etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,126 Commits 323 Branches 325 Tags 836 MiB
Commit Graph

76 Commits

Author SHA1 Message Date
Prachi Damle df302bdb3e Split the Root Admin policy to allow 'ListEntry' access for listing resources for scope 'all', but 'UseEntry' access only within Account scope 
Same with Domain Admin policy
 2014-04-04 16:38:29 -07:00
Prachi Damle 897e0d3abe SecurityChecker can accept multiple ControlledEntity 2014-04-04 16:38:29 -07:00
Prachi Damle 6a9d6f8796 RoleBasedEntityAccessChecker should skip Project resources. IAM does not support Projects yet. 2014-03-28 18:56:30 -07:00
Prachi Damle 4e61e49143 CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI 
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
 2014-03-28 14:35:00 -07:00
Daan Hoogland 8b62b2cb92 findbugs: exclude known spiffy hacks a.k.a. false positives 2014-03-28 14:28:10 +01:00
Prachi Damle acfdd519be IAMEntityType change in the test after merge 2014-03-19 11:00:25 -07:00
Prachi Damle c3ee01cca1 More changes to support 'readOnly' access 2014-03-19 11:00:23 -07:00
Prachi Damle e09f97aa63 Adding support for 'readOnly' access. AccessType.ListEntry introduced. 2014-03-19 11:00:20 -07:00
Min Chen ae1d6a771b Remove IAMEntityType to use existing VO interface class to annotate 
entityType.
 2014-03-17 17:19:55 -07:00
Hugo Trippaers 4402685e11 Update master to 4.5.0-SNAPSHOT 2014-03-14 14:55:26 +01:00
Prachi Damle d9696b26e1 After merge, fix isRootAdmin() calls to use accountId instead of type 2014-03-13 13:28:40 -07:00
Min Chen f2d4b4d60e Use IAMService to populate group-account association for system/admin 
account to solve unit test failure.
 2014-03-11 16:31:03 -07:00
Min Chen b554d4ac1f Fix issues found through FindBugs. 2014-03-11 11:49:48 -07:00
Prachi Damle 1c85af3193 A production/QA Setup does not populate the admin and SYSTEM accounts during database setup. So IAM plugin needs to insert the necessary group <-> account map in the DB during startup 2014-03-10 17:30:00 -07:00
Min Chen 748c090b29 Fix unapproved licens issue. 2014-03-10 11:27:10 -07:00
Min Chen 056d21e14b Fix bugs found from marvin test. 2014-03-04 11:16:45 -08:00
Min Chen 61b47850f2 Bug fix identified by marvin test. 2014-03-03 17:26:16 -08:00
Min Chen e5d722654a Rename IAMEntityType.AclGroup and AclPolicy. 2014-03-02 16:06:29 -08:00
Min Chen 7e4c3b0e92 Pass UUID for scopeId in addIAMPermissionToIAMPolicyCmd and 
removeIAMPermissionFromIAMPolicyCmd.
 2014-03-02 15:56:02 -08:00
Min Chen 9f47466fea Fix some issues in renaming iam api, also fix marvin library. 2014-02-26 17:30:34 -08:00
Prachi Damle 45a96e4e4c renaming Acl to IAM in module.properties for the plugin 2014-02-25 17:02:41 -08:00
Prachi Damle 57b687e8b6 Renaming all beans in the xml files to use IAM insteda of Acl 2014-02-25 16:58:42 -08:00
Prachi Damle 6309887800 iam/server changes: Rename Acl to IAM 2014-02-25 16:43:25 -08:00
Prachi Damle 187f9cd0a2 iam/plugin: Rename Acl to IAM everywhere 2014-02-25 16:43:23 -08:00
Prachi Damle b2ba6c05b4 Renaming plugin packages to 'iam' instead if 'acl' 2014-02-25 16:43:20 -08:00
Min Chen 26e92af62d Rename IAM api and response package name so that they are following 
convention used by ApiXmlDocWriter.
 2014-02-18 16:08:06 -08:00
Min Chen ebfe947f41 Fixed some bugs encountered in testing iam-plugin apis. 2014-02-14 15:04:29 -08:00
Min Chen 586ee74000 Clean up SecurityChecker.AccessType and modify code to use them 
consistently.
 2014-02-14 11:23:05 -08:00
Min Chen 4b75fa806a Fix a NPE bug in listAclPolicies. 2014-02-13 17:57:49 -08:00
Min Chen 5bfc75cac9 Fix test build failure. 2014-02-13 11:21:07 -08:00
Min Chen 5854c0bbeb Fix Path cannot be null error in creating ACL Policy. 2014-02-11 22:45:57 -08:00
Min Chen 97ec3f6628 Fix an AclEntityType cast bug. 2014-02-11 22:26:52 -08:00
Min Chen 63e42d3c47 Handle scopeId=-1 properly, which indicates current caller domain or 
account.
 2014-02-07 15:56:03 -08:00
Min Chen 0b5b861994 Fix a bug in listParentAclGroups to handle empty parent group case. 2014-02-07 14:13:56 -08:00
Min Chen 7c0170e3e9 Hook up IAM update for updateTemplatePermission api. 2014-02-05 16:04:13 -08:00
Prachi Damle 022b9b8f80 Add access for domain wide createAffinityGroup 2014-02-03 18:14:56 -08:00
Prachi Damle a6d07c873c Changes to QuerySelector to list the parent group resources with recursive = true access 2014-02-03 17:49:33 -08:00
Prachi Damle 939b15169c changes to support the domain wide resources for Network 2014-02-03 17:34:03 -08:00
Prachi Damle 09eed3705d Fix for NPE in the dao 2014-01-31 12:00:26 -08:00
Prachi Damle d12422bf68 Add policies to domain group for CreateNetwork usecase for a domain wide shared network 2014-01-29 23:56:25 -08:00
Prachi Damle ce95f3122b add 'recursive' column to permission table 2014-01-29 23:48:13 -08:00
Min Chen 81323dce5d Add support to grant acl permission to access an individual resource. 2014-01-29 17:59:24 -08:00
Min Chen 0063b60701 Remove ACL permission for a particular entity when it is deleted. The 
hook is currently only done for deleteTemplateCmd.
 2014-01-28 18:17:01 -08:00
Min Chen 72812cdf22 Grant public template permission to domain admin and normal user policy. 2014-01-28 17:41:27 -08:00
Min Chen 748dc1541c Support attaching policy to account. 2014-01-28 10:00:17 -08:00
Prachi Damle 91317dc497 Changes for createDomain - create new group AND createAccount - add account to domain group 2014-01-28 09:48:19 -08:00
Min Chen d47d4bbd20 Guard NPE due to empty policies. 2014-01-23 18:32:48 -08:00
Min Chen 344d3a37cc Add missing AclApiServiceImpl bean into spring xml. 2014-01-23 18:32:48 -08:00
Prachi Damle af14699c4c fixing the build _ AffinityGroup command changes 2014-01-23 18:17:43 -08:00
Prachi Damle 96a64b933e - Adding OperateEntry during loading of commands 
- Replace ListEntry By OperateEntry
- ApiDispatcher should pass on the API name
 2014-01-23 17:50:59 -08:00