Support live migration on older version of Libvirthttps://issues.apache.org/jira/browse/CLOUDSTACK-8792
A flag being passed to Libvirt assumes v1.0.0 or later.
We need to put a check in the code to pass in a different flag if the version of Libvirt is < 1.0.0.
* pr/771:
Support live migration on older version of Libvirt
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Update L10N resource files on 4.5 branch with 4.5 translation strings from Transifex (20150901)
Fix an issue with the key message.admin.guide.read on pt_BR L10N in web UI at the root cause
* pr/770:
Update L10N resource files on 4.5 branch with 4.5 translation strings from Transifex (20150901) Fix an issue with the key message.admin.guide.read on pt_BR L10N in web UI at the root cause
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal iso/template listing
Due to aggregation of templates and isos on the UI/client side, it could result
that for each page we could end up having lesser templates/isos listed to have
the scroll shown that triggers infinite scrolling. The fix is to use similar
approach as in projects.js, to use the maximum pagesize of 500. In theory, there
is still a chance if there are 500 zones with the same template being listed
resulting in only one aggregated template which could cause the scroll to not
get shown; but in practice I believe this fix should work for most users.
* pr/750:
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal iso/template listing
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Due to aggregation of templates and isos on the UI/client side, it could result
that for each page we could end up having lesser templates/isos listed to have
the scroll shown that triggers infinite scrolling. In theory, there
is still a chance if there are several zones with the same template being listed
resulting in only one aggregated template which could cause the scroll to not
get shown; but in practice I believe this fix should work for most users.
Page size set based on experimental data:
https://github.com/apache/cloudstack/pull/751#issuecomment-135661968
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal template listing
Uses listViewDataProvider to implement pagination on listTemplates API
requests in the UI, when a template's zone tab is viewed.
* pr/739:
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal template listing
Signed-off-by: Remi Bergsma <github@remi.nl>
Uses listViewDataProvider to implement pagination for listing templates and ISOs
in the zones tab. Dedupes isos and templates in the list views.
This closes#739
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This is happening as ClusterServiceServletAdapter is started after ClusteredAgentManagerImpl.
Fix is to start ClusterServiceServletAdapter before ClusteredAgentManagerImpl.
(cherry-picked from c989921fb7)
Backported PR #678 to 4.5
This I changed:
``jasypt='/usr/share/cloudstack-common/lib/jasypt-1.9.0.jar'``
in master it is 1.9.2. I changed it to 1.9.0 here, to match the original script.
Original commit IDs:
2f858a7d08ee9b644e288a1e79f518
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8748: VM UUID accessible in CreateVMSnapshotCommand and RevertToVMSnapshotCommand
This patch makes it possible to expose VM UUID to subsystems, this can be
useful for implementing VM Snapshots for KVM in future.
* pr/717:
CLOUDSTACK-8748: VM UUID accessible in CreateVMSnapshotCommand and RevertToVMSnapshotCommand
Signed-off-by: Remi Bergsma <github@remi.nl>
This patch makes it possible to expose VM UUID to subsystems, this can be
useful for implementing VM Snapshots for KVM in future.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Upgrade paths from 4.5.1 exists to both 4.5.2, and 4.6.0. Since 4.5.2 and 4.6.0
are not release, and the bug affects 4.5 branch; this patch aims to port that
fix from master to both 4.5/master branches.
Ported from commit b6a7804
(cherry picked from commit a8af6f3658ded6e1c3538082fb4abeb7f30c420d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- Adds unit test for ListAndSwitchSAMLAccountCmd
- Checks and logs in user only if they are enabled
- If saml user switches to a locked account, send appropriate error message
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
SAML authorized accounts might be across various domains, this allows for
switching of accounts only in case of SAML authenticated user accounts across
other accounts with the same SAML uid/username.
Moves the previous switch account logic to its own ui-custom module
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
When dumping XML use appropriate flags:
1, VIR_DOMAIN_XML_SECURE (dump security sensitive information too)
8, VIR_DOMAIN_XML_MIGRATABLE (dump XML suitable for migration)
Source:
https://libvirt.org/html/libvirt-libvirt-domain.html#virDomainXMLFlags
This fixes CVE 2015-3252: VNC password lost during VM migration across KVM
hosts. The issue is also seen when a VM is rebooted.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
... map returned by the following API calls by filtering these fields from the
details attribute in the HostResponse class:
* listHosts
* addHost
* cancelHostMaintenance
* listHosts
* prepareHostForMaintenance
* reconnectHost
* updateHost
This fix addresses CVE 2015-3251.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This uses local selector to access the DOM elements, the previous commit
would find a global element which is not in the context and fail changing the
element in the opened dialog.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#583
(cherry picked from commit 47d2d07eb9)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Add option to authorize SAML SSO for user when adding user. Appends a domain to
user/account name if global setting is enabled, useful in case of multiple IDP
server. By default the setting is set to false (keep as it is).
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#575
- Login is based on sessionkey HttpOnly Cookie
- ApiServlet does login verification using sessionKey from both the request cookies
and the API parameters. In both cases, if either or both are passed they should
match the sessionKey stored in the current session of the HttpRequest
- UI: it no longer needs to read or set sessionkey cookie
- UI: it no longer needs to return g_sessionKey value in the API requests, though
to support a sso mechanism g_sessionKey is still passed in the API is not null
- Secure jsessionid cookie is set to be HttpOnly and Secure
- SAML login should also set HttpOnly cookie before redirecting to UI
- SAML: listIdps & getSPMetadata APIs are readonly now, won't log out a logged in user
Performed tests (login, saml login if applicable, page refreshes, opening
multiple tabs, logout) with following combinations:
- SAML disabled, normal auth as admin, domain-admin and user
- SAML enabled, normal auth as admin, domain-admin and user; and saml sso as
admin, domain-admin and user
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This closes#574
This closes#308
Rohit Yadav
Mike Tutkowski
Milamber
Remi Bergsma
Koushik Das
Rajani Karuturi
Kishan Kavala
John Burwell
Boris Schrijver
Daan Hoogland
Hiroki Ohashi
Ilya Musayev