You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/01/17 23:40:46 UTC
[44/50] [abbrv] Merge branch 'master' into rbac.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/acl/DomainChecker.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/acl/DomainChecker.java
index 5d38e9b,2e43da3..8970655
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@@ -22,8 -24,7 +24,6 @@@ import org.springframework.stereotype.C
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.acl.SecurityChecker;
import org.apache.cloudstack.affinity.AffinityGroup;
--import org.apache.cloudstack.api.BaseCmd;
- import org.springframework.stereotype.Component;
import com.cloud.dc.DataCenter;
import com.cloud.dc.DedicatedResourceVO;
@@@ -49,18 -49,22 +49,24 @@@ import com.cloud.utils.component.Adapte
@Component
@Local(value = SecurityChecker.class)
public class DomainChecker extends AdapterBase implements SecurityChecker {
-
- @Inject DomainDao _domainDao;
- @Inject AccountDao _accountDao;
- @Inject LaunchPermissionDao _launchPermissionDao;
- @Inject ProjectManager _projectMgr;
- @Inject ProjectAccountDao _projecAccountDao;
- @Inject NetworkModel _networkMgr;
+
+ @Inject
+ DomainDao _domainDao;
+ @Inject
+ AccountDao _accountDao;
+ @Inject
+ LaunchPermissionDao _launchPermissionDao;
+ @Inject
+ ProjectManager _projectMgr;
+ @Inject
+ ProjectAccountDao _projecAccountDao;
+ @Inject
+ NetworkModel _networkMgr;
@Inject
private DedicatedResourceDao _dedicatedDao;
+ @Inject
+ AccountService _accountService;
-
+
protected DomainChecker() {
super();
}
@@@ -71,8 -75,8 +77,8 @@@
throw new PermissionDeniedException(caller + " is disabled.");
}
long domainId = domain.getId();
-
+
- if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ if (_accountService.isNormalUser(caller.getId())) {
if (caller.getDomainId() != domainId) {
throw new PermissionDeniedException(caller + " does not have permission to operate within domain id=" + domain.getId());
}
@@@ -93,11 -97,10 +99,11 @@@
}
@Override
- public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType) throws PermissionDeniedException {
+ public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType)
+ throws PermissionDeniedException {
if (entity instanceof VirtualMachineTemplate) {
-
- VirtualMachineTemplate template = (VirtualMachineTemplate) entity;
+
+ VirtualMachineTemplate template = (VirtualMachineTemplate)entity;
Account owner = _accountDao.findById(template.getAccountId());
// validate that the template is usable by the account
if (!template.isPublicTemplate()) {
@@@ -133,9 -136,9 +139,9 @@@
} else if (entity instanceof AffinityGroup) {
return false;
} else {
- if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
+ if (_accountService.isNormalUser(caller.getId())) {
Account account = _accountDao.findById(entity.getAccountId());
-
+
if (account != null && account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
//only project owner can delete/modify the project
if (accessType != null && accessType == AccessType.ModifyProject) {
@@@ -162,22 -165,21 +168,22 @@@
return checkAccess(account, entity, null);
}
- @Override
+ @Override
public boolean checkAccess(Account account, DiskOffering dof) throws PermissionDeniedException {
if (account == null || dof.getDomainId() == null) {//public offering
- return true;
+ return true;
} else {
- //admin has all permissions
+ //admin has all permissions
- if (account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+ if (_accountService.isRootAdmin(account.getId())) {
- return true;
- }
- //if account is normal user or domain admin
- //check if account's domain is a child of zone's domain (Note: This is made consistent with the list command for disk offering)
+ return true;
+ }
+ //if account is normal user or domain admin
+ //check if account's domain is a child of zone's domain (Note: This is made consistent with the list command for disk offering)
- else if (account.getType() == Account.ACCOUNT_TYPE_NORMAL || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN ||
- account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ else if (_accountService.isNormalUser(account.getId())
+ || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+ || _accountService.isDomainAdmin(account.getId())) {
if (account.getDomainId() == dof.getDomainId()) {
- return true; //disk offering and account at exact node
+ return true; //disk offering and account at exact node
} else {
Domain domainRecord = _domainDao.findById(account.getDomainId());
if (domainRecord != null) {
@@@ -191,31 -193,30 +197,31 @@@
} else {
break;
}
- }
- }
- }
- }
- }
- //not found
- return false;
- }
+ }
+ }
+ }
+ }
+ }
+ //not found
+ return false;
+ }
- @Override
+ @Override
public boolean checkAccess(Account account, ServiceOffering so) throws PermissionDeniedException {
if (account == null || so.getDomainId() == null) {//public offering
- return true;
+ return true;
} else {
- //admin has all permissions
+ //admin has all permissions
- if (account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+ if (_accountService.isRootAdmin(account.getId())) {
- return true;
- }
- //if account is normal user or domain admin
- //check if account's domain is a child of zone's domain (Note: This is made consistent with the list command for service offering)
+ return true;
+ }
+ //if account is normal user or domain admin
+ //check if account's domain is a child of zone's domain (Note: This is made consistent with the list command for service offering)
- else if (account.getType() == Account.ACCOUNT_TYPE_NORMAL || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN ||
- account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ else if (_accountService.isNormalUser(account.getId())
+ || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
+ || _accountService.isDomainAdmin(account.getId())) {
if (account.getDomainId() == so.getDomainId()) {
- return true; //service offering and account at exact node
+ return true; //service offering and account at exact node
} else {
Domain domainRecord = _domainDao.findById(account.getDomainId());
if (domainRecord != null) {
@@@ -229,27 -230,27 +235,27 @@@
} else {
break;
}
- }
- }
- }
- }
- }
- //not found
- return false;
- }
-
- @Override
- public boolean checkAccess(Account account, DataCenter zone) throws PermissionDeniedException {
+ }
+ }
+ }
+ }
+ }
+ //not found
+ return false;
+ }
+
+ @Override
+ public boolean checkAccess(Account account, DataCenter zone) throws PermissionDeniedException {
if (account == null || zone.getDomainId() == null) {//public zone
- return true;
+ return true;
} else {
- //admin has all permissions
+ //admin has all permissions
- if (account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
+ if (_accountService.isRootAdmin(account.getId())) {
- return true;
- }
- //if account is normal user
- //check if account's domain is a child of zone's domain
+ return true;
+ }
+ //if account is normal user
+ //check if account's domain is a child of zone's domain
- else if (account.getType() == Account.ACCOUNT_TYPE_NORMAL || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
+ else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
// if zone is dedicated to an account check that the accountId
// matches.
DedicatedResourceVO dedicatedZone = _dedicatedDao.findByZoneId(zone.getId());
@@@ -277,17 -278,17 +283,17 @@@
} else {
break;
}
- }
- }
- }
- //not found
- return false;
- }
- //if account is domain admin
- //check if the account's domain is either child of zone's domain, or if zone's domain is child of account's domain
+ }
+ }
+ }
+ //not found
+ return false;
+ }
+ //if account is domain admin
+ //check if the account's domain is either child of zone's domain, or if zone's domain is child of account's domain
- else if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
+ else if (_accountService.isDomainAdmin(account.getId())) {
if (account.getDomainId() == zone.getDomainId()) {
- return true; //zone and account at exact node
+ return true; //zone and account at exact node
} else {
Domain zoneDomainRecord = _domainDao.findById(zone.getDomainId());
Domain accountDomainRecord = _domainDao.findById(account.getDomainId());
@@@ -303,23 -304,17 +309,23 @@@
} else {
break;
}
- }
- }
- //didn't find in upper tree
+ }
+ }
+ //didn't find in upper tree
if (zoneDomainRecord.getPath().contains(accountDomainRecord.getPath())) {
- return true;
- }
- }
- //not found
- return false;
- }
- }
- return false;
- }
+ return true;
+ }
+ }
+ //not found
+ return false;
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType, String action)
+ throws PermissionDeniedException {
+ return checkAccess(caller, entity, accessType);
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/ApiDBUtils.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/api/ApiDBUtils.java
index 7a7b84a,a23244b..859ca01
