You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2015/06/17 20:48:30 UTC
[1/3] git commit: updated refs/heads/master to f3afcb0
Repository: cloudstack
Updated Branches:
refs/heads/master 64361d2b7 -> f3afcb089
CLOUDSTACK-8537 test for the sake of testing the fix seems so trivial but no testing is available for it at all. when bugs arise test extension should be the start point here.
Signed-off-by: Daan Hoogland <da...@gmail.com>
This closes #357
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f3afcb08
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f3afcb08
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f3afcb08
Branch: refs/heads/master
Commit: f3afcb089fac54b3269206df1fb938451df3e995
Parents: 968e71a
Author: Daan Hoogland <da...@gmail.com>
Authored: Mon Jun 15 16:11:36 2015 +0200
Committer: Daan Hoogland <da...@gmail.com>
Committed: Wed Jun 17 20:47:57 2015 +0200
----------------------------------------------------------------------
.../com/cloud/server/ManagementServerImpl.java | 8 +--
.../cloud/server/ManagementServerImplTest.java | 67 ++++++++++++++++++++
2 files changed, 71 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f3afcb08/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 948a84d..85a561f 100644
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -750,7 +750,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Inject
private InstanceGroupDao _vmGroupDao;
@Inject
- private SSHKeyPairDao _sshKeyPairDao;
+ protected SSHKeyPairDao _sshKeyPairDao;
@Inject
private LoadBalancerDao _loadbalancerDao;
@Inject
@@ -3650,7 +3650,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
* @param owner
* @throws InvalidParameterValueException
*/
- private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+ protected void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
@@ -3684,7 +3684,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
* @param cmd
* @return
*/
- private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+ protected Account getOwner(RegisterSSHKeyPairCmd cmd) {
Account caller = getCaller();
Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
@@ -3694,7 +3694,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
/**
* @return
*/
- private Account getCaller() {
+ protected Account getCaller() {
Account caller = CallContext.current().getCallingAccount();
return caller;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f3afcb08/server/test/com/cloud/server/ManagementServerImplTest.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/server/ManagementServerImplTest.java b/server/test/com/cloud/server/ManagementServerImplTest.java
new file mode 100644
index 0000000..1e530e6
--- /dev/null
+++ b/server/test/com/cloud/server/ManagementServerImplTest.java
@@ -0,0 +1,67 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.server;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.Spy;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import org.apache.cloudstack.api.command.user.ssh.RegisterSSHKeyPairCmd;
+
+import com.cloud.exception.InvalidParameterValueException;
+import com.cloud.user.Account;
+import com.cloud.user.SSHKeyPairVO;
+import com.cloud.user.dao.SSHKeyPairDao;
+
+@RunWith(MockitoJUnitRunner.class)
+public class ManagementServerImplTest {
+
+ @Mock
+ RegisterSSHKeyPairCmd regCmd;
+ @Mock
+ SSHKeyPairVO existingPair;
+ @Mock
+ Account account;
+ @Mock
+ SSHKeyPairDao sshKeyPairDao;
+ ManagementServerImpl ms = new ManagementServerImpl();
+ @Spy
+ ManagementServerImpl spy;
+
+ @Test(expected = InvalidParameterValueException.class)
+ public void testExistingPairRegistration() {
+ String accountName = "account";
+ String publicKeyString = "very public";
+ // setup owner with domainid
+ Mockito.doReturn(account).when(spy).getCaller();
+ Mockito.doReturn(account).when(spy).getOwner(regCmd);
+ // mock _sshKeyPairDao.findByName to return null
+ Mockito.doNothing().when(spy).checkForKeyByName(regCmd, account);
+ // mock _sshKeyPairDao.findByPublicKey to return a known object
+ Mockito.doReturn(accountName).when(regCmd).getAccountName();
+ Mockito.doReturn(publicKeyString).when(regCmd).getPublicKey();
+ Mockito.doReturn("name").when(regCmd).getName();
+ spy._sshKeyPairDao = sshKeyPairDao;
+ Mockito.doReturn(1L).when(account).getAccountId();
+ Mockito.doReturn(1L).when(account).getDomainId();
+ Mockito.doReturn(existingPair).when(sshKeyPairDao).findByPublicKey(1L, 1L, publicKeyString);
+ spy.registerSSHKeyPair(regCmd);
+ }
+}
[3/3] git commit: updated refs/heads/master to f3afcb0
Posted by da...@apache.org.
