etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

prevent user.uuid from being regenerated on each operation by reading it from the DB (#12632)

This commit is contained in:
dahn 2026-02-23 11:12:13 +01:00 committed by GitHub
parent 87c8e74642
commit da7ac80dc4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 120 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
engine/schema/src/main/java/com/cloud/user/UserVO.java
View File

@ -123,8 +123,8 @@ public class UserVO implements User, Identity, InternalIdentity {
}
public UserVO(long id) {
this();
this.id = id;
this.uuid = UUID.randomUUID().toString();
}
public UserVO(long accountId, String username, String password, String firstName, String lastName, String email, String timezone, String uuid, Source source) {

2
engine/schema/src/main/java/com/cloud/user/dao/AccountDao.java
View File

@ -21,13 +21,11 @@ import java.util.List;
import com.cloud.user.Account;
import com.cloud.user.AccountVO;
import com.cloud.user.User;
import com.cloud.utils.Pair;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GenericDao;
public interface AccountDao extends GenericDao<AccountVO, Long> {
Pair<User, Account> findUserAccountByApiKey(String apiKey);
List<AccountVO> findAccountsLike(String accountName);

60
engine/schema/src/main/java/com/cloud/user/dao/AccountDaoImpl.java
View File

@ -16,8 +16,6 @@
// under the License.
package com.cloud.user.dao;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Date;
import java.util.List;
@ -27,10 +25,7 @@ import org.springframework.stereotype.Component;
import com.cloud.user.Account;
import com.cloud.user.Account.State;
import com.cloud.user.AccountVO;
import com.cloud.user.User;
import com.cloud.user.UserVO;
import com.cloud.utils.Pair;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.GenericSearchBuilder;
@ -38,13 +33,9 @@ import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria.Func;
import com.cloud.utils.db.SearchCriteria.Op;
import com.cloud.utils.db.TransactionLegacy;
@Component
public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements AccountDao {
private static final String FIND_USER_ACCOUNT_BY_API_KEY = "SELECT u.id, u.username, u.account_id, u.secret_key, u.state, u.api_key_access, "
+ "a.id, a.account_name, a.type, a.role_id, a.domain_id, a.state, a.api_key_access " + "FROM `cloud`.`user` u, `cloud`.`account` a "
+ "WHERE u.account_id = a.id AND u.api_key = ? and u.removed IS NULL";
protected final SearchBuilder<AccountVO> AllFieldsSearch;
protected final SearchBuilder<AccountVO> AccountTypeSearch;
@ -132,51 +123,6 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
return listBy(sc);
}
@Override
public Pair<User, Account> findUserAccountByApiKey(String apiKey) {
TransactionLegacy txn = TransactionLegacy.currentTxn();
PreparedStatement pstmt = null;
Pair<User, Account> userAcctPair = null;
try {
String sql = FIND_USER_ACCOUNT_BY_API_KEY;
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, apiKey);
ResultSet rs = pstmt.executeQuery();
// TODO: make sure we don't have more than 1 result? ApiKey had better be unique
if (rs.next()) {
User u = new UserVO(rs.getLong(1));
u.setUsername(rs.getString(2));
u.setAccountId(rs.getLong(3));
u.setSecretKey(DBEncryptionUtil.decrypt(rs.getString(4)));
u.setState(State.getValueOf(rs.getString(5)));
boolean apiKeyAccess = rs.getBoolean(6);
if (rs.wasNull()) {
u.setApiKeyAccess(null);
} else {
u.setApiKeyAccess(apiKeyAccess);
}
AccountVO a = new AccountVO(rs.getLong(7));
a.setAccountName(rs.getString(8));
a.setType(Account.Type.getFromValue(rs.getInt(9)));
a.setRoleId(rs.getLong(10));
a.setDomainId(rs.getLong(11));
a.setState(State.getValueOf(rs.getString(12)));
apiKeyAccess = rs.getBoolean(13);
if (rs.wasNull()) {
a.setApiKeyAccess(null);
} else {
a.setApiKeyAccess(apiKeyAccess);
}
userAcctPair = new Pair<User, Account>(u, a);
}
} catch (Exception e) {
logger.warn("Exception finding user/acct by api key: " + apiKey, e);
}
return userAcctPair;
}
@Override
public List<AccountVO> findAccountsLike(String accountName) {
return findAccountsLike(accountName, null).first();
@ -341,11 +287,9 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
domain_id = account_vo.getDomainId();
}
catch (Exception e) {
logger.warn("getDomainIdForGivenAccountId: Exception :" + e.getMessage());
}
finally {
return domain_id;
logger.warn("Can not get DomainId for the given AccountId; exception message : {}", e.getMessage());
}
return domain_id;
}
@Override