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@@ -217,7 -214,7 +215,6 @@@ import com.cloud.projects.ProjectInvita
import com.cloud.projects.ProjectService;
import com.cloud.region.ha.GlobalLoadBalancingRulesService;
import com.cloud.resource.ResourceManager;
--import com.cloud.server.Criteria;
import com.cloud.server.ManagementServer;
import com.cloud.server.ResourceMetaDataService;
import com.cloud.server.ResourceTag;
@@@ -522,114 -619,115 +619,114 @@@ public class ApiDBUtils
@PostConstruct
void init() {
- _ms = ms;
- _configMgr = configMgr;
- _asyncMgr = asyncMgr;
- _securityGroupMgr = securityGroupMgr;
- _storageMgr = storageMgr;
- _userVmMgr = userVmMgr;
- _networkModel = networkModel;
- _networkMgr = networkMgr;
- _configSvc = configSvc;
- _templateMgr = templateMgr;
-
- _accountDao = accountDao;
- _accountGuestVlanMapDao = accountGuestVlanMapDao;
- _accountVlanMapDao = accountVlanMapDao;
- _clusterDao = clusterDao;
- _capacityDao = capacityDao;
- _dcJoinDao = dcJoinDao;
- _diskOfferingDao = diskOfferingDao;
- _diskOfferingJoinDao = diskOfferingJoinDao;
- _domainDao = domainDao;
- _domainRouterDao = domainRouterDao;
- _domainRouterJoinDao = domainRouterJoinDao;
- _guestOSDao = guestOSDao;
- _guestOSCategoryDao = guestOSCategoryDao;
- _hostDao = hostDao;
- _ipAddressDao = ipAddressDao;
- _loadBalancerDao = loadBalancerDao;
- _networkRuleConfigDao = networkRuleConfigDao;
- _podDao = podDao;
- _serviceOfferingDao = serviceOfferingDao;
- _serviceOfferingJoinDao = serviceOfferingJoinDao;
- _snapshotDao = snapshotDao;
- _storagePoolDao = storagePoolDao;
- _templateDao = templateDao;
- _templateDetailsDao = templateDetailsDao;
- _uploadDao = uploadDao;
- _userDao = userDao;
- _userStatsDao = userStatsDao;
- _userVmDao = userVmDao;
- _userVmJoinDao = userVmJoinDao;
- _vlanDao = vlanDao;
- _volumeDao = volumeDao;
- _site2SiteVpnGatewayDao = site2SiteVpnGatewayDao;
- _site2SiteCustomerGatewayDao = site2SiteCustomerGatewayDao;
- _zoneDao = zoneDao;
- _securityGroupDao = securityGroupDao;
- _securityGroupJoinDao = securityGroupJoinDao;
- _networkOfferingDao = networkOfferingDao;
- _networkDao = networkDao;
- _physicalNetworkDao = physicalNetworkDao;
- _configDao = configDao;
- _consoleProxyDao = consoleProxyDao;
- _firewallCidrsDao = firewallCidrsDao;
- _vmDao = vmDao;
- _resourceLimitMgr = resourceLimitMgr;
- _projectMgr = projectMgr;
- _resourceMgr = resourceMgr;
- _accountDetailsDao = accountDetailsDao;
- _networkDomainDao = networkDomainDao;
- _haMgr = haMgr;
- _vpcMgr = vpcMgr;
- _taggedResourceService = taggedResourceService;
- _sshKeyPairDao = sshKeyPairDao;
- _userVmDetailsDao = userVmDetailsDao;
- _asConditionDao = asConditionDao;
- _asPolicyDao = asPolicyDao;
- _asPolicyConditionMapDao = asPolicyConditionMapDao;
- _counterDao = counterDao;
- _asVmGroupPolicyMapDao = asVmGroupPolicyMapDao;
- _tagJoinDao = tagJoinDao;
- _vmGroupJoinDao = vmGroupJoinDao;
- _eventJoinDao = eventJoinDao;
- _userAccountJoinDao = userAccountJoinDao;
- _projectJoinDao = projectJoinDao;
- _projectAccountJoinDao = projectAccountJoinDao;
- _projectInvitationJoinDao = projectInvitationJoinDao;
- _hostJoinDao = hostJoinDao;
- _volJoinDao = volJoinDao;
- _poolJoinDao = poolJoinDao;
- _imageStoreJoinDao = imageStoreJoinDao;
- _accountJoinDao = accountJoinDao;
- _jobJoinDao = jobJoinDao;
- _templateJoinDao = templateJoinDao;
-
- _physicalNetworkTrafficTypeDao = physicalNetworkTrafficTypeDao;
- _physicalNetworkServiceProviderDao = physicalNetworkServiceProviderDao;
- _firewallRuleDao = firewallRuleDao;
- _staticRouteDao = staticRouteDao;
- _vpcGatewayDao = vpcGatewayDao;
- _asVmProfileDao = asVmProfileDao;
- _asVmGroupDao = asVmGroupDao;
- _vpcDao = vpcDao;
- _vpcOfferingDao = vpcOfferingDao;
- _snapshotPolicyDao = snapshotPolicyDao;
- _asyncJobDao = asyncJobDao;
- _hostDetailsDao = hostDetailsDao;
- _clusterDetailsDao = clusterDetailsDao;
- _vmSnapshotDao = vmSnapshotDao;
- _nicSecondaryIpDao = nicSecondaryIpDao;
- _vpcProvSvc = vpcProvSvc;
- _affinityGroupDao = affinityGroupDao;
- _affinityGroupJoinDao = affinityGroupJoinDao;
- _gslbService = gslbService;
+ s_ms = ms;
+ s_configMgr = configMgr;
+ s_asyncMgr = asyncMgr;
+ s_securityGroupMgr = securityGroupMgr;
+ s_storageMgr = storageMgr;
+ s_userVmMgr = userVmMgr;
+ s_networkModel = networkModel;
+ s_networkMgr = networkMgr;
+ s_configSvc = configSvc;
+ s_templateMgr = templateMgr;
+
+ s_accountDao = accountDao;
+ s_accountGuestVlanMapDao = accountGuestVlanMapDao;
+ s_accountVlanMapDao = accountVlanMapDao;
+ s_clusterDao = clusterDao;
+ s_capacityDao = capacityDao;
+ s_dcJoinDao = dcJoinDao;
+ s_diskOfferingDao = diskOfferingDao;
+ s_diskOfferingJoinDao = diskOfferingJoinDao;
+ s_domainDao = domainDao;
+ s_domainRouterDao = domainRouterDao;
+ s_domainRouterJoinDao = domainRouterJoinDao;
+ s_guestOSDao = guestOSDao;
+ s_guestOSCategoryDao = guestOSCategoryDao;
+ s_hostDao = hostDao;
+ s_ipAddressDao = ipAddressDao;
+ s_loadBalancerDao = loadBalancerDao;
+ s_networkRuleConfigDao = networkRuleConfigDao;
+ s_podDao = podDao;
+ s_serviceOfferingDao = serviceOfferingDao;
+ s_serviceOfferingJoinDao = serviceOfferingJoinDao;
+ s_snapshotDao = snapshotDao;
+ s_storagePoolDao = storagePoolDao;
+ s_templateDao = templateDao;
+ s_templateDetailsDao = templateDetailsDao;
+ s_uploadDao = uploadDao;
+ s_userDao = userDao;
+ s_userStatsDao = userStatsDao;
+ s_userVmDao = userVmDao;
+ s_userVmJoinDao = userVmJoinDao;
+ s_vlanDao = vlanDao;
+ s_volumeDao = volumeDao;
+ s_site2SiteVpnGatewayDao = site2SiteVpnGatewayDao;
+ s_site2SiteCustomerGatewayDao = site2SiteCustomerGatewayDao;
+ s_zoneDao = zoneDao;
+ s_securityGroupDao = securityGroupDao;
+ s_securityGroupJoinDao = securityGroupJoinDao;
+ s_networkOfferingDao = networkOfferingDao;
+ s_networkDao = networkDao;
+ s_physicalNetworkDao = physicalNetworkDao;
+ s_configDao = configDao;
+ s_consoleProxyDao = consoleProxyDao;
+ s_firewallCidrsDao = firewallCidrsDao;
+ s_vmDao = vmDao;
+ s_resourceLimitMgr = resourceLimitMgr;
+ s_projectMgr = projectMgr;
+ s_resourceMgr = resourceMgr;
+ s_accountDetailsDao = accountDetailsDao;
+ s_networkDomainDao = networkDomainDao;
+ s_haMgr = haMgr;
+ s_vpcMgr = vpcMgr;
+ s_taggedResourceService = taggedResourceService;
+ s_sshKeyPairDao = sshKeyPairDao;
+ s_userVmDetailsDao = userVmDetailsDao;
+ s_asConditionDao = asConditionDao;
+ s_asPolicyDao = asPolicyDao;
+ s_asPolicyConditionMapDao = asPolicyConditionMapDao;
+ s_counterDao = counterDao;
+ s_asVmGroupPolicyMapDao = asVmGroupPolicyMapDao;
+ s_tagJoinDao = tagJoinDao;
+ s_vmGroupJoinDao = vmGroupJoinDao;
+ s_eventJoinDao = eventJoinDao;
+ s_userAccountJoinDao = userAccountJoinDao;
+ s_projectJoinDao = projectJoinDao;
+ s_projectAccountJoinDao = projectAccountJoinDao;
+ s_projectInvitationJoinDao = projectInvitationJoinDao;
+ s_hostJoinDao = hostJoinDao;
+ s_volJoinDao = volJoinDao;
+ s_poolJoinDao = poolJoinDao;
+ s_imageStoreJoinDao = imageStoreJoinDao;
+ s_accountJoinDao = accountJoinDao;
+ s_jobJoinDao = jobJoinDao;
+ s_templateJoinDao = templateJoinDao;
+
+ s_physicalNetworkTrafficTypeDao = physicalNetworkTrafficTypeDao;
+ s_physicalNetworkServiceProviderDao = physicalNetworkServiceProviderDao;
+ s_firewallRuleDao = firewallRuleDao;
+ s_staticRouteDao = staticRouteDao;
+ s_vpcGatewayDao = vpcGatewayDao;
+ s_asVmProfileDao = asVmProfileDao;
+ s_asVmGroupDao = asVmGroupDao;
+ s_vpcDao = vpcDao;
+ s_vpcOfferingDao = vpcOfferingDao;
+ s_snapshotPolicyDao = snapshotPolicyDao;
+ s_asyncJobDao = asyncJobDao;
+ s_hostDetailsDao = hostDetailsDao;
+ s_clusterDetailsDao = clusterDetailsDao;
+ s_vmSnapshotDao = vmSnapshotDao;
+ s_nicSecondaryIpDao = nicSecondaryIpDao;
+ s_vpcProvSvc = vpcProvSvc;
+ s_affinityGroupDao = affinityGroupDao;
+ s_affinityGroupJoinDao = affinityGroupJoinDao;
+ s_gslbService = gslbService;
// Note: stats collector should already have been initialized by this time, otherwise a null instance is returned
- _statsCollector = StatsCollector.getInstance();
- _networkACLDao = networkACLDao;
- _accountService = accountService;
- _resourceDetailsService = resourceDetailsService;
+ s_statsCollector = StatsCollector.getInstance();
+ s_networkACLDao = networkACLDao;
+ s_accountService = accountService;
+ s_resourceDetailsService = resourceDetailsService;
-
}
// ///////////////////////////////////////////////////////////
@@@ -674,12 -764,12 +763,9 @@@
}
public static String getVersion() {
- return _ms.getVersion();
+ return s_ms.getVersion();
}
- public static List<? extends StoragePoolVO> searchForStoragePools(Criteria c) {
- return _ms.searchForStoragePools(c).first();
- }
- public static List<UserVmJoinVO> searchForUserVMs(Criteria c, List<Long> permittedAccounts) {
- return s_userVmMgr.searchForUserVMs(c, s_accountDao.findById(Account.ACCOUNT_ID_SYSTEM), null, false, permittedAccounts, false, null, null).first();
- }
// ///////////////////////////////////////////////////////////
// Manager methods //
@@@ -692,11 -782,11 +778,11 @@@
