etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,696 Commits 323 Branches 325 Tags 912 MiB
Commit Graph

311 Commits

Author SHA1 Message Date
Rohit Yadav ceddaf122c api_refactor: refactor user apis 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-05 14:55:58 -08:00
Rohit Yadav 9a0df30766 api_refactor: refactor account apis 
- Fix refactored apis, fix mappings in commands*.in
- Fix comments etc.

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2012-12-03 23:42:13 -08:00
Deepak Garg d2155890cc CS-16168:AutoScale- Deletion of Account doesn't delete the AutoScale LB rule 2012-11-16 10:56:57 +05:30
Alena Prokharchyk 74622a4dc3 Fixed listNetworks for the case when a) caller is an admin 2) projectId=-1 is specified - admin wasn't able to list networks belonging to regular users' projects 2012-11-14 14:59:51 -08:00
Kishan Kavala f365426b99 temp changes 2012-11-08 23:37:30 +05:30
Kelven Yang d79f1f6fdc Replace Adapters and PluggableServices, use Spring to load them 2012-11-07 15:03:24 -08:00
Kelven Yang cea8f3bf37 Switch inject annotation to javax and let ComponentLocator to recognize both the new and original inject annotation 2012-11-07 15:03:22 -08:00
Kelven Yang aab02e2743 Add Spring annotation to major components 2012-11-07 14:53:39 -08:00
Hugo Trippaers bd58ceccd8 Summary: Make the authenticator responsible for encoding the password and add a SHA256 salted authenticator 
The authenticators now have an encode function that cloudstack will use to encode the user supplied password before storing it in the database. This makes it easier to add other authenticators with other hashing algorithms. The requires a two step approach to creating the admin account at first start as the authenticators are only present in the management-server component locator.

The SHA256 salted authenticator make use of this new system and adds a hashing algorithm based on SHA256 with a salt. This type of hash is far less susceptible to rainbow table attacks.

To make use of these new features the users password will be sent over the wire just as he typed it and it will be transformed into a hash on the server and compared with the stored password. This means that the hash will not go over the wire anymore.

The default authenticator in components.xml is still set to md5 for backwards compatibility. For new installations the sha256 could be enabled.
 2012-10-30 12:56:56 +01:00
Alena Prokharchyk 214bbf3ebd CLOUDSTACK-279: fixed deleteProject when executed by the regular user. Always pass System account as a caller when do account cleanup 
Conflicts:

	api/src/com/cloud/api/commands/DeleteRemoteAccessVpnCmd.java
	server/src/com/cloud/network/element/CiscoNexusVSMElement.java
	server/src/com/cloud/network/element/ElasticLoadBalancerElement.java
	server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java
	server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
	server/src/com/cloud/network/element/NetscalerElement.java
	server/src/com/cloud/network/element/OvsElement.java
	server/src/com/cloud/network/element/VpcJuniperSRXExternalFirewallElement.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
	server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
	server/src/com/cloud/storage/StorageManager.java
 2012-10-17 17:26:19 -07:00
Kishan Kavala f0f33bf4da Added Mock ApiServer, Regions API calls with api keys 2012-10-17 14:16:36 +05:30
Alena Prokharchyk 8f2d9a09e5 CLOUDSTACK-332: intermediate checkin fixing count parameter in listCommands 
Fixes the count in commands:

listVolumes
listVirtualMachines
listSnapshots
listRouters
listFirewallRules
listPortForwardingRules
listLoadBalancerRules
listIpForwardingRules
listAccounts
listUsers
listDomains
listDomainChildren
listPublicIpAddresses
listAlerts
listAsyncJobs
listRemoteAccessVpns
listVpnUsers
listTags
listPrivateGateways
listNetworkACLs
listStaticRoutes

Conflicts:

	api/src/com/cloud/api/commands/ListVMsCmd.java
	api/src/com/cloud/api/commands/ListVolumesCmd.java
	api/src/com/cloud/network/lb/LoadBalancingRulesService.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
	server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
	server/src/com/cloud/tags/TaggedResourceManagerImpl.java
 2012-10-12 13:58:59 -07:00
Alena Prokharchyk c9aa9a5557 CLOUDSTACK-287: don't allow API call against system account (adding users to system account is prohibited; can't delete/update System account) 
Conflicts:

	server/src/com/cloud/user/AccountManagerImpl.java
 2012-10-09 09:37:27 -07:00
Alena Prokharchyk ffa5276222 Fixed CLOUDSTACK-287 
1) Always fail to authenticate system user.
2) DB - always create system user with RANDOM not null password
3) Don't allow modifying (setting api/secretKeys, etc) system user via API

