You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by we...@apache.org on 2013/10/31 11:49:33 UTC
[1/4] git commit: updated refs/heads/master to 382391f
Updated Branches:
refs/heads/master c53d4e9e1 -> 382391f27
CLOUDSTACK-4830: allow create account and user by domain admin
(cherry picked from commit 0d12e3eb9d4fb0166fc553da7366f4da786daa14)
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/51094987
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/51094987
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/51094987
Branch: refs/heads/master
Commit: 51094987838ad4d76c289dcb71f5bfd430e86637
Parents: c53d4e9
Author: Wei Zhou <w....@leaseweb.com>
Authored: Wed Oct 30 15:11:59 2013 +0100
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Thu Oct 31 11:36:54 2013 +0100
----------------------------------------------------------------------
client/tomcatconf/commands.properties.in | 10 ++++-----
server/src/com/cloud/api/ApiDBUtils.java | 10 ++++++++-
.../com/cloud/api/query/QueryManagerImpl.java | 4 ++--
.../com/cloud/api/query/ViewResponseHelper.java | 6 +++++-
ui/scripts/accounts.js | 22 ++++++++++++++++++--
ui/scripts/sharedFunctions.js | 2 +-
6 files changed, 42 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/client/tomcatconf/commands.properties.in
----------------------------------------------------------------------
diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in
index b106b9f..e92596c 100644
--- a/client/tomcatconf/commands.properties.in
+++ b/client/tomcatconf/commands.properties.in
@@ -19,9 +19,9 @@
### Please standardize naming conventions to camel-case (even for acronyms).
### Account commands
-createAccount=3
-deleteAccount=3
-updateAccount=3
+createAccount=7
+deleteAccount=7
+updateAccount=7
disableAccount=7
enableAccount=7
lockAccount=7
@@ -29,8 +29,8 @@ listAccounts=15
markDefaultZoneForAccount=1
#### User commands
-createUser=3
-deleteUser=3
+createUser=7
+deleteUser=7
updateUser=15
listUsers=7
lockUser=7
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/server/src/com/cloud/api/ApiDBUtils.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiDBUtils.java b/server/src/com/cloud/api/ApiDBUtils.java
index d36604c..b56ada7 100755
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@ -1474,7 +1474,15 @@ public class ApiDBUtils {
}
public static UserResponse newUserResponse(UserAccountJoinVO usr) {
- return _userAccountJoinDao.newUserResponse(usr);
+ return newUserResponse(usr, null);
+ }
+ public static UserResponse newUserResponse(UserAccountJoinVO usr, Long domainId) {
+ UserResponse response = _userAccountJoinDao.newUserResponse(usr);
+ if (domainId != null && usr.getDomainId() != domainId)
+ response.setIsCallerChildDomain(true);
+ else
+ response.setIsCallerChildDomain(false);
+ return response;
}
public static UserAccountJoinVO newUserView(User usr){
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index 51ee249..97aee99 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -352,8 +352,8 @@ public class QueryManagerImpl extends ManagerBase implements QueryService {
public ListResponse<UserResponse> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException {
Pair<List<UserAccountJoinVO>, Integer> result = searchForUsersInternal(cmd);
ListResponse<UserResponse> response = new ListResponse<UserResponse>();
- List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(result.first().toArray(
- new UserAccountJoinVO[result.first().size()]));
+ List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(UserContext.current().getCaller().getDomainId(),
+ result.first().toArray(new UserAccountJoinVO[result.first().size()]));