return -1;
}
- return _resourceLimitMgr.findCorrectResourceLimitForAccount(account, type);
+ return s_resourceLimitMgr.findCorrectResourceLimitForAccount(account, type);
}
- public static long findCorrectResourceLimit(Long limit, short accountType, ResourceType type) {
- return s_resourceLimitMgr.findCorrectResourceLimitForAccount(accountType, limit, type);
+ public static long findCorrectResourceLimit(Long limit, long accountId, ResourceType type) {
- return _resourceLimitMgr.findCorrectResourceLimitForAccount(accountId, limit, type);
++ return s_resourceLimitMgr.findCorrectResourceLimitForAccount(accountId, limit, type);
}
public static long getResourceCount(ResourceType type, long accountId) {
@@@ -1052,9 -1151,9 +1147,9 @@@
return cpuOverprovisioningFactor;
}
- public static boolean isExtractionDisabled(){
- String disableExtractionString = _configDao.getValue(Config.DisableExtraction.toString());
+ public static boolean isExtractionDisabled() {
+ String disableExtractionString = s_configDao.getValue(Config.DisableExtraction.toString());
- boolean disableExtraction = (disableExtractionString == null) ? false : Boolean.parseBoolean(disableExtractionString);
+ boolean disableExtraction = (disableExtractionString == null) ? false : Boolean.parseBoolean(disableExtractionString);
return disableExtraction;
}
@@@ -1192,16 -1291,15 +1287,15 @@@
return null;
}
- public static UserVmDetailVO findPublicKeyByVmId(long vmId) {
+ public static UserVmDetailVO findPublicKeyByVmId(long vmId) {
- return _userVmDetailsDao.findDetail(vmId, "SSH.PublicKey");
+ return s_userVmDetailsDao.findDetail(vmId, "SSH.PublicKey");
}
- public static void getAutoScaleVmGroupPolicies(long vmGroupId, List<AutoScalePolicy> scaleUpPolicies, List<AutoScalePolicy> scaleDownPolicies)
- {
- List<AutoScaleVmGroupPolicyMapVO> vos = _asVmGroupPolicyMapDao.listByVmGroupId(vmGroupId);
+ public static void getAutoScaleVmGroupPolicies(long vmGroupId, List<AutoScalePolicy> scaleUpPolicies, List<AutoScalePolicy> scaleDownPolicies) {
+ List<AutoScaleVmGroupPolicyMapVO> vos = s_asVmGroupPolicyMapDao.listByVmGroupId(vmGroupId);
for (AutoScaleVmGroupPolicyMapVO vo : vos) {
- AutoScalePolicy autoScalePolicy = _asPolicyDao.findById(vo.getPolicyId());
- if(autoScalePolicy.getAction().equals("scaleup")) {
+ AutoScalePolicy autoScalePolicy = s_asPolicyDao.findById(vo.getPolicyId());
+ if (autoScalePolicy.getAction().equals("scaleup")) {
scaleUpPolicies.add(autoScalePolicy);
} else {
scaleDownPolicies.add(autoScalePolicy);
@@@ -1395,27 -1493,27 +1489,27 @@@
///////////////////////////////////////////////////////////////////////
public static DomainRouterResponse newDomainRouterResponse(DomainRouterJoinVO vr, Account caller) {
- return _domainRouterJoinDao.newDomainRouterResponse(vr, caller);
+ return s_domainRouterJoinDao.newDomainRouterResponse(vr, caller);
}
- public static DomainRouterResponse fillRouterDetails(DomainRouterResponse vrData, DomainRouterJoinVO vr){
- return _domainRouterJoinDao.setDomainRouterResponse(vrData, vr);
+ public static DomainRouterResponse fillRouterDetails(DomainRouterResponse vrData, DomainRouterJoinVO vr) {
+ return s_domainRouterJoinDao.setDomainRouterResponse(vrData, vr);
}
- public static List<DomainRouterJoinVO> newDomainRouterView(VirtualRouter vr){
- return _domainRouterJoinDao.newDomainRouterView(vr);
+ public static List<DomainRouterJoinVO> newDomainRouterView(VirtualRouter vr) {
+ return s_domainRouterJoinDao.newDomainRouterView(vr);
}
- public static UserVmResponse newUserVmResponse(String objectName, UserVmJoinVO userVm, EnumSet<VMDetails> details, Account caller) {
- return s_userVmJoinDao.newUserVmResponse(objectName, userVm, details, caller);
+ public static UserVmResponse newUserVmResponse(ResponseView view, String objectName, UserVmJoinVO userVm, EnumSet<VMDetails> details, Account caller) {
- return _userVmJoinDao.newUserVmResponse(view, objectName, userVm, details, caller);
++ return s_userVmJoinDao.newUserVmResponse(view, objectName, userVm, details, caller);
}
- public static UserVmResponse fillVmDetails(UserVmResponse vmData, UserVmJoinVO vm) {
- return s_userVmJoinDao.setUserVmResponse(vmData, vm);
+ public static UserVmResponse fillVmDetails(ResponseView view, UserVmResponse vmData, UserVmJoinVO vm) {
- return _userVmJoinDao.setUserVmResponse(view, vmData, vm);
++ return s_userVmJoinDao.setUserVmResponse(view, vmData, vm);
}
- public static List<UserVmJoinVO> newUserVmView(UserVm... userVms){
- return _userVmJoinDao.newUserVmView(userVms);
+ public static List<UserVmJoinVO> newUserVmView(UserVm... userVms) {
+ return s_userVmJoinDao.newUserVmView(userVms);
}
public static SecurityGroupResponse newSecurityGroupResponse(SecurityGroupJoinVO vsg, Account caller) {
@@@ -1489,24 -1587,23 +1583,24 @@@
}
public static ProjectResponse newProjectResponse(ProjectJoinVO proj) {
- return _projectJoinDao.newProjectResponse(proj);
+ return s_projectJoinDao.newProjectResponse(proj);
}
- public static ProjectResponse fillProjectDetails(ProjectResponse rsp, ProjectJoinVO proj){
- return _projectJoinDao.setProjectResponse(rsp,proj);
+ public static ProjectResponse fillProjectDetails(ProjectResponse rsp, ProjectJoinVO proj) {
+ return s_projectJoinDao.setProjectResponse(rsp, proj);
}
- public static List<ProjectJoinVO> newProjectView(Project proj){
- return _projectJoinDao.newProjectView(proj);
+ public static List<ProjectJoinVO> newProjectView(Project proj) {
+ return s_projectJoinDao.newProjectView(proj);
}
- public static List<UserAccountJoinVO> findUserViewByAccountId(Long accountId){
- return _userAccountJoinDao.searchByAccountId(accountId);
+ public static List<UserAccountJoinVO> findUserViewByAccountId(Long accountId) {
+ return s_userAccountJoinDao.searchByAccountId(accountId);
}
+
public static ProjectAccountResponse newProjectAccountResponse(ProjectAccountJoinVO proj) {
- return _projectAccountJoinDao.newProjectAccountResponse(proj);
+ return s_projectAccountJoinDao.newProjectAccountResponse(proj);
}
public static ProjectAccountJoinVO newProjectAccountView(ProjectAccount proj) {
@@@ -1534,24 -1631,23 +1628,23 @@@
}
public static HostForMigrationResponse fillHostForMigrationDetails(HostForMigrationResponse vrData, HostJoinVO vr) {
- return _hostJoinDao.setHostForMigrationResponse(vrData, vr);
+ return s_hostJoinDao.setHostForMigrationResponse(vrData, vr);
}
- public static List<HostJoinVO> newHostView(Host vr){
- return _hostJoinDao.newHostView(vr);
+ public static List<HostJoinVO> newHostView(Host vr) {
+ return s_hostJoinDao.newHostView(vr);
}
- public static VolumeResponse newVolumeResponse(VolumeJoinVO vr) {
- return s_volJoinDao.newVolumeResponse(vr);
+ public static VolumeResponse newVolumeResponse(ResponseView view, VolumeJoinVO vr) {
- return _volJoinDao.newVolumeResponse(view, vr);
++ return s_volJoinDao.newVolumeResponse(view, vr);
}
-
- public static VolumeResponse fillVolumeDetails(VolumeResponse vrData, VolumeJoinVO vr) {
- return s_volJoinDao.setVolumeResponse(vrData, vr);
+ public static VolumeResponse fillVolumeDetails(ResponseView view, VolumeResponse vrData, VolumeJoinVO vr) {
- return _volJoinDao.setVolumeResponse(view, vrData, vr);
++ return s_volJoinDao.setVolumeResponse(view, vrData, vr);
}
- public static List<VolumeJoinVO> newVolumeView(Volume vr){
- return _volJoinDao.newVolumeView(vr);
+ public static List<VolumeJoinVO> newVolumeView(Volume vr) {
+ return s_volJoinDao.newVolumeView(vr);
}
public static StoragePoolResponse newStoragePoolResponse(StoragePoolJoinVO vr) {
@@@ -1576,24 -1671,23 +1668,24 @@@
}
public static ImageStoreResponse newImageStoreResponse(ImageStoreJoinVO vr) {
- return _imageStoreJoinDao.newImageStoreResponse(vr);
+ return s_imageStoreJoinDao.newImageStoreResponse(vr);
}
- public static ImageStoreResponse fillImageStoreDetails(ImageStoreResponse vrData, ImageStoreJoinVO vr){
- return _imageStoreJoinDao.setImageStoreResponse(vrData, vr);
+ public static ImageStoreResponse fillImageStoreDetails(ImageStoreResponse vrData, ImageStoreJoinVO vr) {
+ return s_imageStoreJoinDao.setImageStoreResponse(vrData, vr);
}
- public static List<ImageStoreJoinVO> newImageStoreView(ImageStore vr){
- return _imageStoreJoinDao.newImageStoreView(vr);
+ public static List<ImageStoreJoinVO> newImageStoreView(ImageStore vr) {
+ return s_imageStoreJoinDao.newImageStoreView(vr);
}
- public static AccountResponse newAccountResponse(AccountJoinVO ve) {
- return s_accountJoinDao.newAccountResponse(ve);
+
+ public static AccountResponse newAccountResponse(ResponseView view, AccountJoinVO ve) {
- return _accountJoinDao.newAccountResponse(view, ve);
++ return s_accountJoinDao.newAccountResponse(view, ve);
}
- public static AccountJoinVO newAccountView(Account e){
- return _accountJoinDao.newAccountView(e);
+ public static AccountJoinVO newAccountView(Account e) {
+ return s_accountJoinDao.newAccountView(e);
