You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by Darren Shepherd <da...@gmail.com> on 2013/10/25 00:06:56 UTC

Review Request 14914: Make commands.properties optional for non-ACS code

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14914/
-----------------------------------------------------------

Review request for cloudstack and Chris Suich.


Repository: cloudstack-git


Description
-------

Currently any new API extension to CloudStack must edit
commands.properties to add the appropriate ACLs.  This generally works
fine for ACS as we control the contents of that file and distribute
all the code ourself.  The hang up comes when somebody develops code
outside of ACS and want to add their code to an existing ACS
installation.  The Spring work that has been done has made this much
easier, but you are still required to manually edit
commands.properties.  This change introduces the following logic.

First check commands.properties for ACL info.  If ACL info exists, use
that to authorize the command.  If no ACL information exists (ie
null), then look at the @APICommand annotation.  The defaults of


Diffs
-----

  api/src/org/apache/cloudstack/api/APICommand.java 4d024c1 
  plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java affcf91 

Diff: https://reviews.apache.org/r/14914/diff/


Testing
-------


Thanks,

Darren Shepherd

Re: Review Request 14914: Make commands.properties optional for non-ACS code

Posted by Chiradeep Vittal <ch...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14914/#review27538
-----------------------------------------------------------

Ship it!


- Chiradeep Vittal


On Oct. 24, 2013, 10:06 p.m., Darren Shepherd wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/14914/
> -----------------------------------------------------------
> 
> (Updated Oct. 24, 2013, 10:06 p.m.)
> 
> 
> Review request for cloudstack and Chris Suich.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> -------
> 
> Currently any new API extension to CloudStack must edit
> commands.properties to add the appropriate ACLs.  This generally works
> fine for ACS as we control the contents of that file and distribute
> all the code ourself.  The hang up comes when somebody develops code
> outside of ACS and want to add their code to an existing ACS
> installation.  The Spring work that has been done has made this much
> easier, but you are still required to manually edit
> commands.properties.  This change introduces the following logic.
> 
> First check commands.properties for ACL info.  If ACL info exists, use
> that to authorize the command.  If no ACL information exists (ie
> null), then look at the @APICommand annotation.  The defaults of
> 
> 
> Diffs
> -----
> 
>   api/src/org/apache/cloudstack/api/APICommand.java 4d024c1 
>   plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java affcf91 
> 
> Diff: https://reviews.apache.org/r/14914/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Darren Shepherd
> 
>

Re: Review Request 14914: Make commands.properties optional for non-ACS code

Posted by Chris Suich <ch...@netapp.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/14914/#review27529
-----------------------------------------------------------

Ship it!


Works great!

- Chris Suich


On Oct. 24, 2013, 10:06 p.m., Darren Shepherd wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/14914/
> -----------------------------------------------------------
> 
> (Updated Oct. 24, 2013, 10:06 p.m.)
> 
> 
> Review request for cloudstack and Chris Suich.
> 
> 
> Repository: cloudstack-git
> 
> 
> Description
> -------
> 
> Currently any new API extension to CloudStack must edit
> commands.properties to add the appropriate ACLs.  This generally works
> fine for ACS as we control the contents of that file and distribute
> all the code ourself.  The hang up comes when somebody develops code
> outside of ACS and want to add their code to an existing ACS
> installation.  The Spring work that has been done has made this much
> easier, but you are still required to manually edit
> commands.properties.  This change introduces the following logic.
> 
> First check commands.properties for ACL info.  If ACL info exists, use
> that to authorize the command.  If no ACL information exists (ie
> null), then look at the @APICommand annotation.  The defaults of
> 
> 
> Diffs
> -----
> 
>   api/src/org/apache/cloudstack/api/APICommand.java 4d024c1 
>   plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java affcf91 
> 
> Diff: https://reviews.apache.org/r/14914/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Darren Shepherd
> 
>