You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ml...@apache.org on 2013/01/10 01:59:35 UTC
[10/50] [abbrv] git commit: api: Refactor move acl to
org.apache.cloudstack
api: Refactor move acl to org.apache.cloudstack
Signed-off-by: Rohit Yadav <bh...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/ed0637b8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/ed0637b8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/ed0637b8
Branch: refs/heads/resizevolume
Commit: ed0637b8c2ef16e353d8a92feed10f18fc701a96
Parents: 6f6ed85
Author: Rohit Yadav <bh...@apache.org>
Authored: Sun Jan 6 15:30:58 2013 -0800
Committer: Rohit Yadav <bh...@apache.org>
Committed: Sun Jan 6 15:30:58 2013 -0800
----------------------------------------------------------------------
api/src/com/cloud/acl/APIAccessChecker.java | 32 -----
api/src/com/cloud/acl/ControlledEntity.java | 33 -----
api/src/com/cloud/acl/Role.java | 33 -----
api/src/com/cloud/acl/SecurityChecker.java | 99 ---------------
api/src/com/cloud/event/Event.java | 2 +-
.../cloud/exception/PermissionDeniedException.java | 2 +-
api/src/com/cloud/network/IpAddress.java | 2 +-
api/src/com/cloud/network/Network.java | 2 +-
api/src/com/cloud/network/PublicIpAddress.java | 2 +-
api/src/com/cloud/network/RemoteAccessVpn.java | 2 +-
.../cloud/network/Site2SiteCustomerGateway.java | 2 +-
.../com/cloud/network/Site2SiteVpnConnection.java | 2 +-
api/src/com/cloud/network/Site2SiteVpnGateway.java | 2 +-
api/src/com/cloud/network/VpnUser.java | 2 +-
api/src/com/cloud/network/as/AutoScalePolicy.java | 2 +-
api/src/com/cloud/network/as/AutoScaleVmGroup.java | 2 +-
.../com/cloud/network/as/AutoScaleVmProfile.java | 2 +-
api/src/com/cloud/network/as/Condition.java | 2 +-
api/src/com/cloud/network/rules/FirewallRule.java | 2 +-
.../com/cloud/network/security/SecurityGroup.java | 2 +-
api/src/com/cloud/network/vpc/StaticRoute.java | 2 +-
api/src/com/cloud/network/vpc/Vpc.java | 2 +-
api/src/com/cloud/network/vpc/VpcGateway.java | 2 +-
api/src/com/cloud/projects/ProjectInvitation.java | 2 +-
api/src/com/cloud/server/ResourceTag.java | 2 +-
api/src/com/cloud/storage/Snapshot.java | 2 +-
api/src/com/cloud/storage/Volume.java | 2 +-
.../com/cloud/template/VirtualMachineTemplate.java | 2 +-
api/src/com/cloud/user/Account.java | 2 +-
api/src/com/cloud/user/AccountService.java | 5 +-
api/src/com/cloud/user/SSHKeyPair.java | 2 +-
api/src/com/cloud/uservm/UserVm.java | 2 +-
api/src/com/cloud/vm/InstanceGroup.java | 2 +-
api/src/com/cloud/vm/VirtualMachine.java | 2 +-
.../apache/cloudstack/acl/APIAccessChecker.java | 32 +++++
.../apache/cloudstack/acl/ControlledEntity.java | 33 +++++
api/src/org/apache/cloudstack/acl/Role.java | 33 +++++
.../org/apache/cloudstack/acl/SecurityChecker.java | 99 +++++++++++++++
.../api/command/user/vm/DeployVMCmd.java | 2 +-
.../cloudstack/api/command/user/vm/StopVMCmd.java | 1 +
client/tomcatconf/components.xml.in | 4 +-
.../acl/StaticRoleBasedAPIAccessChecker.java | 2 +-
.../dns-notifier/resources/components-example.xml | 2 +-
server/src/com/cloud/acl/DomainChecker.java | 2 +
server/src/com/cloud/api/ApiDispatcher.java | 15 +--
server/src/com/cloud/api/ApiResponseHelper.java | 4 +-
server/src/com/cloud/api/ApiServer.java | 4 +-
.../src/com/cloud/api/query/QueryManagerImpl.java | 25 ----
.../cloud/api/query/vo/ControlledViewEntity.java | 2 +-
.../api/response/SecurityGroupResultObject.java | 2 +-
.../configuration/ConfigurationManagerImpl.java | 2 +-
server/src/com/cloud/network/NetworkManager.java | 4 +-
.../src/com/cloud/network/NetworkManagerImpl.java | 15 +--
server/src/com/cloud/network/NetworkVO.java | 4 +-
.../com/cloud/network/as/AutoScaleManagerImpl.java | 2 +-
.../src/com/cloud/network/dao/NetworkDaoImpl.java | 2 +-
.../cloud/network/vpc/NetworkACLManagerImpl.java | 2 +-
server/src/com/cloud/network/vpc/VpcManager.java | 2 +-
.../src/com/cloud/network/vpc/VpcManagerImpl.java | 2 +-
.../src/com/cloud/projects/ProjectManagerImpl.java | 19 +---
.../resourcelimit/ResourceLimitManagerImpl.java | 2 +-
.../src/com/cloud/server/ManagementServerImpl.java | 2 +-
.../com/cloud/template/TemplateManagerImpl.java | 2 +-
server/src/com/cloud/user/AccountManager.java | 2 +-
server/src/com/cloud/user/AccountManagerImpl.java | 9 +-
server/src/com/cloud/vm/UserVmManagerImpl.java | 15 +--
.../com/cloud/network/MockNetworkManagerImpl.java | 2 +-
.../com/cloud/user/MockAccountManagerImpl.java | 7 +-
.../test/com/cloud/vpc/MockNetworkManagerImpl.java | 11 +--
server/test/com/cloud/vpc/MockVpcManagerImpl.java | 4 +-
70 files changed, 277 insertions(+), 355 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/acl/APIAccessChecker.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/acl/APIAccessChecker.java b/api/src/com/cloud/acl/APIAccessChecker.java
deleted file mode 100644
index 9066e74..0000000
--- a/api/src/com/cloud/acl/APIAccessChecker.java
+++ /dev/null
@@ -1,32 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package com.cloud.acl;
-
-import java.util.Properties;
-
-import com.cloud.exception.PermissionDeniedException;
-import com.cloud.user.Account;
-import com.cloud.user.User;
-import com.cloud.utils.component.Adapter;
-
-/**
- * APIAccessChecker checks the ownership and access control to API requests
- */
-public interface APIAccessChecker extends Adapter {
- // Interface for checking access to an API for an user
- boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException;
-}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/acl/ControlledEntity.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/acl/ControlledEntity.java b/api/src/com/cloud/acl/ControlledEntity.java
deleted file mode 100644
index 5ccd8fb..0000000
--- a/api/src/com/cloud/acl/ControlledEntity.java
+++ /dev/null
@@ -1,33 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package com.cloud.acl;
-
-import com.cloud.domain.PartOf;
-import com.cloud.user.OwnedBy;
-
-/**
- * ControlledEntity defines an object for which the access from an
- * access must inherit this interface.
