.cloud.async.AsyncJobManager;
import com.cloud.capacity.Capacity;
@@ -117,6 +118,7 @@ import com.cloud.hypervisor.HypervisorGuruManager;
import com.cloud.network.NetworkManager;
import com.cloud.network.router.VirtualNetworkApplianceManager;
import com.cloud.org.Grouping;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.resource.ResourceManager;
import com.cloud.resource.ResourceState;
import com.cloud.server.ManagementServer;
@@ -159,6 +161,7 @@ import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.DB;
+import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GenericSearchBuilder;
import com.cloud.utils.db.GlobalLock;
import com.cloud.utils.db.JoinBuilder;
@@ -3273,4 +3276,97 @@ public class StorageManagerImpl implements StorageManager, StorageService, Manag
_hostDao.update(secHost.getId(), secHost);
return secHost;
}
+
+ @Override
+ public List searchForVolumes(ListVolumesCmd cmd) {
+ Account caller = UserContext.current().getCaller();
+ Long domainId = cmd.getDomainId();
+ boolean isRecursive = cmd.isRecursive();
+ List permittedAccounts = new ArrayList();
+
+ Long id = cmd.getId();
+ Long vmInstanceId = cmd.getVirtualMachineId();
+ String name = cmd.getVolumeName();
+ String keyword = cmd.getKeyword();
+ String type = cmd.getType();
+
+ Long zoneId = cmd.getZoneId();
+ Long podId = null;
+ // Object host = null; TODO
+ if (_accountMgr.isAdmin(caller.getType())) {
+ podId = cmd.getPodId();
+ // host = cmd.getHostId(); TODO
+ }
+
+ ListProjectResourcesCriteria listProjectResourcesCriteria = _accountMgr.buildACLSearchParameters(caller, domainId, isRecursive, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, cmd.listAll(), id);
+
+ Filter searchFilter = new Filter(VolumeVO.class, "created", false, cmd.getStartIndex(), cmd.getPageSizeVal());
+
+ // hack for now, this should be done better but due to needing a join I opted to
+ // do this quickly and worry about making it pretty later
+ SearchBuilder sb = _volumeDao.createSearchBuilder();
+ _accountMgr.buildACLSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
+ sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
+ sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
+ sb.and("volumeType", sb.entity().getVolumeType(), SearchCriteria.Op.LIKE);
+ sb.and("instanceId", sb.entity().getInstanceId(), SearchCriteria.Op.EQ);
+ sb.and("dataCenterId", sb.entity().getDataCenterId(), SearchCriteria.Op.EQ);
+ sb.and("podId", sb.entity().getPodId(), SearchCriteria.Op.EQ);
+ // Only return volumes that are not destroyed
+ sb.and("state", sb.entity().getState(), SearchCriteria.Op.NEQ);
+
+ SearchBuilder diskOfferingSearch = _diskOfferingDao.createSearchBuilder();
+ diskOfferingSearch.and("systemUse", diskOfferingSearch.entity().getSystemUse(), SearchCriteria.Op.NEQ);
+ sb.join("diskOfferingSearch", diskOfferingSearch, sb.entity().getDiskOfferingId(), diskOfferingSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
+
+ // display UserVM volumes only
+ SearchBuilder vmSearch = _vmInstanceDao.createSearchBuilder();
+ vmSearch.and("type", vmSearch.entity().getType(), SearchCriteria.Op.NIN);
+ vmSearch.or("nulltype", vmSearch.entity().getType(), SearchCriteria.Op.NULL);
+ sb.join("vmSearch", vmSearch, sb.entity().getInstanceId(), vmSearch.entity().getId(), JoinBuilder.JoinType.LEFTOUTER);
+
+ // now set the SC criteria...
