797169457b
CLOUDSTACK-6349: IAM - No error message presented to the user , when invalid password is provided.
...
- AccountManager now works using accountId instead of accountType
2014-04-28 11:09:12 -07:00
be8c6fe626
test for AccountManagerImpl
...
- new test for disableUser
- unused code removed
- A redundant if branch removed - all branches are doing the same
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-04-21 10:25:16 +02:00
c4892c2692
Fix FindBugs bug.
2014-04-18 17:31:29 -07:00
29f39149b1
Fix IAM list api implementation based on agreed interpretation for
...
listAll, isRecursive, domainId and account.
2014-04-17 18:33:22 -07:00
c25332fc46
CLOUDSTACK-6429:distinguish the case where caller can see everything and
...
the case where caller cannot see anything. Also change behavior to
default isRecursive to false if not specified.
2014-04-17 18:33:08 -07:00
c4b0a1e2d9
CLOUDSTACK-6350: IAM - Listing of VM using uuid when owner account of
...
this Vm is deleted results is VM not being returned.But list VM with
listAll=true is able to return this VM.
2014-04-17 18:06:29 -07:00
5d59fc7f5a
Fix RoleBasedQuerySelector to handle new listAll semantics. If
...
listAll=true, show all resources that caller (or impersonater) has
ListEntry access type; otherwise, show all resources that caller (or
impersonater) has UseEntry access type.
2014-04-17 18:06:07 -07:00
7796128372
Handle listAll flag in IAM buildAclSearchParameters.
2014-04-17 18:05:44 -07:00
da13165743
Change AccountManagerImpl.checkAccess to invoke SecurityChecker
...
interface that takes multiple controlled entities.
2014-04-17 17:53:01 -07:00
94ebc90877
Remove usage of sameOwner checkAccess invocation, and convert to
...
OperateEntry IAM check.
2014-04-04 16:38:29 -07:00
4e61e49143
CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI
...
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
2014-03-28 14:35:00 -07:00
36c0a4e2c3
Removed the AccessType.UseNetwork - replaced all referrences by AccessType.UseEntry
2014-03-13 15:32:38 -07:00
d9696b26e1
After merge, fix isRootAdmin() calls to use accountId instead of type
2014-03-13 13:28:40 -07:00
99bdc8d875
Merge branch 'master' into rbac.
2014-03-13 11:05:03 -07:00
7b0c5cfcbe
Removed unused methods from BaseCmd class. Moved some helper methods to AccountManagerImpl class
2014-03-07 11:33:10 -08:00
695d689de5
Adding annotations for more admin APIs
2014-03-04 18:14:05 -08:00
13e25d2aae
Fixed a bug in constructing search parameters with accountName passed.
2014-02-19 11:35:00 -08:00
8072e50845
Fixed a bug for listTemplates with TemplateFilter=shared.
2014-02-13 16:47:41 -08:00
96a64b933e
- Adding OperateEntry during loading of commands
...
- Replace ListEntry By OperateEntry
- ApiDispatcher should pass on the API name
2014-01-23 17:50:59 -08:00
39c0a302b4
Fix the isRootAdmin and isDomainAdmin to return true or false even if the permission is denied by IAM
2014-01-22 13:59:59 -08:00
33cd1ab921
Merge branch 'master' into rbac
2014-01-22 11:23:51 -08:00
ab627bc767
Changed "authenticate" method to return both - result of authentication, and action to perform when authentication failed - to the accountManagerImpl. Only if authenicators request INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT, the incorrect_login_attempts parameter will be increased
...
Signed-off-by: Alena Prokharchyk <alena.prokharchyk@citrix.com>
2014-01-21 17:45:53 -08:00
929fbabaa2
Merge branch 'master' into rbac.
2014-01-17 14:37:08 -08:00
6583cb3800
Add listAclGroupsByAccount to QuerySelector adapters and remove
...
AclProxyService interface.
2014-01-14 16:19:25 -08:00
fac9f2da0f
Adding messageBus events for adding and removal of an account.
2014-01-13 22:12:39 -08:00
bae498c89e
Handle search of those entities without db view created using new ACL
...
model.