response.setResponses(userResponses, result.second());
return response;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/server/src/com/cloud/api/query/ViewResponseHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/ViewResponseHelper.java b/server/src/com/cloud/api/query/ViewResponseHelper.java
index d97b033..4051f09 100644
--- a/server/src/com/cloud/api/query/ViewResponseHelper.java
+++ b/server/src/com/cloud/api/query/ViewResponseHelper.java
@@ -83,9 +83,13 @@ public class ViewResponseHelper {
public static final Logger s_logger = Logger.getLogger(ViewResponseHelper.class);
public static List<UserResponse> createUserResponse(UserAccountJoinVO... users) {
+ return createUserResponse(null, users);
+ }
+
+ public static List<UserResponse> createUserResponse(Long domainId, UserAccountJoinVO... users) {
List<UserResponse> respList = new ArrayList<UserResponse>();
for (UserAccountJoinVO vt : users){
- respList.add(ApiDBUtils.newUserResponse(vt));
+ respList.add(ApiDBUtils.newUserResponse(vt, domainId));
}
return respList;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/ui/scripts/accounts.js
----------------------------------------------------------------------
diff --git a/ui/scripts/accounts.js b/ui/scripts/accounts.js
index a754d31..7267252 100644
--- a/ui/scripts/accounts.js
+++ b/ui/scripts/accounts.js
@@ -66,7 +66,7 @@
add: {
label: 'label.add.account',
preFilter: function(args) {
- if (isAdmin())
+ if (isAdmin() || isDomainAdmin())
return true;
else
return false;
@@ -901,7 +901,7 @@
label: 'label.add.user',
preFilter: function(args) {
- if (isAdmin())
+ if (isAdmin() || isDomainAdmin())
return true;
else
return false;
@@ -1409,6 +1409,16 @@
}
allowedActions.push("updateResourceCount");
} else if (isDomainAdmin()) {
+ if (jsonObj.name != g_account) {
+ allowedActions.push("edit"); //updating networkdomain is allowed on any account, including system-generated default admin account
+ if (jsonObj.state == "enabled") {
+ allowedActions.push("disable");
+ allowedActions.push("lock");
+ } else if (jsonObj.state == "disabled" || jsonObj.state == "locked") {
+ allowedActions.push("enable");
+ }
+ allowedActions.push("remove");
+ }
allowedActions.push("updateResourceCount");
}
return allowedActions;
@@ -1434,6 +1444,14 @@
}
} else {
if (isSelfOrChildDomainUser(jsonObj.username, jsonObj.accounttype, jsonObj.domainid, jsonObj.iscallerchilddomain)) {
+ if (isDomainAdmin() && jsonObj.username != g_username) {
+ allowedActions.push("edit");
+ if (jsonObj.state == "enabled")
+ allowedActions.push("disable");
+ if (jsonObj.state == "disabled")
+ allowedActions.push("enable");
+ allowedActions.push("remove");
+ }
allowedActions.push("changePassword");
allowedActions.push("generateKeys");
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51094987/ui/scripts/sharedFunctions.js
----------------------------------------------------------------------
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index fb07d37..05d2d9d 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -766,7 +766,7 @@ var addGuestNetworkDialog = {
function isSelfOrChildDomainUser(username, useraccounttype, userdomainid, iscallerchilddomain) {
if (username == g_username) { //is self
return true;
- } else if (isDomainAdmin() && iscallerchilddomain && (useraccounttype == 0)) { //domain admin to user
+ } else if (isDomainAdmin() && !iscallerchilddomain && (useraccounttype == 0)) { //domain admin to user
return true;
} else if (isDomainAdmin() && iscallerchilddomain && (userdomainid != g_domainid)) { //domain admin to subdomain admin and user
return true;
[2/4] git commit: updated refs/heads/master to 382391f
Posted by we...@apache.org.
