etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,011 Commits 324 Branches 325 Tags 795 MiB
Commit Graph

351 Commits

Author SHA1 Message Date
Min Chen c89eb73304 Remove usage of sameOwner checkAccess invocation, and convert to 
OperateEntry IAM check.
 2014-04-01 17:31:56 -07:00
Prachi Damle 024efbfbd4 CLOUDSTACK-6303 [Automation] [UI] Account creation hang in UI 
Changes:
- Caused due to a MySql error during 'Project' account cleanup. The MySql error hits a deadlock bug in the MessageBus code that does not release the lock/decrement the counter Eventually all callers on the MessageBus end up waiting to enter
- This fixes the account cleanup MySql error.
 2014-03-28 14:00:39 -07:00
Prachi Damle 36c0a4e2c3 Removed the AccessType.UseNetwork - replaced all referrences by AccessType.UseEntry 2014-03-13 15:32:38 -07:00
Prachi Damle d9696b26e1 After merge, fix isRootAdmin() calls to use accountId instead of type 2014-03-13 13:28:40 -07:00
Min Chen 99bdc8d875 Merge branch 'master' into rbac. 2014-03-13 11:05:03 -07:00
Alena Prokharchyk 7b0c5cfcbe Removed unused methods from BaseCmd class. Moved some helper methods to AccountManagerImpl class 2014-03-07 11:33:10 -08:00
Prachi Damle 695d689de5 Adding annotations for more admin APIs 2014-03-04 18:14:05 -08:00
Min Chen 13e25d2aae Fixed a bug in constructing search parameters with accountName passed. 2014-02-19 11:35:00 -08:00
Min Chen 8072e50845 Fixed a bug for listTemplates with TemplateFilter=shared. 2014-02-13 16:47:41 -08:00
Prachi Damle 96a64b933e - Adding OperateEntry during loading of commands 
- Replace ListEntry By OperateEntry
- ApiDispatcher should pass on the API name
 2014-01-23 17:50:59 -08:00
Prachi Damle 39c0a302b4 Fix the isRootAdmin and isDomainAdmin to return true or false even if the permission is denied by IAM 2014-01-22 13:59:59 -08:00
Min Chen 33cd1ab921 Merge branch 'master' into rbac 2014-01-22 11:23:51 -08:00
Alena Prokharchyk ab627bc767 Changed "authenticate" method to return both - result of authentication, and action to perform when authentication failed - to the accountManagerImpl. Only if authenicators request INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT, the incorrect_login_attempts parameter will be increased 
Signed-off-by: Alena Prokharchyk <alena.prokharchyk@citrix.com>
 2014-01-21 17:45:53 -08:00
Min Chen 929fbabaa2 Merge branch 'master' into rbac. 2014-01-17 14:37:08 -08:00
Min Chen 6583cb3800 Add listAclGroupsByAccount to QuerySelector adapters and remove 
AclProxyService interface.
 2014-01-14 16:19:25 -08:00
Prachi Damle fac9f2da0f Adding messageBus events for adding and removal of an account. 2014-01-13 22:12:39 -08:00
Min Chen bae498c89e Handle search of those entities without db view created using new ACL 
model.
 2014-01-13 21:55:56 -08:00
Murali Reddy af657b3d71 CLOUDSTACK-5861: networks that failed to implement can not be destroyed 
introduces a force option in delete network to forcifully delete a
network. This comes handy in rare cases where network fails to implenet
and network is in shutdown state, but network shutdown to rollback
implement process fails as well.

Conflicts:
	api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkCmd.java
	server/src/com/cloud/user/DomainManagerImpl.java
 2014-01-13 23:28:35 +05:30
Prachi Damle 6cd121fe7b RootAdmin and DomainAdmin access check via IAM 2014-01-10 17:06:10 -08:00
Min Chen 43f0f901dd Remove VO and DAO from cloud-engine-schema. 2014-01-10 15:57:39 -08:00
Min Chen e42a262f6c Remove old APIs and old security checker plugins. Also use QuerySelector 
adapater in ACL search routine.
 2014-01-10 14:54:31 -08:00
Min Chen 630b7fb4a1 Fix listTemplates issues with new ACL model. 2013-12-20 17:57:44 -08:00
Min Chen 729a79e85c Refactor db view based list apis to use new IAM acl search criteria. 2013-12-16 14:31:32 -08:00
Murali Reddy 12adbffbea CLOUDSTACK-5517: NPE observed during "release portable IPs" as part of 
account cleanup

