etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
27,673 Commits 342 Branches 328 Tags 863 MiB
Commit Graph

2042 Commits

Author SHA1 Message Date
Rafael da Fonseca 1bd3286263 Fix 2 findbugs warnings in ApiResponseHelper.java ints were being boxed just to call .toString() 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #438
 2015-06-15 12:10:04 +03:00
Rafael da Fonseca 62e78cdea0 Fix findbugs warning in ApiDispatcher.java Unnecessary boxing/unboxing of long value 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #430
 2015-06-15 12:09:48 +03:00
Rafael da Fonseca bec44bffb3 Upgrade Reflections to 0.9.9 
Signed-off-by: Rajani Karuturi <rajanikaruturi@gmail.com>

This closes #333
 2015-06-03 11:01:32 +05:30
Rohit Yadav 1c81b241e7 CLOUDSTACK-8505: Don't allow non-POST requests for default login API 
We add a new contract to pass Http request to authentication plugin system. In
the default login API, we disallow non-POST requests.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 9e9b231672)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	api/src/org/apache/cloudstack/api/auth/APIAuthenticator.java
	plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
	plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
	plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
	plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmdTest.java
	plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmdTest.java
	plugins/user-authenticators/saml2/test/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmdTest.java
	server/src/com/cloud/api/ApiServlet.java
	server/src/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java
	server/src/com/cloud/api/auth/DefaultLogoutAPIAuthenticatorCmd.java
	server/test/com/cloud/api/ApiServletTest.java
 2015-05-22 11:44:34 +01:00
Wido den Hollander ab1a6912a9 CLOUDSTACK-1302: Make sure the disk cache mode is passed to the KVM Agent 
The StartCommand did not contain the proper cache mode due to VolumeJoinVO
not containing the cache_mode field.
 2015-04-30 17:32:52 +02:00
Rajani Karuturi 0b8355920e Merge branch 'volume-upload' into master 
This closes #206
 2015-04-29 11:12:53 +05:30
Ilia Shakitko fe29998938 GetUsageRecordsCmd - NewInputFormat for START_DATE and END_DATE (with time; backward capabile) 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-24 11:34:51 +02:00
Rohit Yadav d81e831214 RemoteAccessVpn: fix regression preshared key is not sent to UI/clients 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit c71339569d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-23 14:19:24 +02:00
Rohit Yadav c0d3e6f5e8 server: ignore params signatureversion and expires when validating API args 
(cherry picked from commit d361bf6847)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-14 16:52:32 +05:30
KC Wang 01864ef77c CLOUDSTACK-6697: bigswitch networking plugin update 
1. provide compatibility with the Big Cloud Fabric (BCF) controller
   L2 Connectivity Service in both VPC and non-VPC modes
2. virtual network terminology updates: VNS --> BCF_SEGMENT
3. uses HTTPS with trust-always certificate handling
4. topology sync support with BCF controller
5. support multiple (two) BCF controllers with HA
6. support VM migration
7. support Firewall, Static NAT, and Source NAT with NAT enabled option
8. add VifDriver for Indigo Virtual Switch (IVS)

This closes #151

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-09 13:02:02 +05:30
Rajani Karuturi 5643d514ee volume upload: showing browser uploaded templates in UI. 
Templates are not observed on UI after GetUploadParamsForTemplate API
call and Template upload requests initiated.
 2015-03-24 15:11:14 +05:30
Antonio Fornie 09bd847040 Vpc redundancy enabled. Including Vpc & Vpc Offering creation. Marvin tests and UI. 2015-03-16 11:38:05 +01:00
Rohit Yadav 05d2b0a707 server: remove unused import in ImageStoreJoinDaoImpl 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-11 17:28:32 +05:30
Rohit Yadav 40f343ff4c api: avoid sending sensitive data in api response 
- UI: use post when updating user
- S3: don't send s3 key in the response
- VPN: don't send preshared key in remoteaccessvpn api response
- Snapshot response should set zone id not volume's device id

