You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by pr...@apache.org on 2014/01/25 02:13:01 UTC
[2/2] git commit: updated refs/heads/rbac to 1d98ef9
@ACL and EntityType for FirewallRule commands
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1d98ef98
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1d98ef98
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1d98ef98
Branch: refs/heads/rbac
Commit: 1d98ef9821bc90ab8314e68d0e8559ccd4ebfc98
Parents: 695de1e
Author: Prachi Damle <pr...@cloud.com>
Authored: Fri Jan 24 17:05:05 2014 -0800
Committer: Prachi Damle <pr...@cloud.com>
Committed: Fri Jan 24 17:06:11 2014 -0800
----------------------------------------------------------------------
api/src/org/apache/cloudstack/acl/AclEntityType.java | 1 +
.../command/user/firewall/CreateEgressFirewallRuleCmd.java | 2 +-
.../api/command/user/firewall/CreateFirewallRuleCmd.java | 2 +-
.../command/user/firewall/CreatePortForwardingRuleCmd.java | 2 +-
.../command/user/firewall/DeleteEgressFirewallRuleCmd.java | 6 +++++-
.../api/command/user/firewall/DeleteFirewallRuleCmd.java | 7 +++++--
.../command/user/firewall/DeletePortForwardingRuleCmd.java | 6 +++++-
.../api/command/user/firewall/ListEgressFirewallRulesCmd.java | 3 ++-
.../api/command/user/firewall/ListFirewallRulesCmd.java | 3 ++-
.../api/command/user/firewall/ListPortForwardingRulesCmd.java | 3 ++-
.../command/user/firewall/UpdatePortForwardingRuleCmd.java | 3 ++-
11 files changed, 27 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/acl/AclEntityType.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/AclEntityType.java b/api/src/org/apache/cloudstack/acl/AclEntityType.java
index 5c60ede..d96f62c 100644
--- a/api/src/org/apache/cloudstack/acl/AclEntityType.java
+++ b/api/src/org/apache/cloudstack/acl/AclEntityType.java
@@ -34,6 +34,7 @@ public enum AclEntityType {
InstanceGroup,
GlobalLoadBalancerRule,
FirewallRule,
+ PortForwardingRule,
Event,
AsyncJob,
AclPolicy,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
index e0bee6b..0a7b0ab 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
@@ -44,7 +44,7 @@ import com.cloud.network.rules.FirewallRule;
import com.cloud.user.Account;
import com.cloud.utils.net.NetUtils;
-@APICommand(name = "createEgressFirewallRule", description = "Creates a egress firewall rule for a given network ", responseObject = FirewallResponse.class)
+@APICommand(name = "createEgressFirewallRule", description = "Creates a egress firewall rule for a given network ", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule })
public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements FirewallRule {
public static final Logger s_logger = Logger.getLogger(CreateEgressFirewallRuleCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
index c522709..a5137a3 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
@@ -43,7 +43,7 @@ import com.cloud.network.rules.FirewallRule;
import com.cloud.user.Account;
import com.cloud.utils.net.NetUtils;
-@APICommand(name = "createFirewallRule", description = "Creates a firewall rule for a given ip address", responseObject = FirewallResponse.class)
+@APICommand(name = "createFirewallRule", description = "Creates a firewall rule for a given ip address", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule })
public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements FirewallRule {
public static final Logger s_logger = Logger.getLogger(CreateFirewallRuleCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
index 14324df..deb618e 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
@@ -44,7 +44,7 @@ import com.cloud.network.rules.PortForwardingRule;
import com.cloud.user.Account;
import com.cloud.utils.net.Ip;
-@APICommand(name = "createPortForwardingRule", description = "Creates a port forwarding rule", responseObject = FirewallRuleResponse.class)
+@APICommand(name = "createPortForwardingRule", description = "Creates a port forwarding rule", responseObject = FirewallRuleResponse.class, entityType = { AclEntityType.PortForwardingRule })
public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements PortForwardingRule {
public static final Logger s_logger = Logger.getLogger(CreatePortForwardingRuleCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
index 8e7b679..82c33be 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
@@ -19,6 +19,9 @@ package org.apache.cloudstack.api.command.user.firewall;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -36,7 +39,7 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.rules.FirewallRule;
-@APICommand(name = "deleteEgressFirewallRule", description = "Deletes an ggress firewall rule", responseObject = SuccessResponse.class)
+@APICommand(name = "deleteEgressFirewallRule", description = "Deletes an ggress firewall rule", responseObject = SuccessResponse.class, entityType = { AclEntityType.FirewallRule })
public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeleteEgressFirewallRuleCmd.class.getName());
private static final String s_name = "deleteegressfirewallruleresponse";
@@ -45,6 +48,7 @@ public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = FirewallRuleResponse.class, required = true, description = "the ID of the firewall rule")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
