You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by pr...@apache.org on 2014/02/19 21:26:36 UTC
[2/3] git commit: updated refs/heads/rbac to 42a7d41
Adding annotations to admin commands
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/bbaa7428
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/bbaa7428
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/bbaa7428
Branch: refs/heads/rbac
Commit: bbaa742863a8c7c3fb2b88ee22cdf2139be9c330
Parents: f0a9b3b
Author: Prachi Damle <pr...@cloud.com>
Authored: Tue Feb 18 16:06:57 2014 -0800
Committer: Prachi Damle <pr...@cloud.com>
Committed: Wed Feb 19 12:22:33 2014 -0800
----------------------------------------------------------------------
api/src/org/apache/cloudstack/acl/AclEntityType.java | 3 ++-
.../api/command/admin/systemvm/DestroySystemVmCmd.java | 6 +++++-
.../api/command/admin/systemvm/ListSystemVMsCmd.java | 3 ++-
.../api/command/admin/systemvm/MigrateSystemVMCmd.java | 6 +++++-
.../api/command/admin/systemvm/RebootSystemVmCmd.java | 7 +++++--
.../api/command/admin/systemvm/ScaleSystemVMCmd.java | 6 +++++-
.../api/command/admin/systemvm/StartSystemVMCmd.java | 7 +++++--
.../api/command/admin/systemvm/StopSystemVmCmd.java | 6 +++++-
.../api/command/admin/systemvm/UpgradeSystemVMCmd.java | 6 +++++-
.../api/command/admin/template/PrepareTemplateCmd.java | 6 +++++-
.../apache/cloudstack/api/command/admin/vm/AssignVMCmd.java | 3 ++-
.../apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java | 6 +++++-
.../apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java | 3 ++-
.../command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java | 3 ++-
.../apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java | 3 ++-
.../api/command/admin/vpc/CreatePrivateGatewayCmd.java | 3 ++-
.../api/command/admin/vpc/DeletePrivateGatewayCmd.java | 3 ++-
17 files changed, 61 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/acl/AclEntityType.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/AclEntityType.java b/api/src/org/apache/cloudstack/acl/AclEntityType.java
index d96f62c..0e1fe5b 100644
--- a/api/src/org/apache/cloudstack/acl/AclEntityType.java
+++ b/api/src/org/apache/cloudstack/acl/AclEntityType.java
@@ -13,6 +13,7 @@ public enum AclEntityType {
Condition,
Vpc,
VpcGateway,
+ PrivateGateway,
VpnUser,
VMSnapshot,
VirtualMachineTemplate,
@@ -34,7 +35,7 @@ public enum AclEntityType {
InstanceGroup,
GlobalLoadBalancerRule,
FirewallRule,
- PortForwardingRule,
+ PortForwardingRule,
Event,
AsyncJob,
AclPolicy,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/DestroySystemVmCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/DestroySystemVmCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/DestroySystemVmCmd.java
index 07e111c..62f73aa 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/DestroySystemVmCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/DestroySystemVmCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.systemvm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -32,12 +35,13 @@ import com.cloud.event.EventTypes;
import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "destroySystemVm", responseObject = SystemVmResponse.class, description = "Destroyes a system virtual machine.")
+@APICommand(name = "destroySystemVm", responseObject = SystemVmResponse.class, description = "Destroyes a system virtual machine.", entityType = { AclEntityType.VirtualMachine })
public class DestroySystemVmCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DestroySystemVmCmd.class.getName());
private static final String s_name = "destroysystemvmresponse";
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID,
type = CommandType.UUID,
entityType = SystemVmResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/ListSystemVMsCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/ListSystemVMsCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/ListSystemVMsCmd.java
index 9480497..41fd0ad 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/ListSystemVMsCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/ListSystemVMsCmd.java
@@ -21,6 +21,7 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -36,7 +37,7 @@ import org.apache.cloudstack.api.response.ZoneResponse;
import com.cloud.utils.Pair;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "listSystemVms", description = "List system virtual machines.", responseObject = SystemVmResponse.class)
+@APICommand(name = "listSystemVms", description = "List system virtual machines.", responseObject = SystemVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class ListSystemVMsCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListSystemVMsCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/MigrateSystemVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/MigrateSystemVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/MigrateSystemVMCmd.java
index 8199e68..f01d885 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/MigrateSystemVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/MigrateSystemVMCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.systemvm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -38,7 +41,7 @@ import com.cloud.host.Host;
import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "migrateSystemVm", description = "Attempts Migration of a system virtual machine to the host specified.", responseObject = SystemVmResponse.class)
+@APICommand(name = "migrateSystemVm", description = "Attempts Migration of a system virtual machine to the host specified.", responseObject = SystemVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class MigrateSystemVMCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(MigrateSystemVMCmd.class.getName());
@@ -55,6 +58,7 @@ public class MigrateSystemVMCmd extends BaseAsyncCmd {
description = "destination Host ID to migrate VM to")
private Long hostId;
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.VIRTUAL_MACHINE_ID,
type = CommandType.UUID,
entityType = SystemVmResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/RebootSystemVmCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/RebootSystemVmCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/RebootSystemVmCmd.java
index 1c38b05..628e6ce 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/RebootSystemVmCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/RebootSystemVmCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.systemvm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -32,7 +35,7 @@ import com.cloud.event.EventTypes;
import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "rebootSystemVm", description = "Reboots a system VM.", responseObject = SystemVmResponse.class)
+@APICommand(name = "rebootSystemVm", description = "Reboots a system VM.", responseObject = SystemVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class RebootSystemVmCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(RebootSystemVmCmd.class.getName());
@@ -41,7 +44,7 @@ public class RebootSystemVmCmd extends BaseAsyncCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
-
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID,
type = CommandType.UUID,
entityType = SystemVmResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
index 370815d..2c9bc57 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
@@ -21,6 +21,9 @@ import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -44,7 +47,7 @@ import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
@APICommand(name = "scaleSystemVm", responseObject = SystemVmResponse.class, description = "Scale the service offering for a system vm (console proxy or secondary storage). "
- + "The system vm must be in a \"Stopped\" state for " + "this command to take effect.")
