etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
25,565 Commits 322 Branches 325 Tags 974 MiB
Commit Graph

1044 Commits

Author SHA1 Message Date
Rohit Yadav f30c52a16c CLOUDSTACK-8562: DB-Backed Dynamic Role Based API Access Checker 
This feature allows root administrators to define new roles and associate API
permissions to them.

A limited form of role-based access control for the CloudStack management server
API is provided through a properties file, commands.properties, embedded in the
WAR distribution. Therefore, customizing API permissions requires unpacking the
distribution and modifying this file consistently on all servers. The old system
also does not permit the specification of additional roles.

FS:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dynamic+Role+Based+API+Access+Checker+for+CloudStack

DB-Backed Dynamic Role Based API Access Checker for CloudStack brings following
changes, features and use-cases:
- Moves the API access definitions from commands.properties to the mgmt server DB
- Allows defining custom roles (such as a read-only ROOT admin) beyond the
  current set of four (4) roles
- All roles will resolve to one of the four known roles types (Admin, Resource
  Admin, Domain Admin and User) which maintains this association by requiring
  all new defined roles to specify a role type.
- Allows changes to roles and API permissions per role at runtime including additions or
  removal of roles and/or modifications of permissions, without the need
  of restarting management server(s)

Upgrade/installation notes:
- The feature will be enabled by default for new installations, existing
  deployments will continue to use the older static role based api access checker
  with an option to enable this feature
- During fresh installation or upgrade, the upgrade paths will add four default
  roles based on the four default role types
- For ease of migration, at the time of upgrade commands.properties will be used
  to add existing set of permissions to the default roles. cloud.account
  will have a new role_id column which will be populated based on default roles
  as well

Dynamic-roles migration tool: scripts/util/migrate-dynamicroles.py
- Allows admins to migrate to the dynamic role based checker at a future date
- Performs a harder one-way migrate and update
- Migrates rules from existing commands.properties file into db and deprecates it
- Enables an internal hidden switch to enable dynamic role based checker feature

Deprecate commands.properties

- Fixes apidocs and marvin to be independent of commands.properties usage
- Removes bundling of commands.properties in deb/rpm packaging
- Removes file references across codebase

Reviewed-by: John Burwell <john.burwell@shapeblue.com>
QA-by: Boris Stoyanov <boris.stoyanov@shapeblue.com>

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2016-04-25 14:52:02 +05:30
Rohit Yadav a4f552d46d cloudstack: set next version to 4.5.3-SNAPSHOT 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-09-14 09:59:40 +05:30
Rohit Yadav 7385441807 Updating pom.xml version numbers for release 4.5.2 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-08-19 14:42:54 +05:30
Rohit Yadav 17366f2b18 CLOUDSTACK-8301: Enable configuring local storage use for system VMs at zone level 
Backported from #263 for 4.5 branch, original bugfix by @koushik-das et al

More information on:
https://issues.apache.org/jira/browse/CLOUDSTACK-8301
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Enable+configuring+local+storage+use+for+system+VMs+at+zone+level