2014-01-13 21:55:56 -08:00
af657b3d71
CLOUDSTACK-5861: networks that failed to implement can not be destroyed
...
introduces a force option in delete network to forcifully delete a
network. This comes handy in rare cases where network fails to implenet
and network is in shutdown state, but network shutdown to rollback
implement process fails as well.
Conflicts:
api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
server/src/com/cloud/user/DomainManagerImpl.java
2014-01-13 23:28:35 +05:30
6cd121fe7b
RootAdmin and DomainAdmin access check via IAM
2014-01-10 17:06:10 -08:00
43f0f901dd
Remove VO and DAO from cloud-engine-schema.
2014-01-10 15:57:39 -08:00
e42a262f6c
Remove old APIs and old security checker plugins. Also use QuerySelector
...
adapater in ACL search routine.
2014-01-10 14:54:31 -08:00
630b7fb4a1
Fix listTemplates issues with new ACL model.
2013-12-20 17:57:44 -08:00
729a79e85c
Refactor db view based list apis to use new IAM acl search criteria.
2013-12-16 14:31:32 -08:00
12adbffbea
CLOUDSTACK-5517: NPE observed during "release portable IPs" as part of
...
account cleanup
ensure proper portable ip address are released as part of account
cleanup
2013-12-16 19:36:23 +05:30
7c6f1c14c2
ControlledEntity Interface change to return EntityType and added values to the AclEntityType enum and
2013-12-12 16:31:00 -08:00
be5e5cc641
All Checkstyle problems corrected
2013-12-12 12:26:07 -08:00
d252d95c26
Separate all vm related user APIs to have two different views.
2013-12-09 17:30:57 -08:00
6730fa2b47
Fill in implementation of AclService.getGrantedDomains,
...
getGrantedAccounts and getGrantedResources.
2013-12-09 14:08:54 -08:00
a416f6c3c3
Fix API build error based on new DB schema, now only
...
RoleBasedEntityAccessChecker needs to be fixed.
2013-12-06 15:09:00 -08:00
f1973340d3
CLOUDSTACK-5152: when deployVm with SG, verify that vm and sg belong to the same account. Do this verification even when the call is done by the ROOT admin
...
Conflicts:
server/src/com/cloud/user/AccountManagerImpl.java
2013-12-04 11:55:27 -08:00
11c0c263f2
QueryChecker interface and ACL search criteria to be used for query api
...
for entities with db views created.
2013-11-22 16:36:38 -08:00
7df7abf327
Added missing @Inject to the ipAddressManager
...
Conflicts:
server/src/com/cloud/user/AccountManagerImpl.java
2013-11-21 14:29:39 -08:00
d620df2bdd
Reformatted all of the code.
2013-11-21 06:15:26 -08:00
e0d2423f06
Refactoring account_type for Domain_Admin and Normal_User types
2013-11-20 16:53:59 -08:00
8d62744681
Reformat all source code. Added checkstyle to check the source code
2013-11-20 07:26:53 -08:00
91e176cb0d
Fix a bug in listVm logic to use revokedIds and grantedIds.
2013-11-19 16:41:40 -08:00
2ef4d5200c
Merge branch 'master' into rbac.
2013-10-31 17:16:33 -07:00
205a77a5bb
Merge remote-tracking branch 'origin/txn-refactor'
...
Conflicts:
engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
server/src/com/cloud/metadata/ResourceMetaDataManagerImpl.java
server/src/com/cloud/vm/UserVmManagerImpl.java
2013-10-23 10:40:44 -07:00
8685661339
CLOUDSTACK-4743: durning the accountCleanup, never attempt to release the public ips when the guest networks of the account failed to cleanup
2013-10-22 09:48:46 -07:00
f62e28c1ec
New Transaction API
...
Introduction of a new Transaction API that is more consistent with the style
of Spring's transaction managment. The existing Transaction class was renamed
to TransactionLegacy. All of the non-DAO code in the management server has been
updated to use the new Transaction API.
2013-10-16 09:21:00 -07:00
00ad19601b
Fix a bug in building acl condition, now we get previous default list
...
behavior for admin,domain admin and user.
2013-10-10 23:02:49 -07:00
Prachi Damle
Laszlo Hornyak
Min Chen
Alena Prokharchyk
Murali Reddy
Alex Huang
Darren Shepherd