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 02cadc3fb3)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-11 16:34:56 +05:30
Sanjay Tripathi 182d770f9f CLOUDSTACK-8315: CS API listVMSnapshot doesn't have tags ‘project’ and ‘projectid’. 2015-03-11 14:38:57 +05:30
Rohit Yadav 25b0bd620a server: last cherry-picked commit failed to remove code 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-06 21:44:24 +05:30
Rohit Yadav ed099c3f96 server: check and set sercure cookie flag only after login 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 0f819f1583)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-28 18:23:05 +05:30
Rohit Yadav 20bcb4b673 CLOUDSTACK-7063, CLOUDSTACK-7064: Add security headers on HTTP response 
- Adds X-XSS-Protection header
- Adds X-Content-Type-Options header
- Fixes to use json content type defined from global settings
- Uses secure cookie if enabled in global settings

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit b6b3494782)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-28 18:14:49 +05:30
Rohit Yadav 43cf1da865 CLOUDSTACK-5238: password checks, NPE fixes and minor fixes 
- insecure authenticators excluded in configuration
- snapshot response should have zone
- remove vmsnapshots when removing accounts

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 5481485a08)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	api/src/org/apache/cloudstack/api/response/VMSnapshotResponse.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/storage/download/DownloadActiveState.java
 2015-02-27 18:24:46 +05:30
Rohit Yadav 2580edbcfb CLOUDSTACK-7908: UserVmResponse returns userid/username information of the creator 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-16 16:12:22 +05:30
Rohit Yadav 1a6df6f978 CLOUDSTACK-7908: Add user_id column to vm_instance table 
Design Document:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Allow+VM+listing+by+User+ID

- Adds column to VMInstance DAO
- Adds column in vm_instance table
- Adds column in the UserVMJoinVO
- Adds default admin user which has UID = 2
- Adds migration path that sets user_id to first user of the accountId that
  owns the vm in vm_instance table
- Add arg on list VMs API to query by userId, add support in query layer
- Refactor VMInstanceVO and child classes to accept userId
- Add code to let service layer pass userId if loggedIn user belongs to same
  account as the owner executing an API call or use first user from owner account
- In case of CPVM and SSVM use system user ID
- Fix unit tests and spring injections

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-16 15:02:38 +05:30
Rohit Yadav fae4fdae53 ApiResponseHelper: fix NPE when parent of snapshot is null 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-05 17:02:30 +05:30
Daan Hoogland b586439c9f CLOUDSTACK-8197 create MinVRVersion config item 2015-02-03 13:18:15 +01:00
Mike Tutkowski 0f84e042b9 Adding support for creating a volume from a snapshot when the snapshot is on managed storage 2015-01-20 15:24:33 -07:00
Pierre-Yves Ritschard b2393c31ed move ConstantTimeComparator to utils 2015-01-14 12:14:00 +01:00
Pierre-Yves Ritschard 9b4e39e837 Use constant-time comparison functions when checking signatures 
This limits the likeliness of timing attacks against the API.
See http://codahale.com/a-lesson-in-timing-attacks/ for the
full rationale.

Conflicts:
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/user/AccountManagerImpl.java
 2015-01-14 11:32:29 +01:00
Rohit Yadav 185f7e0152 CLOUDSTACK-8155: Remove unwanted whitespaces from json response 
This removes extra whitespaces from the JSON serialized response.
After the fix, tested to work with:
- Present UI
- CloudMonkey
- Old buggy json parsers