134
server/src/main/java/com/cloud/user/AccountManagerImpl.java
View File

@ -85,7 +85,6 @@ import org.apache.cloudstack.webhook.WebhookHelper;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
@ -176,6 +175,7 @@ import com.cloud.utils.ConstantTimeComparator;
import com.cloud.utils.NumbersUtil;
import com.cloud.utils.Pair;
import com.cloud.utils.Ternary;
import com.cloud.utils.StringUtils;
import com.cloud.utils.component.ComponentContext;
import com.cloud.utils.component.Manager;
import com.cloud.utils.component.ManagerBase;
@ -223,7 +223,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Inject
private InstanceGroupDao _vmGroupDao;
@Inject
private UserAccountDao _userAccountDao;
private UserAccountDao userAccountDao;
@Inject
private VolumeDao _volumeDao;
@Inject
@ -585,11 +585,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (acct == null) {
return false; //account is deleted or does not exist
}
if ((isRootAdmin(accountId)) || (isDomainAdmin(accountId)) || (isResourceDomainAdmin(accountId))) {
return true;
} else if (acct.getType() == Account.Type.READ_ONLY_ADMIN) {
return true;
}
return (isRootAdmin(accountId)) || (isDomainAdmin(accountId)) || (isResourceDomainAdmin(accountId)) || (acct.getType() == Account.Type.READ_ONLY_ADMIN);
}
return false;
@ -644,10 +640,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public boolean isNormalUser(long accountId) {
AccountVO acct = _accountDao.findById(accountId);
if (acct != null && acct.getType() == Account.Type.NORMAL) {
return true;
}
return false;
return acct != null && acct.getType() == Account.Type.NORMAL;
}
@Override
@ -678,10 +671,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (account == null) {
return false; //account is deleted or does not exist
}
if (isRootAdmin(accountId) || (account.getType() == Account.Type.ADMIN)) {
return true;
}
return false;
return isRootAdmin(accountId) || (account.getType() == Account.Type.ADMIN);
}
@Override
@ -712,7 +702,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
for (ControlledEntity entity : entities) {
if (ownerId == null) {
ownerId = entity.getAccountId();
} else if (ownerId.longValue() != entity.getAccountId()) {
} else if (! ownerId.equals(entity.getAccountId())) {
throw new PermissionDeniedException("Entity " + entity + " and entity " + prevEntity + " belong to different accounts");
}
prevEntity = entity;
@ -738,7 +728,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
domainId = account != null ? account.getDomainId() : -1;
}
if (entity.getAccountId() != -1 && domainId != -1 && !(entity instanceof VirtualMachineTemplate)
&& !(entity instanceof Network && accessType != null && (accessType == AccessType.UseEntry || accessType == AccessType.OperateEntry))
&& !(entity instanceof Network && (accessType == AccessType.UseEntry || accessType == AccessType.OperateEntry))
&& !(entity instanceof AffinityGroup) && !(entity instanceof VirtualRouter)) {
List<ControlledEntity> toBeChecked = domains.get(entity.getDomainId());
// for templates, we don't have to do cross domains check
@ -821,7 +811,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
// Currently just for resource domain admin
List<DataCenterVO> dcList = _dcDao.findZonesByDomainId(account.getDomainId());
if (dcList != null && dcList.size() != 0) {
if (CollectionUtils.isNotEmpty(dcList)) {
return dcList.get(0).getId();
} else {
throw new CloudRuntimeException("Failed to find any private zone for Resource domain admin.");
@ -836,23 +826,23 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public void doInTransactionWithoutResult(TransactionStatus status) {
UserAccountVO user = null;
user = _userAccountDao.lockRow(id, true);
user = userAccountDao.lockRow(id, true);
user.setLoginAttempts(attempts);
if (toDisable) {
user.setState(State.DISABLED.toString());
}
_userAccountDao.update(id, user);
userAccountDao.update(id, user);
}
});
} catch (Exception e) {
logger.error("Failed to update login attempts for user {}", () -> _userAccountDao.findById(id));
logger.error("Failed to update login attempts for user {}", () -> userAccountDao.findById(id));
}
}
private boolean doSetUserStatus(long userId, State state) {
UserVO userForUpdate = _userDao.createForUpdate();
userForUpdate.setState(state);
return _userDao.update(Long.valueOf(userId), userForUpdate);
return _userDao.update(userId, userForUpdate);
}
@Override
@ -861,7 +851,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
AccountVO acctForUpdate = _accountDao.createForUpdate();
acctForUpdate.setState(State.ENABLED);
acctForUpdate.setNeedsCleanup(false);
success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
success = _accountDao.update(accountId, acctForUpdate);
return success;
}
@ -874,7 +864,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
} else if (account.getState().equals(State.ENABLED)) {
AccountVO acctForUpdate = _accountDao.createForUpdate();
acctForUpdate.setState(State.LOCKED);
success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
success = _accountDao.update(accountId, acctForUpdate);
} else {
if (logger.isInfoEnabled()) {
logger.info("Attempting to lock a non-enabled account {}, current state is {}, locking failed.", account, account.getState());
@ -988,7 +978,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
}
// Destroy VM Snapshots
List<VMSnapshotVO> vmSnapshots = _vmSnapshotDao.listByAccountId(Long.valueOf(accountId));
List<VMSnapshotVO> vmSnapshots = _vmSnapshotDao.listByAccountId(accountId);
for (VMSnapshot vmSnapshot : vmSnapshots) {
try {
_vmSnapshotMgr.deleteVMSnapshot(vmSnapshot.getId());
@ -1010,8 +1000,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
try {
_vmMgr.destroyVm(vm.getId(), false);
} catch (Exception e) {
e.printStackTrace();
logger.warn("Failed destroying instance {} as part of account deletion.", vm);
logger.warn("Failed destroying instance {} as part of account deletion.", vm, e);
}
}
// no need to catch exception at this place as expunging vm
@ -1069,7 +1058,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
logger.debug("Deleting networks for account {}", account);
List<NetworkVO> networks = _networkDao.listByOwner(accountId);
if (networks != null) {
Collections.sort(networks, new Comparator<>() {
networks.sort(new Comparator<>() {
@Override
public int compare(NetworkVO network1, NetworkVO network2) {
if (network1.getGuestType() != network2.getGuestType() && Network.GuestType.Isolated.equals(network2.getGuestType())) {
@ -1237,7 +1226,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
} else {
AccountVO acctForUpdate = _accountDao.createForUpdate();
acctForUpdate.setState(State.DISABLED);
success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
success = _accountDao.update(accountId, acctForUpdate);
if (success) {
boolean disableAccountResult = false;
@ -1331,11 +1320,11 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