CLOUDSTACK-4831: allow create network by domain admin
(cherry picked from commit 46e4cfd3c3c79e3bc3ec4a49c4ebae6c32240db3)
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/57036e37
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/57036e37
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/57036e37
Branch: refs/heads/master
Commit: 57036e379bf5675e97e33eff7c074cf1744a2f3d
Parents: 5109498
Author: Wei Zhou <w....@leaseweb.com>
Authored: Wed Oct 30 15:12:32 2013 +0100
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Thu Oct 31 11:37:18 2013 +0100
----------------------------------------------------------------------
ui/scripts/network.js | 55 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/57036e37/ui/scripts/network.js
----------------------------------------------------------------------
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index 12e5389..fabbe1c 100755
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -536,6 +536,48 @@
},
networkDomain: {
label: 'label.network.domain'
+ },
+ domain: {
+ label: 'label.domain',
+ select: function(args) {
+ var items = [];
+ $.ajax({
+ url: createURL("listDomains&listAll=true"),
+ dataType: "json",
+ async: false,
+ success: function(json) {
+ var items = [];
+ items.push({
+ id: "",
+ description: ""
+ });
+ var domainObjs = json.listdomainsresponse.domain;
+ $(domainObjs).each(function() {
+ items.push({
+ id: this.id,
+ description: this.path
+ });
+ });
+ args.response.success({
+ data: items
+ });
+ }
+ });
+ args.$select.change(function() {
+ var $form = $(this).closest('form');
+ if ($(this).val() == "") {
+ $form.find('.form-item[rel=account]').hide();
+ } else {
+ $form.find('.form-item[rel=account]').css('display', 'inline-block');
+ }
+ });
+ },
+ },
+ account: {
+ label: 'label.account',
+ validation: {
+ required: true
+ },
}
}
},
@@ -575,6 +617,19 @@
});
}
+ if (args.$form.find('.form-item[rel=domain]').css("display") != "none") {
+ if (args.data.domain != null && args.data.domain.length > 0) {
+ $.extend(dataObj, {
+ domainid: args.data.domain
+ });
+ }
+ if (args.data.account != null && args.data.account.length > 0) {
+ $.extend(dataObj, {
+ account: args.data.account
+ });
+ }
+ }
+
$.ajax({
url: createURL('createNetwork'),
data: dataObj,
[3/4] git commit: updated refs/heads/master to 382391f
Posted by we...@apache.org.
remove unused file lock codes from LibvirtStorageAdaptor.java
(cherry picked from commit 4b8d636ce66fa8e4ed9cc56e44f4fa88e0e18cb8)
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/bad23908
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/bad23908
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/bad23908
Branch: refs/heads/master
Commit: bad23908c26826f77fd648dacc9a9f497f338318
Parents: 57036e3
Author: Wei Zhou <w....@leaseweb.com>
Authored: Wed Oct 30 15:13:14 2013 +0100
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Thu Oct 31 11:37:25 2013 +0100
----------------------------------------------------------------------
.../kvm/storage/LibvirtStorageAdaptor.java | 36 --------------------
1 file changed, 36 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/bad23908/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
index 8ef855e..093cdbc 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
@@ -20,13 +20,10 @@ import java.io.File;
import java.io.FileInputStream;
import java.io.BufferedInputStream;
import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import java.util.UUID;
import java.util.Map;
-import java.util.HashMap;
import org.apache.log4j.Logger;
import org.apache.commons.codec.binary.Base64;
import org.apache.cloudstack.utils.qemu.QemuImg;
@@ -37,7 +34,6 @@ import org.libvirt.Connect;
import org.libvirt.LibvirtException;
import org.libvirt.Secret;
import org.libvirt.StoragePool;
-import org.libvirt.StoragePoolInfo;
import org.libvirt.StorageVol;
import org.libvirt.StoragePoolInfo.StoragePoolState;
import com.ceph.rados.Rados;
@@ -48,7 +44,6 @@ import com.ceph.rbd.RbdImage;
import com.ceph.rbd.RbdException;
import com.ceph.rbd.jna.RbdSnapInfo;
-import com.cloud.agent.api.ManageSnapshotCommand;
import com.cloud.hypervisor.kvm.resource.LibvirtConnection;
import com.cloud.hypervisor.kvm.resource.LibvirtSecretDef;
import com.cloud.hypervisor.kvm.resource.LibvirtSecretDef.usage;
@@ -63,7 +58,6 @@ import com.cloud.exception.InternalErrorException;
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.storage.StorageLayer;
import com.cloud.utils.exception.CloudRuntimeException;
-import com.cloud.utils.script.OutputInterpreter;
import com.cloud.utils.script.Script;
public class LibvirtStorageAdaptor implements StorageAdaptor {
@@ -72,8 +66,6 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
private StorageLayer _storageLayer;
private String _mountPoint = "/mnt";
private String _manageSnapshotPath;
- private String _lockfile = "KVMFILELOCK" + File.separator + ".lock";
- private static final int ACQUIRE_GLOBAL_FILELOCK_TIMEOUT_FOR_KVM = 300; // 300 seconds
private String rbdTemplateSnapName = "cloudstack-base-snap";
private int rbdFeatures = (1<<0); /* Feature 1<<0 means layering in RBD format 2 */
@@ -1222,10 +1214,6 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
return deleteStoragePool(pool.getUuid());
}
- // refreshPool and deleteVol are used to fix CLOUDSTACK-2729/CLOUDSTACK-2780
- // They are caused by a libvirt bug (https://bugzilla.redhat.com/show_bug.cgi?id=977706)
- // However, we also need to fix the issues in CloudStack source code.