+ SearchCriteria sc = sb.create();
+ _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
+ if (keyword != null) {
+ SearchCriteria ssc = _volumeDao.createSearchCriteria();
+ ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
+ ssc.addOr("volumeType", SearchCriteria.Op.LIKE, "%" + keyword + "%");
+
+ sc.addAnd("name", SearchCriteria.Op.SC, ssc);
+ }
+
+ if (name != null) {
+ sc.setParameters("name", "%" + name + "%");
+ }
+
+ sc.setJoinParameters("diskOfferingSearch", "systemUse", 1);
+
+ if (id != null) {
+ sc.setParameters("id", id);
+ }
+
+ if (type != null) {
+ sc.setParameters("volumeType", "%" + type + "%");
+ }
+ if (vmInstanceId != null) {
+ sc.setParameters("instanceId", vmInstanceId);
+ }
+ if (zoneId != null) {
+ sc.setParameters("dataCenterId", zoneId);
+ }
+ if (podId != null) {
+ sc.setParameters("podId", podId);
+ }
+
+ // Don't return DomR and ConsoleProxy volumes
+ sc.setJoinParameters("vmSearch", "type", VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm, VirtualMachine.Type.DomainRouter);
+
+ // Only return volumes that are not destroyed
+ sc.setParameters("state", Volume.State.Destroy);
+
+ return _volumeDao.search(sc, searchFilter);
+ }
}
diff --git a/server/src/com/cloud/storage/dao/SnapshotDao.java b/server/src/com/cloud/storage/dao/SnapshotDao.java
index 99ac51d3935..48295ccff1b 100644
--- a/server/src/com/cloud/storage/dao/SnapshotDao.java
+++ b/server/src/com/cloud/storage/dao/SnapshotDao.java
@@ -21,9 +21,8 @@ package com.cloud.storage.dao;
import java.util.List;
import com.cloud.storage.Snapshot;
-import com.cloud.storage.Snapshot.Status;
-import com.cloud.storage.SnapshotVO;
import com.cloud.storage.Snapshot.Type;
+import com.cloud.storage.SnapshotVO;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GenericDao;
diff --git a/server/src/com/cloud/storage/dao/VMTemplateDao.java b/server/src/com/cloud/storage/dao/VMTemplateDao.java
index fda153a765f..49d97af3693 100755
--- a/server/src/com/cloud/storage/dao/VMTemplateDao.java
+++ b/server/src/com/cloud/storage/dao/VMTemplateDao.java
@@ -23,6 +23,7 @@ import java.util.Set;
import com.cloud.domain.DomainVO;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.storage.VMTemplateVO;
import com.cloud.template.VirtualMachineTemplate.TemplateFilter;
import com.cloud.user.Account;
@@ -51,7 +52,7 @@ public interface VMTemplateDao extends GenericDao {
public List listReadyTemplates();
public List listByAccountId(long accountId);
public Set> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List hypers, Boolean bootable,
- DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List permittedAccounts, Account caller, boolean skipProjectTemplates);
+ DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List permittedAccounts, Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria);
public Set> searchSwiftTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List hypers, Boolean bootable, DomainVO domain,
Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr, List permittedAccounts, Account caller);
diff --git a/server/src/com/cloud/storage/dao/VMTemplateDaoImpl.java b/server/src/com/cloud/storage/dao/VMTemplateDaoImpl.java
index c1151343c1a..f3a77b8d548 100755
--- a/server/src/com/cloud/storage/dao/VMTemplateDaoImpl.java
+++ b/server/src/com/cloud/storage/dao/VMTemplateDaoImpl.java
@@ -43,6 +43,7 @@ import com.cloud.host.Host;
import com.cloud.host.HostVO;
import com.cloud.host.dao.HostDao;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.storage.Storage;
import com.cloud.storage.Storage.TemplateType;
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
@@ -429,8 +430,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase implem
}
@Override
- public Set> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List hypers, Boolean bootable, DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr,List permittedAccounts, Account caller, boolean skipProjectTemplates) {
-
+ public Set> searchTemplates(String name, String keyword, TemplateFilter templateFilter, boolean isIso, List hypers, Boolean bootable, DomainVO domain, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean onlyReady, boolean showDomr,List permittedAccounts, Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria) {
StringBuilder builder = new StringBuilder();
if (!permittedAccounts.isEmpty()) {
for (Account permittedAccount : permittedAccounts) {
@@ -478,35 +478,20 @@ public class VMTemplateDaoImpl extends GenericDaoBase implem
String whereClause = "";
//All joins have to be made before we start setting the condition settings
- boolean joinedWithAccounts = false;
- if (skipProjectTemplates || (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.featured))) {
+ if ((listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources
+ || (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.featured))) &&
+ !(caller.getType() != Account.ACCOUNT_TYPE_NORMAL && templateFilter == TemplateFilter.all)) {
whereClause += " INNER JOIN account a on (t.account_id = a.id)";
- joinedWithAccounts = true;