// Check permissions
checkAccess(getCurrentCallingAccount(), domain);
if (!userAllowMultipleAccounts.valueInDomain(domainId) && !_userAccountDao.validateUsernameInDomain(userName, domainId)) {
if (!userAllowMultipleAccounts.valueInDomain(domainId) && !userAccountDao.validateUsernameInDomain(userName, domainId)) {
throw new InvalidParameterValueException(String.format("The user %s already exists in domain %s", userName, domain));
}
if (networkDomain != null && networkDomain.length() > 0) {
if (StringUtils.isNotEmpty(networkDomain)) {
if (!NetUtils.verifyDomainName(networkDomain)) {
throw new InvalidParameterValueException(
"Invalid network domain. Total length shouldn't exceed 190 chars. Each domain label must be between 1 and 63 characters long, can contain ASCII letters 'a' through 'z', the digits '0' through '9', "
@ -1387,7 +1376,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
CallContext.current().putContextParameter(User.class, userId);
// check success
return _userAccountDao.findById(userId);
return userAccountDao.findById(userId);
}
/*
@ -1525,7 +1514,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
throw new PermissionDeniedException(String.format("Account: %s is a system account, can't add a user to it", account));
}
if (!userAllowMultipleAccounts.valueInDomain(domainId) && !_userAccountDao.validateUsernameInDomain(userName, domainId)) {
if (!userAllowMultipleAccounts.valueInDomain(domainId) && !userAccountDao.validateUsernameInDomain(userName, domainId)) {
throw new CloudRuntimeException("The user " + userName + " already exists in domain " + domainId);
}
List<UserVO> duplicatedUsers = _userDao.findUsersByName(userName);
@ -1579,7 +1568,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
user.setUser2faEnabled(true);
}
_userDao.update(user.getId(), user);
return _userAccountDao.findById(user.getId());
return userAccountDao.findById(user.getId());
}
@Override
@ -1861,10 +1850,9 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (isApiKeyBlank && isSecretKeyBlank) {
return;
}
Pair<User, Account> apiKeyOwner = _accountDao.findUserAccountByApiKey(apiKey);
UserAccount apiKeyOwner = userAccountDao.getUserByApiKey(apiKey);
if (apiKeyOwner != null) {
User userThatHasTheProvidedApiKey = apiKeyOwner.first();
if (userThatHasTheProvidedApiKey.getId() != user.getId()) {
if (apiKeyOwner.getId() != user.getId()) {
throw new InvalidParameterValueException(String.format("The API key [%s] already exists in the system. Please provide a unique key.", apiKey));
}
}
@ -1952,7 +1940,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
CallContext.current().putContextParameter(User.class, user.getUuid());
// user successfully disabled
return _userAccountDao.findById(userId);
return userAccountDao.findById(userId);
} else {
throw new CloudRuntimeException(String.format("Unable to disable user %s", user));
}
@ -2006,7 +1994,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
CallContext.current().putContextParameter(User.class, user.getUuid());
return _userAccountDao.findById(userId);
return userAccountDao.findById(userId);
} else {
throw new CloudRuntimeException(String.format("Unable to enable user %s", user));
}
@ -2047,7 +2035,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
boolean success;
if (user.getState().equals(State.LOCKED)) {
// already locked...no-op
return _userAccountDao.findById(userId);
return userAccountDao.findById(userId);
} else if (user.getState().equals(State.ENABLED)) {
success = doSetUserStatus(user.getId(), State.LOCKED);
@ -2074,7 +2062,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
CallContext.current().putContextParameter(User.class, user.getUuid());
return _userAccountDao.findById(userId);
return userAccountDao.findById(userId);
} else {
throw new CloudRuntimeException(String.format("Unable to lock user %s", user));
}
@ -2602,7 +2590,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
return owner;
} else if (!isAdmin(caller.getId()) && accountName != null && domainId != null) {
if (!accountName.equals(caller.getAccountName()) || domainId.longValue() != caller.getDomainId()) {
if (!accountName.equals(caller.getAccountName()) || domainId != caller.getDomainId()) {
throw new PermissionDeniedException("Can't create/list resources for account " + accountName + " in domain " + domainId + ", permission denied");
} else {
return caller;
@ -2627,12 +2615,12 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public UserAccount getActiveUserAccount(String username, Long domainId) {
return _userAccountDao.getUserAccount(username, domainId);
return userAccountDao.getUserAccount(username, domainId);
}
@Override
public List<UserAccount> getActiveUserAccountByEmail(String email, Long domainId) {
List<UserAccountVO> userAccountByEmail = _userAccountDao.getUserAccountByEmail(email, domainId);
List<UserAccountVO> userAccountByEmail = userAccountDao.getUserAccountByEmail(email, domainId);
List<UserAccount> userAccounts = userAccountByEmail.stream()
.map(userAccountVO -> (UserAccount) userAccountVO)
.collect(Collectors.toList());
@ -2676,7 +2664,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
public void markUserRegistered(long userId) {
UserVO userForUpdate = _userDao.createForUpdate();
userForUpdate.setRegistered(true);
_userDao.update(Long.valueOf(userId), userForUpdate);
_userDao.update(userId, userForUpdate);
}
@Override
@ -2731,7 +2719,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
throw new CloudRuntimeException(String.format("Failed to create account name %s in domain id=%s", accountName, _domainMgr.getDomain(domainId)));
}
Long accountId = account.getId();
long accountId = account.getId();
if (details != null) {
_accountDetailsDao.persist(accountId, details);
@ -2780,7 +2768,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public void logoutUser(long userId) {
UserAccount userAcct = _userAccountDao.findById(userId);
UserAccount userAcct = userAccountDao.findById(userId);
if (userAcct != null) {
ActionEventUtils.onActionEvent(userId, userAcct.getAccountId(), userAcct.getDomainId(), EventTypes.EVENT_USER_LOGOUT, "user has logged out", userId, ApiCommandResourceType.User.toString());
} // else log some kind of error event? This likely means the user doesn't exist, or has been deleted...
@ -2822,11 +2810,11 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
final Boolean ApiSourceCidrChecksEnabled = ApiServiceConfiguration.ApiSourceCidrChecksEnabled.value();
if (ApiSourceCidrChecksEnabled) {
logger.debug("CIDRs from which account '" + account.toString() + "' is allowed to perform API calls: " + accessAllowedCidrs);
logger.debug("CIDRs from which account '{}' is allowed to perform API calls: {}", account.toString(), accessAllowedCidrs);
// Block when is not in the list of allowed IPs
