etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Moving the disassoc logic to network manager

This commit is contained in:
abhishek 2010-08-30 10:50:27 -07:00
parent 742869b750
commit dc750e2691
5 changed files with 199 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/com/cloud/api/commands/DisassociateIPAddrCmd.java
View File

@ -25,7 +25,7 @@ import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.BaseCmd.Manager;
@Implementation(method="disassociateIpAddress", manager=Manager.ManagementServer)
@Implementation(method="disassociateIpAddress", manager=Manager.NetworkManager)
public class DisassociateIPAddrCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(DisassociateIPAddrCmd.class.getName());

3
server/src/com/cloud/network/NetworkManager.java
View File

@ -24,6 +24,7 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd;
import com.cloud.api.commands.CreateIPForwardingRuleCmd;
import com.cloud.api.commands.CreateLoadBalancerRuleCmd;
import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd;
import com.cloud.api.commands.DisassociateIPAddrCmd;
import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd;
import com.cloud.dc.DataCenterVO;
import com.cloud.dc.HostPodVO;
@ -241,4 +242,6 @@ public interface NetworkManager extends Manager {
public boolean deleteNetworkRuleConfig(DeletePortForwardingServiceRuleCmd cmd) throws PermissionDeniedException;
boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException;
}

104
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -62,6 +62,7 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd;
import com.cloud.api.commands.CreateIPForwardingRuleCmd;
import com.cloud.api.commands.CreateLoadBalancerRuleCmd;
import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd;
import com.cloud.api.commands.DisassociateIPAddrCmd;
import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd;
import com.cloud.async.AsyncJobExecutor;
import com.cloud.async.AsyncJobManager;
@ -78,6 +79,7 @@ import com.cloud.dc.HostPodVO;
import com.cloud.dc.Vlan;
import com.cloud.dc.Vlan.VlanType;
import com.cloud.dc.VlanVO;
import com.cloud.dc.dao.AccountVlanMapDao;
import com.cloud.dc.dao.DataCenterDao;
import com.cloud.dc.dao.HostPodDao;
import com.cloud.dc.dao.VlanDao;
@ -202,7 +204,7 @@ public class NetworkManagerImpl implements NetworkManager, VirtualMachineManager
@Inject UserVmDao _userVmDao;
@Inject FirewallRulesDao _firewallRulesDao;
@Inject NetworkRuleConfigDao _networkRuleConfigDao;
@Inject AccountVlanMapDao _accountVlanMapDao;
long _routerTemplateId = -1;
int _routerRamSize;
// String _privateNetmask;
@ -2979,4 +2981,104 @@ public class NetworkManagerImpl implements NetworkManager, VirtualMachineManager
return true;
}
private Account findAccountByIpAddress(String ipAddress) {
IPAddressVO address = _ipAddressDao.findById(ipAddress);
if ((address != null) && (address.getAccountId() != null)) {
return _accountDao.findById(address.getAccountId());
}
return null;
}
@Override
@DB
public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException {
Transaction txn = Transaction.currentTxn();
Long userId = UserContext.current().getUserId();
Account account = (Account)UserContext.current().getAccountObject();
String ipAddress = cmd.getIpAddress();
// Verify input parameters
Account accountByIp = findAccountByIpAddress(ipAddress);
if(accountByIp == null) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress);
}
Long accountId = accountByIp.getId();
if (account != null) {
if (!isAdmin(account.getType())) {
if (account.getId().longValue() != accountId.longValue()) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress);
}
} else if (!_domainDao.isChildDomain(account.getDomainId(), accountByIp.getDomainId())) {
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied.");
}
}
// If command is executed via 8096 port, set userId to the id of System account (1)
if (userId == null) {
userId = Long.valueOf(1);
}
try {
IPAddressVO ipVO = _ipAddressDao.findById(ipAddress);
if (ipVO == null) {
return false;
}
if (ipVO.getAllocated() == null) {
return true;
}
AccountVO accountVO = _accountDao.findById(accountId);
if (accountVO == null) {
return false;
}
if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) {
// FIXME: is the user visible in the admin account's domain????
if (!BaseCmd.isAdmin(accountVO.getType())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): "
+ ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated());
}
throw new PermissionDeniedException("User/account does not own supplied address");
}
}
if (ipVO.getAllocated() == null) {
return true;
}
if (ipVO.isSourceNat()) {
throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated.");
}
VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId());
if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) {
throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated.");
}
//Check for account wide pool. It will have an entry for account_vlan_map.
if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){
throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated");
}
txn.start();
boolean success = releasePublicIpAddress(userId, ipAddress);
if (success)
_accountMgr.decrementResourceCount(accountId, ResourceType.public_ip);
txn.commit();
return success;
} catch (PermissionDeniedException pde) {
throw pde;
} catch (IllegalArgumentException iae) {
throw iae;
} catch (Throwable t) {
s_logger.error("Disassociate IP address threw an exception.");
throw new IllegalArgumentException("Disassociate IP address threw an exception");
}
}
}

2
server/src/com/cloud/server/ManagementServer.java
View File

@ -416,7 +416,7 @@ public interface ManagementServer {
* @param ipAddress
* @return success
*/
boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException;
// boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException;
long disassociateIpAddressAsync(long userId, long accountId, String ipAddress);
/**