CLOUDSTACK-8537 add check for unique public key and account on ssh keypair registration
Signed-off-by: Daan Hoogland <da...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/9f025312
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/9f025312
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/9f025312
Branch: refs/heads/master
Commit: 9f025312129a0490f0aaef8567cd1ef36926ad1b
Parents: 64361d2
Author: Daan Hoogland <da...@gmail.com>
Authored: Thu Jun 4 16:48:14 2015 +0200
Committer: Daan Hoogland <da...@gmail.com>
Committed: Wed Jun 17 20:47:57 2015 +0200
----------------------------------------------------------------------
.../src/com/cloud/user/dao/SSHKeyPairDao.java | 2 ++
.../com/cloud/user/dao/SSHKeyPairDaoImpl.java | 9 ++++++++
.../com/cloud/server/ManagementServerImpl.java | 22 +++++++++++++-------
3 files changed, 25 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9f025312/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
index 7a4ac40..e035e96 100644
--- a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
+++ b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDao.java
@@ -35,4 +35,6 @@ public interface SSHKeyPairDao extends GenericDao<SSHKeyPairVO, Long> {
public boolean deleteByName(long accountId, long domainId, String name);
+ public SSHKeyPairVO findByPublicKey(long accountId, long domainId, String publicKey);
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9f025312/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
index cfaa993..51e5fbe 100644
--- a/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
+++ b/engine/schema/src/com/cloud/user/dao/SSHKeyPairDaoImpl.java
@@ -73,6 +73,15 @@ public class SSHKeyPairDaoImpl extends GenericDaoBase<SSHKeyPairVO, Long> implem
}
@Override
+ public SSHKeyPairVO findByPublicKey(long accountId, long domainId, String publicKey) {
+ SearchCriteria<SSHKeyPairVO> sc = createSearchCriteria();
+ sc.addAnd("accountId", SearchCriteria.Op.EQ, accountId);
+ sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
+ sc.addAnd("publicKey", SearchCriteria.Op.EQ, publicKey);
+ return findOneBy(sc);
+ }
+
+ @Override
public boolean deleteByName(long accountId, long domainId, String name) {
SSHKeyPairVO pair = findByName(accountId, domainId, name);
if (pair == null)
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9f025312/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index a187d4e..8b9f97f 100644
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -39,12 +39,9 @@ import javax.crypto.spec.SecretKeySpec;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
-import org.apache.cloudstack.api.command.admin.usage.RemoveRawUsageRecordsCmd;
-import org.apache.cloudstack.api.command.user.snapshot.UpdateSnapshotPolicyCmd;
-import org.apache.cloudstack.api.command.user.template.GetUploadParamsForTemplateCmd;
-import org.apache.cloudstack.api.command.user.volume.GetUploadParamsForVolumeCmd;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
+
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.affinity.AffinityGroupProcessor;
import org.apache.cloudstack.affinity.dao.AffinityGroupVMMapDao;
@@ -182,8 +179,8 @@ import org.apache.cloudstack.api.command.admin.storage.ListImageStoresCmd;
import org.apache.cloudstack.api.command.admin.storage.ListS3sCmd;
import org.apache.cloudstack.api.command.admin.storage.ListSecondaryStagingStoresCmd;
import org.apache.cloudstack.api.command.admin.storage.ListStoragePoolsCmd;
-import org.apache.cloudstack.api.command.admin.storage.ListStorageTagsCmd;
import org.apache.cloudstack.api.command.admin.storage.ListStorageProvidersCmd;
+import org.apache.cloudstack.api.command.admin.storage.ListStorageTagsCmd;
import org.apache.cloudstack.api.command.admin.storage.PreparePrimaryStorageForMaintenanceCmd;
import org.apache.cloudstack.api.command.admin.storage.UpdateCloudToUseObjectStoreCmd;
import org.apache.cloudstack.api.command.admin.storage.UpdateStoragePoolCmd;
@@ -213,6 +210,7 @@ import org.apache.cloudstack.api.command.admin.usage.ListTrafficMonitorsCmd;
import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd;
import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypesCmd;
import org.apache.cloudstack.api.command.admin.usage.ListUsageTypesCmd;
+import org.apache.cloudstack.api.command.admin.usage.RemoveRawUsageRecordsCmd;
import org.apache.cloudstack.api.command.admin.usage.UpdateTrafficTypeCmd;
