You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/02/12 07:46:46 UTC
[4/4] git commit: updated refs/heads/rbac to 5854c0b
Fix Path cannot be null error in creating ACL Policy.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/5854c0bb
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/5854c0bb
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/5854c0bb
Branch: refs/heads/rbac
Commit: 5854c0bbeb45add9ac52de370eea4464360aebc6
Parents: 97ec3f6
Author: Min Chen <mi...@citrix.com>
Authored: Tue Feb 11 22:45:57 2014 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Tue Feb 11 22:45:57 2014 -0800
----------------------------------------------------------------------
.../cloudstack/acl/api/AclApiServiceImpl.java | 20 ++++++++++++--------
.../apache/cloudstack/iam/api/IAMService.java | 2 +-
.../cloudstack/iam/server/IAMServiceImpl.java | 3 ++-
3 files changed, 15 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java b/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java
index 29aa258..da655b8 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java
@@ -273,15 +273,14 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
private void createPolicyAndAddToDomainGroup(String policyName, String description, String entityType,
Long entityId, String action, AccessType accessType, Long domainId, Boolean recursive) {
- AclPolicy policy = _iamSrv.createAclPolicy(policyName, description, null);
- _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(),
- entityId, action, accessType.toString(), Permission.Allow, recursive);
-
- List<Long> policyList = new ArrayList<Long>();
- policyList.add(new Long(policy.getId()));
-
Domain domain = _domainDao.findById(domainId);
if (domain != null) {
+ AclPolicy policy = _iamSrv.createAclPolicy(policyName, description, null, domain.getPath());
+ _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(),
+ entityId, action, accessType.toString(), Permission.Allow, recursive);
+ List<Long> policyList = new ArrayList<Long>();
+ policyList.add(new Long(policy.getId()));
+
List<AclGroup> domainGroups = listDomainGroup(domain);
if (domainGroups != null) {
for (AclGroup group : domainGroups) {
@@ -352,7 +351,12 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man
@Override
@ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_CREATE, eventDescription = "Creating Acl Policy", create = true)
public AclPolicy createAclPolicy(Account caller, final String aclPolicyName, final String description, final Long parentPolicyId) {
- return _iamSrv.createAclPolicy(aclPolicyName, description, parentPolicyId);
+ Long domainId = caller.getDomainId();
+ Domain callerDomain = _domainDao.findById(domainId);
+ if (callerDomain == null) {
+ throw new InvalidParameterValueException("Caller does not have a domain");
+ }
+ return _iamSrv.createAclPolicy(aclPolicyName, description, parentPolicyId, callerDomain.getPath());
}
@DB
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
index 2b26e72..3957b62 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java
@@ -40,7 +40,7 @@ public interface IAMService {
Pair<List<AclGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize);
/* ACL Policy related interfaces */
- AclPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId);
+ AclPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId, String path);
boolean deleteAclPolicy(long aclPolicyId);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
index 84ed545..1398889 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
@@ -294,7 +294,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
@DB
@Override
- public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId) {
+ public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
// check if the policy is already existing
AclPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
@@ -308,6 +308,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
@Override
public AclPolicy doInTransaction(TransactionStatus status) {
AclPolicyVO rvo = new AclPolicyVO(aclPolicyName, description);
+ rvo.setPath(path);
AclPolicy role = _aclPolicyDao.persist(rvo);
if (parentPolicyId != null) {