etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,122 Commits 343 Branches 328 Tags 812 MiB
Commit Graph

409 Commits

Author SHA1 Message Date
Min Chen bd6a95e864 Fix IAM list api implementation based on agreed interpretation for 
listAll, isRecursive, domainId and account.
 2014-04-17 15:46:29 -07:00
Min Chen 563efad9ae CLOUDSTACK-6429:distinguish the case where caller can see everything and 
the case where caller cannot see anything. Also change behavior to
default isRecursive to false if not specified.
 2014-04-17 10:50:52 -07:00
Prachi Damle 48c9b46328 CLOUDSTACK-6349: IAM - No error message presented to the user , when invalid password is provided. 
- AccountManager now works using accountId instead of accountType in following methods too:
- isResourceDomainAdmin()
- isAdmin()
 2014-04-16 11:26:57 -07:00
Prachi Damle 2cf4db5359 CLOUDSTACK-6349: IAM - No error message presented to the user , when invalid password is provided. 
- AccountManager now works using accountId instead of accountType
 2014-04-15 17:26:26 -07:00
Min Chen 3661e67fd1 CLOUDSTACK-6350: IAM - Listing of VM using uuid when owner account of 
this Vm is deleted results is VM not being returned.But list VM with
listAll=true is able to return this VM.
 2014-04-07 22:23:21 -07:00
Min Chen ffd877595d Fix RoleBasedQuerySelector to handle new listAll semantics. If 
listAll=true, show all resources that caller (or impersonater) has
ListEntry access type; otherwise, show all resources that caller (or
impersonater) has UseEntry access type.
 2014-04-04 18:44:59 -07:00
Min Chen 1e4a253f79 Handle listAll flag in IAM buildAclSearchParameters. 2014-04-04 11:49:30 -07:00
Min Chen 4367d1406b Change AccountManagerImpl.checkAccess to invoke SecurityChecker 
interface that takes multiple controlled entities.
 2014-04-01 17:31:56 -07:00
Min Chen c89eb73304 Remove usage of sameOwner checkAccess invocation, and convert to 
OperateEntry IAM check.
 2014-04-01 17:31:56 -07:00
Prachi Damle 024efbfbd4 CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI 
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
 2014-03-28 14:00:39 -07:00
Prachi Damle 36c0a4e2c3 Removed the AccessType.UseNetwork - replaced all referrences by AccessType.UseEntry 2014-03-13 15:32:38 -07:00
Prachi Damle d9696b26e1 After merge, fix isRootAdmin() calls to use accountId instead of type 2014-03-13 13:28:40 -07:00
Min Chen 99bdc8d875 Merge branch 'master' into rbac. 2014-03-13 11:05:03 -07:00
Alena Prokharchyk 7b0c5cfcbe Removed unused methods from BaseCmd class. Moved some helper methods to AccountManagerImpl class 2014-03-07 11:33:10 -08:00
Min Chen 48e08fe676 Merge branch 'master' into rbac. 2014-03-06 14:02:20 -08:00
Min Chen 793becf524 CLOUDSTACK-5920: Add some interface methods and constants required by 
IAM.
 2014-03-05 09:40:55 -08:00
Prachi Damle 695d689de5 Adding annotations for more admin APIs 2014-03-04 18:14:05 -08:00
Min Chen 13e25d2aae Fixed a bug in constructing search parameters with accountName passed. 2014-02-19 11:35:00 -08:00
Min Chen 8072e50845 Fixed a bug for listTemplates with TemplateFilter=shared. 2014-02-13 16:47:41 -08:00
Prachi Damle 939b15169c changes to support the domain wide resources for Network 2014-02-03 17:34:03 -08:00
Prachi Damle 91317dc497 Changes for createDomain - create new group AND createAccount - add account to domain group 2014-01-28 09:48:19 -08:00
Prachi Damle 96a64b933e - Adding OperateEntry during loading of commands 
- Replace ListEntry By OperateEntry
- ApiDispatcher should pass on the API name
 2014-01-23 17:50:59 -08:00
Prachi Damle 39c0a302b4 Fix the isRootAdmin and isDomainAdmin to return true or false even if the permission is denied by IAM 2014-01-22 13:59:59 -08:00
Min Chen 33cd1ab921 Merge branch 'master' into rbac 2014-01-22 11:23:51 -08:00
Alena Prokharchyk ab627bc767 Changed "authenticate" method to return both - result of authentication, and action to perform when authentication failed - to the accountManagerImpl. Only if authenicators request INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT, the incorrect_login_attempts parameter will be increased 
Signed-off-by: Alena Prokharchyk <alena.prokharchyk@citrix.com>
 2014-01-21 17:45:53 -08:00
Min Chen 929fbabaa2 Merge branch 'master' into rbac. 2014-01-17 14:37:08 -08:00
Min Chen 6583cb3800 Add listAclGroupsByAccount to QuerySelector adapters and remove 
AclProxyService interface.
 2014-01-14 16:19:25 -08:00
Prachi Damle fac9f2da0f Adding messageBus events for adding and removal of an account. 2014-01-13 22:12:39 -08:00
Min Chen bae498c89e Handle search of those entities without db view created using new ACL 
model.
 2014-01-13 21:55:56 -08:00
Murali Reddy af657b3d71 CLOUDSTACK-5861: networks that failed to implement can not be destroyed 
introduces a force option in delete network to forcifully delete a
network. This comes handy in rare cases where network fails to implenet
and network is in shutdown state, but network shutdown to rollback
implement process fails as well.