+ + "The system vm must be in a \"Stopped\" state for " + "this command to take effect.", entityType = { AclEntityType.VirtualMachine })
public class ScaleSystemVMCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(UpgradeVMCmd.class.getName());
private static final String s_name = "changeserviceforsystemvmresponse";
@@ -53,6 +56,7 @@ public class ScaleSystemVMCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = SystemVmResponse.class, required = true, description = "The ID of the system vm")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/StartSystemVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/StartSystemVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/StartSystemVMCmd.java
index 2e65928..65f6614 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/StartSystemVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/StartSystemVMCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.systemvm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -32,7 +35,7 @@ import com.cloud.event.EventTypes;
import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "startSystemVm", responseObject = SystemVmResponse.class, description = "Starts a system virtual machine.")
+@APICommand(name = "startSystemVm", responseObject = SystemVmResponse.class, description = "Starts a system virtual machine.", entityType = { AclEntityType.VirtualMachine })
public class StartSystemVMCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(StartSystemVMCmd.class.getName());
@@ -41,7 +44,7 @@ public class StartSystemVMCmd extends BaseAsyncCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
-
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID,
type = CommandType.UUID,
entityType = SystemVmResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/StopSystemVmCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/StopSystemVmCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/StopSystemVmCmd.java
index 7709ebe..dfaaeca 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/StopSystemVmCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/StopSystemVmCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.systemvm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -34,7 +37,7 @@ import com.cloud.exception.ResourceUnavailableException;
import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
-@APICommand(name = "stopSystemVm", description = "Stops a system VM.", responseObject = SystemVmResponse.class)
+@APICommand(name = "stopSystemVm", description = "Stops a system VM.", responseObject = SystemVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class StopSystemVmCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(StopSystemVmCmd.class.getName());
@@ -44,6 +47,7 @@ public class StopSystemVmCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID,
type = CommandType.UUID,
entityType = SystemVmResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
index da0564e..fc30197 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
@@ -21,6 +21,9 @@ import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -39,7 +42,7 @@ import com.cloud.user.Account;
import com.cloud.vm.VirtualMachine;
@APICommand(name = "changeServiceForSystemVm", responseObject = SystemVmResponse.class, description = "Changes the service offering for a system vm (console proxy or secondary storage). "
- + "The system vm must be in a \"Stopped\" state for " + "this command to take effect.")
+ + "The system vm must be in a \"Stopped\" state for " + "this command to take effect.", entityType = { AclEntityType.VirtualMachine })
public class UpgradeSystemVMCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(UpgradeVMCmd.class.getName());
private static final String s_name = "changeserviceforsystemvmresponse";
@@ -48,6 +51,7 @@ public class UpgradeSystemVMCmd extends BaseCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = SystemVmResponse.class, required = true, description = "The ID of the system vm")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/template/PrepareTemplateCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/template/PrepareTemplateCmd.java b/api/src/org/apache/cloudstack/api/command/admin/template/PrepareTemplateCmd.java
index 086abf5..170d379 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/template/PrepareTemplateCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/template/PrepareTemplateCmd.java
@@ -20,6 +20,9 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseCmd;
@@ -32,7 +35,7 @@ import org.apache.cloudstack.api.response.ZoneResponse;
import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.Account;
-@APICommand(name = "prepareTemplate", responseObject = TemplateResponse.class, description = "load template into primary storage")
+@APICommand(name = "prepareTemplate", responseObject = TemplateResponse.class, description = "load template into primary storage", entityType = { AclEntityType.VirtualMachineTemplate })
public class PrepareTemplateCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(PrepareTemplateCmd.class.getName());
@@ -49,6 +52,7 @@ public class PrepareTemplateCmd extends BaseCmd {
description = "zone ID of the template to be prepared in primary storage(s).")
