You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/03/12 00:31:41 UTC
git commit: updated refs/heads/rbac to f2d4b4d
Repository: cloudstack
Updated Branches:
refs/heads/rbac b554d4ac1 -> f2d4b4d60
Use IAMService to populate group-account association for system/admin
account to solve unit test failure.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/f2d4b4d6
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/f2d4b4d6
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/f2d4b4d6
Branch: refs/heads/rbac
Commit: f2d4b4d60e46a9c847947c758e490365f2008ee8
Parents: b554d4a
Author: Min Chen <mi...@citrix.com>
Authored: Tue Mar 11 16:31:03 2014 -0700
Committer: Min Chen <mi...@citrix.com>
Committed: Tue Mar 11 16:31:03 2014 -0700
----------------------------------------------------------------------
.../cloudstack/iam/IAMApiServiceImpl.java | 102 +++----------------
1 file changed, 13 insertions(+), 89 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/f2d4b4d6/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
index 9e941f2..69f669c 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
@@ -16,9 +16,6 @@
// under the License.
package org.apache.cloudstack.iam;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -114,11 +111,6 @@ import com.cloud.utils.component.Manager;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.EntityManager;
-import com.cloud.utils.db.Transaction;
-import com.cloud.utils.db.TransactionCallbackNoReturn;
-import com.cloud.utils.db.TransactionLegacy;
-import com.cloud.utils.db.TransactionStatus;
-import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.vm.InstanceGroupVO;
import com.cloud.vm.VMInstanceVO;
import com.cloud.vm.dao.NicIpAliasVO;
@@ -199,10 +191,6 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
@Override
public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException {
- // populate group <-> account association if not present for CS admin
- // and system accounts
- populateIAMGroupAdminAccountMap();
-
_messageBus.subscribe(AccountManager.MESSAGE_ADD_ACCOUNT_EVENT, new MessageSubscriber() {
@Override
public void onPublishMessage(String senderAddress, String subject, Object obj) {
@@ -351,86 +339,22 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
return super.configure(name, params);
}
- private void populateIAMGroupAdminAccountMap() {
-
- Transaction.execute(new TransactionCallbackNoReturn() {
- @Override
- public void doInTransactionWithoutResult(TransactionStatus status) {
- TransactionLegacy txn = TransactionLegacy.currentTxn();
-
- String searchQuery = "Select id from `cloud`.`iam_group_account_map` where account_id = ? and removed is null";
- ResultSet rs = null;
- PreparedStatement acctQuery = null;
- PreparedStatement acctInsert = null;
- // find if the system account is present in the map
- try {
- acctQuery = txn.prepareAutoCloseStatement(searchQuery);
- acctQuery.setLong(1, Account.ACCOUNT_ID_SYSTEM);
-
- rs = acctQuery.executeQuery();
- if (!rs.next()) {
- acctInsert = txn
- .prepareAutoCloseStatement("INSERT INTO `cloud`.`iam_group_account_map` (group_id, account_id, created) values(?, ?, Now())");
- // insert entry in iam_group_account_map table
- acctInsert.setLong(1, Account.ACCOUNT_TYPE_ADMIN + 1);
- acctInsert.setLong(2, Account.ACCOUNT_ID_SYSTEM);
- acctInsert.executeUpdate();
- }
- } catch (SQLException ex) {
- String msg = "Unable to populate iam_group_account_map for SYSTEM account." + ex.getMessage();
- s_logger.error(msg);
- throw new CloudRuntimeException(msg, ex);
- } finally {
- try {
- if (acctInsert != null) {
- acctInsert.close();
- }
- if (rs != null) {
- rs.close();
- }
- if (acctQuery != null) {
- acctQuery.close();
- }
- } catch (SQLException e) {
- }
- }
+ @Override
+ public boolean start() {
+ s_logger.info("Populating IAM group and account association for default accounts...");
- // find if the admin account is present in the map
- try {
- acctQuery = txn.prepareAutoCloseStatement(searchQuery);
- acctQuery.setLong(1, Account.ACCOUNT_ID_SYSTEM + 1);
-
- rs = acctQuery.executeQuery();
- if (!rs.next()) {
- acctInsert = txn
- .prepareAutoCloseStatement("INSERT INTO `cloud`.`iam_group_account_map` (group_id, account_id, created) values(?, ?, Now())");
- // insert entry in iam_group_account_map table
- acctInsert.setLong(1, Account.ACCOUNT_TYPE_ADMIN + 1);
- acctInsert.setLong(2, Account.ACCOUNT_ID_SYSTEM + 1);
- acctInsert.executeUpdate();
- }
- } catch (SQLException ex) {
- String msg = "Unable to populate iam_group_account_map for Admin account." + ex.getMessage();
- s_logger.error(msg);
- throw new CloudRuntimeException(msg, ex);
- } finally {
- try {
- if (acctInsert != null) {
- acctInsert.close();
- }
- if (rs != null) {
- rs.close();
- }
- if (acctQuery != null) {
- acctQuery.close();
- }
- } catch (SQLException e) {
- }
- }
+ // populate group <-> account association if not present for CS admin
+ // and system accounts
+ populateIAMGroupAdminAccountMap();
- }
- });
+ return true;
+ }
+ private void populateIAMGroupAdminAccountMap() {
+ List<Long> sysAccts = new ArrayList<Long>();
+ sysAccts.add(Account.ACCOUNT_ID_SYSTEM);
+ sysAccts.add(Account.ACCOUNT_ID_SYSTEM + 1);
+ _iamSrv.addAccountsToGroup(sysAccts, new Long(Account.ACCOUNT_TYPE_ADMIN + 1));
}
private void addDomainWideResourceAccess(Map<String, Object> params) {