if (!NetUtils.isIpInCidrList(loginIpAddress, accessAllowedCidrs.split(","))) {
logger.warn("Request by account '" + account.toString() + "' was denied since " + loginIpAddress.toString().replace("/", "") + " does not match " + accessAllowedCidrs);
logger.warn("Request by account '{}' was denied since {} does not match {}", account.toString(), loginIpAddress.toString().replace("/", ""), accessAllowedCidrs);
throw new CloudAuthenticationException("Failed to authenticate user '" + username + "' in domain '" + domain.getPath() + "' from ip "
+ loginIpAddress.toString().replace("/", "") + "; please provide valid credentials");
}
@ -2858,6 +2846,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
try {
Thread.sleep(waitTimeDurationInMs);
} catch (final InterruptedException e) {
// ignored
}
}
@ -2869,7 +2858,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (logger.isDebugEnabled()) {
logger.debug("Attempting to log in user: " + username + " in domain " + domainId);
}
UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
UserAccount userAccount = userAccountDao.getUserAccount(username, domainId);
boolean authenticated = false;
HashSet<ActionOnFailedAuthentication> actionsOnFailedAuthenticaion = new HashSet<>();
@ -2899,11 +2888,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (authenticated) {
Domain domain = _domainMgr.getDomain(domainId);
String domainName = null;
if (domain != null) {
domainName = domain.getName();
}
userAccount = _userAccountDao.getUserAccount(username, domainId);
userAccount = userAccountDao.getUserAccount(username, domainId);
if (!userAccount.getState().equalsIgnoreCase(Account.State.ENABLED.toString()) || !userAccount.getAccountState().equalsIgnoreCase(Account.State.ENABLED.toString())) {
if (logger.isInfoEnabled()) {
@ -2963,11 +2948,9 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
// - build a request string with sorted params, make sure it's all lowercase
// - sign the request, verify the signature is the same
List<String> parameterNames = new ArrayList<>();
for (Object paramNameObj : requestParameters.keySet()) {
parameterNames.add((String)paramNameObj); // put the name in a list that we'll sort later
}
// put the name in a list that we'll sort later
List<String> parameterNames = new ArrayList<>(requestParameters.keySet());
Collections.sort(parameterNames);
@ -2999,7 +2982,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (unsignedRequestBuffer.length() != 0) {
unsignedRequestBuffer.append("&");
}
unsignedRequestBuffer.append(paramName).append("=").append(URLEncoder.encode(paramValue, "UTF-8"));
unsignedRequestBuffer.append(paramName).append("=").append(URLEncoder.encode(paramValue, com.cloud.utils.StringUtils.getPreferredCharset()));
}
}
@ -3022,7 +3005,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (!equalSig) {
logger.info("User signature: " + signature + " is not equaled to computed signature: " + computedSignature);
} else {
user = _userAccountDao.getUserAccount(username, domainId);
user = userAccountDao.getUserAccount(username, domainId);
}
} catch (Exception ex) {
logger.error("Exception authenticating user", ex);
@ -3050,7 +3033,14 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public Pair<User, Account> findUserByApiKey(String apiKey) {
return _accountDao.findUserAccountByApiKey(apiKey);
UserAccount userAccount = userAccountDao.getUserByApiKey(apiKey);
if (userAccount != null) {
User user = _userDao.getUser(userAccount.getId());
Account account = _accountDao.findById(userAccount.getAccountId());
return new Pair<>(user, account);
} else {
return null;
}
}
@Override
@ -3184,14 +3174,14 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
UserVO updatedUser = _userDao.createForUpdate();
String encodedKey;
Pair<User, Account> userAcct;
UserAccount userAcct;
int retryLimit = 10;
do {
// FIXME: what algorithm should we use for API keys?
KeyGenerator generator = KeyGenerator.getInstance("HmacSHA1");
SecretKey key = generator.generateKey();
encodedKey = Base64.encodeBase64URLSafeString(key.getEncoded());
userAcct = _accountDao.findUserAccountByApiKey(encodedKey);
userAcct = userAccountDao.getUserByApiKey(encodedKey);
retryLimit--;
} while ((userAcct != null) && (retryLimit >= 0));
@ -3202,7 +3192,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
_userDao.update(userId, updatedUser);
return encodedKey;
} catch (NoSuchAlgorithmException ex) {
logger.error("error generating secret key for user {}", _userAccountDao.findById(userId), ex);
logger.error("error generating secret key for user {}", userAccountDao.findById(userId), ex);
}
return null;
}
@ -3229,7 +3219,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
_userDao.update(userId, updatedUser);
return encodedKey;
} catch (NoSuchAlgorithmException ex) {
logger.error("error generating secret key for user {}", _userAccountDao.findById(userId), ex);
logger.error("error generating secret key for user {}", userAccountDao.findById(userId), ex);
}
return null;
}
@ -3440,12 +3430,12 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public UserAccount getUserByApiKey(String apiKey) {
return _userAccountDao.getUserByApiKey(apiKey);
return userAccountDao.getUserByApiKey(apiKey);
}
@Override
public List<String> listAclGroupsByAccount(Long accountId) {
if (_querySelectors == null || _querySelectors.size() == 0) {
if (CollectionUtils.isEmpty(_querySelectors)) {
return new ArrayList<>();
}
@ -3500,7 +3490,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
@Override
public UserAccount getUserAccountById(Long userId) {
UserAccount userAccount = _userAccountDao.findById(userId);
UserAccount userAccount = userAccountDao.findById(userId);
Map<String, String> details = _userDetailsDao.listDetailsKeyPairs(userId);
userAccount.setDetails(details);
@ -3674,7 +3664,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
}
protected UserTwoFactorAuthenticationSetupResponse enableTwoFactorAuthentication(Long userId, String providerName) {
UserAccountVO userAccount = _userAccountDao.findById(userId);
UserAccountVO userAccount = userAccountDao.findById(userId);
UserVO userVO = _userDao.findById(userId);
Long domainId = userAccount.getDomainId();
if (Boolean.FALSE.equals(enableUserTwoFactorAuthentication.valueIn(domainId)) && Boolean.FALSE.equals(mandateUserTwoFactorAuthentication.valueIn(domainId))) {
@ -3766,11 +3756,11 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
if (userDetailVO != null) {
_userDetailsDao.remove(userDetailVO.getId());
}
UserAccountVO userAccountVO = _userAccountDao.findById(user.getId());
UserAccountVO userAccountVO = userAccountDao.findById(user.getId());
userAccountVO.setUser2faEnabled(false);
userAccountVO.setUser2faProvider(null);
userAccountVO.setKeyFor2fa(null);
_userAccountDao.update(user.getId(), userAccountVO);
userAccountDao.update(user.getId(), userAccountVO);
return userAccountVO;
});
}

