736ff5f8e5
Fixed CLOUDSTACK-7303 [LDAP] while importing ldap users, update the user info if it already exists in cloudstack
2014-08-11 17:54:31 +05:30
5fa2d1c7ca
Fixed Bug: CLOUDSTACK-7200 [LDAP] importUsersCmd for a group fails incase any member of a group is not an user
2014-07-30 12:02:24 +05:30
2f832fddff
CLOUDSTACK-7164: fix NPE
2014-07-24 17:01:23 -07:00
b259bccee7
CLOUDSTACK-6742: listVolumes - As regularuser , able to list Vms and
...
volumes of other users.
2014-05-22 18:28:00 -07:00
ba848087f8
Disable IAM feature from 4.4 release.
2014-05-22 18:27:08 -07:00
51cb0f9a4a
CLOUDSTACK-6598:IAM - listAccount() retrurns "Caller cannot be passed as
...
NULL to IAM!" when domain deletion is in progress.
2014-05-08 17:56:20 -07:00
3314e11b70
CLOUDSTACK-6569: IAM - Regular user is able to listNetworks of another
...
user in the same domain , by passing account and domainId.
2014-05-02 14:58:11 -07:00
a9072a6612
CLOUDSTACK-6513: Optimize code by removing deprecated utility to
...
QueryManagerImpl as private method just used for listTemplates and
listAffinityGroups to avoid misuse by new list APIs.
2014-05-01 15:57:28 -07:00
f4779b4d0c
Fixed CLOUDSTACK-6509 Cannot import multiple LDAP/AD users into a cloudstack account
...
Conflicts:
api/src/com/cloud/user/AccountService.java
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapCreateAccountCmd.java
plugins/user-authenticators/ldap/src/org/apache/cloudstack/api/command/LdapImportUsersCmd.java
Signed-off-by: Koushik Das <koushik@apache.org>
2014-04-29 14:49:06 +05:30
44ff7fea5f
CLOUDSTACK-6513: IAM - Templates - When templates are listed with
...
templatefilter="shared" is used , we see public templates also being
included in the list. This commit reverts listTemplates behavior to 4.3
old logic without using consistent interpretation of list parameters
adopted in new IAM model.
2014-04-28 11:11:53 -07:00
6af1a2919b
CLOUDSTACK-6501:IAM - DomainAdmin - When listVirtualMachines is used
...
with listall=true and account and domainId , Vms owned by the account
account is not listed.
2014-04-28 11:11:27 -07:00
9514c9e045
CLOUDSTACK-6349: IAM - No error message presented to the user , when
...
invalid password is provided.
- AccountManager now works using accountId instead of accountType in
following methods too:
- isResourceDomainAdmin()
- isAdmin()
2014-04-28 11:10:50 -07:00
797169457b
CLOUDSTACK-6349: IAM - No error message presented to the user , when invalid password is provided.
...
- AccountManager now works using accountId instead of accountType
2014-04-28 11:09:12 -07:00
be8c6fe626
test for AccountManagerImpl
...
- new test for disableUser
- unused code removed
- A redundant if branch removed - all branches are doing the same
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
2014-04-21 10:25:16 +02:00
c4892c2692
Fix FindBugs bug.
2014-04-18 17:31:29 -07:00
29f39149b1
Fix IAM list api implementation based on agreed interpretation for
...
listAll, isRecursive, domainId and account.
2014-04-17 18:33:22 -07:00
c25332fc46
CLOUDSTACK-6429:distinguish the case where caller can see everything and
...
the case where caller cannot see anything. Also change behavior to
default isRecursive to false if not specified.
2014-04-17 18:33:08 -07:00
c4b0a1e2d9
CLOUDSTACK-6350: IAM - Listing of VM using uuid when owner account of
...
this Vm is deleted results is VM not being returned.But list VM with
listAll=true is able to return this VM.
2014-04-17 18:06:29 -07:00
5d59fc7f5a
Fix RoleBasedQuerySelector to handle new listAll semantics. If
...
listAll=true, show all resources that caller (or impersonater) has
ListEntry access type; otherwise, show all resources that caller (or
impersonater) has UseEntry access type.
2014-04-17 18:06:07 -07:00
7796128372
Handle listAll flag in IAM buildAclSearchParameters.
2014-04-17 18:05:44 -07:00
da13165743
Change AccountManagerImpl.checkAccess to invoke SecurityChecker
...
interface that takes multiple controlled entities.
2014-04-17 17:53:01 -07:00
94ebc90877
Remove usage of sameOwner checkAccess invocation, and convert to
...