ensure proper portable ip address are released  as part of account
cleanup
 2013-12-16 19:36:23 +05:30
Prachi Damle 7c6f1c14c2 ControlledEntity Interface change to return EntityType and added values to the AclEntityType enum and 2013-12-12 16:31:00 -08:00
Alex Huang be5e5cc641 All Checkstyle problems corrected 2013-12-12 12:26:07 -08:00
Min Chen d252d95c26 Separate all vm related user APIs to have two different views. 2013-12-09 17:30:57 -08:00
Min Chen 6730fa2b47 Fill in implementation of AclService.getGrantedDomains, 
getGrantedAccounts and getGrantedResources.
 2013-12-09 14:08:54 -08:00
Min Chen a416f6c3c3 Fix API build error based on new DB schema, now only 
RoleBasedEntityAccessChecker needs to be fixed.
 2013-12-06 15:09:00 -08:00
Alena Prokharchyk f1973340d3 CLOUDSTACK-5152: when deployVm with SG, verify that vm and sg belong to the same account. Do this verification even when the call is done by the ROOT admin 
Conflicts:
	server/src/com/cloud/user/AccountManagerImpl.java
 2013-12-04 11:55:27 -08:00
Min Chen 11c0c263f2 QueryChecker interface and ACL search criteria to be used for query api 
for entities with db views created.
 2013-11-22 16:36:38 -08:00
Alena Prokharchyk 7df7abf327 Added missing @Inject to the ipAddressManager 
Conflicts:
	server/src/com/cloud/user/AccountManagerImpl.java
 2013-11-21 14:29:39 -08:00
Alex Huang d620df2bdd Reformatted all of the code. 2013-11-21 06:15:26 -08:00
Prachi Damle e0d2423f06 Refactoring account_type for Domain_Admin and Normal_User types 2013-11-20 16:53:59 -08:00
Alex Huang 8d62744681 Reformat all source code. Added checkstyle to check the source code 2013-11-20 07:26:53 -08:00
Min Chen 91e176cb0d Fix a bug in listVm logic to use revokedIds and grantedIds. 2013-11-19 16:41:40 -08:00
Min Chen 2ef4d5200c Merge branch 'master' into rbac. 2013-10-31 17:16:33 -07:00
Darren Shepherd 205a77a5bb Merge remote-tracking branch 'origin/txn-refactor' 
Conflicts:
	engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
	server/src/com/cloud/configuration/ConfigurationManagerImpl.java
	server/src/com/cloud/metadata/ResourceMetaDataManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
 2013-10-23 10:40:44 -07:00
Alena Prokharchyk 8685661339 CLOUDSTACK-4743: durning the accountCleanup, never attempt to release the public ips when the guest networks of the account failed to cleanup 2013-10-22 09:48:46 -07:00
Darren Shepherd f62e28c1ec New Transaction API 
Introduction of a new Transaction API that is more consistent with the style
of Spring's transaction managment.  The existing Transaction class was renamed
to TransactionLegacy.  All of the non-DAO code in the management server has been
updated to use the new Transaction API.
 2013-10-16 09:21:00 -07:00
Min Chen 00ad19601b Fix a bug in building acl condition, now we get previous default list 
behavior for admin,domain admin and user.
 2013-10-10 23:02:49 -07:00
Min Chen 2b4703b6e6 Change ListVMsCmd to use new role and entity permission information. 2013-10-09 21:56:52 -07:00
Min Chen 7342c97fa9 Populate acl_group_account_map table in creating an account. 2013-10-07 13:20:49 -07:00
Darren Shepherd aed5e9dc2a Add Manage Context framework 
The managed context framework provides a simple way to add logic
to ACS at the various entry points of the system.  As threads are
launched and ran listeners can be registered for onEntry or onLeave
of the managed context.  This framework will be used specifically
to handle DB transaction checking and setting up the CallContext.
This framework is need to transition away from ACS custom AOP to
Spring AOP.
 2013-10-02 13:09:52 -07:00
Prachi Damle bb271926fb WIP AccessChecker plugin 2013-10-01 18:11:30 -07:00
Min Chen fce2aad23d WIP For APIs related to ACL Roles. 2013-09-26 11:22:43 -07:00
Edison Su 81ff4795df fix compile errors 2013-09-25 17:59:54 -07:00
Prachi Damle 4294005142 Check if an Account belongs to RootAdmin group 2013-09-24 17:01:43 -07:00
Prachi Damle aba54356d5 Account_Type Refactoring for Root Admin Role 
- change the AccountService::isRootAdmin(short) to  isRootAdmin(long accountId);
- Change all callers
- Change all places that check the account.getType() directly to call the AccountManagerImpl.
 2013-09-24 15:31:09 -07:00
Kelven Yang 832db1b398 Apply https://reviews.apache.org/r/14084/ 2013-09-17 16:29:48 -07:00