You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by pr...@apache.org on 2014/02/26 02:05:42 UTC
[09/18] iam/plugin: Rename Acl to IAM everywhere
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
new file mode 100644
index 0000000..54408a6
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDao.java
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMGroupDao extends GenericDao<IAMGroupVO, Long> {
+
+ IAMGroup findByName(String path, String groupName);
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
new file mode 100644
index 0000000..45be0b3
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupDaoImpl.java
@@ -0,0 +1,59 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
+import org.springframework.stereotype.Component;
+
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+public class IAMGroupDaoImpl extends GenericDaoBase<IAMGroupVO, Long> implements IAMGroupDao {
+ private SearchBuilder<IAMGroupVO> nameSearch;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ nameSearch = createSearchBuilder();
+ nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
+ nameSearch.and("path", nameSearch.entity().getPath(), SearchCriteria.Op.EQ);
+ nameSearch.done();
+
+
+ return true;
+ }
+
+ @Override
+ public IAMGroup findByName(String path, String name) {
+ SearchCriteria<IAMGroupVO> sc = nameSearch.create();
+ sc.setParameters("name", name);
+ if (path != null) {
+ sc.setParameters("path", path);
+ }
+ return findOneBy(sc);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
new file mode 100644
index 0000000..6a2df89
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDao.java
@@ -0,0 +1,16 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.iam.server.IAMGroupPolicyMapVO;
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMGroupPolicyMapDao extends GenericDao<IAMGroupPolicyMapVO, Long> {
+
+ List<IAMGroupPolicyMapVO> listByGroupId(long groupId);
+
+ List<IAMGroupPolicyMapVO> listByPolicyId(long policyId);
+
+ IAMGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId);
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
new file mode 100644
index 0000000..95b6bac
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupPolicyMapDaoImpl.java
@@ -0,0 +1,61 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.server.IAMGroupPolicyMapVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+public class IAMGroupPolicyMapDaoImpl extends GenericDaoBase<IAMGroupPolicyMapVO, Long> implements IAMGroupPolicyMapDao {
+
+ private SearchBuilder<IAMGroupPolicyMapVO> ListByGroupId;
+ private SearchBuilder<IAMGroupPolicyMapVO> ListByPolicyId;
+ private SearchBuilder<IAMGroupPolicyMapVO> findByPolicyGroupId;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ ListByGroupId = createSearchBuilder();
+ ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+ ListByGroupId.done();
+
+ ListByPolicyId = createSearchBuilder();
+ ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ ListByPolicyId.done();
+
+ findByPolicyGroupId = createSearchBuilder();
+ findByPolicyGroupId.and("policyId", findByPolicyGroupId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ findByPolicyGroupId.and("groupId", findByPolicyGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+ findByPolicyGroupId.done();
+
+ return true;
+ }
+
+ @Override
+ public List<IAMGroupPolicyMapVO> listByGroupId(long groupId) {
+ SearchCriteria<IAMGroupPolicyMapVO> sc = ListByGroupId.create();
+ sc.setParameters("groupId", groupId);
+ return listBy(sc);
+ }
+
+ @Override
+ public List<IAMGroupPolicyMapVO> listByPolicyId(long policyId) {
+ SearchCriteria<IAMGroupPolicyMapVO> sc = ListByPolicyId.create();
+ sc.setParameters("policyId", policyId);
+ return listBy(sc);
+ }
+
+ @Override
+ public IAMGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId) {
+ SearchCriteria<IAMGroupPolicyMapVO> sc = findByPolicyGroupId.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("groupId", groupId);
+ return findOneBy(sc);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
new file mode 100644