Conflicts:

	server/src/com/cloud/user/AccountManagerImpl.java
	setup/db/db/schema-305to306.sql
 2012-10-09 09:37:27 -07:00
Rohit Yadav 5cd7fb8408 CLOUDSTACK-121: Fixed "Incorrect username/domainId login causes NullPointerException " 2012-10-05 11:42:04 -07:00
Kishan Kavala 89779cceb8 Merge branch 'master' into regions 
Conflicts:
	api/src/com/cloud/api/ApiConstants.java
	api/src/com/cloud/api/ResponseGenerator.java
	client/tomcatconf/commands.properties.in
	core/src/com/cloud/user/UserVO.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/user/AccountManagerImpl.java
	setup/db/create-schema.sql
 2012-10-03 14:09:01 +05:30
Kishan Kavala 4fcf64dd74 updated regions branch with changes from master 2012-09-27 17:04:59 +05:30
Kishan Kavala 39d394a8e8 Propogate Domain and User commands 2012-09-27 16:44:12 +05:30
Alena Prokharchyk 51041e4f77 Fixed security problem in listAccounts call (regular user could see other accounts' info when domainId was passed in to listAccounts call) 2012-09-25 10:44:22 -07:00
Saksham Srivastava a56631bc66 bug CS-15278: Added global setting login.attempts.allowed which defines the maximum incorrect password attempts allowed. 
Also after the maximum attempts are reached the user account is disabled
 2012-09-12 19:35:24 +05:30
Likitha Shetty 8c3450b503 CS-14770. ec2-run-instances and ec2-describe-instances don't return keypair information. Component: AWSAPI. 2012-08-28 13:52:42 -07:00
kishan 4ea36b82e9 propogate account changes to other Regions 2012-08-24 15:59:59 +05:30
Mice Xia 42fbf24f86 Remove @author tag from non third-party source files in server folder 2012-08-13 15:17:31 +08:00
Alena Prokharchyk c5e3493792 Merge branch 'master' into vpc 2012-08-08 18:38:35 -07:00
Alena Prokharchyk a1f361904e Reverted "Initialize user context from AccountManager" committed to master branch by mistake 
This reverts commit da26302049.
 2012-08-08 15:26:45 -07:00
Alex Huang 457f3b3dc9 Removed all javax source code from utils package 2012-08-08 12:58:22 -07:00
Alena Prokharchyk 048c5e50cf Merge branch 'master' into vpc 
Conflicts:
	utils/test/com/cloud/utils/component/MockComponentLocator.java
 2012-08-08 11:50:39 -07:00
Alena Prokharchyk da26302049 Initialize user context from AccountManager 
Conflicts:

	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
 2012-08-08 11:17:01 -07:00
Sheng Yang d90be0d9bc S2S VPN: CS-15748: Deleting customer vpn gateway when delete account 
Conflicts:

	server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
 2012-07-30 15:34:41 -07:00
Sheng Yang fd9ef34a0f CS-15719: Fix state change when stopping 2012-07-27 16:28:06 -07:00
bfederle c8f72c9198 Merge branch 'master' into vpc 
Conflicts:
	ui/scripts/network.js
 2012-07-23 10:36:25 -07:00
kishan f2bbf62d9d Added getUser API to get user details using API key. Services like S3 can user this API to authenticate. API is admin only. 2012-07-18 14:20:04 -07:00
Alena Prokharchyk 7c2b123d94 Merge branch 'master' into vpc 2012-07-16 15:43:16 -07:00
Alena Prokharchyk 7a5efcc2e8 CS-15579 - perform check when account/domainId is passed to list call by the regular user 2012-07-13 15:59:15 -07:00
Alena Prokharchyk 31f9d718fb Merge branch 'master' into vpc 
Conflicts:
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
 2012-07-03 17:32:50 -07:00
kishan 6a1b0f3ecf Add Region APIs 2012-07-03 13:05:19 -07:00
David Nalley e87558256c Patch from Chip Childers 
https://reviews.apache.org/r/5704/
License header updates for the server folder
 2012-07-02 09:51:21 -04:00
Alena Prokharchyk 634cd78baa Merge branch 'master' into vpc 
Conflicts:
	api/src/com/cloud/api/ApiConstants.java
	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/api/ResponseGenerator.java
	api/src/com/cloud/api/commands/ListNetworksCmd.java
	api/src/com/cloud/api/response/NetworkResponse.java
	api/src/com/cloud/event/EventTypes.java
	api/src/com/cloud/network/NetworkService.java
	client/tomcatconf/commands.properties.in
	scripts/network/domr/getDomRVersion.sh
	scripts/network/domr/ipassoc.sh
	scripts/network/domr/l2tp_vpn.sh
	scripts/network/domr/networkUsage.sh
	scripts/network/domr/router_proxy.sh
	server/src/com/cloud/api/ApiDBUtils.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/dao/IPAddressDao.java
	server/src/com/cloud/network/dao/IPAddressDaoImpl.java
	setup/apidoc/gen_toc.py
	setup/db/create-schema.sql
	wscript
 2012-06-28 17:41:40 -07:00
Alena Prokharchyk b03265bc76 VPC: implemented vpc cleanup thread that cleans up Inactive VPCs (that were failed to delete) 2012-06-28 10:18:14 -07:00
Alena Prokharchyk 5ecdad7399 VPC: don't generate empty SetStaticRoute command during VR start when there are no static routes for the VPC 
Conflicts:

	server/src/com/cloud/user/AccountManagerImpl.java
 2012-06-28 10:17:34 -07:00
Alena Prokharchyk 66e14e2627 Applied patch https://reviews.apache.org/r/5522/diff/ 2012-06-25 21:19:48 -07:00
saksham f6d16d0ab5 CS-15018: Event USER.LOGIN should contain the client IP address. Changes made in accordance with the coding convention. 
Reviewed-by: Alena Prokharchyk
 2012-06-18 10:18:30 -07:00
Alena Prokharchyk 929997f54e AssociateIpAddress to VPC - the ip gets associated to the network only when the first rule for the ip gets created. 
When the last rule is removed for vpc ip, networkId is set to null

Conflicts:

	api/src/com/cloud/api/commands/AssociateIPAddrCmd.java
	api/src/com/cloud/api/commands/EnableStaticNatCmd.java
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/rules/RulesService.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/test/com/cloud/network/MockNetworkManagerImpl.java
 2012-06-15 14:18:24 -07:00
Alena Prokharchyk b9a4e79277 1) Added search by vpcId to listRouters/listNetworks Apis 
2) Don't allow to add new networks/implement existing ones for VPC in Disabled state. Disabled state indicates that there was unsuccessful attempt to remove the VPC, and the further cleanup will be taken care of by cleanup thread.

Conflicts:

	server/src/com/cloud/network/dao/IPAddressDao.java
	server/src/com/cloud/server/ManagementServerImpl.java
 2012-06-15 14:09:37 -07:00
Alena Prokharchyk 737543ce3e CS-15025 
listTemplates: made executable filters to work for regular user
 2012-05-21 15:35:10 -07:00
David Nalley 59436be4ee fixing line endings in server 2012-04-07 20:13:10 -04:00
Alena Prokharchyk 25e85e177e bug 14589: don't accept empty username/firstname/lastname in update/createUser apis 2012-04-04 12:55:02 -07:00
frank 2f634c0913 Switch to Apache license 2012-04-03 04:50:05 -07:00
Alena Prokharchyk 96cdc408d4 bug 14103: mark account for cleanup only in cleanupAccount and disableAccount method, not in the callers methods 
status 14103: resolved fixed
 2012-03-05 16:19:12 -08:00
Alena Prokharchyk fa0e25d146 bug 14080: do EQ instead of LIKE search when search for duplicated users during the user update 
status 14080: resolved fixed
 2012-03-01 15:11:46 -08:00
Alena Prokharchyk 6b9abf832b bug 13944: when delete the account, expunge detached volumes on the backend 
status 13944: resolved fixed
Reviewed-by: Frank Zhang
 2012-02-22 17:59:22 -08:00
Alena Prokharchyk 2fb10fe9d7 bug 13700: delete projects as a part of domain cleanup 
status 13700: resolved fixed
reviwed-by: Frank
 2012-02-15 16:34:50 -08:00
Alena Prokharchyk d55850526c Don't change the domain state when the domain can't be removed (cleanup=false and there are resources referencing it) 
Reviewed-by: Edison Su
 2012-02-14 17:17:10 -08:00
Alena Prokharchyk 17349dfe12 bug 13695: deleteAccount - remove account from projects as a part of account cleanup process 
status 13695: resolved fixed
Reviewed-by: Frank
 2012-02-14 14:06:49 -08:00
Alena Prokharchyk d5532d7de0 Update apikey/secretkey in transaction 2012-02-13 11:11:56 -08:00
Alena Prokharchyk cad392cd68 bug 13335: fixed listProjectInvitations by projectId 
status 13335: resolved fixed
 2012-02-07 13:16:27 -08:00
Alena Prokharchyk 1490e45a1c Fixed format style in a bunch of files (replaced tabs with spaces as a part of it) 2012-02-03 13:49:11 -08:00
Alena Prokharchyk c09faa109d bug 13296: release public ip addresses in the basic zone during the account cleanup 
status 13296: resolved fixed
 2012-01-25 11:26:37 -08:00
Alena Prokharchyk 88d3f1ba03 bug 13295: apply specific security check for the network 
status 13295: resolved fixed