import org.apache.cloudstack.api.command.admin.user.CreateUserCmd;
import org.apache.cloudstack.api.command.admin.user.DeleteUserCmd;
@@ -414,6 +412,7 @@ import org.apache.cloudstack.api.command.user.snapshot.DeleteSnapshotPoliciesCmd
import org.apache.cloudstack.api.command.user.snapshot.ListSnapshotPoliciesCmd;
import org.apache.cloudstack.api.command.user.snapshot.ListSnapshotsCmd;
import org.apache.cloudstack.api.command.user.snapshot.RevertSnapshotCmd;
+import org.apache.cloudstack.api.command.user.snapshot.UpdateSnapshotPolicyCmd;
import org.apache.cloudstack.api.command.user.ssh.CreateSSHKeyPairCmd;
import org.apache.cloudstack.api.command.user.ssh.DeleteSSHKeyPairCmd;
import org.apache.cloudstack.api.command.user.ssh.ListSSHKeyPairsCmd;
@@ -425,6 +424,7 @@ import org.apache.cloudstack.api.command.user.template.CopyTemplateCmd;
import org.apache.cloudstack.api.command.user.template.CreateTemplateCmd;
import org.apache.cloudstack.api.command.user.template.DeleteTemplateCmd;
import org.apache.cloudstack.api.command.user.template.ExtractTemplateCmd;
+import org.apache.cloudstack.api.command.user.template.GetUploadParamsForTemplateCmd;
import org.apache.cloudstack.api.command.user.template.ListTemplatePermissionsCmd;
import org.apache.cloudstack.api.command.user.template.ListTemplatesCmd;
import org.apache.cloudstack.api.command.user.template.RegisterTemplateCmd;
@@ -463,6 +463,7 @@ import org.apache.cloudstack.api.command.user.volume.CreateVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.DeleteVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.DetachVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.ExtractVolumeCmd;
+import org.apache.cloudstack.api.command.user.volume.GetUploadParamsForVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.ListResourceDetailsCmd;
import org.apache.cloudstack.api.command.user.volume.ListVolumesCmd;
import org.apache.cloudstack.api.command.user.volume.MigrateVolumeCmd;
@@ -3622,9 +3623,14 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
- SSHKeyPairVO s = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
- if (s != null) {
- throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists.");
+ SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
+ if (existingPair != null) {
+ throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
+ }
+
+ existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
+ if (existingPair != null) {
+ throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
}
String name = cmd.getName();
[2/3] git commit: updated refs/heads/master to f3afcb0
Posted by da...@apache.org.
CLOUDSTACK-8537 refactor registerSSHKeyPair() for legibility and testability reasons
Signed-off-by: Daan Hoogland <da...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/968e71ad
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/968e71ad
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/968e71ad
Branch: refs/heads/master
Commit: 968e71ad0e49088b5f2f022df29aec02b10a5ede
Parents: 9f02531
Author: Daan Hoogland <da...@gmail.com>
Authored: Tue Jun 9 23:57:00 2015 +0200
Committer: Daan Hoogland <da...@gmail.com>
Committed: Wed Jun 17 20:47:57 2015 +0200
----------------------------------------------------------------------
.../com/cloud/server/ManagementServerImpl.java | 111 +++++++++++++------
1 file changed, 80 insertions(+), 31 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/968e71ad/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 8b9f97f..948a84d 100644
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -947,7 +947,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean archiveEvents(ArchiveEventsCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -974,7 +974,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteEvents(DeleteEventsCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -1098,8 +1098,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Ternary<Pair<List<? extends Host>, Integer>, List<? extends Host>, Map<Host, Boolean>> listHostsForMigrationOfVM(Long vmId, Long startIndex, Long pageSize) {
- // access check - only root admin can migrate VM
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the VM");
@@ -1276,8 +1275,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Pair<List<? extends StoragePool>, List<? extends StoragePool>> listStoragePoolsForMigrationOfVolume(Long volumeId) {
- // Access check - only root administrator can migrate volumes.