if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) && (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
whereClause += " INNER JOIN domain d on (a.domain_id = d.id) WHERE d.path LIKE '" + domain.getPath() + "%'";
- if (skipProjectTemplates) {
+ if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
whereClause += " AND a.type != " + Account.ACCOUNT_TYPE_PROJECT;
}
- }else if (skipProjectTemplates) {
- whereClause += " WHERE a.type != " + Account.ACCOUNT_TYPE_PROJECT;
+ }else
+ if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
+ whereClause += " WHERE a.type != " + Account.ACCOUNT_TYPE_PROJECT;
}
}
-
- if (!isIso) {
- if ( hypers.isEmpty() ) {
- return templateZonePairList;
- } else {
- StringBuilder relatedHypers = new StringBuilder();
- for (HypervisorType hyper : hypers ) {
- relatedHypers.append("'");
- relatedHypers.append(hyper.toString());
- relatedHypers.append("'");
- relatedHypers.append(",");
- }
- relatedHypers.setLength(relatedHypers.length()-1);
- whereClause += " AND t.hypervisor_type IN (" + relatedHypers + ")";
- }
- }
if (!permittedAccounts.isEmpty()) {
for (Account account : permittedAccounts) {
@@ -543,6 +528,22 @@ public class VMTemplateDaoImpl extends GenericDaoBase implem
attr += " WHERE ";
}
+ if (!isIso) {
+ if ( hypers.isEmpty() ) {
+ return templateZonePairList;
+ } else {
+ StringBuilder relatedHypers = new StringBuilder();
+ for (HypervisorType hyper : hypers ) {
+ relatedHypers.append("'");
+ relatedHypers.append(hyper.toString());
+ relatedHypers.append("'");
+ relatedHypers.append(",");
+ }
+ relatedHypers.setLength(relatedHypers.length()-1);
+ whereClause += attr + " t.hypervisor_type IN (" + relatedHypers + ")";
+ }
+ }
+
if (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.featured || templateFilter == TemplateFilter.community) && !isAdmin(caller.getType()) ) {
whereClause += attr + "t.account_id IN (" + permittedAccountsStr + ")";
}
@@ -552,29 +553,19 @@ public class VMTemplateDaoImpl extends GenericDaoBase implem
if (!permittedAccounts.isEmpty()) {
whereClause += attr + "(dc.domain_id IN (" + relatedDomainIds + ") OR dc.domain_id is NULL)";
}
- } else if (templateFilter == TemplateFilter.sharedexecutable && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
- if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ } else if (templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) {
+ whereClause += " AND t.account_id IN (" + permittedAccountsStr + ")";
+ } else if (templateFilter == TemplateFilter.sharedexecutable) {
whereClause += " LEFT JOIN launch_permission lp ON t.id = lp.template_id WHERE" +
" (t.account_id IN (" + permittedAccountsStr + ") OR" +
- " lp.account_id IN (" + permittedAccountsStr + "))";
- } else {
- if (!joinedWithAccounts) {
- whereClause += " INNER JOIN account a on (t.account_id = a.id)";
- }
- whereClause += " INNER JOIN domain d on (a.domain_id = d.id) WHERE d.path LIKE '" + domain.getPath() + "%'";
- }
- }else if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
- // This has been moved up since it involved Joins
- }
- else if (templateFilter == TemplateFilter.executable && !permittedAccounts.isEmpty()) {
+ " lp.account_id IN (" + permittedAccountsStr + "))";
+ } else if (templateFilter == TemplateFilter.executable && !permittedAccounts.isEmpty()) {
whereClause += attr + "(t.public = 1 OR t.account_id IN (" + permittedAccountsStr + "))";
} else if (templateFilter == TemplateFilter.community) {
whereClause += attr + "t.public = 1 AND t.featured = 0";
if (!permittedAccounts.isEmpty()) {
whereClause += attr + "(dc.domain_id IN (" + relatedDomainIds + ") OR dc.domain_id is NULL)";
}
- } else if (templateFilter == TemplateFilter.all && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
- whereClause += attr;
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && !isIso) {
return templateZonePairList;
}
diff --git a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
index 6ee569d3ca0..7c4c20ff7ea 100755
--- a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
+++ b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
@@ -53,7 +53,6 @@ import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.dc.ClusterVO;
import com.cloud.dc.dao.ClusterDao;
import com.cloud.dc.dao.DataCenterDao;
-import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
@@ -66,9 +65,8 @@ import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.StorageUnavailableException;
import com.cloud.host.HostVO;
import com.cloud.host.dao.HostDao;
-import com.cloud.host.dao.HostDetailsDao;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
-import com.cloud.projects.Project;
+import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.projects.ProjectManager;
import com.cloud.resource.ResourceManager;
import com.cloud.storage.Snapshot;
@@ -111,8 +109,6 @@ import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
-import com.cloud.utils.db.JoinBuilder;
-import com.cloud.utils.db.JoinBuilder.JoinType;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
@@ -886,8 +882,16 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
@Override
public List