- *
- */
-public interface ControlledEntity extends OwnedBy, PartOf {
- public enum ACLType {
- Account,
- Domain
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/acl/Role.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/acl/Role.java b/api/src/com/cloud/acl/Role.java
deleted file mode 100644
index 8016060..0000000
--- a/api/src/com/cloud/acl/Role.java
+++ /dev/null
@@ -1,33 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package com.cloud.acl;
-
-//metadata - consists of default dynamic roles in CS + any custom roles added by user
-public interface Role {
-
- public static final short ROOT_ADMIN = 0;
- public static final short DOMAIN_ADMIN = 1;
- public static final short DOMAIN_USER = 2;
- public static final short OWNER = 3;
- public static final short PARENT_DOMAIN_ADMIN = 4;
- public static final short PARENT_DOMAIN_USER = 5;
- public static final short CHILD_DOMAIN_ADMIN = 6;
- public static final short CHILD_DOMAIN_USER = 7;
-
- public long getId();
- public short getRoleType();
- }
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/acl/SecurityChecker.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/acl/SecurityChecker.java b/api/src/com/cloud/acl/SecurityChecker.java
deleted file mode 100644
index 4559641..0000000
--- a/api/src/com/cloud/acl/SecurityChecker.java
+++ /dev/null
@@ -1,99 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package com.cloud.acl;
-
-import com.cloud.dc.DataCenter;
-import com.cloud.domain.Domain;
-import com.cloud.exception.PermissionDeniedException;
-import com.cloud.offering.DiskOffering;
-import com.cloud.offering.ServiceOffering;
-import com.cloud.user.Account;
-import com.cloud.user.User;
-import com.cloud.utils.component.Adapter;
-
-/**
- * SecurityChecker checks the ownership and access control to objects within
- */
-public interface SecurityChecker extends Adapter {
-
- public enum AccessType {
- ListEntry,
- ModifyEntry,
- ModifyProject,
- UseNetwork
- }
-
- /**
- * Checks if the account owns the object.
- *
- * @param caller
- * account to check against.
- * @param object
- * object that the account is trying to access.
- * @return true if access allowed. false if this adapter cannot authenticate ownership.
- * @throws PermissionDeniedException
- * if this adapter is suppose to authenticate ownership and the check failed.
- */
- boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException;
-
- /**
- * Checks if the user belongs to an account that owns the object.
- *
- * @param user
- * user to check against.
- * @param object
- * object that the account is trying to access.
- * @return true if access allowed. false if this adapter cannot authenticate ownership.
- * @throws PermissionDeniedException
- * if this adapter is suppose to authenticate ownership and the check failed.
- */
- boolean checkAccess(User user, Domain domain) throws PermissionDeniedException;
-
- /**
- * Checks if the account can access the object.
- *
- * @param caller
- * account to check against.
- * @param entity
- * object that the account is trying to access.
- * @param accessType
- * TODO
- * @return true if access allowed. false if this adapter cannot provide permission.
- * @throws PermissionDeniedException
- * if this adapter is suppose to authenticate ownership and the check failed.
- */
- boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType) throws PermissionDeniedException;
-
- /**
- * Checks if the user belongs to an account that can access the object.
- *
- * @param user
- * user to check against.
- * @param entity
- * object that the account is trying to access.
- * @return true if access allowed. false if this adapter cannot authenticate ownership.
- * @throws PermissionDeniedException
- * if this adapter is suppose to authenticate ownership and the check failed.
- */
- boolean checkAccess(User user, ControlledEntity entity) throws PermissionDeniedException;
-
- boolean checkAccess(Account account, DataCenter zone) throws PermissionDeniedException;
-
- public boolean checkAccess(Account account, ServiceOffering so) throws PermissionDeniedException;
-
- boolean checkAccess(Account account, DiskOffering dof) throws PermissionDeniedException;
-}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/event/Event.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/event/Event.java b/api/src/com/cloud/event/Event.java
index f869c47..1a61636 100644
--- a/api/src/com/cloud/event/Event.java
+++ b/api/src/com/cloud/event/Event.java
@@ -18,7 +18,7 @@ package com.cloud.event;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/exception/PermissionDeniedException.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/exception/PermissionDeniedException.java b/api/src/com/cloud/exception/PermissionDeniedException.java
index 4900afc..638b762 100644
--- a/api/src/com/cloud/exception/PermissionDeniedException.java
+++ b/api/src/com/cloud/exception/PermissionDeniedException.java
@@ -18,7 +18,7 @@ package com.cloud.exception;
import java.util.List;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.user.Account;
import com.cloud.utils.SerialVersionUID;
import com.cloud.utils.exception.CloudRuntimeException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/IpAddress.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/IpAddress.java b/api/src/com/cloud/network/IpAddress.java
index 0d05efb..0ac7f50 100644
--- a/api/src/com/cloud/network/IpAddress.java
+++ b/api/src/com/cloud/network/IpAddress.java
@@ -18,7 +18,7 @@ package com.cloud.network;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.utils.net.Ip;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/Network.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java
index 4801e2a..39a0b26 100644
--- a/api/src/com/cloud/network/Network.java
+++ b/api/src/com/cloud/network/Network.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.network.Networks.BroadcastDomainType;
import com.cloud.network.Networks.Mode;
import com.cloud.network.Networks.TrafficType;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/PublicIpAddress.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/PublicIpAddress.java b/api/src/com/cloud/network/PublicIpAddress.java
index 3810766..21dae54 100644
--- a/api/src/com/cloud/network/PublicIpAddress.java
+++ b/api/src/com/cloud/network/PublicIpAddress.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.dc.Vlan;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/RemoteAccessVpn.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/RemoteAccessVpn.java b/api/src/com/cloud/network/RemoteAccessVpn.java
index 1fe53c4..1b46330 100644
--- a/api/src/com/cloud/network/RemoteAccessVpn.java
+++ b/api/src/com/cloud/network/RemoteAccessVpn.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
public interface RemoteAccessVpn extends ControlledEntity {
enum State {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/Site2SiteCustomerGateway.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Site2SiteCustomerGateway.java b/api/src/com/cloud/network/Site2SiteCustomerGateway.java
index 1d7467b..3a54385 100644
--- a/api/src/com/cloud/network/Site2SiteCustomerGateway.java
+++ b/api/src/com/cloud/network/Site2SiteCustomerGateway.java
@@ -18,7 +18,7 @@ package com.cloud.network;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/Site2SiteVpnConnection.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Site2SiteVpnConnection.java b/api/src/com/cloud/network/Site2SiteVpnConnection.java
index 2eb73ff..810f999 100644
--- a/api/src/com/cloud/network/Site2SiteVpnConnection.java
+++ b/api/src/com/cloud/network/Site2SiteVpnConnection.java
