etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use IAMService to populate group-account association for system/admin 

account to solve unit test failure.
This commit is contained in:
Min Chen 2014-03-11 16:31:03 -07:00
parent b554d4ac1f
commit f2d4b4d60e
1 changed files with 15 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
View File

@ -16,9 +16,6 @@
// under the License.
package org.apache.cloudstack.iam;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@ -114,11 +111,6 @@ import com.cloud.utils.component.Manager;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.EntityManager;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.db.TransactionCallbackNoReturn;
import com.cloud.utils.db.TransactionLegacy;
import com.cloud.utils.db.TransactionStatus;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.vm.InstanceGroupVO;
import com.cloud.vm.VMInstanceVO;
import com.cloud.vm.dao.NicIpAliasVO;
@ -199,10 +191,6 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
@Override
public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException {
// populate group <-> account association if not present for CS admin
// and system accounts
populateIAMGroupAdminAccountMap();
_messageBus.subscribe(AccountManager.MESSAGE_ADD_ACCOUNT_EVENT, new MessageSubscriber() {
@Override
public void onPublishMessage(String senderAddress, String subject, Object obj) {
@ -351,86 +339,22 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
return super.configure(name, params);
}
@Override
public boolean start() {
s_logger.info("Populating IAM group and account association for default accounts...");
// populate group <-> account association if not present for CS admin
// and system accounts
populateIAMGroupAdminAccountMap();
return true;
}
private void populateIAMGroupAdminAccountMap() {
Transaction.execute(new TransactionCallbackNoReturn() {
@Override
public void doInTransactionWithoutResult(TransactionStatus status) {
TransactionLegacy txn = TransactionLegacy.currentTxn();
String searchQuery = "Select id from `cloud`.`iam_group_account_map` where account_id = ? and removed is null";
ResultSet rs = null;
PreparedStatement acctQuery = null;
PreparedStatement acctInsert = null;
// find if the system account is present in the map
try {
acctQuery = txn.prepareAutoCloseStatement(searchQuery);
acctQuery.setLong(1, Account.ACCOUNT_ID_SYSTEM);
rs = acctQuery.executeQuery();
if (!rs.next()) {
acctInsert = txn
.prepareAutoCloseStatement("INSERT INTO `cloud`.`iam_group_account_map` (group_id, account_id, created) values(?, ?, Now())");
// insert entry in iam_group_account_map table
acctInsert.setLong(1, Account.ACCOUNT_TYPE_ADMIN + 1);
acctInsert.setLong(2, Account.ACCOUNT_ID_SYSTEM);
acctInsert.executeUpdate();
}
} catch (SQLException ex) {
String msg = "Unable to populate iam_group_account_map for SYSTEM account." + ex.getMessage();
s_logger.error(msg);
throw new CloudRuntimeException(msg, ex);
} finally {
try {
if (acctInsert != null) {
acctInsert.close();
}
if (rs != null) {
rs.close();
}
if (acctQuery != null) {
acctQuery.close();
}
} catch (SQLException e) {
}
}
// find if the admin account is present in the map
try {
acctQuery = txn.prepareAutoCloseStatement(searchQuery);
acctQuery.setLong(1, Account.ACCOUNT_ID_SYSTEM + 1);
rs = acctQuery.executeQuery();
if (!rs.next()) {
acctInsert = txn
.prepareAutoCloseStatement("INSERT INTO `cloud`.`iam_group_account_map` (group_id, account_id, created) values(?, ?, Now())");
// insert entry in iam_group_account_map table
acctInsert.setLong(1, Account.ACCOUNT_TYPE_ADMIN + 1);
acctInsert.setLong(2, Account.ACCOUNT_ID_SYSTEM + 1);
acctInsert.executeUpdate();
}
} catch (SQLException ex) {
String msg = "Unable to populate iam_group_account_map for Admin account." + ex.getMessage();
s_logger.error(msg);
throw new CloudRuntimeException(msg, ex);
} finally {
try {
if (acctInsert != null) {
acctInsert.close();
}
if (rs != null) {
rs.close();
}
if (acctQuery != null) {
acctQuery.close();
}
} catch (SQLException e) {
}
}
}
});
List<Long> sysAccts = new ArrayList<Long>();
sysAccts.add(Account.ACCOUNT_ID_SYSTEM);
sysAccts.add(Account.ACCOUNT_ID_SYSTEM + 1);
_iamSrv.addAccountsToGroup(sysAccts, new Long(Account.ACCOUNT_TYPE_ADMIN + 1));
}
private void addDomainWideResourceAccess(Map<String, Object> params) {