Reviewed-by: Will Chan
 2012-01-25 10:57:24 -08:00
Nitin Mehta f558aa07c5 Bug 12740: Allow root admins and system user to bypass the ACL layer. 
Reviewed-By: Kishan
 2012-01-25 12:29:04 +05:30
Alena Prokharchyk 83400cd15f bug 12776: if there are multiple objects involved in resource creation, verify that they belong to the same account 
status 12776: resolved fixed
 2012-01-17 13:40:37 -08:00
Alena Prokharchyk bda032b874 bug 12760: generate vm.destroy event when vm goes from Stopped to Expuning state 
status 12760: resolved fixed
 2012-01-17 10:38:52 -08:00
Alena Prokharchyk f0c4980dff bug 13110: use Ternary data structure when build search criteria 
status 13110: resolved fixed
 2012-01-16 14:15:28 -08:00
Alena Prokharchyk a5900368b6 bug 13023: fixed listAccounts to return all accounts the user is authorized to see 
status 13023: resolved fixed
 2012-01-16 11:45:02 -08:00
kishan b589e49263 Bug 12929: Added domain_id to event table. Populate domain_id while persisting events. Cleanedup EventUtils. 
Status 12929: resolved fixed
Reviewed-By: Nitin
 2012-01-12 16:16:06 +05:30
Alena Prokharchyk c581506103 bug 12306: list* command revamp 2012-01-09 10:07:42 -08:00
Abhinandan Prateek 4f9cbdaadb bug 11303: passing the request params to the authenticators, callingh authenticators in a configurable chain 2012-01-02 14:55:26 +05:30
Alena Prokharchyk 8d27ecf4de bug 12635: enable project account when activate the project 
status 12635: resolved fixed
 2011-12-19 12:23:41 -08:00
Alena Prokharchyk a12c358842 bug 12624: don't allow to delete the account when he is the owner for project(s) 
status 12624: resolved fixed
 2011-12-19 12:02:29 -08:00
Alena Prokharchyk 4cb6fcc17a bug 12591: fixed updateDomain 
status 12591: resolved fixed
 2011-12-16 11:54:47 -08:00
kishan 3503c37f68 updated license 2011-12-15 16:51:55 +05:30
kishan c3ed426837 bug 12206: Added op_user_stats_log table to store historic user stats. Network stats update thread will update aggregate bytes and log the entry in this table. Mgmt server with min id will run this job. 
status 12206: resolved fixed
reviewed-by: Nitin
 2011-12-15 16:46:41 +05:30
Alena Prokharchyk 033afe05a9 listRouters: don't list Project routers when projectId is not specified in the call 2011-12-07 12:59:15 -08:00
Abhinandan Prateek d09ed94ebb Merge branch 'master' of ssh://git.cloud.com/var/lib/git/cloudstack-oss 2011-12-04 15:12:48 +05:30
Abhinandan Prateek c4f624e7c9 bug 8313: ldap authentication, still need to fix the MD5 encoded password, cuurent authenticator only works with plaintext password 2011-12-04 15:11:06 +05:30
Alena Prokharchyk a4773b7080 bug 12291: listVms - show non-project resources only if no projectId specified 
status 12291: resolved fixed
 2011-12-02 15:17:50 -08:00
Alena Prokharchyk 9f49967365 fixed listNetworks by projectId 2011-12-01 14:22:59 -08:00
prachi d98130c061 Bug 8750 - update/disable/enableAccount api commands should accept "id" request parameter to be consistent with deleteAcccount command 
These commands now accept 'id' parameter along with the 'accountname' and 'domainid'.
 2011-12-01 13:58:44 -08:00
kishan af0cf90b2b bug 12208,12238: Do not encrypt user password and api key 
status 12208,12238 : resolved fixed
reviewed-by: Abhi
 2011-12-01 23:37:37 +05:30
Alena Prokharchyk dc9efbb46e return only domains in Active state to the API 2011-11-30 13:56:37 -08:00
Alena Prokharchyk abfbac7928 Moved listAccount/listDomains/listDomainChildren methods from ManagementServer to Account/Domain managers 2011-11-28 15:32:12 -08:00
Alena Prokharchyk 102f460458 Fixed updateConfiguration - updateHostDetails used to swallow the exceptions 2011-11-28 11:52:45 -08:00
Abhinandan Prateek 655a9805f3 bug 11966: added findNonDisabledAccount 2011-11-24 13:43:12 +05:30
Abhinandan Prateek 16e342836e bug 11966: chnaged the findActiveAccount method to return only the accounts which are active 2011-11-24 13:12:28 +05:30
frank d6db4a686e Bug 11313 - Add an account param/detail/map in the XXXAccount API calls 
status 11313: resolved fixed
 2011-11-07 14:24:36 -08:00
kishan b1f78bca25 bug 5822, 10783: Use encryption/decryption for queries which use sql directly 
status 5822, 10783: resolved fixed
 2011-11-01 19:30:00 +05:30
kishan 284ee3909e bug 9842: Added task to update user stats agg bytes in sync with aggregation range 
status 9842: resolved fixed
 2011-10-31 17:15:36 +05:30
alena b413a625f4 1) replaced joinProject API with updateProjectInvitation api. You can accept/decline the invitataion with this command 
2) Added deleteProjectInviation command. Can be executed by project admin only
 2011-10-27 18:32:00 -07:00
alena eba6864965 bug 11667: drop primary keys in cloud_usage.usage_load_balancer_policy and cloud_usage.usage_port_forwarding 
status 11667: resolved fixed