8
server/src/test/java/com/cloud/user/AccountManagetImplTestBase.java → server/src/test/java/com/cloud/user/AccountManagentImplTestBase.java
View File

@ -84,7 +84,7 @@ import java.util.HashMap;
import java.util.Map;
@RunWith(MockitoJUnitRunner.class)
public class AccountManagetImplTestBase {
public class AccountManagentImplTestBase {
@Mock
AccountDao _accountDao;
@ -99,7 +99,7 @@ public class AccountManagetImplTestBase {
@Mock
InstanceGroupDao _vmGroupDao;
@Mock
UserAccountDao userAccountDaoMock;
UserAccountDao userAccountDao;
@Mock
VolumeDao _volumeDao;
@Mock
@ -210,9 +210,6 @@ public class AccountManagetImplTestBase {
@Mock
RoutedIpv4Manager routedIpv4Manager;
@Mock
Account accountMock;
@Before
public void setup() {
accountManagerImpl.setUserAuthenticators(Arrays.asList(userAuthenticator));
@ -228,7 +225,6 @@ public class AccountManagetImplTestBase {
@Test
public void test()
{
return;
}
public static Map<String, Field> getInheritedFields(Class<?> type) {

112
server/src/test/java/com/cloud/user/AccountManagerImplTest.java
View File

@ -47,13 +47,11 @@ import org.apache.cloudstack.webhook.WebhookHelper;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentCaptor;
import org.mockito.InOrder;
import org.mockito.Mock;
import org.mockito.MockedStatic;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
import com.cloud.acl.DomainChecker;
@ -76,8 +74,7 @@ import com.cloud.vm.UserVmVO;
import com.cloud.vm.VMInstanceVO;
import com.cloud.vm.snapshot.VMSnapshotVO;
@RunWith(MockitoJUnitRunner.class)
public class AccountManagerImplTest extends AccountManagetImplTestBase {
public class AccountManagerImplTest extends AccountManagentImplTestBase {
@Mock
private UserVmManagerImpl _vmMgr;
@ -100,11 +97,11 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Mock
private UpdateAccountCmd UpdateAccountCmdMock;
private long userVoIdMock = 111l;
private final long userVoIdMock = 111L;
@Mock
private UserVO userVoMock;
private long accountMockId = 100l;
private final long accountMockId = 100L;
@Mock
private Account accountMock;
@ -154,7 +151,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test
public void disableAccountNotexisting() throws ConcurrentOperationException, ResourceUnavailableException {
Mockito.when(_accountDao.findById(42l)).thenReturn(null);
Mockito.when(_accountDao.findById(42L)).thenReturn(null);
Assert.assertTrue(accountManagerImpl.disableAccount(42));
}
@ -162,7 +159,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
public void disableAccountDisabled() throws ConcurrentOperationException, ResourceUnavailableException {
AccountVO disabledAccount = new AccountVO();
disabledAccount.setState(State.DISABLED);
Mockito.when(_accountDao.findById(42l)).thenReturn(disabledAccount);
Mockito.when(_accountDao.findById(42L)).thenReturn(disabledAccount);
Assert.assertTrue(accountManagerImpl.disableAccount(42));
}
@ -170,22 +167,22 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
public void disableAccount() throws ConcurrentOperationException, ResourceUnavailableException {
AccountVO account = new AccountVO();
account.setState(State.ENABLED);
Mockito.when(_accountDao.findById(42l)).thenReturn(account);
Mockito.when(_accountDao.findById(42L)).thenReturn(account);
Mockito.when(_accountDao.createForUpdate()).thenReturn(new AccountVO());
Mockito.when(_accountDao.update(Mockito.eq(42l), Mockito.any(AccountVO.class))).thenReturn(true);
Mockito.when(_vmDao.listByAccountId(42l)).thenReturn(Arrays.asList(Mockito.mock(VMInstanceVO.class)));
Mockito.when(_accountDao.update(Mockito.eq(42L), Mockito.any(AccountVO.class))).thenReturn(true);
Mockito.when(_vmDao.listByAccountId(42L)).thenReturn(Arrays.asList(Mockito.mock(VMInstanceVO.class)));
Assert.assertTrue(accountManagerImpl.disableAccount(42));
Mockito.verify(_accountDao, Mockito.atLeastOnce()).update(Mockito.eq(42l), Mockito.any(AccountVO.class));
Mockito.verify(_accountDao, Mockito.atLeastOnce()).update(Mockito.eq(42L), Mockito.any(AccountVO.class));
}
@Test
public void deleteUserAccount() {
AccountVO account = new AccountVO();
account.setId(42l);
account.setId(42L);
DomainVO domain = new DomainVO();
Mockito.when(_accountDao.findById(42l)).thenReturn(account);
Mockito.when(_accountDao.findById(42L)).thenReturn(account);
Mockito.doNothing().when(accountManagerImpl).checkAccess(Mockito.any(Account.class), Mockito.isNull(), Mockito.anyBoolean(), Mockito.any(Account.class));
Mockito.when(_accountDao.remove(42l)).thenReturn(true);
Mockito.when(_accountDao.remove(42L)).thenReturn(true);
Mockito.when(_configMgr.releaseAccountSpecificVirtualRanges(account)).thenReturn(true);
Mockito.lenient().when(_domainMgr.getDomain(Mockito.anyLong())).thenReturn(domain);
Mockito.lenient().when(securityChecker.checkAccess(Mockito.any(Account.class), Mockito.any(Domain.class))).thenReturn(true);
@ -194,7 +191,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
List<SSHKeyPairVO> sshkeyList = new ArrayList<SSHKeyPairVO>();
SSHKeyPairVO sshkey = new SSHKeyPairVO();
sshkey.setId(1l);
sshkey.setId(1L);
sshkeyList.add(sshkey);
Mockito.when(_sshKeyPairDao.listKeyPairs(Mockito.anyLong(), Mockito.anyLong())).thenReturn(sshkeyList);
Mockito.when(_sshKeyPairDao.remove(Mockito.anyLong())).thenReturn(true);
@ -202,30 +199,30 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
Mockito.doNothing().when(accountManagerImpl).deleteWebhooksForAccount(Mockito.anyLong());