@@ -18,7 +18,7 @@ package com.cloud.network;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.InternalIdentity;
public interface Site2SiteVpnConnection extends ControlledEntity, InternalIdentity {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/Site2SiteVpnGateway.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Site2SiteVpnGateway.java b/api/src/com/cloud/network/Site2SiteVpnGateway.java
index feb3b94..8137913 100644
--- a/api/src/com/cloud/network/Site2SiteVpnGateway.java
+++ b/api/src/com/cloud/network/Site2SiteVpnGateway.java
@@ -18,7 +18,7 @@ package com.cloud.network;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/VpnUser.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/VpnUser.java b/api/src/com/cloud/network/VpnUser.java
index 61e6bf3..ad84e91 100644
--- a/api/src/com/cloud/network/VpnUser.java
+++ b/api/src/com/cloud/network/VpnUser.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/as/AutoScalePolicy.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/as/AutoScalePolicy.java b/api/src/com/cloud/network/as/AutoScalePolicy.java
index 8019036..7f94f35 100644
--- a/api/src/com/cloud/network/as/AutoScalePolicy.java
+++ b/api/src/com/cloud/network/as/AutoScalePolicy.java
@@ -17,7 +17,7 @@
package com.cloud.network.as;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.InternalIdentity;
public interface AutoScalePolicy extends ControlledEntity, InternalIdentity {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/as/AutoScaleVmGroup.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/as/AutoScaleVmGroup.java b/api/src/com/cloud/network/as/AutoScaleVmGroup.java
index 7a32ebe..faa166d 100644
--- a/api/src/com/cloud/network/as/AutoScaleVmGroup.java
+++ b/api/src/com/cloud/network/as/AutoScaleVmGroup.java
@@ -17,7 +17,7 @@
package com.cloud.network.as;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/as/AutoScaleVmProfile.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/as/AutoScaleVmProfile.java b/api/src/com/cloud/network/as/AutoScaleVmProfile.java
index f7dfb7c..3be5a3e 100644
--- a/api/src/com/cloud/network/as/AutoScaleVmProfile.java
+++ b/api/src/com/cloud/network/as/AutoScaleVmProfile.java
@@ -19,7 +19,7 @@ package com.cloud.network.as;
import java.util.List;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.utils.Pair;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/as/Condition.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/as/Condition.java b/api/src/com/cloud/network/as/Condition.java
index 3d36a10..b09dc2e 100644
--- a/api/src/com/cloud/network/as/Condition.java
+++ b/api/src/com/cloud/network/as/Condition.java
@@ -17,7 +17,7 @@
package com.cloud.network.as;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/rules/FirewallRule.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/rules/FirewallRule.java b/api/src/com/cloud/network/rules/FirewallRule.java
index 59f4468..042665c 100644
--- a/api/src/com/cloud/network/rules/FirewallRule.java
+++ b/api/src/com/cloud/network/rules/FirewallRule.java
@@ -18,7 +18,7 @@ package com.cloud.network.rules;
import java.util.List;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/security/SecurityGroup.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/security/SecurityGroup.java b/api/src/com/cloud/network/security/SecurityGroup.java
index b39ccc4..3ac0e7c 100644
--- a/api/src/com/cloud/network/security/SecurityGroup.java
+++ b/api/src/com/cloud/network/security/SecurityGroup.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network.security;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/vpc/StaticRoute.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/vpc/StaticRoute.java b/api/src/com/cloud/network/vpc/StaticRoute.java
index f45691f..ccdbec8 100644
--- a/api/src/com/cloud/network/vpc/StaticRoute.java
+++ b/api/src/com/cloud/network/vpc/StaticRoute.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network.vpc;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/vpc/Vpc.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/vpc/Vpc.java b/api/src/com/cloud/network/vpc/Vpc.java
index d37b12e..9365e56 100644
--- a/api/src/com/cloud/network/vpc/Vpc.java
+++ b/api/src/com/cloud/network/vpc/Vpc.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network.vpc;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.network.Network;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/network/vpc/VpcGateway.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/vpc/VpcGateway.java b/api/src/com/cloud/network/vpc/VpcGateway.java
index e78422d..1756616 100644
--- a/api/src/com/cloud/network/vpc/VpcGateway.java
+++ b/api/src/com/cloud/network/vpc/VpcGateway.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network.vpc;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/projects/ProjectInvitation.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/projects/ProjectInvitation.java b/api/src/com/cloud/projects/ProjectInvitation.java
index bfa3530..ee28222 100644
--- a/api/src/com/cloud/projects/ProjectInvitation.java
+++ b/api/src/com/cloud/projects/ProjectInvitation.java
@@ -18,7 +18,7 @@ package com.cloud.projects;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/server/ResourceTag.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/server/ResourceTag.java b/api/src/com/cloud/server/ResourceTag.java
index 5e82ae4..5ec9f01 100644
--- a/api/src/com/cloud/server/ResourceTag.java
+++ b/api/src/com/cloud/server/ResourceTag.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.server;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/storage/Snapshot.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/storage/Snapshot.java b/api/src/com/cloud/storage/Snapshot.java
index 5405a24..99bdee6 100644
--- a/api/src/com/cloud/storage/Snapshot.java
+++ b/api/src/com/cloud/storage/Snapshot.java
@@ -18,7 +18,7 @@ package com.cloud.storage;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/storage/Volume.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/storage/Volume.java b/api/src/com/cloud/storage/Volume.java
index 747f06f..bfbd816 100755
--- a/api/src/com/cloud/storage/Volume.java
+++ b/api/src/com/cloud/storage/Volume.java
@@ -18,7 +18,7 @@ package com.cloud.storage;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.template.BasedOn;
import com.cloud.utils.fsm.StateMachine2;
import com.cloud.utils.fsm.StateObject;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/template/VirtualMachineTemplate.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/template/VirtualMachineTemplate.java b/api/src/com/cloud/template/VirtualMachineTemplate.java
index 967429c..274b7b6 100755
--- a/api/src/com/cloud/template/VirtualMachineTemplate.java
+++ b/api/src/com/cloud/template/VirtualMachineTemplate.java
@@ -19,7 +19,7 @@ package com.cloud.template;
import java.util.Date;
import java.util.Map;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.storage.Storage.ImageFormat;
import com.cloud.storage.Storage.TemplateType;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/user/Account.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/user/Account.java b/api/src/com/cloud/user/Account.java
index b07883a..a5b3e87 100755
--- a/api/src/com/cloud/user/Account.java
+++ b/api/src/com/cloud/user/Account.java
@@ -18,7 +18,7 @@ package com.cloud.user;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/user/AccountService.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/user/AccountService.java b/api/src/com/cloud/user/AccountService.java
index be4d23b..ce16f5e 100755
--- a/api/src/com/cloud/user/AccountService.java
+++ b/api/src/com/cloud/user/AccountService.java