Conflicts:

	server/src/com/cloud/user/AccountManagerImpl.java
 2011-10-07 11:02:14 -07:00
alena a17570ef51 1)Implemented Suspend/Activate project 
2)Email/token based invitation system
 2011-10-06 16:10:36 -07:00
alena 25c2734e03 More stuff to Projects feature - added support for adding resources (vms, templates, isos) to the project 2011-10-05 13:24:25 -07:00
alena 998568283c Don't allow to add accounts to the domain of type Project 
Don't allow to manipulate (delete/update) accounts/domains of type Project
 2011-10-05 13:24:25 -07:00
alena eda1b53c76 Events for adding/removing project users 2011-09-29 10:20:51 -07:00
alena ccd47c1b21 Implemented Project Invitations 2011-09-26 17:47:20 -07:00
alena 9f9b60a287 1) Added resource limits for the Projects - the same as for the account 
2) Added "Project" limit type for the Domain object
 2011-09-21 17:09:49 -07:00
alena a1331d1cfc Intermidiate checkin to Project feature: 
1) Introduce new managers - ProjectManager and DomainManager. Moved all domain related code from AccountManager to DomainManager.
2) Moved some code from ManagementServerImpl to the correct managers.
3) New resource limit for Domain - Project
 2011-09-20 18:35:28 -07:00
alena bddc2b9e45 bug 11487: catch all exceptions in cleanupAccount, and mark the account for cleanup when the exception is caught. 
status 11487: resolved fixed

Reviewed-by: will@cloud.com
 2011-09-20 10:33:06 -07:00
alena 459b32cc6a bug 11493: no need to do cross domain checks for the templates as domain level templates are not supported. We support only public (everybody can see and use) and private (only owner can see and use unless changed with updateTemplatePermissions call) 
status 11493: resolved fixed

Reviewed-by: will@cloud.com
 2011-09-20 10:31:57 -07:00
alena ba64010cb5 bug 11470: 1) fixed listResourceLimits 2) Fixed -1 to be treated as unlimited for all the resources 
status 11470: resolved fixed
 2011-09-19 09:47:07 -07:00
Nitin 20f0707755 bug 11190: My changes got reverted. Putting them back - Treating the max account limits with -1 values as infinite 2011-09-14 19:35:48 +05:30