}
public static AccountJoinVO findAccountViewById(Long accountId) {
@@@ -1617,23 -1711,23 +1709,23 @@@
}
public static ServiceOfferingResponse newServiceOfferingResponse(ServiceOfferingJoinVO offering) {
- return _serviceOfferingJoinDao.newServiceOfferingResponse(offering);
+ return s_serviceOfferingJoinDao.newServiceOfferingResponse(offering);
}
- public static ServiceOfferingJoinVO newServiceOfferingView(ServiceOffering offering){
- return _serviceOfferingJoinDao.newServiceOfferingView(offering);
+ public static ServiceOfferingJoinVO newServiceOfferingView(ServiceOffering offering) {
+ return s_serviceOfferingJoinDao.newServiceOfferingView(offering);
}
- public static ZoneResponse newDataCenterResponse(DataCenterJoinVO dc, Boolean showCapacities) {
- return s_dcJoinDao.newDataCenterResponse(dc, showCapacities);
+ public static ZoneResponse newDataCenterResponse(ResponseView view, DataCenterJoinVO dc, Boolean showCapacities) {
- return _dcJoinDao.newDataCenterResponse(view, dc, showCapacities);
++ return s_dcJoinDao.newDataCenterResponse(view, dc, showCapacities);
}
- public static DataCenterJoinVO newDataCenterView(DataCenter dc){
- return _dcJoinDao.newDataCenterView(dc);
+ public static DataCenterJoinVO newDataCenterView(DataCenter dc) {
+ return s_dcJoinDao.newDataCenterView(dc);
}
- public static Map<String, String> findHostDetailsById(long hostId){
- return _hostDetailsDao.findDetails(hostId);
+ public static Map<String, String> findHostDetailsById(long hostId) {
+ return s_hostDetailsDao.findDetails(hostId);
}
public static List<NicSecondaryIpVO> findNicSecondaryIps(long nicId) {
@@@ -1641,30 -1735,27 +1733,27 @@@
}
public static TemplateResponse newTemplateUpdateResponse(TemplateJoinVO vr) {
- return _templateJoinDao.newUpdateResponse(vr);
+ return s_templateJoinDao.newUpdateResponse(vr);
}
-
- public static TemplateResponse newTemplateResponse(TemplateJoinVO vr) {
- return s_templateJoinDao.newTemplateResponse(vr);
+ public static TemplateResponse newTemplateResponse(ResponseView view, TemplateJoinVO vr) {
- return _templateJoinDao.newTemplateResponse(view, vr);
++ return s_templateJoinDao.newTemplateResponse(view, vr);
}
-
public static TemplateResponse newIsoResponse(TemplateJoinVO vr) {
- return _templateJoinDao.newIsoResponse(vr);
+ return s_templateJoinDao.newIsoResponse(vr);
}
- public static TemplateResponse fillTemplateDetails(TemplateResponse vrData, TemplateJoinVO vr) {
- return s_templateJoinDao.setTemplateResponse(vrData, vr);
+ public static TemplateResponse fillTemplateDetails(ResponseView view, TemplateResponse vrData, TemplateJoinVO vr) {
- return _templateJoinDao.setTemplateResponse(view, vrData, vr);
++ return s_templateJoinDao.setTemplateResponse(view, vrData, vr);
}
- public static List<TemplateJoinVO> newTemplateView(VirtualMachineTemplate vr){
- return _templateJoinDao.newTemplateView(vr);
+ public static List<TemplateJoinVO> newTemplateView(VirtualMachineTemplate vr) {
+ return s_templateJoinDao.newTemplateView(vr);
}
-
- public static List<TemplateJoinVO> newTemplateView(VirtualMachineTemplate vr, long zoneId, boolean readyOnly){
- return _templateJoinDao.newTemplateView(vr, zoneId, readyOnly);
+ public static List<TemplateJoinVO> newTemplateView(VirtualMachineTemplate vr, long zoneId, boolean readyOnly) {
+ return s_templateJoinDao.newTemplateView(vr, zoneId, readyOnly);
}
public static AffinityGroup getAffinityGroup(String groupName, long accountId) {
@@@ -1676,12 -1767,11 +1765,12 @@@
}
public static AffinityGroupResponse fillAffinityGroupDetails(AffinityGroupResponse resp, AffinityGroupJoinVO group) {
- return _affinityGroupJoinDao.setAffinityGroupResponse(resp, group);
+ return s_affinityGroupJoinDao.setAffinityGroupResponse(resp, group);
}
+
public static List<? extends LoadBalancer> listSiteLoadBalancers(long gslbRuleId) {
- return _gslbService.listSiteLoadBalancers(gslbRuleId);
+ return s_gslbService.listSiteLoadBalancers(gslbRuleId);
}
public static String getDnsNameConfiguredForGslb() {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/ApiResponseHelper.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/api/ApiResponseHelper.java
index 1a999ac,c9e5581..5151976
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@@ -462,10 -460,11 +461,11 @@@ public class ApiResponseHelper implemen
}
if (snapshotInfo == null) {
- throw new CloudRuntimeException("Unable to find info for image store snapshot with uuid '"+snapshot.getUuid()+"'");
- }
-
+ s_logger.debug("Unable to find info for image store snapshot with uuid " + snapshot.getUuid());
+ snapshotResponse.setRevertable(false);
+ } else {
- snapshotResponse.setRevertable(snapshotInfo.isRevertable());
+ snapshotResponse.setRevertable(snapshotInfo.isRevertable());
+ }
// set tag information
List<? extends ResourceTag> tags = ApiDBUtils.listByResourceTypeAndId(ResourceObjectType.Snapshot, snapshot.getId());
@@@ -1292,14 -1289,13 +1301,13 @@@
}
@Override
- public List<TemplateResponse> createTemplateResponses(long templateId, Long zoneId, boolean readyOnly) {
+ public List<TemplateResponse> createTemplateResponses(ResponseView view, long templateId, Long zoneId, boolean readyOnly) {
VirtualMachineTemplate template = findTemplateById(templateId);
- return createTemplateResponses(template, zoneId, readyOnly);
+ return createTemplateResponses(view, template, zoneId, readyOnly);
}
-
@Override
- public List<TemplateResponse> createIsoResponses(VirtualMachineTemplate result, Long zoneId, boolean readyOnly) {
+ public List<TemplateResponse> createIsoResponses(ResponseView view, VirtualMachineTemplate result, Long zoneId, boolean readyOnly) {
List<TemplateJoinVO> tvo = null;
if (zoneId == null || zoneId == -1) {
tvo = ApiDBUtils.newTemplateView(result);
@@@ -2381,11 -2228,10 +2239,10 @@@
IpAddress ip = ApiDBUtils.findIpAddressById(fwRule.getSourceIpAddressId());
response.setPublicIpAddressId(ip.getUuid());
response.setPublicIpAddress(ip.getAddress().addr());
- } else if (fwRule.getTrafficType() == FirewallRule.TrafficType.Egress) {
- response.setPublicIpAddress(null);
+ }
+
- Network network = ApiDBUtils.findNetworkById(fwRule.getNetworkId());
- response.setNetworkId(network.getUuid());
+ Network network = ApiDBUtils.findNetworkById(fwRule.getNetworkId());
+ response.setNetworkId(network.getUuid());
- }
FirewallRule.State state = fwRule.getState();
String stateToSet = state.toString();
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/ApiServer.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/api/ApiServer.java
index b5cfa49,3fb3495..4b7807f
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@@ -175,11 -181,12 +182,13 @@@ public class ApiServer extends ManagerB
@Inject
protected ApiAsyncJobDispatcher _asyncDispatcher;
- private static int _workerCount = 0;
- private static final DateFormat _dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
- private static Map<String, List<Class<?>>> _apiNameCmdClassMap = new HashMap<String, List<Class<?>>>();
+
- private static ExecutorService _executor = new ThreadPoolExecutor(10, 150, 60, TimeUnit.SECONDS, new LinkedBlockingQueue<Runnable>(), new NamedThreadFactory("ApiServer"));
+ private static int s_workerCount = 0;
+ private static final DateFormat DateFormatToUse = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
- private static Map<String, Class<?>> s_apiNameCmdClassMap = new HashMap<String, Class<?>>();
++ private static Map<String, List<Class<?>>> s_apiNameCmdClassMap = new HashMap<String, List<Class<?>>>();
+
+ private static ExecutorService s_executor = new ThreadPoolExecutor(10, 150, 60, TimeUnit.SECONDS, new LinkedBlockingQueue<Runnable>(), new NamedThreadFactory(
+ "ApiServer"));
public ApiServer() {
}
@@@ -228,12 -234,11 +236,13 @@@
throw new CloudRuntimeException(String.format("%s is claimed as a API command, but it doesn't have @APICommand annotation", cmdClass.getName()));
}
String apiName = at.name();
- List<Class<?>> apiCmdList = _apiNameCmdClassMap.get(apiName);
- if (s_apiNameCmdClassMap.containsKey(apiName)) {
- s_logger.error("API Cmd class " + cmdClass.getName() + " has non-unique apiname" + apiName);
- continue;
++ List<Class<?>> apiCmdList = s_apiNameCmdClassMap.get(apiName);
+ if (apiCmdList == null) {
+ apiCmdList = new ArrayList<Class<?>>();
- _apiNameCmdClassMap.put(apiName, apiCmdList);
++ s_apiNameCmdClassMap.put(apiName, apiCmdList);
}
- s_apiNameCmdClassMap.put(apiName, cmdClass);
+ apiCmdList.add(cmdClass);
++
}
encodeApiResponse = Boolean.valueOf(_configDao.getValue(Config.EncodeApiResponse.key()));
@@@ -402,24 -407,24 +411,24 @@@
s_logger.info("PermissionDenied: " + ex.getMessage());
}
throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, ex.getMessage(), ex);
- } catch (AccountLimitException ex){
+ } catch (AccountLimitException ex) {
s_logger.info(ex.getMessage());
throw new ServerApiException(ApiErrorCode.ACCOUNT_RESOURCE_LIMIT_ERROR, ex.getMessage(), ex);