@@ -19,14 +19,13 @@ package com.cloud.user;
import java.util.List;
import java.util.Map;
-import com.cloud.acl.ControlledEntity;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import org.apache.cloudstack.api.command.admin.user.DeleteUserCmd;
import org.apache.cloudstack.api.command.admin.user.RegisterCmd;
import org.apache.cloudstack.api.command.admin.user.UpdateUserCmd;
import org.apache.cloudstack.api.command.admin.account.UpdateAccountCmd;
-import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
import com.cloud.domain.Domain;
import com.cloud.exception.ConcurrentOperationException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/user/SSHKeyPair.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/user/SSHKeyPair.java b/api/src/com/cloud/user/SSHKeyPair.java
index 8da58e5..aa20c17 100644
--- a/api/src/com/cloud/user/SSHKeyPair.java
+++ b/api/src/com/cloud/user/SSHKeyPair.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.user;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.InternalIdentity;
public interface SSHKeyPair extends ControlledEntity, InternalIdentity {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/uservm/UserVm.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/uservm/UserVm.java b/api/src/com/cloud/uservm/UserVm.java
index 866d849..a587666 100755
--- a/api/src/com/cloud/uservm/UserVm.java
+++ b/api/src/com/cloud/uservm/UserVm.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.uservm;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.vm.VirtualMachine;
/**
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/vm/InstanceGroup.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/vm/InstanceGroup.java b/api/src/com/cloud/vm/InstanceGroup.java
index 4a5bc69..6560b4a 100644
--- a/api/src/com/cloud/vm/InstanceGroup.java
+++ b/api/src/com/cloud/vm/InstanceGroup.java
@@ -18,7 +18,7 @@ package com.cloud.vm;
import java.util.Date;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/com/cloud/vm/VirtualMachine.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/vm/VirtualMachine.java b/api/src/com/cloud/vm/VirtualMachine.java
index 6f084ef..cd30579 100755
--- a/api/src/com/cloud/vm/VirtualMachine.java
+++ b/api/src/com/cloud/vm/VirtualMachine.java
@@ -19,7 +19,7 @@ package com.cloud.vm;
import java.util.Date;
import java.util.Map;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.utils.fsm.StateMachine2;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/acl/APIAccessChecker.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/APIAccessChecker.java b/api/src/org/apache/cloudstack/acl/APIAccessChecker.java
new file mode 100644
index 0000000..3194bd1
--- /dev/null
+++ b/api/src/org/apache/cloudstack/acl/APIAccessChecker.java
@@ -0,0 +1,32 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl;
+
+import java.util.Properties;
+
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.user.Account;
+import com.cloud.user.User;
+import com.cloud.utils.component.Adapter;
+
+/**
+ * APIAccessChecker checks the ownership and access control to API requests
+ */
+public interface APIAccessChecker extends Adapter {
+ // Interface for checking access to an API for an user
+ boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException;
+}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/acl/ControlledEntity.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/ControlledEntity.java b/api/src/org/apache/cloudstack/acl/ControlledEntity.java
new file mode 100644
index 0000000..3e04126
--- /dev/null
+++ b/api/src/org/apache/cloudstack/acl/ControlledEntity.java
@@ -0,0 +1,33 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl;
+
+import com.cloud.domain.PartOf;
+import com.cloud.user.OwnedBy;
+
+/**
+ * ControlledEntity defines an object for which the access from an
+ * access must inherit this interface.
+ *
+ */
+public interface ControlledEntity extends OwnedBy, PartOf {
+ public enum ACLType {
+ Account,
+ Domain
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/acl/Role.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/Role.java b/api/src/org/apache/cloudstack/acl/Role.java
new file mode 100644
index 0000000..d039a6f
--- /dev/null
+++ b/api/src/org/apache/cloudstack/acl/Role.java
@@ -0,0 +1,33 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl;
+
+//metadata - consists of default dynamic roles in CS + any custom roles added by user
+public interface Role {
+
+ public static final short ROOT_ADMIN = 0;
+ public static final short DOMAIN_ADMIN = 1;
+ public static final short DOMAIN_USER = 2;
+ public static final short OWNER = 3;
+ public static final short PARENT_DOMAIN_ADMIN = 4;
+ public static final short PARENT_DOMAIN_USER = 5;
+ public static final short CHILD_DOMAIN_ADMIN = 6;
+ public static final short CHILD_DOMAIN_USER = 7;
+
+ public long getId();
+ public short getRoleType();
+ }
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/acl/SecurityChecker.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/SecurityChecker.java b/api/src/org/apache/cloudstack/acl/SecurityChecker.java
new file mode 100644
index 0000000..3a721fe
--- /dev/null
+++ b/api/src/org/apache/cloudstack/acl/SecurityChecker.java
@@ -0,0 +1,99 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl;
+
+import com.cloud.dc.DataCenter;
+import com.cloud.domain.Domain;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.offering.DiskOffering;
+import com.cloud.offering.ServiceOffering;
+import com.cloud.user.Account;
+import com.cloud.user.User;
+import com.cloud.utils.component.Adapter;
+
+/**
+ * SecurityChecker checks the ownership and access control to objects within
+ */
+public interface SecurityChecker extends Adapter {
+
+ public enum AccessType {
+ ListEntry,
+ ModifyEntry,
+ ModifyProject,
+ UseNetwork
+ }
+
+ /**
+ * Checks if the account owns the object.
+ *
+ * @param caller
+ * account to check against.
+ * @param object
+ * object that the account is trying to access.
+ * @return true if access allowed. false if this adapter cannot authenticate ownership.
+ * @throws PermissionDeniedException
+ * if this adapter is suppose to authenticate ownership and the check failed.
+ */
+ boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException;
+
+ /**
+ * Checks if the user belongs to an account that owns the object.
+ *
+ * @param user
+ * user to check against.
+ * @param object
+ * object that the account is trying to access.
+ * @return true if access allowed. false if this adapter cannot authenticate ownership.
+ * @throws PermissionDeniedException
+ * if this adapter is suppose to authenticate ownership and the check failed.
+ */
+ boolean checkAccess(User user, Domain domain) throws PermissionDeniedException;
+
+ /**
+ * Checks if the account can access the object.
+ *
+ * @param caller
+ * account to check against.
+ * @param entity
+ * object that the account is trying to access.
+ * @param accessType
+ * TODO
+ * @return true if access allowed. false if this adapter cannot provide permission.
+ * @throws PermissionDeniedException
+ * if this adapter is suppose to authenticate ownership and the check failed.
+ */
+ boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType) throws PermissionDeniedException;
+
+ /**
+ * Checks if the user belongs to an account that can access the object.
+ *
+ * @param user
+ * user to check against.
+ * @param entity
+ * object that the account is trying to access.
+ * @return true if access allowed. false if this adapter cannot authenticate ownership.
+ * @throws PermissionDeniedException
+ * if this adapter is suppose to authenticate ownership and the check failed.