index c3029b8..704c913 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.firewall;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -35,7 +38,7 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.rules.FirewallRule;
-@APICommand(name = "deleteFirewallRule", description = "Deletes a firewall rule", responseObject = SuccessResponse.class)
+@APICommand(name = "deleteFirewallRule", description = "Deletes a firewall rule", responseObject = SuccessResponse.class, entityType = { AclEntityType.FirewallRule })
public class DeleteFirewallRuleCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeleteFirewallRuleCmd.class.getName());
private static final String s_name = "deletefirewallruleresponse";
@@ -43,7 +46,7 @@ public class DeleteFirewallRuleCmd extends BaseAsyncCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
-
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = FirewallRuleResponse.class, required = true, description = "the ID of the firewall rule")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
index c493dd0..eb88201 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.firewall;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -34,7 +37,7 @@ import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.network.rules.PortForwardingRule;
-@APICommand(name = "deletePortForwardingRule", description = "Deletes a port forwarding rule", responseObject = SuccessResponse.class)
+@APICommand(name = "deletePortForwardingRule", description = "Deletes a port forwarding rule", responseObject = SuccessResponse.class, entityType = { AclEntityType.PortForwardingRule })
public class DeletePortForwardingRuleCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeletePortForwardingRuleCmd.class.getName());
private static final String s_name = "deleteportforwardingruleresponse";
@@ -43,6 +46,7 @@ public class DeletePortForwardingRuleCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID,
type = CommandType.UUID,
entityType = FirewallRuleResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
index 4ac94df..6b2a78c 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
@@ -22,6 +22,7 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.Parameter;
@@ -33,7 +34,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
import com.cloud.network.rules.FirewallRule;
import com.cloud.utils.Pair;
-@APICommand(name = "listEgressFirewallRules", description = "Lists all egress firewall rules for network id.", responseObject = FirewallResponse.class)
+@APICommand(name = "listEgressFirewallRules", description = "Lists all egress firewall rules for network id.", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule })
public class ListEgressFirewallRulesCmd extends ListFirewallRulesCmd {
public static final Logger s_logger = Logger.getLogger(ListEgressFirewallRulesCmd.class.getName());
private static final String s_name = "listegressfirewallrulesresponse";
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
index 44d26e4..ec60b00 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
@@ -21,6 +21,7 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
@@ -34,7 +35,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
import com.cloud.network.rules.FirewallRule;
import com.cloud.utils.Pair;
-@APICommand(name = "listFirewallRules", description = "Lists all firewall rules for an IP address.", responseObject = FirewallResponse.class)
+@APICommand(name = "listFirewallRules", description = "Lists all firewall rules for an IP address.", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule })
public class ListFirewallRulesCmd extends BaseListTaggedResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListFirewallRulesCmd.class.getName());
private static final String s_name = "listfirewallrulesresponse";
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
index bd8a7a1..c0c1f3f 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
@@ -21,6 +21,7 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
@@ -33,7 +34,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.utils.Pair;
-@APICommand(name = "listPortForwardingRules", description = "Lists all port forwarding rules for an IP address.", responseObject = FirewallRuleResponse.class)
+@APICommand(name = "listPortForwardingRules", description = "Lists all port forwarding rules for an IP address.", responseObject = FirewallRuleResponse.class, entityType = { AclEntityType.PortForwardingRule })
public class ListPortForwardingRulesCmd extends BaseListTaggedResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListPortForwardingRulesCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
index d7e380f..6c860fe 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.firewall;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseAsyncCmd;
@@ -33,7 +34,7 @@ import com.cloud.user.Account;
@APICommand(name = "updatePortForwardingRule",
responseObject = FirewallRuleResponse.class,
- description = "Updates a port forwarding rule. Only the private port and the virtual machine can be updated.")
+ description = "Updates a port forwarding rule. Only the private port and the virtual machine can be updated.", entityType = { AclEntityType.PortForwardingRule })
public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(UpdatePortForwardingRuleCmd.class.getName());
private static final String s_name = "updateportforwardingruleresponse";