- } catch (InsufficientCapacityException ex){
+ } catch (InsufficientCapacityException ex) {
s_logger.info(ex.getMessage());
String errorMsg = ex.getMessage();
- if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
+ if (!_accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())) {
// hide internal details to non-admin user for security reason
errorMsg = BaseCmd.USER_ERROR_MESSAGE;
}
throw new ServerApiException(ApiErrorCode.INSUFFICIENT_CAPACITY_ERROR, errorMsg, ex);
- } catch (ResourceAllocationException ex){
+ } catch (ResourceAllocationException ex) {
s_logger.info(ex.getMessage());
throw new ServerApiException(ApiErrorCode.RESOURCE_ALLOCATION_ERROR, ex.getMessage(), ex);
- } catch (ResourceUnavailableException ex){
+ } catch (ResourceUnavailableException ex) {
s_logger.info(ex.getMessage());
String errorMsg = ex.getMessage();
- if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
+ if (!_accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())) {
// hide internal details to non-admin user for security reason
errorMsg = BaseCmd.USER_ERROR_MESSAGE;
}
@@@ -427,10 -432,10 +436,10 @@@
} catch (ServerApiException ex) {
s_logger.info(ex.getDescription());
throw ex;
- } catch (Exception ex){
+ } catch (Exception ex) {
s_logger.error("unhandled exception executing api command: " + ((command == null) ? "null" : command[0]), ex);
String errorMsg = ex.getMessage();
- if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
+ if (!_accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())) {
// hide internal details to non-admin user for security reason
errorMsg = BaseCmd.USER_ERROR_MESSAGE;
}
@@@ -880,34 -875,8 +890,34 @@@
}
}
- private Class<?> getCmdClass(String cmdName) {
- return s_apiNameCmdClassMap.get(cmdName);
+ @Override
+ public Class<?> getCmdClass(String cmdName) {
- List<Class<?>> cmdList = _apiNameCmdClassMap.get(cmdName);
++ List<Class<?>> cmdList = s_apiNameCmdClassMap.get(cmdName);
+ if (cmdList == null || cmdList.size() == 0)
+ return null;
+ else if (cmdList.size() == 1)
+ return cmdList.get(0);
+ else {
+ // determine the cmd class based on calling context
+ ResponseView view = ResponseView.Restricted;
+ if (CallContext.current() != null
+ && _accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())) {
+ view = ResponseView.Full;
+ }
+ for (Class<?> cmdClass : cmdList) {
+ APICommand at = cmdClass.getAnnotation(APICommand.class);
+ if (at == null) {
+ throw new CloudRuntimeException(String.format("%s is claimed as a API command, but it doesn't have @APICommand annotation", cmdClass.getName()));
+ }
+ if (at.responseView() == null) {
+ throw new CloudRuntimeException(String.format(
+ "%s @APICommand annotation should specify responseView attribute to distinguish multiple command classes for a single api name", cmdClass.getName()));
+ } else if (at.responseView() == view) {
+ return cmdClass;
+ }
+ }
+ return null;
+ }
}
// FIXME: rather than isError, we might was to pass in the status code to give more flexibility
@@@ -958,9 -927,11 +968,11 @@@
}
_params = new BasicHttpParams();
- _params.setIntParameter(CoreConnectionPNames.SO_TIMEOUT, 30000).setIntParameter(CoreConnectionPNames.SOCKET_BUFFER_SIZE, 8 * 1024)
- .setBooleanParameter(CoreConnectionPNames.STALE_CONNECTION_CHECK, false).setBooleanParameter(CoreConnectionPNames.TCP_NODELAY, true)
+ _params.setIntParameter(CoreConnectionPNames.SO_TIMEOUT, 30000)
+ .setIntParameter(CoreConnectionPNames.SOCKET_BUFFER_SIZE, 8 * 1024)
+ .setBooleanParameter(CoreConnectionPNames.STALE_CONNECTION_CHECK, false)
+ .setBooleanParameter(CoreConnectionPNames.TCP_NODELAY, true)
- .setParameter(CoreProtocolPNames.ORIGIN_SERVER, "HttpComponents/1.1");
+ .setParameter(CoreProtocolPNames.ORIGIN_SERVER, "HttpComponents/1.1");
// Set up the HTTP protocol processor
BasicHttpProcessor httpproc = new BasicHttpProcessor();
@@@ -1127,8 -1098,8 +1139,8 @@@
}
@Inject
- public void setPluggableServices(List<PluggableService> _pluggableServices) {
- this._pluggableServices = _pluggableServices;
+ public void setPluggableServices(List<PluggableService> pluggableServices) {
- this._pluggableServices = pluggableServices;
++ _pluggableServices = pluggableServices;
}
public List<APIChecker> getApiAccessCheckers() {
@@@ -1136,7 -1107,7 +1148,7 @@@
}
@Inject
- public void setApiAccessCheckers(List<APIChecker> _apiAccessCheckers) {
- this._apiAccessCheckers = _apiAccessCheckers;
+ public void setApiAccessCheckers(List<APIChecker> apiAccessCheckers) {
- this._apiAccessCheckers = apiAccessCheckers;
++ _apiAccessCheckers = apiAccessCheckers;
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/ApiServerService.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/api/query/QueryManagerImpl.java
index 1306423,bdd4132..e84356b
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@@ -176,10 -175,10 +181,10 @@@ import com.cloud.storage.dao.VMTemplate
import com.cloud.storage.dao.VolumeDetailsDao;
import com.cloud.tags.ResourceTagVO;
import com.cloud.tags.dao.ResourceTagDao;
-import com.cloud.template.VirtualMachineTemplate.TemplateFilter;
+ import com.cloud.template.VirtualMachineTemplate.State;
+import com.cloud.template.VirtualMachineTemplate.TemplateFilter;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
- import com.cloud.user.AccountVO;
import com.cloud.user.DomainManager;
import com.cloud.user.dao.AccountDao;
import com.cloud.utils.DateUtil;
@@@ -340,11 -341,13 +345,13 @@@ public class QueryManagerImpl extends M
@Inject
AffinityGroupDomainMapDao _affinityGroupDomainMapDao;
-
- @Inject
- NetworkDetailsDao _networkDetailsDao;
++
+ @Inject NetworkDetailsDao _networkDetailsDao;
-
+
@Inject
ResourceTagDao _resourceTagDao;
+ @Inject
+ DataStoreManager dataStoreManager;
/*
* (non-Javadoc)
@@@ -493,9 -491,9 +498,8 @@@
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Filter searchFilter = new Filter(EventJoinVO.class, "createDate", false, cmd.getStartIndex(),
- cmd.getPageSizeVal());
+ Filter searchFilter = new Filter(EventJoinVO.class, "createDate", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder<EventJoinVO> sb = _eventJoinDao.createSearchBuilder();
- _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("levelL", sb.entity().getLevel(), SearchCriteria.Op.LIKE);
@@@ -597,18 -591,17 +600,17 @@@
String customerName = cmd.getCustomer();
boolean listAll = cmd.listAll();
- Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
- cmd.getDomainId(), cmd.isRecursive(), null);
+ Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject =
+ new Ternary<Long, Boolean, ListProjectResourcesCriteria>(cmd.getDomainId(), cmd.isRecursive(), null);
- _accountMgr.buildACLSearchParameters(caller, null, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, listAll, false);
+ _accountMgr.buildACLSearchParameters(caller, null, cmd.getAccountName(), cmd.getProjectId(), permittedDomains, permittedAccounts, permittedResources,
+ domainIdRecursiveListProject, listAll, false, "listTags");
Long domainId = domainIdRecursiveListProject.first();
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Filter searchFilter = new Filter(ResourceTagJoinVO.class, "resourceType", false, cmd.getStartIndex(),
- cmd.getPageSizeVal());
+ Filter searchFilter = new Filter(ResourceTagJoinVO.class, "resourceType", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder<ResourceTagJoinVO> sb = _resourceTagJoinDao.createSearchBuilder();
- _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sb.and("key", sb.entity().getKey(), SearchCriteria.Op.EQ);
sb.and("value", sb.entity().getValue(), SearchCriteria.Op.EQ);
@@@ -681,19 -668,17 +682,19 @@@
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Filter searchFilter = new Filter(InstanceGroupJoinVO.class, "id", true, cmd.getStartIndex(),
- cmd.getPageSizeVal());
+ Filter searchFilter = new Filter(InstanceGroupJoinVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder<InstanceGroupJoinVO> sb = _vmGroupJoinDao.createSearchBuilder();
- _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
SearchCriteria<InstanceGroupJoinVO> sc = sb.create();
- _accountMgr.buildACLViewSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+ SearchCriteria<InstanceGroupJoinVO> aclSc = _vmGroupJoinDao.createSearchCriteria();
+ // building ACL search criteria
+ _accountMgr.buildACLViewSearchCriteria(sc, aclSc, isRecursive, permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria);
+
+
if (keyword != null) {
SearchCriteria<InstanceGroupJoinVO> ssc = _vmGroupJoinDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
@@@ -715,75 -700,99 +716,75 @@@
public ListResponse<UserVmResponse> searchForUserVMs(ListVMsCmd cmd) {
Pair<List<UserVmJoinVO>, Integer> result = searchForUserVMsInternal(cmd);
ListResponse<UserVmResponse> response = new ListResponse<UserVmResponse>();
- List<UserVmResponse> vmResponses =