+ */
+ boolean checkAccess(User user, ControlledEntity entity) throws PermissionDeniedException;
+
+ boolean checkAccess(Account account, DataCenter zone) throws PermissionDeniedException;
+
+ public boolean checkAccess(Account account, ServiceOffering so) throws PermissionDeniedException;
+
+ boolean checkAccess(Account account, DiskOffering dof) throws PermissionDeniedException;
+}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java b/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
index d08234f..349f4a1 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
@@ -147,7 +147,7 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
private List<String> securityGroupNameList;
@ACL(checkKeyAccess=true)
- @Parameter(name = ApiConstants.IP_NETWORK_LIST, type = CommandType.MAP,entityType={Network.class,IpAddress.class},
+ @Parameter(name = ApiConstants.IP_NETWORK_LIST, type = CommandType.MAP, entityType={Network.class,IpAddress.class},
description = "ip to network mapping. Can't be specified with networkIds parameter." +
" Example: iptonetworklist[0].ip=10.10.10.11&iptonetworklist[0].networkid=204 - requests to" +
" use ip 10.10.10.11 in network id=204")
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/api/src/org/apache/cloudstack/api/command/user/vm/StopVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/vm/StopVMCmd.java b/api/src/org/apache/cloudstack/api/command/user/vm/StopVMCmd.java
index af3bbaa..8e58906 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vm/StopVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vm/StopVMCmd.java
@@ -39,6 +39,7 @@ public class StopVMCmd extends BaseAsyncCmd {
// ////////////// API parameters /////////////////////
// ///////////////////////////////////////////////////
+ @ACL
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType=UserVmResponse.class,
required = true, description = "The ID of the virtual machine")
private Long id;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/client/tomcatconf/components.xml.in
----------------------------------------------------------------------
diff --git a/client/tomcatconf/components.xml.in b/client/tomcatconf/components.xml.in
index ef6274e..a7378bd 100755
--- a/client/tomcatconf/components.xml.in
+++ b/client/tomcatconf/components.xml.in
@@ -53,7 +53,7 @@ under the License.
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl">
<param name="premium">true</param>
</dao>
- <adapters key="com.cloud.acl.APIAccessChecker">
+ <adapters key="org.apache.cloudstack.acl.APIAccessChecker">
<adapter name="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
</adapters>
<adapters key="com.cloud.agent.manager.allocator.HostAllocator">
@@ -150,7 +150,7 @@ under the License.
<adapter name="ConsoleProxyAlert" class="com.cloud.alert.ConsoleProxyAlertAdapter"/>
<adapter name="SecondaryStorageVmAlert" class="com.cloud.alert.SecondaryStorageVmAlertAdapter"/>
</adapters>
- <adapters key="com.cloud.acl.SecurityChecker">
+ <adapters key="org.apache.cloudstack.acl.SecurityChecker">
<adapter name="DomainChecker" class="com.cloud.acl.DomainChecker"/>
</adapters>
<adapters key="com.cloud.network.element.NetworkElement">
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
----------------------------------------------------------------------
diff --git a/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java b/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
index aee708d..d39f87f 100644
--- a/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
+++ b/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
@@ -26,7 +26,7 @@ import java.util.*;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
-import com.cloud.acl.APIAccessChecker;
+import org.apache.cloudstack.acl.APIAccessChecker;
import org.apache.log4j.Logger;
import com.cloud.exception.PermissionDeniedException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/plugins/network-elements/dns-notifier/resources/components-example.xml
----------------------------------------------------------------------
diff --git a/plugins/network-elements/dns-notifier/resources/components-example.xml b/plugins/network-elements/dns-notifier/resources/components-example.xml
index 592b01c..412da0e 100755
--- a/plugins/network-elements/dns-notifier/resources/components-example.xml
+++ b/plugins/network-elements/dns-notifier/resources/components-example.xml
@@ -127,7 +127,7 @@ under the License.
<adapter name="ConsoleProxyAlert" class="com.cloud.alert.ConsoleProxyAlertAdapter"/>
<adapter name="SecondaryStorageVmAlert" class="com.cloud.alert.SecondaryStorageVmAlertAdapter"/>
</adapters>
- <adapters key="com.cloud.acl.SecurityChecker">
+ <adapters key="org.apache.cloudstack.acl.SecurityChecker">
<adapter name="DomainChecker" class="com.cloud.acl.DomainChecker"/>
</adapters>
<adapters key="com.cloud.network.element.NetworkElement">
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/acl/DomainChecker.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index 290c7bf..9bb1cce 100755
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -18,6 +18,8 @@ package com.cloud.acl;
import javax.ejb.Local;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.SecurityChecker;
import org.apache.cloudstack.api.BaseCmd;
import com.cloud.dc.DataCenter;
import com.cloud.domain.Domain;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/ApiDispatcher.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiDispatcher.java b/server/src/com/cloud/api/ApiDispatcher.java
index ed60ba7..002d31f 100755
--- a/server/src/com/cloud/api/ApiDispatcher.java
+++ b/server/src/com/cloud/api/ApiDispatcher.java
@@ -31,11 +31,11 @@ import java.util.StringTokenizer;
import java.util.regex.Matcher;
import com.cloud.dao.EntityManager;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.Role;
import org.apache.cloudstack.api.*;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity;
-import com.cloud.acl.Role;
import org.apache.cloudstack.api.BaseCmd.CommandType;
import org.apache.cloudstack.api.command.user.event.ListEventsCmd;
import com.cloud.async.AsyncCommandQueued;
@@ -396,7 +396,6 @@ public class ApiDispatcher {
}
for (Field field : fields) {
-
PlugService plugServiceAnnotation = field.getAnnotation(PlugService.class);
if(plugServiceAnnotation != null){
plugService(field, cmd);
@@ -459,7 +458,7 @@ public class ApiDispatcher {
// find the controlled entity DBid by uuid
if (parameterAnnotation.entityType() != null) {
- Class<?>[] entityList = parameterAnnotation.entityType();
+ Class<?>[] entityList = parameterAnnotation.entityType()[0].getAnnotation(EntityReference.class).value();
for (Class entity : entityList){
if (ControlledEntity.class.isAssignableFrom(entity)) {
if (s_logger.isDebugEnabled()) {
@@ -529,7 +528,7 @@ public class ApiDispatcher {
}
- //check access on the enstities.
+ //check access on the entities.