OperateEntry IAM check.
2014-04-04 16:38:29 -07:00
4e61e49143
CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI
...
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
2014-03-28 14:35:00 -07:00
36c0a4e2c3
Removed the AccessType.UseNetwork - replaced all referrences by AccessType.UseEntry
2014-03-13 15:32:38 -07:00
d9696b26e1
After merge, fix isRootAdmin() calls to use accountId instead of type
2014-03-13 13:28:40 -07:00
99bdc8d875
Merge branch 'master' into rbac.
2014-03-13 11:05:03 -07:00
7b0c5cfcbe
Removed unused methods from BaseCmd class. Moved some helper methods to AccountManagerImpl class
2014-03-07 11:33:10 -08:00
695d689de5
Adding annotations for more admin APIs
2014-03-04 18:14:05 -08:00
13e25d2aae
Fixed a bug in constructing search parameters with accountName passed.
2014-02-19 11:35:00 -08:00
8072e50845
Fixed a bug for listTemplates with TemplateFilter=shared.
2014-02-13 16:47:41 -08:00
96a64b933e
- Adding OperateEntry during loading of commands
...
- Replace ListEntry By OperateEntry
- ApiDispatcher should pass on the API name
2014-01-23 17:50:59 -08:00
39c0a302b4
Fix the isRootAdmin and isDomainAdmin to return true or false even if the permission is denied by IAM
2014-01-22 13:59:59 -08:00
33cd1ab921
Merge branch 'master' into rbac
2014-01-22 11:23:51 -08:00
ab627bc767
Changed "authenticate" method to return both - result of authentication, and action to perform when authentication failed - to the accountManagerImpl. Only if authenicators request INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT, the incorrect_login_attempts parameter will be increased
...
Signed-off-by: Alena Prokharchyk <alena.prokharchyk@citrix.com>
2014-01-21 17:45:53 -08:00
929fbabaa2
Merge branch 'master' into rbac.
2014-01-17 14:37:08 -08:00
6583cb3800
Add listAclGroupsByAccount to QuerySelector adapters and remove
...
AclProxyService interface.
2014-01-14 16:19:25 -08:00
fac9f2da0f
Adding messageBus events for adding and removal of an account.
2014-01-13 22:12:39 -08:00
bae498c89e
Handle search of those entities without db view created using new ACL
...
model.
2014-01-13 21:55:56 -08:00
af657b3d71
CLOUDSTACK-5861: networks that failed to implement can not be destroyed
...
introduces a force option in delete network to forcifully delete a
network. This comes handy in rare cases where network fails to implenet
and network is in shutdown state, but network shutdown to rollback
implement process fails as well.
Conflicts:
api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
server/src/com/cloud/user/DomainManagerImpl.java
2014-01-13 23:28:35 +05:30
6cd121fe7b
RootAdmin and DomainAdmin access check via IAM
2014-01-10 17:06:10 -08:00
43f0f901dd
Remove VO and DAO from cloud-engine-schema.
2014-01-10 15:57:39 -08:00
e42a262f6c
Remove old APIs and old security checker plugins. Also use QuerySelector
...
adapater in ACL search routine.
2014-01-10 14:54:31 -08:00
630b7fb4a1
Fix listTemplates issues with new ACL model.
2013-12-20 17:57:44 -08:00
729a79e85c
Refactor db view based list apis to use new IAM acl search criteria.
2013-12-16 14:31:32 -08:00
12adbffbea
CLOUDSTACK-5517: NPE observed during "release portable IPs" as part of
...
account cleanup
ensure proper portable ip address are released as part of account
cleanup
2013-12-16 19:36:23 +05:30
7c6f1c14c2
ControlledEntity Interface change to return EntityType and added values to the AclEntityType enum and
2013-12-12 16:31:00 -08:00
be5e5cc641
All Checkstyle problems corrected
2013-12-12 12:26:07 -08:00
d252d95c26
Separate all vm related user APIs to have two different views.
2013-12-09 17:30:57 -08:00
6730fa2b47
Fill in implementation of AclService.getGrantedDomains,
...
getGrantedAccounts and getGrantedResources.
2013-12-09 14:08:54 -08:00
a416f6c3c3
Fix API build error based on new DB schema, now only
...
RoleBasedEntityAccessChecker needs to be fixed.
2013-12-06 15:09:00 -08:00
Rajani Karuturi
Edison Su
Min Chen
Prachi Damle
Laszlo Hornyak
Alena Prokharchyk
Murali Reddy
Alex Huang