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the volume");
@@ -1766,7 +1764,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
List<Long> permittedAccounts = new ArrayList<Long>();
ListProjectResourcesCriteria listProjectResourcesCriteria = null;
if (isAllocated) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
cmd.getDomainId(), cmd.isRecursive(), null);
@@ -2259,8 +2257,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
throw new InvalidParameterValueException("ROOT domain can not be edited with a new name");
}
- // check permissions
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
_accountMgr.checkAccess(caller, domain);
// domain name is unique under the parent domain
@@ -3311,7 +3308,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public ArrayList<String> getCloudIdentifierResponse(long userId) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
// verify that user exists
User user = _accountMgr.getUserIncludingRemoved(userId);
@@ -3351,7 +3348,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
public Map<String, Object> listCapabilities(ListCapabilitiesCmd cmd) {
Map<String, Object> capabilities = new HashMap<String, Object>();
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
boolean securityGroupsEnabled = false;
boolean elasticLoadBalancerEnabled = false;
boolean KVMSnapshotEnabled = false;
@@ -3417,7 +3414,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public InstanceGroupVO updateVmGroup(UpdateVMGroupCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
Long groupId = cmd.getId();
String groupName = cmd.getGroupName();
@@ -3535,7 +3532,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@@ -3559,7 +3556,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteSSHKeyPair(DeleteSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@@ -3587,7 +3584,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
String name = cmd.getName();
String fingerPrint = cmd.getFingerprint();
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> permittedAccounts = new ArrayList<Long>();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
@@ -3619,35 +3616,87 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
@ActionEvent(eventType = EventTypes.EVENT_REGISTER_SSH_KEYPAIR, eventDescription = "registering ssh keypair", async = true)
public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account owner = getOwner(cmd);
+ checkForKeyByName(cmd, owner);
+ checkForKeyByPublicKey(cmd, owner);
- Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
-
- SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
- if (existingPair != null) {
- throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
+ String name = cmd.getName();
+ String key = cmd.getPublicKey();
+ try {
+ key = URLDecoder.decode(key, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
}
+ String publicKey = getPublicKeyFromKeyKeyMaterial(key);
+ String fingerprint = getFingerprint(publicKey);
- existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
+ return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+ }
+
+ /**
+ * @param cmd
+ * @param owner
+ * @throws InvalidParameterValueException
+ */
+ private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+ SSHKeyPairVO existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
}
+ }
- String name = cmd.getName();
- String key = cmd.getPublicKey();
- try {
- key = URLDecoder.decode(key, "UTF-8");
- } catch (UnsupportedEncodingException e) {
+ /**
+ * @param cmd
+ * @param owner
+ * @throws InvalidParameterValueException
+ */
+ private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+ SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
+ if (existingPair != null) {
+ throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
}
+ }
+
+ /**
+ * @param publicKey
+ * @return
+ */
+ private String getFingerprint(String publicKey) {
+ String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+ return fingerprint;
+ }
+
+ /**
+ * @param key
+ * @return
+ * @throws InvalidParameterValueException
+ */
+ private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParameterValueException {
String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(key);
if (publicKey == null) {
throw new InvalidParameterValueException("Public key is invalid");
}
+ return publicKey;
+ }
- String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+ /**
+ * @param cmd
+ * @return
+ */
+ private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+ Account caller = getCaller();
- return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+ Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
+ return owner;
+ }
+
+ /**
+ * @return
+ */
+ private Account getCaller() {
+ Account caller = CallContext.current().getCallingAccount();
+ return caller;
}
private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, String publicKey, String privateKey, Account owner) {
@@ -3667,7 +3716,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public String getVMPassword(GetVMPasswordCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
UserVmVO vm = _userVmDao.findById(cmd.getId());
if (vm == null) {
@@ -3843,7 +3892,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
}
private VirtualMachine upgradeStoppedSystemVm(Long systemVmId, Long serviceOfferingId, Map<String, String> customparameters) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
VMInstanceVO systemVm = _vmInstanceDao.findByIdTypes(systemVmId, VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm);
if (systemVm == null) {