}
private static Long translateUuidToInternalId(String uuid, Parameter annotation)
@@ -603,9 +602,9 @@ public class ApiDispatcher {
field.set(cmdObj, Boolean.valueOf(paramObj.toString()));
break;
case DATE:
- // This piece of code is for maintaining backward compatibility and support both the date formats(Bug
-// 9724)
- // Do the date massaging for ListEventsCmd only
+ // This piece of code is for maintaining backward compatibility
+ // and support both the date formats(Bug 9724)
+ // Do the date messaging for ListEventsCmd only
if (cmdObj instanceof ListEventsCmd) {
boolean isObjInNewDateFormat = isObjInNewDateFormat(paramObj.toString());
if (isObjInNewDateFormat) {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/ApiResponseHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index ebe7abb..d5cbb71 100755
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -33,8 +33,8 @@ import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.ResponseGenerator;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.api.ApiConstants.HostDetails;
import org.apache.cloudstack.api.ApiConstants.VMDetails;
import org.apache.cloudstack.api.command.user.job.QueryAsyncJobResultCmd;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/ApiServer.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiServer.java b/server/src/com/cloud/api/ApiServer.java
index 223edcc..c9d4567 100755
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@ -50,6 +50,8 @@ import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
+import org.apache.cloudstack.acl.APIAccessChecker;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.*;
import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
import org.apache.cloudstack.api.command.user.account.ListProjectAccountsCmd;
@@ -94,7 +96,6 @@ import org.apache.cloudstack.api.command.user.project.ListProjectInvitationsCmd;
import org.apache.cloudstack.api.command.user.project.ListProjectsCmd;
import org.apache.cloudstack.api.command.user.securitygroup.ListSecurityGroupsCmd;
import org.apache.cloudstack.api.command.user.tag.ListTagsCmd;
-import com.cloud.acl.ControlledEntity;
import com.cloud.api.response.ApiResponseSerializer;
import org.apache.cloudstack.api.response.ExceptionResponse;
import org.apache.cloudstack.api.response.ListResponse;
@@ -129,7 +130,6 @@ import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CSExceptionErrorCode;
import com.cloud.uuididentity.dao.IdentityDao;
-import com.cloud.acl.APIAccessChecker;
import org.reflections.Reflections;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index c47c1ef..12aaf16 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -18,16 +18,12 @@ package com.cloud.api.query;
import java.util.ArrayList;
import java.util.Date;
-import java.util.EnumSet;
import java.util.List;
import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
-import org.apache.cloudstack.api.ResponseGenerator;
-import org.apache.cloudstack.api.ApiConstants.HostDetails;
-import org.apache.cloudstack.api.ApiConstants.VMDetails;
import org.apache.cloudstack.api.command.admin.host.ListHostsCmd;
import org.apache.cloudstack.api.command.admin.router.ListRoutersCmd;
import org.apache.cloudstack.api.command.admin.user.ListUsersCmd;
@@ -60,9 +56,6 @@ import org.apache.cloudstack.api.response.VolumeResponse;
import org.apache.cloudstack.query.QueryService;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity;
-import com.cloud.api.ApiDBUtils;
-import com.cloud.api.ApiResponseHelper;
import com.cloud.api.query.dao.AccountJoinDao;
import com.cloud.api.query.dao.AsyncJobJoinDao;
import com.cloud.api.query.dao.DomainRouterJoinDao;
@@ -90,8 +83,6 @@ import com.cloud.api.query.vo.SecurityGroupJoinVO;
import com.cloud.api.query.vo.UserAccountJoinVO;
import com.cloud.api.query.vo.UserVmJoinVO;
import com.cloud.api.query.vo.VolumeJoinVO;
-import com.cloud.async.AsyncJob;
-import com.cloud.async.AsyncJobVO;
import com.cloud.domain.Domain;
import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
@@ -99,34 +90,20 @@ import com.cloud.event.dao.EventJoinDao;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.ha.HighAvailabilityManager;
-import com.cloud.host.Host;
-import com.cloud.host.HostTagVO;
-import com.cloud.host.HostVO;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
-import com.cloud.network.IPAddressVO;
import com.cloud.network.security.SecurityGroupVMMapVO;
import com.cloud.network.security.dao.SecurityGroupVMMapDao;
import com.cloud.projects.ProjectInvitation;
import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.projects.Project;
-import com.cloud.projects.ProjectInvitationVO;
import com.cloud.projects.ProjectManager;
-import com.cloud.projects.ProjectService;
import com.cloud.projects.dao.ProjectAccountDao;
import com.cloud.projects.dao.ProjectDao;
import com.cloud.server.Criteria;
-import com.cloud.server.ResourceTag.TaggedResourceType;
-import com.cloud.storage.DiskOfferingVO;
-import com.cloud.storage.Snapshot;
import com.cloud.storage.Volume;
-import com.cloud.storage.VolumeVO;
-import com.cloud.tags.ResourceTagVO;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
-import com.cloud.user.AccountManagerImpl;
-import com.cloud.user.AccountService;
import com.cloud.user.AccountVO;
-import com.cloud.user.DomainManager;
import com.cloud.user.UserContext;
import com.cloud.user.dao.AccountDao;
import com.cloud.utils.DateUtil;
@@ -135,13 +112,11 @@ import com.cloud.utils.Ternary;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.db.Filter;
-import com.cloud.utils.db.JoinBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria.Func;
import com.cloud.utils.db.SearchCriteria.Op;
import com.cloud.vm.UserVmVO;
-import com.cloud.vm.VMInstanceVO;
import com.cloud.vm.VirtualMachine;
import com.cloud.vm.dao.UserVmDao;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/query/vo/ControlledViewEntity.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/ControlledViewEntity.java b/server/src/com/cloud/api/query/vo/ControlledViewEntity.java
index b989502..1255750 100644
--- a/server/src/com/cloud/api/query/vo/ControlledViewEntity.java
+++ b/server/src/com/cloud/api/query/vo/ControlledViewEntity.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.api.query.vo;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/api/response/SecurityGroupResultObject.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/response/SecurityGroupResultObject.java b/server/src/com/cloud/api/response/SecurityGroupResultObject.java
index 6fa59b8..aab13cd 100644
--- a/server/src/com/cloud/api/response/SecurityGroupResultObject.java
+++ b/server/src/com/cloud/api/response/SecurityGroupResultObject.java
@@ -21,7 +21,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.api.ApiDBUtils;
import com.cloud.network.security.SecurityGroup;
import com.cloud.network.security.SecurityGroupRules;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
index a751880..2e20c13 100755
--- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -58,7 +58,7 @@ import org.apache.cloudstack.api.command.admin.vlan.DeleteVlanIpRangeCmd;
import org.apache.cloudstack.api.command.user.network.ListNetworkOfferingsCmd;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker;
+import org.apache.cloudstack.acl.SecurityChecker;
import com.cloud.alert.AlertManager;
import org.apache.cloudstack.api.ApiConstants.LDAPParams;
import com.cloud.api.ApiDBUtils;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/NetworkManager.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java
index ef0d4c5..0ca28f8 100755
--- a/server/src/com/cloud/network/NetworkManager.java
+++ b/server/src/com/cloud/network/NetworkManager.java
@@ -21,7 +21,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import com.cloud.dc.DataCenter;
import com.cloud.dc.Vlan;
import com.cloud.dc.Vlan.VlanType;
@@ -48,12 +48,10 @@ import com.cloud.network.element.StaticNatServiceProvider;
import com.cloud.network.element.UserDataServiceProvider;
import com.cloud.network.guru.NetworkGuru;
import com.cloud.network.rules.FirewallRule;
-import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.StaticNat;
import com.cloud.offering.NetworkOffering;
import com.cloud.offerings.NetworkOfferingVO;
import com.cloud.user.Account;
-import com.cloud.uservm.UserVm;
import com.cloud.utils.Pair;
import com.cloud.vm.Nic;
import com.cloud.vm.NicProfile;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/NetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index 39f8079..c500376 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -46,8 +46,8 @@ import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd;
import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity.ACLType;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.agent.AgentManager;
import com.cloud.agent.Listener;
import com.cloud.agent.api.*;
@@ -167,19 +167,8 @@ import com.cloud.vm.dao.NicDao;
import com.cloud.vm.dao.UserVmDao;
import com.cloud.vm.dao.VMInstanceDao;
import edu.emory.mathcs.backport.java.util.Collections;
-import org.apache.log4j.Logger;
-import javax.ejb.Local;
-import javax.naming.ConfigurationException;
-import java.net.URI;
-import java.security.InvalidParameterException;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
import java.util.*;
-import java.util.concurrent.Executors;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
/**
* NetworkManagerImpl implements NetworkManager.