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 921ad057de)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-14 02:43:54 +05:30
Kishan Kavala 01a325b2bf Network Id for direct-network should not be included in usage record response. Direct network stats have network_id = 0. Ignore network with id = 0 in usage record 2015-01-07 14:17:30 +05:30
Kishan Kavala 9eb8d538dd For volumes created from template, do not log offering ID in VOLUME.CREATE in usage_event. Moved offering type to DiskOffering interface 2015-01-07 12:31:41 +05:30
Wei Zhou 93429443d5 CLOUDSTACK-8063: list secondary Ips information on non-default nics in VM response 2015-01-05 11:22:14 +01:00
Likitha Shetty ff7997a2b1 CLOUDSTACK-8127. VM name not displayed after attaching data disk to a VM. 
If user hasn't supplied a display name for a VM, default it to VM name in listVolume response.
This behaviour is identical to listVirtualMachine response.
 2014-12-24 15:21:34 +05:30
Min Chen d304409c98 CLOUDSTACK-8093:Not able to list shared templates by passing id. 2014-12-18 10:00:18 -08:00
Sanjay Tripathi 9153b8bede CLOUDSTACK-8066: There is not way to know the size of the snapshot created. 2014-12-17 16:00:19 +05:30
Wei Zhou 19e99848c8 CLOUDSTACK-7882: SSH Keypair Creation/Selection in UI 
Thanks Ilia Shakitko for the porting and testing.
 2014-12-12 14:30:34 +01:00
Wei Zhou dcb7fcc6df CLOUDSTACK-8063: list secondary Ips information in VM response 2014-12-12 09:47:27 +01:00
Min Chen 8cb11f407f CLOUDSTACK-7981: added back resource tag related columns to user_vm_view to support resource tag related search. 2014-12-03 09:33:22 -08:00
Laszlo Hornyak a81b59e2a4 Revert "some unused fields deleted" 
This reverts commit 31db58f720.
 2014-12-03 18:09:49 +01:00
Wei Zhou c25d4fdea2 CLOUDSTACK-7847: Separate ListDomains cmd to use two different views 2014-12-03 12:33:57 +01:00
Wei Zhou 0407fb334f CLOUDSTACK-7847: add max.domain.* in global setting and display domain resources in listDomainsCmd response 2014-12-02 11:52:10 +01:00
Wei Zhou af2f21894c CLOUDSTACK-7983: Create Disk/Service Offering for Domain Admin 2014-12-01 13:03:37 +01:00
Rohit Yadav 21a6bef53b CLOUDSTACK-7989: Ignore Auth API calls in unauthenticated HTTP handlers 
If an auth API call (such as login, logout) is called on unauthenticated port
such as the 8096 integration server port, we need to ignore such API calls
as calling auth APIs on 8096 is un-necessary and is undefined.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-28 15:43:29 +05:30
Min Chen 4e7af26c9f CLOUDSTACK-7981: listVirtualMachine is too slow in case of duplicate 
resource tags due to joining user_vm_details to user_vm_view.
 2014-11-26 17:23:07 -08:00
Rohit Yadav 7ff31f1b22 Merge remote-tracking branch 'origin/inetaddress' 
- Tested locally against unit tests
- TravisCI build passed: https://travis-ci.org/apache/cloudstack/builds/41990351
- Manual QA passed for basic auth and saml auth using default IDP settings

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/com/cloud/api/ApiServlet.java
 2014-11-25 14:32:09 +05:30
Wido den Hollander 72ba98b1b8 Validate IPv4 address using Apache Commons Validator 2014-11-24 14:43:48 +01:00
Wido den Hollander 87a7810ade Fix UnitTest ApiServlet 2014-11-24 11:48:13 +01:00
Sanjay Tripathi d475b62838 CLOUDSTACK-7964: listAccounts API is not listing correct value of resource limits. 2014-11-24 13:44:42 +05:30
Laszlo Hornyak 31db58f720 some unused fields deleted 
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
 2014-11-23 19:49:04 +01:00
Laszlo Hornyak 3577423da9 removed executable flags from java classes 
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
 2014-11-23 19:49:01 +01:00
Laszlo Hornyak 2a6d6891eb Some simplification on getClientAddress in ApiServlet 
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
 2014-11-23 19:48:58 +01:00
Laszlo Hornyak fa52ffad65 unit test for getClientAddress 
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
 2014-11-23 19:48:57 +01:00