etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,018 Commits 325 Branches 325 Tags 885 MiB
Commit Graph

234 Commits

Author SHA1 Message Date
Min Chen 4367d1406b Change AccountManagerImpl.checkAccess to invoke SecurityChecker 
interface that takes multiple controlled entities.
 2014-04-01 17:31:56 -07:00
Prachi Damle a8a0e84b88 Split the Root Admin policy to allow 'ListEntry' access for listing resources for scope 'all', but 'UseEntry' access only within Account scope 
Same with Domain Admin policy
 2014-04-01 16:01:36 -07:00
Prachi Damle 9962cf1706 SecurityChecker can accept multiple ControlledEntity 2014-04-01 12:06:13 -07:00
Prachi Damle 412af7c2e6 RoleBasedEntityAccessChecker should skip Project resources. IAM does not support Projects yet. 2014-03-28 18:54:19 -07:00
Prachi Damle 024efbfbd4 CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI 
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
 2014-03-28 14:00:39 -07:00
edison 5917b25fd3 CLOUDSTACK-5828: if snapshot deletion failed, such as can't find it on secondary storage, should return succeed. 2014-03-27 17:38:39 -07:00
Prachi Damle a5b9814f7a Fixes to ensure Network entity checkAccess invokes the IAM service 2014-03-24 17:09:43 -07:00
Prachi Damle 0cc6b303e0 IAMEntityType change in the test after merge 2014-03-19 11:31:23 -07:00
Prachi Damle b3e22191cb More changes to support 'readOnly' access 
Conflicts:
	api/src/org/apache/cloudstack/api/ApiConstants.java
 2014-03-19 11:31:06 -07:00
Prachi Damle a919f740d0 Adding support for 'readOnly' access. AccessType.ListEntry introduced. 
Conflicts:
	api/src/org/apache/cloudstack/api/ApiConstants.java
 2014-03-19 11:30:22 -07:00
Min Chen ae6b9a0829 Remove IAMEntityType to use existing VO interface class to annotate 
entityType.
 2014-03-17 16:59:19 -07:00
Prachi Damle d9696b26e1 After merge, fix isRootAdmin() calls to use accountId instead of type 2014-03-13 13:28:40 -07:00
Min Chen 99bdc8d875 Merge branch 'master' into rbac. 2014-03-13 11:05:03 -07:00
Min Chen f2d4b4d60e Use IAMService to populate group-account association for system/admin 
account to solve unit test failure.
 2014-03-11 16:31:03 -07:00
Min Chen b554d4ac1f Fix issues found through FindBugs. 2014-03-11 11:49:48 -07:00
Prachi Damle 1c85af3193 A production/QA Setup does not populate the admin and SYSTEM accounts during database setup. So IAM plugin needs to insert the necessary group <-> account map in the DB during startup 2014-03-10 17:30:00 -07:00
Min Chen 748c090b29 Fix unapproved licens issue. 2014-03-10 11:27:10 -07:00
John Kinsella 09c375379d CLOUDSTACK-6204: removing realhostip dependency 
Moving default transport for console proxy, SSVM to http.

See
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes
for more info.

jlk ported Amogh's patch for 4.3 to master - code base is different
enough that patch has multiple issues.