Mockito.doNothing().when(accountManagerImpl).verifyCallerPrivilegeForUserOrAccountOperations((Account) any());
Assert.assertTrue(accountManagerImpl.deleteUserAccount(42l));
Assert.assertTrue(accountManagerImpl.deleteUserAccount(42L));
// assert that this was a clean delete
Mockito.verify(_accountDao, Mockito.never()).markForCleanup(Mockito.eq(42l));
Mockito.verify(_accountDao, Mockito.never()).markForCleanup(Mockito.eq(42L));
}
@Test
public void deleteUserAccountCleanup() {
AccountVO account = new AccountVO();
account.setId(42l);
account.setId(42L);
DomainVO domain = new DomainVO();
Mockito.when(_accountDao.findById(42l)).thenReturn(account);
Mockito.when(_accountDao.findById(42L)).thenReturn(account);
Mockito.doNothing().when(accountManagerImpl).checkAccess(Mockito.any(Account.class), Mockito.isNull(), Mockito.anyBoolean(), Mockito.any(Account.class));
Mockito.when(_accountDao.remove(42l)).thenReturn(true);
Mockito.when(_accountDao.remove(42L)).thenReturn(true);
Mockito.when(_configMgr.releaseAccountSpecificVirtualRanges(account)).thenReturn(true);
Mockito.when(_userVmDao.listByAccountId(42l)).thenReturn(Arrays.asList(Mockito.mock(UserVmVO.class)));
Mockito.when(_userVmDao.listByAccountId(42L)).thenReturn(Arrays.asList(Mockito.mock(UserVmVO.class)));
Mockito.when(_vmMgr.expunge(Mockito.any(UserVmVO.class))).thenReturn(false);
Mockito.lenient().when(_domainMgr.getDomain(Mockito.anyLong())).thenReturn(domain);
Mockito.lenient().when(securityChecker.checkAccess(Mockito.any(Account.class), Mockito.any(Domain.class))).thenReturn(true);
Mockito.doNothing().when(accountManagerImpl).deleteWebhooksForAccount(Mockito.anyLong());
Mockito.doNothing().when(accountManagerImpl).verifyCallerPrivilegeForUserOrAccountOperations((Account) any());
Assert.assertTrue(accountManagerImpl.deleteUserAccount(42l));
Assert.assertTrue(accountManagerImpl.deleteUserAccount(42L));
// assert that this was NOT a clean delete
Mockito.verify(_accountDao, Mockito.atLeastOnce()).markForCleanup(Mockito.eq(42l));
Mockito.verify(_accountDao, Mockito.atLeastOnce()).markForCleanup(Mockito.eq(42L));
}
@Test (expected = InvalidParameterValueException.class)
@ -308,7 +305,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccountVO userAccountVO = new UserAccountVO();
userAccountVO.setSource(User.Source.UNKNOWN);
userAccountVO.setState(Account.State.DISABLED.toString());
Mockito.when(userAccountDaoMock.getUserAccount("test", 1L)).thenReturn(userAccountVO);
Mockito.when(userAccountDao.getUserAccount("test", 1L)).thenReturn(userAccountVO);
Mockito.when(userAuthenticator.authenticate("test", "fail", 1L, new HashMap<>())).thenReturn(failureAuthenticationPair);
Mockito.lenient().when(userAuthenticator.authenticate("test", null, 1L, new HashMap<>())).thenReturn(successAuthenticationPair);
Mockito.lenient().when(userAuthenticator.authenticate("test", "", 1L, new HashMap<>())).thenReturn(successAuthenticationPair);
@ -337,7 +334,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
CallContext.register(callingUser, callingAccount); // Calling account is user account i.e normal account
Mockito.when(_listkeyscmd.getID()).thenReturn(1L);
Mockito.when(accountManagerImpl.getActiveUser(1L)).thenReturn(userVoMock);
Mockito.when(userAccountDaoMock.findById(1L)).thenReturn(userAccountVO);
Mockito.when(userAccountDao.findById(1L)).thenReturn(userAccountVO);
Mockito.when(userAccountVO.getAccountId()).thenReturn(1L);
Mockito.lenient().when(accountManagerImpl.getAccount(Mockito.anyLong())).thenReturn(accountMock); // Queried account - admin account
@ -355,7 +352,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
CallContext.register(callingUser, callingAccount);
Mockito.when(_listkeyscmd.getID()).thenReturn(2L);
Mockito.when(accountManagerImpl.getActiveUser(2L)).thenReturn(userVoMock);
Mockito.when(userAccountDaoMock.findById(2L)).thenReturn(userAccountVO);
Mockito.when(userAccountDao.findById(2L)).thenReturn(userAccountVO);
Mockito.when(userAccountVO.getAccountId()).thenReturn(2L);
Mockito.when(userDetailsDaoMock.listDetailsKeyPairs(Mockito.anyLong())).thenReturn(null);
@ -442,14 +439,14 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
Mockito.doNothing().when(accountManagerImpl).validateUserPasswordAndUpdateIfNeeded(Mockito.anyString(), Mockito.eq(userVoMock), Mockito.anyString(), Mockito.eq(false));
Mockito.doReturn(true).when(userDaoMock).update(Mockito.anyLong(), Mockito.eq(userVoMock));
Mockito.doReturn(Mockito.mock(UserAccountVO.class)).when(userAccountDaoMock).findById(Mockito.anyLong());
Mockito.doReturn(Mockito.mock(UserAccountVO.class)).when(userAccountDao).findById(Mockito.anyLong());
Mockito.doNothing().when(accountManagerImpl).checkAccess(nullable(User.class), nullable(Account.class));
accountManagerImpl.updateUser(UpdateUserCmdMock);
Mockito.lenient().doNothing().when(accountManagerImpl).checkRoleEscalation(accountMock, accountMock);
InOrder inOrder = Mockito.inOrder(userVoMock, accountManagerImpl, userDaoMock, userAccountDaoMock);
InOrder inOrder = Mockito.inOrder(userVoMock, accountManagerImpl, userDaoMock, userAccountDao);
inOrder.verify(accountManagerImpl).retrieveAndValidateUser(UpdateUserCmdMock);
inOrder.verify(accountManagerImpl).retrieveAndValidateAccount(userVoMock);
@ -464,7 +461,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
inOrder.verify(userVoMock, Mockito.times(numberOfExpectedCallsForSetEmailAndSetTimeZone)).setTimezone(Mockito.anyString());