- ViewResponseHelper.createUserVmResponse("virtualmachine", cmd.getDetails(), result.first().toArray(new UserVmJoinVO[result.first().size()]));
+ ResponseView respView = ResponseView.Restricted;
+ if (cmd instanceof ListVMsCmdByAdmin) {
+ respView = ResponseView.Full;
+ }
+ List<UserVmResponse> vmResponses = ViewResponseHelper.createUserVmResponse(respView, "virtualmachine", cmd.getDetails(),
+ result.first().toArray(new UserVmJoinVO[result.first().size()]));
++
response.setResponses(vmResponses, result.second());
return response;
}
private Pair<List<UserVmJoinVO>, Integer> searchForUserVMsInternal(ListVMsCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
+ List<Long> permittedDomains = new ArrayList<Long>();
List<Long> permittedAccounts = new ArrayList<Long>();
- String hypervisor = cmd.getHypervisor();
+ List<Long> permittedResources = new ArrayList<Long>();
+
boolean listAll = cmd.listAll();
Long id = cmd.getId();
+ Map<String, String> tags = cmd.getTags();
-
- Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject =
- new Ternary<Long, Boolean, ListProjectResourcesCriteria>(cmd.getDomainId(), cmd.isRecursive(), null);
- _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, listAll, false);
- Long domainId = domainIdRecursiveListProject.first();
+ Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
+ cmd.getDomainId(), cmd.isRecursive(), null);
+ _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedDomains, permittedAccounts, permittedResources,
+ domainIdRecursiveListProject, listAll, false, "listVirtualMachines");
+ //Long domainId = domainIdRecursiveListProject.first();
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Criteria c = new Criteria("id", Boolean.TRUE, cmd.getStartIndex(), cmd.getPageSizeVal());
- // Criteria c = new Criteria(null, Boolean.FALSE, cmd.getStartIndex(),
- // cmd.getPageSizeVal()); //version without default sorting
- c.addCriteria(Criteria.KEYWORD, cmd.getKeyword());
- c.addCriteria(Criteria.ID, cmd.getId());
- c.addCriteria(Criteria.NAME, cmd.getName());
- c.addCriteria(Criteria.STATE, cmd.getState());
- c.addCriteria(Criteria.DATACENTERID, cmd.getZoneId());
- c.addCriteria(Criteria.GROUPID, cmd.getGroupId());
- c.addCriteria(Criteria.FOR_VIRTUAL_NETWORK, cmd.getForVirtualNetwork());
- c.addCriteria(Criteria.NETWORKID, cmd.getNetworkId());
- c.addCriteria(Criteria.TEMPLATE_ID, cmd.getTemplateId());
- c.addCriteria(Criteria.ISO_ID, cmd.getIsoId());
- c.addCriteria(Criteria.VPC_ID, cmd.getVpcId());
- c.addCriteria(Criteria.AFFINITY_GROUP_ID, cmd.getAffinityGroupId());
+ Filter searchFilter = new Filter(UserVmJoinVO.class, "id", true, cmd.getStartIndex(),
+ cmd.getPageSizeVal());
- if (domainId != null) {
- c.addCriteria(Criteria.DOMAINID, domainId);
- }
-
- if (HypervisorType.getType(hypervisor) != HypervisorType.None) {
- c.addCriteria(Criteria.HYPERVISOR, hypervisor);
- } else if (hypervisor != null) {
- throw new InvalidParameterValueException("Invalid HypervisorType " + hypervisor);
- }
+ // first search distinct vm id by using query criteria and pagination
+ SearchBuilder<UserVmJoinVO> sb = _userVmJoinDao.createSearchBuilder();
+ sb.select(null, Func.DISTINCT, sb.entity().getId()); // select distinct ids
- Map<String, String> tags = cmd.getTags();
- // ignore these search requests if it's not an admin
+ String hypervisor = cmd.getHypervisor();
+ Object name = cmd.getName();
+ Object state = cmd.getState();
+ Object zoneId = cmd.getZoneId();
+ Object keyword = cmd.getKeyword();
+ boolean isAdmin = false;
+ boolean isRootAdmin = false;
if (_accountMgr.isAdmin(caller.getType())) {
- c.addCriteria(Criteria.PODID, cmd.getPodId());
- c.addCriteria(Criteria.HOSTID, cmd.getHostId());
- c.addCriteria(Criteria.STORAGE_ID, cmd.getStorageId());
+ isAdmin = true;
}
-
- if (!permittedAccounts.isEmpty()) {
- c.addCriteria(Criteria.ACCOUNTID, permittedAccounts.toArray());
+ if (_accountMgr.isRootAdmin(caller.getId())) {
+ isRootAdmin = true;
}
- c.addCriteria(Criteria.ISADMIN, _accountMgr.isAdmin(caller.getType()));
-
- return searchForUserVMsByCriteria(c, caller, domainId, isRecursive, permittedAccounts, listAll, listProjectResourcesCriteria, tags);
- }
-
- private Pair<List<UserVmJoinVO>, Integer> searchForUserVMsByCriteria(Criteria c, Account caller, Long domainId, boolean isRecursive, List<Long> permittedAccounts,
- boolean listAll, ListProjectResourcesCriteria listProjectResourcesCriteria, Map<String, String> tags) {
- Filter searchFilter = new Filter(UserVmJoinVO.class, c.getOrderBy(), c.getAscending(), c.getOffset(), c.getLimit());
- boolean isRootAdmin = _accountMgr.isRootAdmin(caller.getType());
- // first search distinct vm id by using query criteria and pagination
- SearchBuilder<UserVmJoinVO> sb = _userVmJoinDao.createSearchBuilder();
- sb.select(null, Func.DISTINCT, sb.entity().getId()); // select distinct
- // ids
- _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
-
- Object id = c.getCriteria(Criteria.ID);
- Object name = c.getCriteria(Criteria.NAME);
- Object state = c.getCriteria(Criteria.STATE);
- Object notState = c.getCriteria(Criteria.NOTSTATE);
- Object zoneId = c.getCriteria(Criteria.DATACENTERID);
- Object pod = c.getCriteria(Criteria.PODID);
- Object hostId = c.getCriteria(Criteria.HOSTID);
- Object hostName = c.getCriteria(Criteria.HOSTNAME);
- Object keyword = c.getCriteria(Criteria.KEYWORD);
- Object isAdmin = c.getCriteria(Criteria.ISADMIN);
- assert c.getCriteria(Criteria.IPADDRESS) == null : "We don't support search by ip address on VM any more. If you see this assert, it means we have to find a different way to search by the nic table.";
- Object groupId = c.getCriteria(Criteria.GROUPID);
- Object networkId = c.getCriteria(Criteria.NETWORKID);
- Object hypervisor = c.getCriteria(Criteria.HYPERVISOR);
- Object storageId = c.getCriteria(Criteria.STORAGE_ID);
- Object templateId = c.getCriteria(Criteria.TEMPLATE_ID);
- Object isoId = c.getCriteria(Criteria.ISO_ID);
- Object vpcId = c.getCriteria(Criteria.VPC_ID);
- Object affinityGroupId = c.getCriteria(Criteria.AFFINITY_GROUP_ID);
+ Object groupId = cmd.getGroupId();
+ Object networkId = cmd.getNetworkId();
+ if (HypervisorType.getType(hypervisor) == HypervisorType.None && hypervisor != null) {
+ // invalid hypervisor type input
+ throw new InvalidParameterValueException("Invalid HypervisorType " + hypervisor);
+ }
+ Object templateId = cmd.getTemplateId();
+ Object isoId = cmd.getIsoId();
+ Object vpcId = cmd.getVpcId();
+ Object affinityGroupId = cmd.getAffinityGroupId();
+ Object pod = null;
+ Object hostId = null;
+ Object storageId = null;
+ if (cmd instanceof ListVMsCmdByAdmin) {
+ ListVMsCmdByAdmin adCmd = (ListVMsCmdByAdmin)cmd;
+ pod = adCmd.getPodId();
+ hostId = adCmd.getHostId();
+ storageId = adCmd.getStorageId();
+ }
-
sb.and("displayName", sb.entity().getDisplayName(), SearchCriteria.Op.LIKE);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
@@@ -825,11 -834,10 +825,12 @@@
// populate the search criteria with the values passed in
SearchCriteria<UserVmJoinVO> sc = sb.create();
+ SearchCriteria<UserVmJoinVO> aclSc = _userVmJoinDao.createSearchCriteria();
+
+ // building ACL search criteria
+ _accountMgr.buildACLViewSearchCriteria(sc, aclSc, isRecursive, permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria);
- // building ACL condition
- _accountMgr.buildACLViewSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+
if (tags != null && !tags.isEmpty()) {
SearchCriteria<UserVmJoinVO> tagSc = _userVmJoinDao.createSearchCriteria();
for (String key : tags.keySet()) {
@@@ -920,9 -931,12 +921,9 @@@
if (storageId != null) {
sc.setParameters("poolId", storageId);
}
-
- if (affinityGroupId != null) {
- sc.setParameters("affinityGroupId", affinityGroupId);
}
- if(!isRootAdmin){
+ if (!isRootAdmin) {
sc.setParameters("displayVm", 1);
}
// search vm details by ids
@@@ -986,15 -995,13 +985,13 @@@
SearchBuilder<SecurityGroupJoinVO> sb = _securityGroupJoinDao.createSearchBuilder();
sb.select(null, Func.DISTINCT, sb.entity().getId()); // select distinct
// ids
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
-
SearchCriteria<SecurityGroupJoinVO> sc = sb.create();
- _accountMgr.buildACLViewSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+ SearchCriteria<SecurityGroupJoinVO> aclSc = _securityGroupJoinDao.createSearchCriteria();
+ // building ACL search criteria
+ _accountMgr.buildACLViewSearchCriteria(sc, aclSc, isRecursive, permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria);
if (id != null) {
sc.setParameters("id", id);
@@@ -1084,28 -1089,21 +1079,29 @@@
return response;
}
- private Pair<List<DomainRouterJoinVO>, Integer> searchForRoutersInternal(BaseListProjectAndAccountResourcesCmd cmd, Long id,
- String name, String state, Long zoneId, Long podId, Long hostId, String keyword, Long networkId, Long vpcId, Boolean forVpc, String role) {
+ private Pair<List<DomainRouterJoinVO>, Integer> searchForRoutersInternal(BaseListProjectAndAccountResourcesCmd cmd, Long id, String name, String state, Long zoneId,