index 0000000..ace7d85
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDao.java
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMPolicyDao extends GenericDao<IAMPolicyVO, Long> {
+
+ IAMPolicy findByName(String policyName);
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
new file mode 100644
index 0000000..293cf6f
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyDaoImpl.java
@@ -0,0 +1,57 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
+import org.springframework.stereotype.Component;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+public class IAMPolicyDaoImpl extends GenericDaoBase<IAMPolicyVO, Long> implements IAMPolicyDao {
+ private SearchBuilder<IAMPolicyVO> nameSearch;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ nameSearch = createSearchBuilder();
+ nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
+ // nameSearch.and("domainId", nameSearch.entity().getDomainId(),
+ // SearchCriteria.Op.EQ);
+ nameSearch.done();
+
+
+ return true;
+ }
+
+ @Override
+ public IAMPolicy findByName(String name) {
+ SearchCriteria<IAMPolicyVO> sc = nameSearch.create();
+ sc.setParameters("name", name);
+
+ return findOneBy(sc);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
new file mode 100644
index 0000000..cdcb02b
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDao.java
@@ -0,0 +1,39 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+import java.util.List;
+
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
+import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMPolicyPermissionDao extends GenericDao<IAMPolicyPermissionVO, Long> {
+
+ List<IAMPolicyPermissionVO> listByPolicy(long policyId);
+
+ IAMPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
+ String action, Permission perm);
+
+ List<IAMPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope);
+
+ List<IAMPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType);
+
+ List<IAMPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType, String entityType);
+
+ List<IAMPolicyPermissionVO> listByEntity(String entityType, Long entityId);
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
new file mode 100644
index 0000000..3f976cf
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMPolicyPermissionDaoImpl.java
@@ -0,0 +1,129 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
+import org.apache.cloudstack.iam.server.IAMPolicyPermissionVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+public class IAMPolicyPermissionDaoImpl extends GenericDaoBase<IAMPolicyPermissionVO, Long> implements
+ IAMPolicyPermissionDao {
+
+ private SearchBuilder<IAMPolicyPermissionVO> policyIdSearch;
+ private SearchBuilder<IAMPolicyPermissionVO> fullSearch;
+ private SearchBuilder<IAMPolicyPermissionVO> actionScopeSearch;
+ private SearchBuilder<IAMPolicyPermissionVO> entitySearch;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ policyIdSearch = createSearchBuilder();
+ policyIdSearch.and("policyId", policyIdSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ policyIdSearch.done();
+
+ fullSearch = createSearchBuilder();
+ fullSearch.and("policyId", fullSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ fullSearch.and("entityType", fullSearch.entity().getEntityType(), SearchCriteria.Op.EQ);
+ fullSearch.and("scope", fullSearch.entity().getScope(), SearchCriteria.Op.EQ);
+ fullSearch.and("scopeId", fullSearch.entity().getScopeId(), SearchCriteria.Op.EQ);
+ fullSearch.and("action", fullSearch.entity().getAction(), SearchCriteria.Op.EQ);
+ fullSearch.and("permission", fullSearch.entity().getPermission(), SearchCriteria.Op.EQ);
+ fullSearch.and("accessType", fullSearch.entity().getAccessType(), SearchCriteria.Op.EQ);
+ fullSearch.done();
+
+ actionScopeSearch = createSearchBuilder();
+ actionScopeSearch.and("policyId", actionScopeSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ actionScopeSearch.and("scope", actionScopeSearch.entity().getScope(), SearchCriteria.Op.EQ);
+ actionScopeSearch.and("action", actionScopeSearch.entity().getAction(), SearchCriteria.Op.EQ);
