94ebc90877
Remove usage of sameOwner checkAccess invocation, and convert to
...
OperateEntry IAM check.
2014-04-04 16:38:29 -07:00
ae1d6a771b
Remove IAMEntityType to use existing VO interface class to annotate
...
entityType.
2014-03-17 17:19:55 -07:00
36c0a4e2c3
Removed the AccessType.UseNetwork - replaced all referrences by AccessType.UseEntry
2014-03-13 15:32:38 -07:00
48e08fe676
Merge branch 'master' into rbac.
2014-03-06 14:02:20 -08:00
bbf5a912c6
list* APIs - added parameter helping to filter by "display" flag (available to ROOT admin only)
2014-03-03 14:37:46 -08:00
f41604fc6c
Renaming AclEntityType --> IAMEntityType
2014-02-25 16:43:17 -08:00
0f489732c8
Display flag support for LB/InternalLB/NetworkACL rules
2014-02-21 14:03:10 -08:00
586ee74000
Clean up SecurityChecker.AccessType and modify code to use them
...
consistently.
2014-02-14 11:23:05 -08:00
3b58a45e04
Merge branch 'master' into rbac.
2014-02-07 13:43:36 -08:00
9641e1dbee
External UUID control support for NetworkACLList/LoadBalancer/ApplicationLoadBalancer
2014-02-05 10:36:21 -08:00
72c0f1a617
Remove trailing whitespace
2014-02-03 18:28:09 -08:00
cb4d3a3c54
Support deleteAffinitygroup - remove access
2014-02-03 18:22:57 -08:00
022b9b8f80
Add access for domain wide createAffinityGroup
2014-02-03 18:14:56 -08:00
ea355d7383
listSslCerts: removed an exception thrown when there is no certificate mapped to the lbId specified in the list* command. Exception in the list* command should be thrown only when id specified in the command, is invalid CS id, but never in the case when we can't find data satisfying search criteria. In this case we just return empty list
2014-02-03 17:20:28 -08:00
929fbabaa2
Merge branch 'master' into rbac.
2014-01-17 14:37:08 -08:00
bae498c89e
Handle search of those entities without db view created using new ACL
...
model.
2014-01-13 21:55:56 -08:00
43f0f901dd
Remove VO and DAO from cloud-engine-schema.
2014-01-10 15:57:39 -08:00
630b7fb4a1
Fix listTemplates issues with new ACL model.
2013-12-20 17:57:44 -08:00
ce774e184e
Fixing the management server startup
2013-12-18 14:14:55 -08:00
d2c74bcf14
Changes to RoleBasedEntityAccessChecker to replace Role by Policy
2013-12-12 16:30:56 -08:00
be5e5cc641
All Checkstyle problems corrected
2013-12-12 12:26:07 -08:00
6730fa2b47
Fill in implementation of AclService.getGrantedDomains,
...
getGrantedAccounts and getGrantedResources.
2013-12-09 14:08:54 -08:00
a416f6c3c3
Fix API build error based on new DB schema, now only
...
RoleBasedEntityAccessChecker needs to be fixed.
2013-12-06 15:09:00 -08:00
ee7380ace2
CLOUDSTACK-5296: Add certificate chain support for netscaler
...
This patch adds support for trust chains in the netscaler.
I initially planned on using the 10.1 API's "bundle" feature but during
my testing I found that was not working. So I am doing the chain linking
myself. Also NS can have only one entity of a certificate ie lets say
two different users try to add the same certificate on the netscaler
only one of them will go through. The other one says resouce already
exists even though they have different files.
This can be a problem in trust chains where the chain can be shared
between multiple accounts/certificates. So, I am using the figerprint as
an identifier of a certificate and making sure that we delete it only
when no one references it.
2013-12-05 15:35:28 +05:30
c3f480e9b9
Updated db schema based on latest FS. Still need to fix old code in
...
AclServiceImpl, RoleBasedEntityAccessChecker and QueryManagerImpl to
make all build.
2013-12-04 18:44:30 -08:00
11c0c263f2
QueryChecker interface and ACL search criteria to be used for query api
...
for entities with db views created.
2013-11-22 16:36:38 -08:00
d620df2bdd
Reformatted all of the code.
2013-11-21 06:15:26 -08:00
224f479974
Removed trailing spaces
2013-11-21 04:08:01 -08:00
8d62744681
Reformat all source code. Added checkstyle to check the source code
2013-11-20 07:26:53 -08:00
bd67ccdd6d
few cleanups in CertServiceTest and CertService
...