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/NetworkVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkVO.java b/server/src/com/cloud/network/NetworkVO.java
index 818f44c..14b643b 100644
--- a/server/src/com/cloud/network/NetworkVO.java
+++ b/server/src/com/cloud/network/NetworkVO.java
@@ -29,15 +29,13 @@ import javax.persistence.Table;
import javax.persistence.TableGenerator;
import javax.persistence.Transient;
-import com.cloud.acl.ControlledEntity;
-import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.network.Networks.BroadcastDomainType;
import com.cloud.network.Networks.Mode;
import com.cloud.network.Networks.TrafficType;
import com.cloud.utils.NumbersUtil;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.NetUtils;
-import org.apache.cloudstack.api.InternalIdentity;
/**
* NetworkConfigurationVO contains information about a specific network.
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/as/AutoScaleManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/as/AutoScaleManagerImpl.java b/server/src/com/cloud/network/as/AutoScaleManagerImpl.java
index d52657a..034638d 100644
--- a/server/src/com/cloud/network/as/AutoScaleManagerImpl.java
+++ b/server/src/com/cloud/network/as/AutoScaleManagerImpl.java
@@ -25,11 +25,11 @@ import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
+import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.command.admin.autoscale.CreateCounterCmd;
import org.apache.cloudstack.api.command.user.autoscale.*;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity;
import org.apache.cloudstack.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.ApiDispatcher;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/dao/NetworkDaoImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/dao/NetworkDaoImpl.java b/server/src/com/cloud/network/dao/NetworkDaoImpl.java
index 27ae3a3..29e2f81 100644
--- a/server/src/com/cloud/network/dao/NetworkDaoImpl.java
+++ b/server/src/com/cloud/network/dao/NetworkDaoImpl.java
@@ -23,7 +23,7 @@ import java.util.Random;
import javax.ejb.Local;
import javax.persistence.TableGenerator;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import com.cloud.network.Network;
import com.cloud.network.Network.GuestType;
import com.cloud.network.Network.Provider;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
index fcac5b7..4697acb 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -26,7 +26,7 @@ import javax.naming.ConfigurationException;
import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/vpc/VpcManager.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/VpcManager.java b/server/src/com/cloud/network/vpc/VpcManager.java
index 9d7aaa8..8d49aa1 100644
--- a/server/src/com/cloud/network/vpc/VpcManager.java
+++ b/server/src/com/cloud/network/vpc/VpcManager.java
@@ -18,7 +18,7 @@ package com.cloud.network.vpc;
import java.util.List;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientAddressCapacityException;
import com.cloud.exception.InsufficientCapacityException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/network/vpc/VpcManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
index b24bf3f..7448cc3 100644
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@@ -33,7 +33,7 @@ import javax.naming.ConfigurationException;
import org.apache.cloudstack.api.command.user.vpc.ListStaticRoutesCmd;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.api.command.user.vpc.ListPrivateGatewaysCmd;
import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationManager;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/projects/ProjectManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/projects/ProjectManagerImpl.java b/server/src/com/cloud/projects/ProjectManagerImpl.java
index 4fbbc7d..15d3675 100755
--- a/server/src/com/cloud/projects/ProjectManagerImpl.java
+++ b/server/src/com/cloud/projects/ProjectManagerImpl.java
@@ -17,7 +17,6 @@
package com.cloud.projects;
import java.io.UnsupportedEncodingException;
-import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
@@ -40,19 +39,14 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.api.query.dao.ProjectAccountJoinDao;
import com.cloud.api.query.dao.ProjectInvitationJoinDao;
import com.cloud.api.query.dao.ProjectJoinDao;
-import com.cloud.api.query.vo.ProjectAccountJoinVO;
-import com.cloud.api.query.vo.ProjectInvitationJoinVO;
-import com.cloud.api.query.vo.ProjectJoinVO;
-import com.cloud.api.query.vo.UserVmJoinVO;
import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationManager;
import com.cloud.configuration.Resource.ResourceType;
import com.cloud.configuration.dao.ConfigurationDao;
-import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
@@ -61,14 +55,11 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
-import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.projects.Project.State;
import com.cloud.projects.ProjectAccount.Role;
import com.cloud.projects.dao.ProjectAccountDao;
import com.cloud.projects.dao.ProjectDao;
import com.cloud.projects.dao.ProjectInvitationDao;
-import com.cloud.server.ResourceTag.TaggedResourceType;
-import com.cloud.tags.ResourceTagVO;
import com.cloud.tags.dao.ResourceTagDao;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
@@ -80,18 +71,10 @@ import com.cloud.user.UserContext;
import com.cloud.user.dao.AccountDao;
import com.cloud.utils.DateUtil;
import com.cloud.utils.NumbersUtil;
-import com.cloud.utils.Pair;
-import com.cloud.utils.Ternary;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.DB;
-import com.cloud.utils.db.Filter;
-import com.cloud.utils.db.JoinBuilder;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-import com.cloud.utils.db.SearchCriteria.Func;
-import com.cloud.utils.db.SearchCriteria.Op;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.sun.mail.smtp.SMTPMessage;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java b/server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
index 92be18b..c17b0ea 100755
--- a/server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
+++ b/server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
@@ -30,7 +30,7 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.alert.AlertManager;
import com.cloud.configuration.Config;
import com.cloud.configuration.Resource;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 4c0968b..22ae179 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -67,7 +67,7 @@ import org.apache.cloudstack.api.command.user.zone.ListZonesByCmd;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.agent.AgentManager;
import com.cloud.agent.api.GetVncPortAnswer;
import com.cloud.agent.api.GetVncPortCommand;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/template/TemplateManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/template/TemplateManagerImpl.java b/server/src/com/cloud/template/TemplateManagerImpl.java
index d34b0bc..1372111 100755
--- a/server/src/com/cloud/template/TemplateManagerImpl.java
+++ b/server/src/com/cloud/template/TemplateManagerImpl.java
@@ -40,7 +40,7 @@ import org.apache.cloudstack.api.command.user.iso.*;
import org.apache.cloudstack.api.command.user.template.*;
import org.apache.log4j.Logger;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.agent.AgentManager;
import com.cloud.agent.api.Answer;
import com.cloud.agent.api.downloadTemplateFromSwiftToSecondaryStorageCommand;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/user/AccountManager.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/user/AccountManager.java b/server/src/com/cloud/user/AccountManager.java
index 3e5e176..9ca4721 100755
--- a/server/src/com/cloud/user/AccountManager.java
+++ b/server/src/com/cloud/user/AccountManager.java
@@ -19,7 +19,7 @@ package com.cloud.user;
import java.util.List;
import java.util.Map;
-import com.cloud.acl.ControlledEntity;