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

This closes #661
 2015-08-08 22:41:52 +05:30
Rohit Yadav 4ba72a877c Updating pom.xml version numbers for release 4.5.2-SNAPSHOT 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-05-07 15:33:01 +02:00
Rohit Yadav 0eb4eb2370 Updating pom.xml version numbers for release 4.5.1 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-05-04 12:17:03 +02:00
Abhinandan Prateek fb0bfd5d4f CLOUDSTACK-8429: disabling unit test for faster build 2015-05-01 12:35:03 +05:30
Rohit Yadav 888f67f0bd systemvm: fix socat usage 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-30 13:49:15 +05:30
Rohit Yadav c198dfdb7a Update pom and version usage to 4.5.1-SNAPSHOT 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-12 12:13:18 +05:30
Gaurav Aradhye 9658569f5a CLOUDSTACK-8124: Skipping snapshot tests on Hyper-V 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-02-05 17:36:11 +05:30
Gaurav Aradhye 762727439b CLOUDSTACK-8124: Skipping snapshot tests on hyperv hypervisor 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-02-05 17:35:36 +05:30
Gaurav Aradhye 2db5ee3c0a CLOUDSTACK-8152: Adding delay before creating snapshot/template from root disk after writing data to disk - test_vm_passwordenabled.py 2015-01-22 16:50:57 +05:30
Chandan Purushothama 78dea8725b CLOUDSTACK-8007: Fixed the script 'test_vm_passwdenabled.py' - Template created by Admin should have public access to be used for regular User VM Deployment 
Conflicts:
	test/integration/component/test_vm_passwdenabled.py
 2015-01-22 16:45:50 +05:30
Gaurav Aradhye d37c1589be CLOUDSTACK-8170: Skipping tests on HyperV which try to scale VM in running state because feature not supported 2015-01-22 16:38:52 +05:30
Gaurav Aradhye c996c8e31a CLOUDSTACK-8174: Fixed cleanup issue in test_add_remove_network.py 2015-01-22 14:27:04 +05:30
Rohit Yadav debfcdef78 CLOUDSTACK-8160: use preferable protocols 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-21 18:02:58 +05:30
Chandan Purushothama b5ef7de290 CLOUDSTACK-7955: Fixed the script test_project_limits.py - Register Template in the Project to test the Template limits on the project 
(cherry picked from commit 71bb436c8d)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 11:30:59 +05:30
Chandan Purushothama d1d288522d CLOUDSTACK-7956: Fixed the script 'test_project_usage.py' - Register Template in the Project to test the Template limits on the project 
(cherry picked from commit 3a6f248e3a)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 11:30:49 +05:30
Chandan Purushothama 1b7a100688 CLOUDSTACK-7996: Fixed the script test_tags.py - Tags and Template should belong to the User Account to test the case 
(cherry picked from commit b0d74ad6fc)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 10:29:41 +05:30
Chandan Purushothama 535c037428 CLOUDSTACK-8007: Fixed the script 'test_vm_passwdenabled.py' - Template created by Admin should have public access to be used for regular User VM Deployment 
(cherry picked from commit 41b871b6bd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	test/integration/component/test_vm_passwdenabled.py
 2015-01-20 10:28:57 +05:30
SrikanteswaraRao Talluri cc31571307 bug-id:CLOUDSTACK-8055cleaned up test tags, removed unecessary tags. 
reviewed-by: SrikanteswaraRao Talluri <talluri@apache.org>

Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
(cherry picked from commit b6bac7f673)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 10:23:15 +05:30
Ashutosh K 345fd54fc1 CLOUDSTACK-8130: Fixed test_escalations_templates.py - Removed test case dependency on each other 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
(cherry picked from commit 17da2e9ce9)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 10:18:39 +05:30
Ashutosh K 9a75a0cd22 CLOUDSTACK-8132: Fixed issue related to secondary storage count of template 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
(cherry picked from commit f938a5e1c3)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-20 10:18:24 +05:30
Gaurav Aradhye fc502a97c2 CLOUDSTACK-8152: Adding delay before creating snapshot/template from root disk after writing data to disk - test_vm_passwordenabled.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
(cherry picked from commit d79837b67a)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	test/integration/component/test_vm_passwdenabled.py
 2015-01-20 10:16:26 +05:30
SrikanteswaraRao Talluri 2c515395d7 CLOUDSTACK-8161: mark the data volume related operations on LXC as skipped if RBD storage pool is not available 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-16 18:45:19 +05:30
Ashutosh K 2ed76b2a55 CLOUDSTACK-8143: Corrected a test in BVT test_routers.py 2015-01-13 16:43:01 +05:30
K@clogeny.com 17e1922439 CLOUDSTACK-8137: Fixed cleanup issue in sec group tests in test_escalations_instances.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-13 15:49:23 +05:30
Ashutosh K 613aa8ea28 CLOUDSTACK-8135: Fixed cleanup issue in test_escalations_instances.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-13 15:47:57 +05:30
Ashutosh K b8184d1e74 CLOUDSTACK-8149: Code-refactor - test_VirtualRouter_alerts.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-13 15:22:22 +05:30
Ashutosh K 032a003905 CLOUDSTACK-8147: Fixed typo in test case test_redundant_router.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-13 15:22:15 +05:30
Gaurav Aradhye 9278ac1130 CLOUDSTACK-8145: Adding new test to test blocker bugs and modifying other test case to work around the bug 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2015-01-13 15:22:06 +05:30
Gaurav Aradhye 94237a4c5b CLOUDSTACK-8116: Moved ldap data to configurableData section in test_data.py and made related changes in the test case 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-24 10:38:05 +05:30
Gaurav Aradhye 239150c558 CLOUDSTACK-8117: Increase the allowed margin (+/-) for memory of VM on hyperv used to equate with the memory specified in service offering 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-24 10:36:33 +05:30
Ashutosh K 5a6eb3b6e1 CLOUDSTACK-8099: Fixed missing import in test_dynamic_compute_offering.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-23 15:05:23 +05:30
Chandan Purushothama ddcbfb43bc CLOUDSTACK-7788: Fixed the script 'test_dynamic_compute_offering.py' to be run only on hardware 2014-12-23 15:05:14 +05:30
Gaurav Aradhye 125c1c27fc CLOUDSTACK-8098: Fixed VM snapshot issue in smoke/test_vm_snapshots.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-23 14:59:55 +05:30
SrikanteswaraRao Talluri f18e00abf1 Revert "CLOUDSTACK-7762 -[Automation] - Fix test failure for test_02_revert_vm_snapshots in smoke/test_vm_snapshots.py" 
This reverts commit f510ef995b.
 2014-12-23 14:59:46 +05:30
Gaurav Aradhye 1413efcac3 CLOUDSTACK-8096: Fixed test_ssvm.py for issues while checking the result of diagnostic scripts 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-23 14:24:32 +05:30
Chandan Purushothama ab3af7b014 CLOUDSTACK-7769 - Fixed test_ssvm.py script 2014-12-23 14:23:49 +05:30
Sangeetha Hariharan 3736d9435a CLOUDSTACK-7762 -[Automation] - Fix test failure for test_02_revert_vm_snapshots in smoke/test_vm_snapshots.py 2014-12-22 13:55:07 +05:30
Gaurav Aradhye 588e7dc811 CLOUDSTACK-8100: Fixed pep8 issues in test_vpc.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-22 13:53:10 +05:30
Ashutosh K a2fa2e4911 CLOUDSTACK-8095: Fixed Iso attach issue in test_escalations_instances.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-22 13:53:01 +05:30
Ashutosh K 6c722c9d21 CLOUDSTACK-8087: Fixed test_vpc_on_host_maintenance.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-19 10:36:14 +05:30
Gaurav Aradhye 0db63d87aa CLOUDSTACK-8084: Fixed test_17_add_nic_different_zone in test_add_remove_network.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-19 10:36:02 +05:30
Gaurav Aradhye d88126988b CLOUDSTACK-8090: Moving test_dedicated_guest_vlan_ranges.py to maint folder for the test cases need to be run separately, serially 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-19 10:35:36 +05:30
Gaurav Aradhye 27295d235d CLOUDSTACK-8089: Fixed test_explicit_dedication.py test case and moved to maint folder for it is to be run separately 
Signed-off-by: pdion891 <pdion891@apache.org>
 2014-12-18 20:00:41 -05:00
Ashutosh K ed5bc1c7ea CLOUDSTACK-8071: Fixed api key issue in test_snapshots_improvement.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-17 17:28:53 +05:30
Gaurav Aradhye 94814603db CLOUDSTACK-8055: test_portable_ip.py - Tagging test case which can't be run on simulator 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-17 17:28:44 +05:30
Gaurav Aradhye daabe92a99 CLOUDSTACK-8081: Fixed VM snapshot test cases in test_escalation_instances.py and also dealt cleanup issues 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-17 17:28:35 +05:30
Ashutosh K c3508f61a1 CLOUDSTACK-8074: Fixed maint/test_multiple_ip_ranges.py 
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
 2014-12-17 17:28:25 +05:30