+ Long podId, Long clusterId, Long hostId, String keyword, Long networkId, Long vpcId, Boolean forVpc, String role, String version) {
Account caller = CallContext.current().getCallingAccount();
+ List<Long> permittedDomains = new ArrayList<Long>();
List<Long> permittedAccounts = new ArrayList<Long>();
+ List<Long> permittedResources = new ArrayList<Long>();
+
+ Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
+ cmd.getDomainId(), cmd.isRecursive(), null);
+ String action = "listRouters";
+ if (cmd instanceof ListInternalLBVMsCmd) {
+ action = "listInternalLoadBalancerVMs";
+ }
+ _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedDomains, permittedAccounts, permittedResources,
+ domainIdRecursiveListProject, cmd.listAll(), false, action);
Long domainId = domainIdRecursiveListProject.first();
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Filter searchFilter = new Filter(DomainRouterJoinVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
- // Filter searchFilter = new Filter(DomainRouterJoinVO.class, null,
- // true, cmd.getStartIndex(), cmd.getPageSizeVal());
+ Filter searchFilter = new Filter(DomainRouterJoinVO.class, "id", true, cmd.getStartIndex(),
+ cmd.getPageSizeVal());
++
SearchBuilder<DomainRouterJoinVO> sb = _routerJoinDao.createSearchBuilder();
sb.select(null, Func.DISTINCT, sb.entity().getId()); // select distinct
// ids to get
@@@ -1371,15 -1370,12 +1369,16 @@@
boolean listAll = cmd.listAll();
Account caller = CallContext.current().getCallingAccount();
+ List<Long> permittedDomains = new ArrayList<Long>();
List<Long> permittedAccounts = new ArrayList<Long>();
+ List<Long> permittedResources = new ArrayList<Long>();
+
+ Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
+ domainId, isRecursive, null);
+ _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedDomains, permittedAccounts, permittedResources,
+ domainIdRecursiveListProject, listAll, true, "listProjectInvitations");
+ //domainId = domainIdRecursiveListProject.first();
+
- Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject =
- new Ternary<Long, Boolean, ListProjectResourcesCriteria>(domainId, isRecursive, null);
- _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedAccounts, domainIdRecursiveListProject, listAll, true);
- domainId = domainIdRecursiveListProject.first();
isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
@@@ -1600,13 -1595,7 +1599,14 @@@
Pair<List<VolumeJoinVO>, Integer> result = searchForVolumesInternal(cmd);
ListResponse<VolumeResponse> response = new ListResponse<VolumeResponse>();
- List<VolumeResponse> volumeResponses = ViewResponseHelper.createVolumeResponse(result.first().toArray(new VolumeJoinVO[result.first().size()]));
+ ResponseView respView = ResponseView.Restricted;
+ if (cmd instanceof ListVolumesCmdByAdmin) {
+ respView = ResponseView.Full;
+ }
+
+ List<VolumeResponse> volumeResponses = ViewResponseHelper.createVolumeResponse(respView, result.first().toArray(
+ new VolumeJoinVO[result.first().size()]));
++
response.setResponses(volumeResponses, result.second());
return response;
}
@@@ -1627,17 -1614,19 +1627,16 @@@
Long storageId = cmd.getStorageId();
Long zoneId = cmd.getZoneId();
- Long podId = null;
- if (_accountMgr.isAdmin(caller.getType())) {
- podId = cmd.getPodId();
- }
+ Long podId = cmd.getPodId();
- Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject =
- new Ternary<Long, Boolean, ListProjectResourcesCriteria>(cmd.getDomainId(), cmd.isRecursive(), null);
- _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedAccounts, domainIdRecursiveListProject, cmd.listAll(), false);
- Long domainId = domainIdRecursiveListProject.first();
+ Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
+ cmd.getDomainId(), cmd.isRecursive(), null);
+ _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedDomains, permittedAccounts, permittedResources,
+ domainIdRecursiveListProject, cmd.listAll(), false, "listVolumes");
+// Long domainId = domainIdRecursiveListProject.first();
Boolean isRecursive = domainIdRecursiveListProject.second();
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
- Filter searchFilter = new Filter(VolumeJoinVO.class, "created", false, cmd.getStartIndex(),
- cmd.getPageSizeVal());
+ Filter searchFilter = new Filter(VolumeJoinVO.class, "created", false, cmd.getStartIndex(), cmd.getPageSizeVal());
// hack for now, this should be done better but due to needing a join I
// opted to
@@@ -1648,8 -1637,8 +1647,7 @@@
// number of
// records with
// pagination
- _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
-
sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("volumeType", sb.entity().getVolumeType(), SearchCriteria.Op.LIKE);
@@@ -1668,13 -1657,9 +1666,12 @@@
}
sb.cp();
-
// now set the SC criteria...
SearchCriteria<VolumeJoinVO> sc = sb.create();
- _accountMgr.buildACLViewSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
+ SearchCriteria<VolumeJoinVO> aclSc = _volumeJoinDao.createSearchCriteria();
+
+ // building ACL search criteria
+ _accountMgr.buildACLViewSearchCriteria(sc, aclSc, isRecursive, permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria);
if (keyword != null) {
SearchCriteria<VolumeJoinVO> ssc = _volumeJoinDao.createSearchCriteria();
@@@ -1910,10 -1882,8 +1904,9 @@@
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
Filter searchFilter = new Filter(AsyncJobJoinVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
+ /*
SearchBuilder<AsyncJobJoinVO> sb = _jobJoinDao.createSearchBuilder();
sb.and("accountIdIN", sb.entity().getAccountId(), SearchCriteria.Op.IN);
- SearchBuilder<AccountVO> accountSearch = null;
boolean accountJoinIsDone = false;
if (permittedAccounts.isEmpty() && domainId != null) {
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
@@@ -2446,18 -2409,18 +2441,18 @@@
List<Long> domainIds = new ArrayList<Long>();
DomainVO domainRecord;
if (vmId != null) {
- UserVmVO vmInstance = _userVmDao.findById(vmId);
- domainRecord = _domainDao.findById(vmInstance.getDomainId());
+ UserVmVO vmInstance = _userVmDao.findById(vmId);
+ domainRecord = _domainDao.findById(vmInstance.getDomainId());
- if ( domainRecord == null ){
+ if (domainRecord == null) {
- s_logger.error("Could not find the domainId for vmId:" + vmId);
- throw new CloudAuthenticationException("Could not find the domainId for vmId:" + vmId);
- }
+ s_logger.error("Could not find the domainId for vmId:" + vmId);
+ throw new CloudAuthenticationException("Could not find the domainId for vmId:" + vmId);
+ }
} else {
- domainRecord = _domainDao.findById(caller.getDomainId());
+ domainRecord = _domainDao.findById(caller.getDomainId());
- if ( domainRecord == null ){
+ if (domainRecord == null) {
- s_logger.error("Could not find the domainId for account:" + caller.getAccountName());
- throw new CloudAuthenticationException("Could not find the domainId for account:" + caller.getAccountName());
- }
+ s_logger.error("Could not find the domainId for account:" + caller.getAccountName());
+ throw new CloudAuthenticationException("Could not find the domainId for account:" + caller.getAccountName());
+ }
}
domainIds.add(domainRecord.getId());
while (domainRecord.getParent() != null) {
@@@ -2629,12 -2585,10 +2623,11 @@@
// subdomainId
List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds);
if (!dedicatedZoneIds.isEmpty()) {
- sdc.addAnd("id", SearchCriteria.Op.NIN,
- dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
+ sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
}
- } else if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
+ } else if (_accountMgr.isDomainAdmin(account.getId())
+ || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
// it was decided to return all zones for the domain admin, and
// everything above till root, as well as zones till the domain
// leaf
@@@ -2805,17 -2741,13 +2796,17 @@@
boolean showDomr = ((templateFilter != TemplateFilter.selfexecutable) && (templateFilter != TemplateFilter.featured));
HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
- return searchForTemplatesInternal(id, cmd.getTemplateName(), cmd.getKeyword(), templateFilter, false, null, cmd.getPageSizeVal(), cmd.getStartIndex(),
- cmd.getZoneId(), hypervisorType, showDomr, cmd.listInReadyState(), permittedAccounts, caller, listProjectResourcesCriteria, tags, showRemovedTmpl);
+ return searchForTemplatesInternal(id, cmd.getTemplateName(), cmd.getKeyword(), templateFilter, false, null,
+ cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, showDomr,
- cmd.listInReadyState(), permittedDomains, permittedAccounts, permittedResources, isRecursive, caller, listProjectResourcesCriteria, tags);
++ cmd.listInReadyState(), permittedDomains, permittedAccounts, permittedResources, isRecursive, caller, listProjectResourcesCriteria, tags, showRemovedTmpl);
}