Conflicts:
	api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
	server/src/com/cloud/user/DomainManagerImpl.java
 2014-01-13 23:28:35 +05:30
Prachi Damle 6cd121fe7b RootAdmin and DomainAdmin access check via IAM 2014-01-10 17:06:10 -08:00
Min Chen 43f0f901dd Remove VO and DAO from cloud-engine-schema. 2014-01-10 15:57:39 -08:00
Min Chen e42a262f6c Remove old APIs and old security checker plugins. Also use QuerySelector 
adapater in ACL search routine.
 2014-01-10 14:54:31 -08:00
Min Chen 630b7fb4a1 Fix listTemplates issues with new ACL model. 2013-12-20 17:57:44 -08:00
Min Chen 729a79e85c Refactor db view based list apis to use new IAM acl search criteria. 2013-12-16 14:31:32 -08:00
Murali Reddy 12adbffbea CLOUDSTACK-5517: NPE observed during "release portable IPs" as part of 
account cleanup

ensure proper portable ip address are released  as part of account
cleanup
 2013-12-16 19:36:23 +05:30
Prachi Damle 7c6f1c14c2 ControlledEntity Interface change to return EntityType and added values to the AclEntityType enum and 2013-12-12 16:31:00 -08:00
Alex Huang be5e5cc641 All Checkstyle problems corrected 2013-12-12 12:26:07 -08:00
Min Chen d252d95c26 Separate all vm related user APIs to have two different views. 2013-12-09 17:30:57 -08:00
Min Chen 6730fa2b47 Fill in implementation of AclService.getGrantedDomains, 
getGrantedAccounts and getGrantedResources.
 2013-12-09 14:08:54 -08:00
Min Chen a416f6c3c3 Fix API build error based on new DB schema, now only 
RoleBasedEntityAccessChecker needs to be fixed.
 2013-12-06 15:09:00 -08:00
Alena Prokharchyk f1973340d3 CLOUDSTACK-5152: when deployVm with SG, verify that vm and sg belong to the same account. Do this verification even when the call is done by the ROOT admin 
Conflicts:
	server/src/com/cloud/user/AccountManagerImpl.java
 2013-12-04 11:55:27 -08:00
Min Chen 11c0c263f2 QueryChecker interface and ACL search criteria to be used for query api 
for entities with db views created.
 2013-11-22 16:36:38 -08:00
Alena Prokharchyk 7df7abf327 Added missing @Inject to the ipAddressManager 
Conflicts:
	server/src/com/cloud/user/AccountManagerImpl.java
 2013-11-21 14:29:39 -08:00
Alex Huang d620df2bdd Reformatted all of the code. 2013-11-21 06:15:26 -08:00
Alex Huang 224f479974 Removed trailing spaces 2013-11-21 04:08:01 -08:00
Prachi Damle e0d2423f06 Refactoring account_type for Domain_Admin and Normal_User types 2013-11-20 16:53:59 -08:00
Alex Huang 8d62744681 Reformat all source code. Added checkstyle to check the source code 2013-11-20 07:26:53 -08:00
Min Chen 91e176cb0d Fix a bug in listVm logic to use revokedIds and grantedIds. 2013-11-19 16:41:40 -08:00
Min Chen 2ef4d5200c Merge branch 'master' into rbac. 2013-10-31 17:16:33 -07:00