private Long zoneId;
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.TEMPLATE_ID,
type = CommandType.UUID,
entityType = TemplateResponse.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vm/AssignVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vm/AssignVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vm/AssignVMCmd.java
index 654f4ef..c6e15d0 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vm/AssignVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vm/AssignVMCmd.java
@@ -20,6 +20,7 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -38,7 +39,7 @@ import com.cloud.uservm.UserVm;
@APICommand(name = "assignVirtualMachine",
description = "Change ownership of a VM from one account to another. This API is available for Basic zones with security groups and Advanced zones with guest networks. A root administrator can reassign a VM from any account to any other account in any domain. A domain administrator can reassign a VM to any account in the same domain.",
responseObject = UserVmResponse.class,
- since = "3.0.0")
+ since = "3.0.0", entityType = { AclEntityType.VirtualMachine })
public class AssignVMCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(AssignVMCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java
index 7b16686..fcc9ec2f7 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vm/ExpungeVMCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.admin.vm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -37,7 +40,7 @@ import com.cloud.user.Account;
import com.cloud.uservm.UserVm;
import com.cloud.utils.exception.CloudRuntimeException;
-@APICommand(name = "expungeVirtualMachine", description = "Expunge a virtual machine. Once expunged, it cannot be recoverd.", responseObject = SuccessResponse.class)
+@APICommand(name = "expungeVirtualMachine", description = "Expunge a virtual machine. Once expunged, it cannot be recoverd.", responseObject = SuccessResponse.class, entityType = { AclEntityType.VirtualMachine })
public class ExpungeVMCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(ExpungeVMCmd.class.getName());
@@ -47,6 +50,7 @@ public class ExpungeVMCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
+ @ACL(accessType = AccessType.OperateEntry)
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = UserVmResponse.class, required = true, description = "The ID of the virtual machine")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java
index 730577b..e2ef31f 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVMCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.vm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -44,7 +45,7 @@ import com.cloud.vm.VirtualMachine;
@APICommand(name = "migrateVirtualMachine",
description = "Attempts Migration of a VM to a different host or Root volume of the vm to a different storage pool",
- responseObject = UserVmResponse.class)
+ responseObject = UserVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class MigrateVMCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(MigrateVMCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java
index 1c32a25..33355e8 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vm/MigrateVirtualMachineWithVolumeCmd.java
@@ -23,6 +23,7 @@ import java.util.Map;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -46,7 +47,7 @@ import com.cloud.vm.VirtualMachine;
@APICommand(name = "migrateVirtualMachineWithVolume",
description = "Attempts Migration of a VM with its volumes to a different host",
- responseObject = UserVmResponse.class)
+ responseObject = UserVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class MigrateVirtualMachineWithVolumeCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(MigrateVMCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java
index 765c318..ea103a1 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vm/RecoverVMCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.vm;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@@ -31,7 +32,7 @@ import com.cloud.exception.ResourceAllocationException;
import com.cloud.user.Account;
import com.cloud.uservm.UserVm;
-@APICommand(name = "recoverVirtualMachine", description = "Recovers a virtual machine.", responseObject = UserVmResponse.class)
+@APICommand(name = "recoverVirtualMachine", description = "Recovers a virtual machine.", responseObject = UserVmResponse.class, entityType = { AclEntityType.VirtualMachine })
public class RecoverVMCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(RecoverVMCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java
index c3201f1..1070662 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.vpc;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -42,7 +43,7 @@ import com.cloud.network.vpc.PrivateGateway;
import com.cloud.network.vpc.Vpc;
import com.cloud.user.Account;
-@APICommand(name = "createPrivateGateway", description = "Creates a private gateway", responseObject = PrivateGatewayResponse.class)
+@APICommand(name = "createPrivateGateway", description = "Creates a private gateway", responseObject = PrivateGatewayResponse.class, entityType = { AclEntityType.PrivateGateway })
public class CreatePrivateGatewayCmd extends BaseAsyncCreateCmd {
public static final Logger s_logger = Logger.getLogger(CreatePrivateGatewayCmd.class.getName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bbaa7428/api/src/org/apache/cloudstack/api/command/admin/vpc/DeletePrivateGatewayCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/admin/vpc/DeletePrivateGatewayCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vpc/DeletePrivateGatewayCmd.java
index a5bb00c..7c2c471 100644
--- a/api/src/org/apache/cloudstack/api/command/admin/vpc/DeletePrivateGatewayCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/admin/vpc/DeletePrivateGatewayCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.vpc;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -36,7 +37,7 @@ import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.vpc.VpcGateway;
import com.cloud.user.Account;
-@APICommand(name = "deletePrivateGateway", description = "Deletes a Private gateway", responseObject = SuccessResponse.class)
+@APICommand(name = "deletePrivateGateway", description = "Deletes a Private gateway", responseObject = SuccessResponse.class, entityType = { AclEntityType.PrivateGateway })
public class DeletePrivateGatewayCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeletePrivateGatewayCmd.class.getName());
private static final String s_name = "deleteprivategatewayresponse";