inOrder.verify(userDaoMock).update(Mockito.anyLong(), Mockito.eq(userVoMock));
inOrder.verify(userAccountDaoMock).findById(Mockito.anyLong());
inOrder.verify(userAccountDao).findById(Mockito.anyLong());
}
@Test(expected = InvalidParameterValueException.class)
@ -487,7 +484,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
public void validateAndUpdatApiAndSecretKeyIfNeededTestNoKeys() {
accountManagerImpl.validateAndUpdateApiAndSecretKeyIfNeeded(UpdateUserCmdMock, userVoMock);
Mockito.verify(_accountDao, Mockito.times(0)).findUserAccountByApiKey(Mockito.anyString());
Mockito.verify(userAccountDao, Mockito.times(0)).getUserByApiKey(Mockito.anyString());
}
@Test(expected = InvalidParameterValueException.class)
@ -513,10 +510,9 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
Mockito.doReturn(1L).when(userVoMock).getId();
User otherUserMock = Mockito.mock(User.class);
Mockito.doReturn(2L).when(otherUserMock).getId();
Pair<User, Account> pairUserAccountMock = new Pair<User, Account>(otherUserMock, Mockito.mock(Account.class));
Mockito.doReturn(pairUserAccountMock).when(_accountDao).findUserAccountByApiKey(apiKey);
UserAccount UserAccountMock = Mockito.mock(UserAccount.class);
Mockito.doReturn(UserAccountMock).when(userAccountDao).getUserByApiKey(apiKey);
accountManagerImpl.validateAndUpdateApiAndSecretKeyIfNeeded(UpdateUserCmdMock, userVoMock);
}
@ -529,17 +525,13 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
String secretKey = "secretKey";
Mockito.doReturn(secretKey).when(UpdateUserCmdMock).getSecretKey();
Mockito.doReturn(1L).when(userVoMock).getId();
User otherUserMock = Mockito.mock(User.class);
Mockito.doReturn(1L).when(otherUserMock).getId();
Pair<User, Account> pairUserAccountMock = new Pair<User, Account>(otherUserMock, Mockito.mock(Account.class));
Mockito.doReturn(pairUserAccountMock).when(_accountDao).findUserAccountByApiKey(apiKey);
Mockito.doReturn(null).when(userAccountDao).getUserByApiKey(apiKey);
accountManagerImpl.validateAndUpdateApiAndSecretKeyIfNeeded(UpdateUserCmdMock, userVoMock);
Mockito.verify(_accountDao).findUserAccountByApiKey(apiKey);
Mockito.verify(userAccountDao).getUserByApiKey(apiKey);
Mockito.verify(userVoMock).setApiKey(apiKey);
Mockito.verify(userVoMock).setSecretKey(secretKey);
}
@ -693,18 +685,18 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test(expected = InvalidParameterValueException.class)
public void validateAndUpdateUsernameIfNeededTestDuplicatedUserSameDomainThisUser() {
long domanIdCurrentUser = 22l;
long domanIdCurrentUser = 22L;
String userName = "username";
Mockito.doReturn(userName).when(UpdateUserCmdMock).getUsername();
Mockito.lenient().doReturn(userName).when(userVoMock).getUsername();
Mockito.doReturn(domanIdCurrentUser).when(accountMock).getDomainId();
long userVoDuplicatedMockId = 67l;
long userVoDuplicatedMockId = 67L;
UserVO userVoDuplicatedMock = Mockito.mock(UserVO.class);
Mockito.doReturn(userVoDuplicatedMockId).when(userVoDuplicatedMock).getId();
long accountIdUserDuplicated = 98l;
long accountIdUserDuplicated = 98L;
Mockito.doReturn(accountIdUserDuplicated).when(userVoDuplicatedMock).getAccountId();
@ -728,24 +720,24 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test
public void validateAndUpdateUsernameIfNeededTestDuplicatedUserButInDifferentDomains() {
long domanIdCurrentUser = 22l;
long domanIdCurrentUser = 22L;
String userName = "username";
Mockito.doReturn(userName).when(UpdateUserCmdMock).getUsername();
Mockito.lenient().doReturn(userName).when(userVoMock).getUsername();
Mockito.doReturn(domanIdCurrentUser).when(accountMock).getDomainId();
long userVoDuplicatedMockId = 67l;
long userVoDuplicatedMockId = 67L;
UserVO userVoDuplicatedMock = Mockito.mock(UserVO.class);
Mockito.lenient().doReturn(userName).when(userVoDuplicatedMock).getUsername();
Mockito.doReturn(userVoDuplicatedMockId).when(userVoDuplicatedMock).getId();
long accountIdUserDuplicated = 98l;
long accountIdUserDuplicated = 98L;
Mockito.doReturn(accountIdUserDuplicated).when(userVoDuplicatedMock).getAccountId();
Account accountUserDuplicatedMock = Mockito.mock(AccountVO.class);
Mockito.lenient().doReturn(accountIdUserDuplicated).when(accountUserDuplicatedMock).getId();
Mockito.doReturn(45l).when(accountUserDuplicatedMock).getDomainId();
Mockito.doReturn(45L).when(accountUserDuplicatedMock).getDomainId();
List<UserVO> usersWithSameUserName = new ArrayList<>();
usersWithSameUserName.add(userVoMock);
@ -763,7 +755,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test
public void validateAndUpdateUsernameIfNeededTestNoDuplicatedUserNames() {
long domanIdCurrentUser = 22l;
long domanIdCurrentUser = 22L;
String userName = "username";
Mockito.doReturn(userName).when(UpdateUserCmdMock).getUsername();
@ -961,7 +953,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test
public void validateCurrentPasswordTestUserAuthenticatedWithProvidedCurrentPasswordViaFirstAuthenticator() {
AccountVO accountVoMock = Mockito.mock(AccountVO.class);
long domainId = 14l;
long domainId = 14L;
Mockito.doReturn(domainId).when(accountVoMock).getDomainId();
Mockito.doReturn(accountVoMock).when(_accountDao).findById(accountMockId);
@ -990,7 +982,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
@Test
public void validateCurrentPasswordTestUserAuthenticatedWithProvidedCurrentPasswordViaSecondAuthenticator() {
AccountVO accountVoMock = Mockito.mock(AccountVO.class);