+ actionScopeSearch.and("permission", actionScopeSearch.entity().getPermission(), SearchCriteria.Op.EQ);
+ actionScopeSearch.done();
+
+ entitySearch = createSearchBuilder();
+ entitySearch.and("entityType", entitySearch.entity().getEntityType(), SearchCriteria.Op.EQ);
+ entitySearch.and("scopeId", entitySearch.entity().getScopeId(), SearchCriteria.Op.EQ);
+ entitySearch.done();
+
+ return true;
+ }
+
+ @Override
+ public List<IAMPolicyPermissionVO> listByPolicy(long policyId) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = policyIdSearch.create();
+ sc.setParameters("policyId", policyId);
+ return listBy(sc);
+ }
+
+ @Override
+ public IAMPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
+ String action, Permission perm) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("entityType", entityType);
+ sc.setParameters("scope", scope);
+ sc.setParameters("scopeId", scopeId);
+ sc.setParameters("action", action);
+ sc.setParameters("permission", perm);
+ return findOneBy(sc);
+ }
+
+ @Override
+ public List<IAMPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = actionScopeSearch.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("action", action);
+ sc.setParameters("scope", scope);
+ sc.setParameters("permission", Permission.Allow);
+ return listBy(sc);
+ }
+
+ @Override
+ public List<IAMPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("entityType", entityType);
+ sc.setParameters("action", action);
+ return listBy(sc);
+ }
+
+ @Override
+ public List<IAMPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType,
+ String entityType) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("entityType", entityType);
+ sc.setParameters("accessType", accessType);
+ return listBy(sc);
+ }
+
+ @Override
+ public List<IAMPolicyPermissionVO> listByEntity(String entityType, Long entityId) {
+ SearchCriteria<IAMPolicyPermissionVO> sc = fullSearch.create();
+ sc.setParameters("entityType", entityType);
+ sc.setParameters("scopeId", entityId);
+ return listBy(sc);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
----------------------------------------------------------------------
diff --git a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
index 01eab61..8760199 100644
--- a/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
+++ b/services/iam/server/test/org/apache/cloudstack/iam/IAMServiceUnitTest.java
@@ -45,18 +45,18 @@ import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.support.AnnotationConfigContextLoader;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
import org.apache.cloudstack.iam.api.IAMService;
-import org.apache.cloudstack.iam.server.AclGroupVO;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
+import org.apache.cloudstack.iam.server.IAMGroupVO;
+import org.apache.cloudstack.iam.server.IAMPolicyVO;
import org.apache.cloudstack.iam.server.IAMServiceImpl;
-import org.apache.cloudstack.iam.server.dao.AclAccountPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupAccountMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyPermissionDao;
+import org.apache.cloudstack.iam.server.dao.IAMAccountPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupAccountMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyPermissionDao;
import org.apache.cloudstack.test.utils.SpringUtils;
import com.cloud.exception.InvalidParameterValueException;
@@ -72,22 +72,22 @@ public class IAMServiceUnitTest {
IAMService _iamService;
@Inject
- AclPolicyDao _aclPolicyDao;
+ IAMPolicyDao _aclPolicyDao;
@Inject
- AclGroupDao _aclGroupDao;
+ IAMGroupDao _aclGroupDao;
@Inject
EntityManager _entityMgr;
@Inject
- AclGroupPolicyMapDao _aclGroupPolicyMapDao;
+ IAMGroupPolicyMapDao _aclGroupPolicyMapDao;
@Inject
- AclGroupAccountMapDao _aclGroupAccountMapDao;
+ IAMGroupAccountMapDao _aclGroupAccountMapDao;
@Inject
- AclPolicyPermissionDao _policyPermissionDao;
+ IAMPolicyPermissionDao _policyPermissionDao;
@BeforeClass
public static void setUpClass() throws ConfigurationException {