+import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.api.query.vo.ControlledViewEntity;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.ResourceUnavailableException;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/user/AccountManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index 6a498c2..c6a7d51 100755
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -36,22 +36,20 @@ import javax.crypto.spec.SecretKeySpec;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.SecurityChecker;
import org.apache.cloudstack.api.command.admin.account.UpdateAccountCmd;
import org.apache.cloudstack.api.command.admin.user.RegisterCmd;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity;
-
-import com.cloud.acl.SecurityChecker;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.query.dao.UserAccountJoinDao;
import com.cloud.api.query.vo.ControlledViewEntity;
import org.apache.cloudstack.api.command.admin.user.DeleteUserCmd;
-import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
import org.apache.cloudstack.api.command.admin.user.UpdateUserCmd;
import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationManager;
@@ -121,7 +119,6 @@ import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.DB;
-import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GlobalLock;
import com.cloud.utils.db.JoinBuilder;
import com.cloud.utils.db.SearchBuilder;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/src/com/cloud/vm/UserVmManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 12645fa..dd789f4 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -40,8 +40,8 @@ import org.apache.cloudstack.api.command.user.volume.DetachVolumeCmd;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity.ACLType;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.agent.AgentManager;
import com.cloud.agent.api.*;
import com.cloud.agent.api.storage.CreatePrivateTemplateAnswer;
@@ -58,7 +58,6 @@ import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.command.admin.vm.AssignVMCmd;
import org.apache.cloudstack.api.command.user.vm.DeployVMCmd;
import org.apache.cloudstack.api.command.user.vm.DestroyVMCmd;
-import org.apache.cloudstack.api.command.user.vm.ListVMsCmd;
import org.apache.cloudstack.api.command.user.vm.RebootVMCmd;
import org.apache.cloudstack.api.command.admin.vm.RecoverVMCmd;
import org.apache.cloudstack.api.command.user.vm.ResetVMPasswordCmd;
@@ -147,7 +146,6 @@ import com.cloud.uservm.UserVm;
import com.cloud.utils.NumbersUtil;
import com.cloud.utils.Pair;
import com.cloud.utils.PasswordGenerator;
-import com.cloud.utils.Ternary;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
@@ -166,15 +164,6 @@ import com.cloud.utils.fsm.NoTransitionException;
import com.cloud.utils.net.NetUtils;
import com.cloud.vm.VirtualMachine.State;
import com.cloud.vm.dao.*;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.log4j.Logger;
-
-import javax.ejb.Local;
-import javax.naming.ConfigurationException;
-import java.util.*;
-import java.util.concurrent.Executors;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
@Local(value = { UserVmManager.class, UserVmService.class })
public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager {
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/test/com/cloud/network/MockNetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/network/MockNetworkManagerImpl.java b/server/test/com/cloud/network/MockNetworkManagerImpl.java
index 00fdd96..26a6e60 100755
--- a/server/test/com/cloud/network/MockNetworkManagerImpl.java
+++ b/server/test/com/cloud/network/MockNetworkManagerImpl.java
@@ -16,7 +16,7 @@
// under the License.
package com.cloud.network;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd;
import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd;
import org.apache.cloudstack.api.command.user.network.ListNetworksCmd;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/test/com/cloud/user/MockAccountManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/user/MockAccountManagerImpl.java b/server/test/com/cloud/user/MockAccountManagerImpl.java
index 4a4196e..ae5d0e5 100644
--- a/server/test/com/cloud/user/MockAccountManagerImpl.java
+++ b/server/test/com/cloud/user/MockAccountManagerImpl.java
@@ -22,15 +22,12 @@ import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
-import com.cloud.acl.ControlledEntity;
-import com.cloud.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import com.cloud.api.query.vo.ControlledViewEntity;
-import com.cloud.api.query.vo.UserAccountJoinVO;
import org.apache.cloudstack.api.command.admin.user.DeleteUserCmd;
-import org.apache.cloudstack.api.command.admin.user.ListUsersCmd;
import org.apache.cloudstack.api.command.admin.user.RegisterCmd;
-import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
import org.apache.cloudstack.api.command.admin.account.UpdateAccountCmd;
import org.apache.cloudstack.api.command.admin.user.UpdateUserCmd;
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/ed0637b8/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
index c778d45..8cb9dd5 100644
--- a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
+++ b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java
@@ -29,7 +29,7 @@ import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementors
import org.apache.cloudstack.api.command.user.network.ListNetworksCmd;
import org.apache.log4j.Logger;
-import com.cloud.acl.ControlledEntity.ACLType;
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd;
import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd;
import com.cloud.dc.DataCenter;
@@ -70,11 +70,6 @@ import com.cloud.utils.component.Inject;
import com.cloud.utils.component.Manager;
import com.cloud.vm.*;
import com.cloud.vpc.dao.MockVpcVirtualRouterElement;
-import org.apache.log4j.Logger;
-
-import javax.ejb.Local;
-import javax.naming.ConfigurationException;
-import java.util.*;
@Local(value = { NetworkManager.class, NetworkService.class })
public class MockNetworkManagerImpl implements NetworkManager, Manager{
@@ -541,7 +536,7 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager{
}
/* (non-Javadoc)
- * @see com.cloud.network.NetworkManager#setupNetwork(com.cloud.user.Account, com.cloud.offerings.NetworkOfferingVO, com.cloud.network.Network, com.cloud.deploy.DeploymentPlan, java.lang.String, java.lang.String, boolean, java.lang.Long, com.cloud.acl.ControlledEntity.ACLType, java.lang.Boolean, java.lang.Long)
+ * @see com.cloud.network.NetworkManager#setupNetwork(com.cloud.user.Account, com.cloud.offerings.NetworkOfferingVO, com.cloud.network.Network, com.cloud.deploy.DeploymentPlan, java.lang.String, java.lang.String, boolean, java.lang.Long, org.apache.cloudstack.acl.ControlledEntity.ACLType, java.lang.Boolean, java.lang.Long)
*/
@Override
public List<NetworkVO> setupNetwork(Account owner, NetworkOfferingVO offering, Network predefined, DeploymentPlan plan, String name, String displayText, boolean errorIfAlreadySetup, Long domainId, ACLType aclType,
@@ -733,7 +728,7 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager{
}
/* (non-Javadoc)
- * @see com.cloud.network.NetworkManager#createGuestNetwork(long, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, com.cloud.user.Account, java.lang.Long, com.cloud.network.PhysicalNetwork, long, com.cloud.acl.ControlledEntity.ACLType, java.lang.Boolean, java.lang.Long)
+ * @see com.cloud.network.NetworkManager#createGuestNetwork(long, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, com.cloud.user.Account, java.lang.Long, com.cloud.network.PhysicalNetwork, long, org.apache.cloudstack.acl.ControlledEntity.ACLType, java.lang.Boolean, java.lang.Long)
*/
@Override
public Network createGuestNetwork(long networkOfferingId, String name, String displayText, String gateway, String cidr, String vlanId, String networkDomain, Account owner, Long domainId,