Tests:
- all tests are @Test rather than having one test to call them, so they can be run one by one
- tests that expect exception from a method fail if there is none
- no longer extends TestCase so that the original method names could be kept as test
Implementation:
- include root cause in exceptions when possible - helps at troubleshuting
- close readers
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2013-11-12 08:13:59 +01:00
0076307863
Squashed merge of Ssl Termination feature
...
Bug: https://issues.apache.org/jira/browse/CLOUDSTACK-4821
FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support
This patch implements the SSL offload feature for loadbalancers
and includes the implementaion for this to work with Netscaler.
The following are the new API's that this patch adds
uploadSslCert
deleteSslCert
listSslCert
assignCertToLoadBalancer
removeCertFromLoadBalancer
Unit tests are also included in the patch.
2013-11-08 16:49:16 +05:30
1047a5398d
CLOUDSTACK-5045 - [Automation][BVT] Affinity group type is missing "create affinity group page" and failed to create Affinity group
...
Changes:
- Refer the injected list of AffinityGroupProcessor
2013-11-07 21:39:17 -08:00
ce3638bb03
Merge branch 'master' into rbac.
2013-11-04 15:49:29 -08:00
2ef4d5200c
Merge branch 'master' into rbac.
2013-10-31 17:16:33 -07:00
1460196496
Centralize loading of db.properties to one place
...
There is now a method DbProperites.getDbProperties() that will load the
db.properties in one place and do the proper decryption of values if needed
2013-10-30 17:03:13 -07:00
2bb716efd8
ResourceMetaData (Resource details) fixes:
...
* changed name for TaggedResourceType enum to ResourceObjectType as this enum is used both by ResourceMetaData and ResourceTags code
* enhanced the enum with extra fields resourceTagsSupport (boolean) and metadataSupport identifying if the resource supports tags and/or metadata.
* cleanup unused @Inject objects from the ResourceMetaDataManager
2013-10-23 17:39:16 -07:00
81d01369d7
Merge commit 'df728fcf41ba0dfddabfaadea8cbcb77d18bfa96'
...
Conflicts:
engine/orchestration/src/com/cloud/vm/VirtualMachineManagerImpl.java
2013-10-23 12:31:53 -07:00
4b530c874f
Safe properties loader
...
- new utility method introduced in PropertiesUtil to load properties objects from files
- RegionManagerImpl modified to use the utility method
- Tests added for both
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2013-10-23 20:50:00 +02:00
edeaf98117
Cleaner and more type safe Transaction API for checked exceptions
2013-10-23 10:02:43 -07:00
9cbb309d6b
Refactor missed classes
2013-10-17 16:00:11 -07:00
f62e28c1ec
New Transaction API
...
Introduction of a new Transaction API that is more consistent with the style
of Spring's transaction managment. The existing Transaction class was renamed
to TransactionLegacy. All of the non-DAO code in the management server has been
updated to use the new Transaction API.
2013-10-16 09:21:00 -07:00
81f1a0b831
CLOUDSTACK-4095 : Remove region_id from Transaction. Read from db.properties whenever required
...
Conflicts:
framework/db/src/com/cloud/utils/db/GenericDaoBase.java
2013-10-16 19:28:42 +05:30
21dc2bef2a
Fix getEntityOwnerId for CreateAclGroupCmd and CreateAclRoleCmd.
2013-10-11 20:56:46 -07:00
0b1aaf514f
More logic to Role based checker
2013-10-10 00:43:56 -07:00
2b4703b6e6
Change ListVMsCmd to use new role and entity permission information.
2013-10-09 21:56:52 -07:00
8428f49e46
Change method name.
2013-10-08 15:11:07 -07:00
b87b9e5c64
Add Scope to acl_role_permission, remove parent_role_id from acl_role
...
table, and create PermissionScope and AclEntityType enum types.
2013-10-07 16:09:26 -07:00
579806440b
Add permission flag to acl_entity_permission
2013-10-07 14:30:15 -07:00
2bbe6f5937
APIChecker helper methods implemented
2013-10-07 12:33:24 -07:00
bb271926fb
WIP AccessChecker plugin
2013-10-01 18:11:30 -07:00
Min Chen
Prachi Damle
Alena Prokharchyk
Alex Huang
Syed Ahmed
Laszlo Hornyak
Darren Shepherd
Kishan Kavala