@@ -96,15 +96,15 @@ public class IAMServiceUnitTest {
@Before
public void setUp() {
ComponentContext.initComponentsLifeCycle();
- AclGroupVO group = new AclGroupVO("group1", "my first group");
- Mockito.when(_aclGroupDao.persist(Mockito.any(AclGroupVO.class))).thenReturn(group);
- List<AclGroupVO> groups = new ArrayList<AclGroupVO>();
+ IAMGroupVO group = new IAMGroupVO("group1", "my first group");
+ Mockito.when(_aclGroupDao.persist(Mockito.any(IAMGroupVO.class))).thenReturn(group);
+ List<IAMGroupVO> groups = new ArrayList<IAMGroupVO>();
groups.add(group);
when(_aclGroupDao.search(Mockito.any(SearchCriteria.class), Mockito.any(com.cloud.utils.db.Filter.class)))
.thenReturn(groups);
- AclPolicyVO policy = new AclPolicyVO("policy1", "my first policy");
- Mockito.when(_aclPolicyDao.persist(Mockito.any(AclPolicyVO.class))).thenReturn(policy);
+ IAMPolicyVO policy = new IAMPolicyVO("policy1", "my first policy");
+ Mockito.when(_aclPolicyDao.persist(Mockito.any(IAMPolicyVO.class))).thenReturn(policy);
}
@@ -114,13 +114,13 @@ public class IAMServiceUnitTest {
@Test(expected = InvalidParameterValueException.class)
public void createAclGroupTest() {
- AclGroup group = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+ IAMGroup group = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
assertNotNull("Acl group 'group1' failed to create ", group);
- AclGroupVO group2 = new AclGroupVO("group1", "my second group");
+ IAMGroupVO group2 = new IAMGroupVO("group1", "my second group");
when(_aclGroupDao.findByName(eq("/root/mydomain"), eq("group1"))).thenReturn(group2);
- AclGroup group3 = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
+ IAMGroup group3 = _iamService.createAclGroup("group1", "my first group", "/root/mydomain");
}
@Test(expected = InvalidParameterValueException.class)
@@ -132,7 +132,7 @@ public class IAMServiceUnitTest {
@Test
public void accountGroupMaptest() {
// create group
- AclGroupVO group = new AclGroupVO("group1", "my first group");
+ IAMGroupVO group = new IAMGroupVO("group1", "my first group");
// add account to group
List<Long> accountIds = new ArrayList<Long>();
@@ -145,10 +145,10 @@ public class IAMServiceUnitTest {
@Test(expected = InvalidParameterValueException.class)
public void createAclPolicyTest() {
- AclPolicy policy = _iamService.createAclPolicy("policy1", "my first policy", null, "/root/mydomain");
+ IAMPolicy policy = _iamService.createAclPolicy("policy1", "my first policy", null, "/root/mydomain");
assertNotNull("Acl policy 'policy1' failed to create ", policy);
- AclPolicyVO rvo = new AclPolicyVO("policy2", "second policy");
+ IAMPolicyVO rvo = new IAMPolicyVO("policy2", "second policy");
when(_aclPolicyDao.findByName(eq("policy2"))).thenReturn(rvo);
_iamService.createAclPolicy("policy2", "second policy", null, "/root/mydomain");
@@ -165,13 +165,13 @@ public class IAMServiceUnitTest {
public static class TestConfiguration extends SpringUtils.CloudStackTestConfiguration {
@Bean
- public AclPolicyDao aclPolicyDao() {
- return Mockito.mock(AclPolicyDao.class);
+ public IAMPolicyDao aclPolicyDao() {
+ return Mockito.mock(IAMPolicyDao.class);
}
@Bean
- public AclGroupDao aclGroupDao() {
- return Mockito.mock(AclGroupDao.class);
+ public IAMGroupDao aclGroupDao() {
+ return Mockito.mock(IAMGroupDao.class);
}
@Bean
@@ -180,23 +180,23 @@ public class IAMServiceUnitTest {
}
@Bean
- public AclGroupPolicyMapDao aclGroupPolicyMapDao() {
- return Mockito.mock(AclGroupPolicyMapDao.class);
+ public IAMGroupPolicyMapDao aclGroupPolicyMapDao() {
+ return Mockito.mock(IAMGroupPolicyMapDao.class);
}
@Bean
- public AclGroupAccountMapDao aclGroupAccountMapDao() {
- return Mockito.mock(AclGroupAccountMapDao.class);
+ public IAMGroupAccountMapDao aclGroupAccountMapDao() {
+ return Mockito.mock(IAMGroupAccountMapDao.class);
}
@Bean
- public AclAccountPolicyMapDao aclAccountPolicyMapDao() {
- return Mockito.mock(AclAccountPolicyMapDao.class);
+ public IAMAccountPolicyMapDao aclAccountPolicyMapDao() {
+ return Mockito.mock(IAMAccountPolicyMapDao.class);