- // A file lock is used to prevent deleting a volume from a KVM storage pool when refresh it.
private void refreshPool(StoragePool pool) throws LibvirtException {
pool.refresh(0);
return;
@@ -1235,28 +1223,4 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
vol.delete(0);
}
- private boolean lock(String path, int wait) {
- File lockFile = new File(path);
- lockFile.getParentFile().mkdir();
- boolean havelock = false;
- try {
- while (wait > 0) {
- if (lockFile.createNewFile()) {
- havelock = true;
- break;
- }
- s_logger.debug("lockFile " + _lockfile + " already exists, waiting 1000 ms");
- Thread.sleep(1000);
- wait--;
- }
- } catch (IOException e) {
- } catch (InterruptedException e) {
- }
- return havelock;
- }
-
- private void unlock(String path) {
- File lockFile = new File(path);
- lockFile.delete();
- }
}
[4/4] git commit: updated refs/heads/master to 382391f
Posted by we...@apache.org.
CLOUDSTACK-4987: only shared network and isolated network with same account can be assigned to a VM
(cherry picked from commit 743eed8771ce0fc382c3f1018e42d357d79163c5)
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/382391f2
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/382391f2
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/382391f2
Branch: refs/heads/master
Commit: 382391f270836c5840076858fac62eac318e3f27
Parents: bad2390
Author: Wei Zhou <w....@leaseweb.com>
Authored: Thu Oct 31 11:27:56 2013 +0100
Committer: Wei Zhou <w....@leaseweb.com>
Committed: Thu Oct 31 11:37:31 2013 +0100
----------------------------------------------------------------------
server/src/com/cloud/vm/UserVmManagerImpl.java | 9 ++++++++-
ui/scripts/instances.js | 5 +++--
ui/scripts/network.js | 10 ++++------
3 files changed, 15 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/382391f2/server/src/com/cloud/vm/UserVmManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index a0c7151..80a4036 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -925,6 +925,10 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
if(network == null) {
throw new InvalidParameterValueException("unable to find a network with id " + networkId);
}
+ if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
+ && !(network.getAclType() == ACLType.Account && network.getAccountId() == vmInstance.getAccountId())) {
+ throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vmId: " + vmId);
+ }
List<NicVO> allNics = _nicDao.listByVmId(vmInstance.getId());
for(NicVO nic : allNics){
if(nic.getNetworkId() == network.getId())
@@ -2661,7 +2665,10 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
+ network.getId() + " doesn't belong to zone "
+ zone.getId());
}
-
+ if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
+ && !(network.getAclType() == ACLType.Account && network.getAccountId() == accountId)) {
+ throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vm");
+ }
IpAddresses requestedIpPair = null;
if (requestedIps != null && !requestedIps.isEmpty()) {
requestedIpPair = requestedIps.get(network.getId());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/382391f2/ui/scripts/instances.js
----------------------------------------------------------------------
diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index ac8605a..a3d4ca5 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -1789,8 +1789,9 @@
$.ajax({
url: createURL('listNetworks'),
data: {
- listAll: true,
- zoneid: args.context.instances[0].zoneid
+ zoneid: args.context.instances[0].zoneid,
+ account: args.context.instances[0].account,
+ domainid: args.context.instances[0].domainid
},
success: function(json) {
args.response.success({
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/382391f2/ui/scripts/network.js
----------------------------------------------------------------------
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index fabbe1c..708b2f1 100755
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -617,12 +617,10 @@
});
}
- if (args.$form.find('.form-item[rel=domain]').css("display") != "none") {
- if (args.data.domain != null && args.data.domain.length > 0) {
- $.extend(dataObj, {
- domainid: args.data.domain
- });
- }
+ if (args.data.domain != null && args.data.domain.length > 0) {
+ $.extend(dataObj, {
+ domainid: args.data.domain
+ });
if (args.data.account != null && args.data.account.length > 0) {
$.extend(dataObj, {
account: args.data.account