long domainId = 14l;
long domainId = 14L;
Mockito.doReturn(domainId).when(accountVoMock).getDomainId();
Mockito.doReturn(accountVoMock).when(_accountDao).findById(accountMockId);
@ -1051,7 +1043,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccountVO userAccount = Mockito.mock(UserAccountVO.class);
UserVO userVO = Mockito.mock(UserVO.class);
Mockito.when(userAccountDaoMock.findById(userId)).thenReturn(userAccount);
Mockito.when(userAccountDao.findById(userId)).thenReturn(userAccount);
Mockito.when(userDaoMock.findById(userId)).thenReturn(userVO);
Mockito.when(userAccount.getDomainId()).thenReturn(1L);
@ -1070,7 +1062,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccountVO userAccount = Mockito.mock(UserAccountVO.class);
UserVO userVO = Mockito.mock(UserVO.class);
Mockito.when(userAccountDaoMock.findById(userId)).thenReturn(userAccount);
Mockito.when(userAccountDao.findById(userId)).thenReturn(userAccount);
Mockito.when(userDaoMock.findById(userId)).thenReturn(userVO);
Mockito.when(userAccount.getDomainId()).thenReturn(1L);
@ -1099,7 +1091,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccountVO userAccount = Mockito.mock(UserAccountVO.class);
UserVO userVO = Mockito.mock(UserVO.class);
Mockito.when(userAccountDaoMock.findById(userId)).thenReturn(userAccount);
Mockito.when(userAccountDao.findById(userId)).thenReturn(userAccount);
Mockito.when(userDaoMock.findById(userId)).thenReturn(userVO);
Mockito.when(userAccount.getDomainId()).thenReturn(1L);
@ -1205,7 +1197,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
Mockito.when(callingUser.getId()).thenReturn(1L);
CallContext.register(callingUser, callingAccount); // Calling account is user account i.e normal account
Mockito.lenient().when(_accountService.getActiveAccountById(1L)).thenReturn(accountMock);
Mockito.when(userAccountDaoMock.findById(1L)).thenReturn(userAccountVO);
Mockito.when(userAccountDao.findById(1L)).thenReturn(userAccountVO);
Mockito.when(userDaoMock.findById(1L)).thenReturn(userVoMock);
Mockito.when(userAccountVO.getDomainId()).thenReturn(1L);
Mockito.when(enableUserTwoFactorAuthenticationMock.valueIn(1L)).thenReturn(true);
@ -1231,7 +1223,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
List<UserAccountVO> userAccountVOList = new ArrayList<>();
UserAccountVO userAccountVO = new UserAccountVO();
userAccountVOList.add(userAccountVO);
Mockito.when(userAccountDaoMock.getUserAccountByEmail(email, domainId)).thenReturn(userAccountVOList);
Mockito.when(userAccountDao.getUserAccountByEmail(email, domainId)).thenReturn(userAccountVOList);
List<UserAccount> userAccounts = accountManagerImpl.getActiveUserAccountByEmail(email, domainId);
Assert.assertEquals(userAccountVOList.size(), userAccounts.size());
Assert.assertEquals(userAccountVOList.get(0), userAccounts.get(0));
@ -1406,7 +1398,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
Mockito.when(user.getUser2faProvider()).thenReturn(null);
UserAccount result = accountManagerImpl.clearUserTwoFactorAuthenticationInSetupStateOnLogin(user);
Assert.assertSame(user, result);
Mockito.verifyNoInteractions(userDetailsDaoMock, userAccountDaoMock);
Mockito.verifyNoInteractions(userDetailsDaoMock, userAccountDao);
}
@Test
@ -1420,7 +1412,7 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccount result = accountManagerImpl.clearUserTwoFactorAuthenticationInSetupStateOnLogin(user);
Assert.assertSame(user, result);
Mockito.verify(userDetailsDaoMock).findDetail(1L, UserDetailVO.Setup2FADetail);
Mockito.verifyNoMoreInteractions(userDetailsDaoMock, userAccountDaoMock);
Mockito.verifyNoMoreInteractions(userDetailsDaoMock, userAccountDao);
}
@Test
@ -1433,16 +1425,16 @@ public class AccountManagerImplTest extends AccountManagetImplTestBase {
UserAccountVO userAccountVO = new UserAccountVO();
userAccountVO.setId(1L);
Mockito.when(userDetailsDaoMock.findDetail(1L, UserDetailVO.Setup2FADetail)).thenReturn(userDetail);
Mockito.when(userAccountDaoMock.findById(1L)).thenReturn(userAccountVO);
Mockito.when(userAccountDao.findById(any())).thenReturn(userAccountVO);
UserAccount result = accountManagerImpl.clearUserTwoFactorAuthenticationInSetupStateOnLogin(user);
Assert.assertNotNull(result);
Assert.assertFalse(result.isUser2faEnabled());
Assert.assertNull(result.getUser2faProvider());
Mockito.verify(userDetailsDaoMock).findDetail(1L, UserDetailVO.Setup2FADetail);
Mockito.verify(userDetailsDaoMock).remove(Mockito.anyLong());
Mockito.verify(userAccountDaoMock).findById(1L);
Mockito.verify(userAccountDao).findById(1L);
ArgumentCaptor<UserAccountVO> captor = ArgumentCaptor.forClass(UserAccountVO.class);
Mockito.verify(userAccountDaoMock).update(Mockito.eq(1L), captor.capture());
Mockito.verify(userAccountDao).update(Mockito.eq(1L), captor.capture());
UserAccountVO updatedUser = captor.getValue();
Assert.assertFalse(updatedUser.isUser2faEnabled());
Assert.assertNull(updatedUser.getUser2faProvider());

2
server/src/test/java/com/cloud/user/AccountManagerImplVolumeDeleteEventTest.java
View File

@ -63,7 +63,7 @@ import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@RunWith(MockitoJUnitRunner.class)
public class AccountManagerImplVolumeDeleteEventTest extends AccountManagetImplTestBase {
public class AccountManagerImplVolumeDeleteEventTest extends AccountManagentImplTestBase {
private static final Long ACCOUNT_ID = 1l;
private static final String VOLUME_UUID = "vol-111111";