}
@Bean
- public AclPolicyPermissionDao aclPolicyPermissionDao() {
- return Mockito.mock(AclPolicyPermissionDao.class);
+ public IAMPolicyPermissionDao aclPolicyPermissionDao() {
+ return Mockito.mock(IAMPolicyPermissionDao.class);
}
public static class Library implements TypeFilter {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/setup/db/db/schema-430to440.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-430to440.sql b/setup/db/db/schema-430to440.sql
index 4ce7ba9..917a954 100644
--- a/setup/db/db/schema-430to440.sql
+++ b/setup/db/db/schema-430to440.sql
@@ -447,7 +447,7 @@ CREATE VIEW `cloud`.`user_vm_view` AS
`cloud`.`user_vm_details` `custom_ram_size` ON (((`custom_ram_size`.`vm_id` = `cloud`.`vm_instance`.`id`) and (`custom_ram_size`.`name` = 'memory')));
-- ACL DB schema
-CREATE TABLE `cloud`.`acl_group` (
+CREATE TABLE `cloud`.`iam_group` (
`id` bigint unsigned NOT NULL UNIQUE auto_increment,
`name` varchar(255) NOT NULL,
`description` varchar(255) default NULL,
@@ -458,23 +458,23 @@ CREATE TABLE `cloud`.`acl_group` (
`removed` datetime COMMENT 'date the group was removed',
`created` datetime COMMENT 'date the group was created',
PRIMARY KEY (`id`),
- INDEX `i_acl_group__removed`(`removed`),
- CONSTRAINT `uc_acl_group__uuid` UNIQUE (`uuid`)
+ INDEX `i_iam_group__removed`(`removed`),
+ CONSTRAINT `uc_iam_group__uuid` UNIQUE (`uuid`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
-CREATE TABLE `cloud`.`acl_group_account_map` (
+CREATE TABLE `cloud`.`iam_group_account_map` (
`id` bigint unsigned NOT NULL auto_increment,
`group_id` bigint unsigned NOT NULL,
`account_id` bigint unsigned NOT NULL,
`removed` datetime COMMENT 'date the account was removed from the group',
`created` datetime COMMENT 'date the account was assigned to the group',
PRIMARY KEY (`id`),
- CONSTRAINT `fk_acl_group_vm_map__group_id` FOREIGN KEY(`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
- CONSTRAINT `fk_acl_group_vm_map__account_id` FOREIGN KEY(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE
+ CONSTRAINT `fk_iam_group_vm_map__group_id` FOREIGN KEY(`group_id`) REFERENCES `iam_group` (`id`) ON DELETE CASCADE,
+ CONSTRAINT `fk_iam_group_vm_map__account_id` FOREIGN KEY(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-CREATE TABLE `cloud`.`acl_policy` (
+CREATE TABLE `cloud`.`iam_policy` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(255) NOT NULL,
`description` varchar(255) DEFAULT NULL,
@@ -486,37 +486,37 @@ CREATE TABLE `cloud`.`acl_policy` (
`policy_type` varchar(64) DEFAULT 'Static' COMMENT 'Static or Dynamic',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`),
- UNIQUE KEY `uc_acl_policy__uuid` (`uuid`),
- KEY `i_acl_policy__removed` (`removed`)
+ UNIQUE KEY `uc_iam_policy__uuid` (`uuid`),
+ KEY `i_iam_policy__removed` (`removed`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
-CREATE TABLE `cloud`.`acl_group_policy_map` (
+CREATE TABLE `cloud`.`iam_group_policy_map` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`group_id` bigint(20) unsigned NOT NULL,
`policy_id` bigint(20) unsigned NOT NULL,
`removed` datetime DEFAULT NULL COMMENT 'date the policy was revoked from the group',
`created` datetime DEFAULT NULL COMMENT 'date the policy was attached to the group',
PRIMARY KEY (`id`),
- KEY `fk_acl_group_policy_map__group_id` (`group_id`),
- KEY `fk_acl_group_policy_map__policy_id` (`policy_id`),
- CONSTRAINT `fk_acl_group_policy_map__group_id` FOREIGN KEY (`group_id`) REFERENCES `acl_group` (`id`) ON DELETE CASCADE,
- CONSTRAINT `fk_acl_group_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+ KEY `fk_iam_group_policy_map__group_id` (`group_id`),
+ KEY `fk_iam_group_policy_map__policy_id` (`policy_id`),
+ CONSTRAINT `fk_iam_group_policy_map__group_id` FOREIGN KEY (`group_id`) REFERENCES `iam_group` (`id`) ON DELETE CASCADE,
+ CONSTRAINT `fk_iam_group_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-CREATE TABLE `cloud`.`acl_account_policy_map` (