182
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -1608,97 +1608,97 @@ public class ManagementServerImpl implements ManagementServer {
return _asyncMgr.submitAsyncJob(job, true);
}
@Override
@DB
public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException {
Transaction txn = Transaction.currentTxn();
Long userId = UserContext.current().getUserId();
Account account = (Account)UserContext.current().getAccountObject();
String ipAddress = cmd.getIpAddress();
// Verify input parameters
Account accountByIp = findAccountByIpAddress(ipAddress);
if(accountByIp == null) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress);
}
Long accountId = accountByIp.getId();
if (account != null) {
if (!isAdmin(account.getType())) {
if (account.getId().longValue() != accountId.longValue()) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress);
}
} else if (!isChildDomain(account.getDomainId(), accountByIp.getDomainId())) {
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied.");
}
}
// If command is executed via 8096 port, set userId to the id of System account (1)
if (userId == null) {
userId = Long.valueOf(1);
}
try {
IPAddressVO ipVO = _publicIpAddressDao.findById(ipAddress);
if (ipVO == null) {
return false;
}
if (ipVO.getAllocated() == null) {
return true;
}
AccountVO accountVO = _accountDao.findById(accountId);
if (accountVO == null) {
return false;
}
if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) {
// FIXME: is the user visible in the admin account's domain????
if (!BaseCmd.isAdmin(accountVO.getType())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): "
+ ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated());
}
throw new PermissionDeniedException("User/account does not own supplied address");
}
}
if (ipVO.getAllocated() == null) {
return true;
}
if (ipVO.isSourceNat()) {
throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated.");
}
VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId());
if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) {
throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated.");
}
//Check for account wide pool. It will have an entry for account_vlan_map.
if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){
throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated");
}
txn.start();
boolean success = _networkMgr.releasePublicIpAddress(userId, ipAddress);
if (success)
_accountMgr.decrementResourceCount(accountId, ResourceType.public_ip);
txn.commit();
return success;
} catch (PermissionDeniedException pde) {
throw pde;
} catch (IllegalArgumentException iae) {
throw iae;
} catch (Throwable t) {
s_logger.error("Disassociate IP address threw an exception.");
throw new IllegalArgumentException("Disassociate IP address threw an exception");
}
}
// @Override
// @DB
// public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException, IllegalArgumentException {
// Transaction txn = Transaction.currentTxn();
//
// Long userId = UserContext.current().getUserId();
// Account account = (Account)UserContext.current().getAccountObject();
// String ipAddress = cmd.getIpAddress();
//
// // Verify input parameters
// Account accountByIp = findAccountByIpAddress(ipAddress);
// if(accountByIp == null) {
// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account owner for ip " + ipAddress);
// }
//
// Long accountId = accountByIp.getId();
// if (account != null) {
// if (!isAdmin(account.getType())) {
// if (account.getId().longValue() != accountId.longValue()) {
// throw new ServerApiException(BaseCmd.PARAM_ERROR, "account " + account.getAccountName() + " doesn't own ip address " + ipAddress);
// }
// } else if (!isChildDomain(account.getDomainId(), accountByIp.getDomainId())) {
// throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to disassociate IP address " + ipAddress + ", permission denied.");
// }
// }
//
// // If command is executed via 8096 port, set userId to the id of System account (1)
// if (userId == null) {
// userId = Long.valueOf(1);
// }
//
// try {
// IPAddressVO ipVO = _publicIpAddressDao.findById(ipAddress);
// if (ipVO == null) {
// return false;
// }
//
// if (ipVO.getAllocated() == null) {
// return true;
// }
//
// AccountVO accountVO = _accountDao.findById(accountId);
// if (accountVO == null) {
// return false;
// }
//
// if ((ipVO.getAccountId() == null) || (ipVO.getAccountId().longValue() != accountId)) {
// // FIXME: is the user visible in the admin account's domain????
// if (!BaseCmd.isAdmin(accountVO.getType())) {
// if (s_logger.isDebugEnabled()) {
// s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): "
// + ipVO.getAccountId() + " / " + ipVO.getDataCenterId() + " / " + ipVO.getDomainId() + " / " + ipVO.getAllocated());
// }
// throw new PermissionDeniedException("User/account does not own supplied address");
// }
// }
//
// if (ipVO.getAllocated() == null) {
// return true;
// }
//
// if (ipVO.isSourceNat()) {
// throw new IllegalArgumentException("ip address is used for source nat purposes and can not be disassociated.");
// }
//
// VlanVO vlan = _vlanDao.findById(ipVO.getVlanDbId());
// if (!vlan.getVlanType().equals(VlanType.VirtualNetwork)) {
// throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated.");
// }
//
// //Check for account wide pool. It will have an entry for account_vlan_map.
// if (_accountVlanMapDao.findAccountVlanMap(accountId,ipVO.getVlanDbId()) != null){
// throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated");
// }
//
// txn.start();
// boolean success = _networkMgr.releasePublicIpAddress(userId, ipAddress);
// if (success)
// _accountMgr.decrementResourceCount(accountId, ResourceType.public_ip);
// txn.commit();
// return success;
//
// } catch (PermissionDeniedException pde) {
// throw pde;
// } catch (IllegalArgumentException iae) {
// throw iae;
// } catch (Throwable t) {
// s_logger.error("Disassociate IP address threw an exception.");
// throw new IllegalArgumentException("Disassociate IP address threw an exception");
// }
// }
@Override
public long disassociateIpAddressAsync(long userId, long accountId, String ipAddress) {