Author: Amogh Vasekar <Amogh Vasekar <amogh.vasekar@citrix.com>
Signed-off-by: John Kinsella <jlk@stratosec.co> 1394398017 -0700
 2014-03-09 13:46:57 -07:00
Min Chen 48e08fe676 Merge branch 'master' into rbac. 2014-03-06 14:02:20 -08:00
Min Chen 922cdc0dd1 Fix unapproved licens issue. 2014-03-05 14:31:28 -08:00
Min Chen 63e3eea790 CLOUDSTACK-5920: enable build of IAM services in pom.xml. 2014-03-05 09:40:56 -08:00
Min Chen c28450c1cd CLOUDSTACK-5920: IAM service plugin. 2014-03-05 09:40:55 -08:00
Min Chen adb29b2140 CLOUDSTACK-5920: IAM service server. 2014-03-05 09:40:55 -08:00
Alena Prokharchyk 5a8d165afa CLOUDSTACK-6198: use List DS for storing NicProfiles as public network can have more than one nic 
Conflicts:
	engine/api/src/com/cloud/vm/VirtualMachineManager.java
	engine/api/src/org/apache/cloudstack/engine/orchestration/service/NetworkOrchestrationService.java
	engine/orchestration/src/com/cloud/vm/VirtualMachineManagerImpl.java
	engine/orchestration/src/org/apache/cloudstack/engine/orchestration/CloudOrchestrator.java
	engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
	plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java
	plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java
	plugins/network-elements/juniper-contrail/src/org/apache/cloudstack/network/contrail/management/ServiceManagerImpl.java
	server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
	server/test/com/cloud/vpc/MockNetworkManagerImpl.java
	services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
 2014-03-04 15:37:52 -08:00
Min Chen 056d21e14b Fix bugs found from marvin test. 2014-03-04 11:16:45 -08:00
Min Chen 61b47850f2 Bug fix identified by marvin test. 2014-03-03 17:26:16 -08:00
Min Chen e5d722654a Rename IAMEntityType.AclGroup and AclPolicy. 2014-03-02 16:06:29 -08:00
Min Chen 7e4c3b0e92 Pass UUID for scopeId in addIAMPermissionToIAMPolicyCmd and 
removeIAMPermissionFromIAMPolicyCmd.
 2014-03-02 15:56:02 -08:00
Kelven Yang dfb9f49117 Remove inner retry loop when CPVM tries to reconnect to host 2014-02-28 15:35:58 -08:00
Min Chen 9f47466fea Fix some issues in renaming iam api, also fix marvin library. 2014-02-26 17:30:34 -08:00
Prachi Damle 45a96e4e4c renaming Acl to IAM in module.properties for the plugin 2014-02-25 17:02:41 -08:00
Prachi Damle 57b687e8b6 Renaming all beans in the xml files to use IAM insteda of Acl 2014-02-25 16:58:42 -08:00
Prachi Damle 6309887800 iam/server changes: Rename Acl to IAM 2014-02-25 16:43:25 -08:00
Prachi Damle 187f9cd0a2 iam/plugin: Rename Acl to IAM everywhere 2014-02-25 16:43:23 -08:00
Prachi Damle b2ba6c05b4 Renaming plugin packages to 'iam' instead if 'acl' 2014-02-25 16:43:20 -08:00
Min Chen 26e92af62d Rename IAM api and response package name so that they are following 
convention used by ApiXmlDocWriter.
 2014-02-18 16:08:06 -08:00
Hugo Trippaers f1139848e5 Slight optimization, don't run checkstyle on container or non-java projects. 2014-02-18 12:24:11 +01:00
Min Chen ebfe947f41 Fixed some bugs encountered in testing iam-plugin apis. 2014-02-14 15:04:29 -08:00
Min Chen 586ee74000 Clean up SecurityChecker.AccessType and modify code to use them 
consistently.
 2014-02-14 11:23:05 -08:00
Hugo Trippaers 97bad4f9b3 Fix checkstyle and license issues 2014-02-14 18:37:47 +01:00
Ian Southam 33c2c87287 Findbugs finding 
Signed-off-by: Hugo Trippaers <htrippaers@schubergphilis.com>
 2014-02-14 18:37:46 +01:00
miguelaferreira 1237bf3222 Fix findbugs findings in cloudstack-service-console-proxy-rdpclient 
Findings:
- 32 int shifted by an amount not in range -31..31:
	The shifts by 32 bits don't actually have any effect on the value
	(as shown by the tests)
- possible null pointer dereference
- repeated conditional test
- field only ever set to null
	All other uses of the field were to check if it was null,
	which it was, so it was removed

Other actions:
- Upgrade jUnit to version 4
- Add PowerMock dependency

Signed-off-by: Hugo Trippaers <htrippaers@schubergphilis.com>
 2014-02-14 18:37:46 +01:00
Hugo Trippaers cc6938e3a8 Findbugs : Fix several "of concern" findings. 2014-02-14 18:37:46 +01:00
Min Chen 4b75fa806a Fix a NPE bug in listAclPolicies. 2014-02-13 17:57:49 -08:00
Min Chen 5bfc75cac9 Fix test build failure. 2014-02-13 11:21:07 -08:00
Min Chen 5854c0bbeb Fix Path cannot be null error in creating ACL Policy. 2014-02-11 22:45:57 -08:00
Min Chen 97ec3f6628 Fix an AclEntityType cast bug. 2014-02-11 22:26:52 -08:00
Min Chen 63e42d3c47 Handle scopeId=-1 properly, which indicates current caller domain or 
account.
 2014-02-07 15:56:03 -08:00
Min Chen 0b5b861994 Fix a bug in listParentAclGroups to handle empty parent group case. 2014-02-07 14:13:56 -08:00
Min Chen 3b58a45e04 Merge branch 'master' into rbac. 2014-02-07 13:43:36 -08:00