+CREATE TABLE `cloud`.`iam_account_policy_map` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`account_id` bigint(20) unsigned NOT NULL,
`policy_id` bigint(20) unsigned NOT NULL,
`removed` datetime DEFAULT NULL COMMENT 'date the policy was revoked from the account',
`created` datetime DEFAULT NULL COMMENT 'date the policy was attached to the account',
PRIMARY KEY (`id`),
- KEY `fk_acl_account_policy_map__account_id` (`account_id`),
- KEY `fk_acl_account_policy_map__policy_id` (`policy_id`),
- CONSTRAINT `fk_acl_account_policy_map__account_id` FOREIGN KEY (`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE,
- CONSTRAINT `fk_acl_account_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+ KEY `fk_iam_account_policy_map__account_id` (`account_id`),
+ KEY `fk_iam_account_policy_map__policy_id` (`policy_id`),
+ CONSTRAINT `fk_iam_account_policy_map__account_id` FOREIGN KEY (`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE,
+ CONSTRAINT `fk_iam_account_policy_map__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-CREATE TABLE `cloud`.`acl_policy_permission` (
+CREATE TABLE `cloud`.`iam_policy_permission` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`policy_id` bigint(20) unsigned NOT NULL,
`action` varchar(100) NOT NULL,
@@ -530,30 +530,30 @@ CREATE TABLE `cloud`.`acl_policy_permission` (
`created` datetime DEFAULT NULL COMMENT 'date the permission was granted',
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`),
- KEY `fk_acl_policy_permission__policy_id` (`policy_id`),
- CONSTRAINT `fk_acl_policy_permission__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `acl_policy` (`id`) ON DELETE CASCADE
+ KEY `fk_iam_policy_permission__policy_id` (`policy_id`),
+ CONSTRAINT `fk_iam_policy_permission__policy_id` FOREIGN KEY (`policy_id`) REFERENCES `iam_policy` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (1, 'NORMAL', 'Domain user role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (2, 'ADMIN', 'Root admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), '/', 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), '/', 1, Now(), 'Dynamic');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (1, 'NORMAL', 'Domain user role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (2, 'ADMIN', 'Root admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), '/', 1, Now(), 'Static');
+INSERT IGNORE INTO `cloud`.`iam_policy` (id, name, description, uuid, path, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), '/', 1, Now(), 'Dynamic');
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (2, 'ADMIN', 'Root admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin group', UUID(), '/', 1, Now());
-INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, path, account_id, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (2, 'ADMIN', 'Root admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin group', UUID(), '/', 1, Now());
+INSERT IGNORE INTO `cloud`.`iam_group` (id, name, description, uuid, path, account_id, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin group', UUID(), '/', 1, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(1, 1, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(2, 2, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(3, 3, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(4, 4, Now());
-INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(5, 5, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(1, 1, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(2, 2, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(3, 3, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(4, 4, Now());
+INSERT INTO `cloud`.`iam_group_policy_map` (group_id, policy_id, created) values(5, 5, Now());
INSERT INTO `cloud`.`configuration`(category, instance, component, name, value, description, default_value) VALUES ('NetworkManager', 'DEFAULT', 'management-server', 'vm.network.nic.max.secondary.ipaddresses', NULL, 'Specify the number of secondary ip addresses per nic per vm', '256') ON DUPLICATE KEY UPDATE category='NetworkManager';