- private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(Long templateId, String name, String keyword, TemplateFilter templateFilter, boolean isIso,
- Boolean bootable, Long pageSize, Long startIndex, Long zoneId, HypervisorType hyperType, boolean showDomr, boolean onlyReady, List<Account> permittedAccounts,
- Account caller, ListProjectResourcesCriteria listProjectResourcesCriteria, Map<String, String> tags, boolean showRemovedTmpl) {
+ private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(Long templateId, String name,
+ String keyword, TemplateFilter templateFilter, boolean isIso, Boolean bootable, Long pageSize,
+ Long startIndex, Long zoneId, HypervisorType hyperType, boolean showDomr, boolean onlyReady,
+ List<Long> permittedDomains, List<Long> permittedAccounts, List<Long> permittedResources, boolean isRecursive, Account caller,
+ ListProjectResourcesCriteria listProjectResourcesCriteria,
- Map<String, String> tags) {
++ Map<String, String> tags, boolean showRemovedTmpl) {
// check if zone is configured, if not, just return empty list
List<HypervisorType> hypers = null;
@@@ -3088,9 -3032,8 +3082,9 @@@
HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
- return searchForTemplatesInternal(cmd.getId(), cmd.getIsoName(), cmd.getKeyword(), isoFilter, true, cmd.isBootable(), cmd.getPageSizeVal(), cmd.getStartIndex(),
- cmd.getZoneId(), hypervisorType, true, cmd.listInReadyState(), permittedAccounts, caller, listProjectResourcesCriteria, tags, showRemovedISO);
+ return searchForTemplatesInternal(cmd.getId(), cmd.getIsoName(), cmd.getKeyword(), isoFilter, true,
+ cmd.isBootable(), cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), hypervisorType, true,
- cmd.listInReadyState(), permittedDomains, permittedAccounts, permittedResources, isRecursive, caller, listProjectResourcesCriteria, tags);
++ cmd.listInReadyState(), permittedDomains, permittedAccounts, permittedResources, isRecursive, caller, listProjectResourcesCriteria, tags, showRemovedISO);
}
@Override
@@@ -3136,11 -3075,10 +3129,10 @@@
ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
Filter searchFilter = new Filter(AffinityGroupJoinVO.class, "id", true, startIndex, pageSize);
- SearchCriteria<AffinityGroupJoinVO> sc = buildAffinityGroupSearchCriteria(domainId, isRecursive,
- permittedAccounts, listProjectResourcesCriteria, affinityGroupId, affinityGroupName, affinityGroupType, keyword);
+ SearchCriteria<AffinityGroupJoinVO> sc = buildAffinityGroupSearchCriteria(isRecursive,
- permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria, affinityGroupId, affinityGroupName, affinityGroupType);
-
- Pair<List<AffinityGroupJoinVO>, Integer> uniqueGroupsPair = _affinityGroupJoinDao.searchAndCount(sc,
- searchFilter);
++ permittedDomains, permittedAccounts, permittedResources, listProjectResourcesCriteria, affinityGroupId, affinityGroupName, affinityGroupType, keyword);
+
+ Pair<List<AffinityGroupJoinVO>, Integer> uniqueGroupsPair = _affinityGroupJoinDao.searchAndCount(sc, searchFilter);
// search group details by ids
List<AffinityGroupJoinVO> vrs = new ArrayList<AffinityGroupJoinVO>();
Integer count = uniqueGroupsPair.second();
@@@ -3177,20 -3114,21 +3169,20 @@@
// list all domain level affinity groups for the domain admin case
SearchCriteria<AffinityGroupJoinVO> scDomain = buildAffinityGroupSearchCriteria(null, isRecursive,
new ArrayList<Long>(), listProjectResourcesCriteria, affinityGroupId, affinityGroupName,
- affinityGroupType);
+ affinityGroupType, keyword);
vrs.addAll(listDomainLevelAffinityGroups(scDomain, searchFilter, domainId));
}
+ */
return new Pair<List<AffinityGroupJoinVO>, Integer>(vrs, vrs.size());
}
- private SearchCriteria<AffinityGroupJoinVO> buildAffinityGroupSearchCriteria(Long domainId, boolean isRecursive,
- List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria,
+ private SearchCriteria<AffinityGroupJoinVO> buildAffinityGroupSearchCriteria(boolean isRecursive,
+ List<Long> permittedDomains, List<Long> permittedAccounts, List<Long> permittedResources, ListProjectResourcesCriteria listProjectResourcesCriteria,
- Long affinityGroupId, String affinityGroupName, String affinityGroupType) {
+ Long affinityGroupId, String affinityGroupName, String affinityGroupType, String keyword) {
SearchBuilder<AffinityGroupJoinVO> groupSearch = _affinityGroupJoinDao.createSearchBuilder();
- _accountMgr.buildACLViewSearchBuilder(groupSearch, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
-
groupSearch.select(null, Func.DISTINCT, groupSearch.entity().getId()); // select
// distinct
@@@ -3302,12 -3244,11 +3300,11 @@@
ResourceDetailResponse detailResponse = createResourceDetailsResponse(detail, resourceType);
responseList.add(detailResponse);
}
- }
+ }
return responseList;
- }
+ }
-
protected ResourceDetailResponse createResourceDetailsResponse(ResourceDetail requestedDetail, ResourceTag.ResourceObjectType resourceType) {
ResourceDetailResponse resourceDetailResponse = new ResourceDetailResponse();
resourceDetailResponse.setResourceId(String.valueOf(requestedDetail.getResourceId()));
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/929fbaba/server/src/com/cloud/api/query/ViewResponseHelper.java
----------------------------------------------------------------------
diff --cc server/src/com/cloud/api/query/ViewResponseHelper.java
index 3a35c96,149b0d9..d06e1d1
--- a/server/src/com/cloud/api/query/ViewResponseHelper.java
+++ b/server/src/com/cloud/api/query/ViewResponseHelper.java
@@@ -129,15 -128,14 +130,14 @@@ public class ViewResponseHelper
Hashtable<Long, UserVmResponse> vmDataList = new Hashtable<Long, UserVmResponse>();
// Initialise the vmdatalist with the input data
-
for (UserVmJoinVO userVm : userVms) {
UserVmResponse userVmData = vmDataList.get(userVm.getId());
- if ( userVmData == null ){
+ if (userVmData == null) {
// first time encountering this vm
- userVmData = ApiDBUtils.newUserVmResponse(objectName, userVm, details, caller);
- } else {
+ userVmData = ApiDBUtils.newUserVmResponse(view, objectName, userVm, details, caller);
+ } else{
// update nics, securitygroups, tags, affinitygroups for 1 to many mapping fields
- userVmData = ApiDBUtils.fillVmDetails(userVmData, userVm);
+ userVmData = ApiDBUtils.fillVmDetails(view, userVmData, userVm);
}
vmDataList.put(userVm.getId(), userVmData);
}
@@@ -266,13 -257,12 +259,13 @@@
Hashtable<Long, VolumeResponse> vrDataList = new Hashtable<Long, VolumeResponse>();
for (VolumeJoinVO vr : volumes) {
VolumeResponse vrData = vrDataList.get(vr.getId());
- if ( vrData == null ){
+ if (vrData == null) {
// first time encountering this volume
- vrData = ApiDBUtils.newVolumeResponse(vr);
- } else {
+ vrData = ApiDBUtils.newVolumeResponse(view, vr);
+ }
+ else{
// update tags
- vrData = ApiDBUtils.fillVolumeDetails(vrData, vr);
+ vrData = ApiDBUtils.fillVolumeDetails(view, vrData, vr);
}
vrDataList.put(vr.getId(), vrData);
}
@@@ -374,17 -360,16 +364,17 @@@
return respList;
}
- public static List<TemplateResponse> createTemplateResponse(TemplateJoinVO... templates) {
+ public static List<TemplateResponse> createTemplateResponse(ResponseView view, TemplateJoinVO... templates) {
- Hashtable<String, TemplateResponse> vrDataList = new Hashtable<String, TemplateResponse>();
+ LinkedHashMap<String, TemplateResponse> vrDataList = new LinkedHashMap<String, TemplateResponse>();
for (TemplateJoinVO vr : templates) {
TemplateResponse vrData = vrDataList.get(vr.getTempZonePair());
- if ( vrData == null ){
+ if (vrData == null) {
// first time encountering this volume
- vrData = ApiDBUtils.newTemplateResponse(vr);
- } else {
+ vrData = ApiDBUtils.newTemplateResponse(view, vr);
+ }
+ else{
// update tags
- vrData = ApiDBUtils.fillTemplateDetails(vrData, vr);
+ vrData = ApiDBUtils.fillTemplateDetails(view, vrData, vr);
}
vrDataList.put(vr.getTempZonePair(), vrData);
}
@@@ -395,13 -380,12 +385,12 @@@
Hashtable<Long, TemplateResponse> vrDataList = new Hashtable<Long, TemplateResponse>();
for (TemplateJoinVO vr : templates) {
TemplateResponse vrData = vrDataList.get(vr.getId());
- if ( vrData == null ){
+ if (vrData == null) {
// first time encountering this volume
vrData = ApiDBUtils.newTemplateUpdateResponse(vr);
- }
- else{
+ } else {
// update tags
- vrData = ApiDBUtils.fillTemplateDetails(vrData, vr);
+ vrData = ApiDBUtils.fillTemplateDetails(view, vrData, vr);
}
vrDataList.put(vr.getId(), vrData);
}
@@@ -412,13 -396,12 +401,12 @@@
Hashtable<String, TemplateResponse> vrDataList = new Hashtable<String, TemplateResponse>();
for (TemplateJoinVO vr : templates) {
TemplateResponse vrData = vrDataList.get(vr.getTempZonePair());
- if ( vrData == null ){
+ if (vrData == null) {
// first time encountering this volume
vrData = ApiDBUtils.newIsoResponse(vr);
- }
- else{
+ } else {
// update tags
- vrData = ApiDBUtils.fillTemplateDetails(vrData, vr);
+ vrData = ApiDBUtils.fillTemplateDetails(view, vrData, vr);
}
vrDataList.put(vr.getTempZonePair(), vrData);
}