You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2015/06/17 22:04:08 UTC
[4/4] git commit: updated refs/heads/4.4 to f0cc5c5
CLOUDSTACK-8537 refactor registerSSHKeyPair() for legibility and testability reasons
Signed-off-by: Daan Hoogland <da...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c8211312
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c8211312
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c8211312
Branch: refs/heads/4.4
Commit: c8211312ab4041b1300d35926f5efa35ad765f9d
Parents: f294d31
Author: Daan Hoogland <da...@gmail.com>
Authored: Tue Jun 9 23:57:00 2015 +0200
Committer: Daan Hoogland <da...@gmail.com>
Committed: Wed Jun 17 21:14:27 2015 +0200
----------------------------------------------------------------------
.../com/cloud/server/ManagementServerImpl.java | 110 ++++++++++++++-----
1 file changed, 83 insertions(+), 27 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c8211312/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 74319a3..050381a 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -16,7 +16,9 @@
// under the License.
package com.cloud.server;
+import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
+import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
@@ -938,7 +940,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean archiveEvents(ArchiveEventsCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -965,7 +967,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteEvents(DeleteEventsCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -1089,8 +1091,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Ternary<Pair<List<? extends Host>, Integer>, List<? extends Host>, Map<Host, Boolean>> listHostsForMigrationOfVM(Long vmId, Long startIndex, Long pageSize) {
- // access check - only root admin can migrate VM
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the VM");
@@ -1263,8 +1264,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Pair<List<? extends StoragePool>, List<? extends StoragePool>> listStoragePoolsForMigrationOfVolume(Long volumeId) {
- // Access check - only root administrator can migrate volumes.
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the volume");
@@ -1746,7 +1746,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
List<Long> permittedAccounts = new ArrayList<Long>();
ListProjectResourcesCriteria listProjectResourcesCriteria = null;
if (isAllocated) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
cmd.getDomainId(), cmd.isRecursive(), null);
@@ -2234,8 +2234,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
throw new InvalidParameterValueException("ROOT domain can not be edited with a new name");
}
- // check permissions
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
_accountMgr.checkAccess(caller, domain);
// domain name is unique under the parent domain
@@ -3282,7 +3281,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public ArrayList<String> getCloudIdentifierResponse(long userId) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
// verify that user exists
User user = _accountMgr.getUserIncludingRemoved(userId);
@@ -3322,7 +3321,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
public Map<String, Object> listCapabilities(ListCapabilitiesCmd cmd) {
Map<String, Object> capabilities = new HashMap<String, Object>();
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
boolean securityGroupsEnabled = false;
boolean elasticLoadBalancerEnabled = false;
boolean KVMSnapshotEnabled = false;
@@ -3388,7 +3387,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public InstanceGroupVO updateVmGroup(UpdateVMGroupCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
Long groupId = cmd.getId();
String groupName = cmd.getGroupName();
@@ -3506,7 +3505,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@@ -3530,7 +3529,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteSSHKeyPair(DeleteSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@@ -3558,7 +3557,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
String name = cmd.getName();
String fingerPrint = cmd.getFingerprint();
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
List<Long> permittedAccounts = new ArrayList<Long>();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
@@ -3590,30 +3589,87 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
@ActionEvent(eventType = EventTypes.EVENT_REGISTER_SSH_KEYPAIR, eventDescription = "registering ssh keypair", async = true)
public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account owner = getOwner(cmd);
+ checkForKeyByName(cmd, owner);
+ checkForKeyByPublicKey(cmd, owner);
- Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
+ String name = cmd.getName();
+ String key = cmd.getPublicKey();
+ try {
+ key = URLDecoder.decode(key, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
+ }
+ String publicKey = getPublicKeyFromKeyKeyMaterial(key);
+ String fingerprint = getFingerprint(publicKey);
- SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
+ return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+ }
+
+ /**
+ * @param cmd
+ * @param owner
+ * @throws InvalidParameterValueException
+ */
+ private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+ SSHKeyPairVO existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
if (existingPair != null) {
- throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
+ throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
}
+ }
- existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
+ /**
+ * @param cmd
+ * @param owner
+ * @throws InvalidParameterValueException
+ */
+ private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
+ SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (existingPair != null) {
- throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
+ throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
}
+ }
- String name = cmd.getName();
- String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(cmd.getPublicKey());
+ /**
+ * @param publicKey
+ * @return
+ */
+ private String getFingerprint(String publicKey) {
+ String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+ return fingerprint;
+ }
+
+ /**
+ * @param key
+ * @return
+ * @throws InvalidParameterValueException
+ */
+ private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParameterValueException {
+ String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(key);
if (publicKey == null) {
throw new InvalidParameterValueException("Public key is invalid");
}
+ return publicKey;
+ }
- String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+ /**
+ * @param cmd
+ * @return
+ */
+ private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+ Account caller = getCaller();
- return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+ Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
+ return owner;
+ }
+
+ /**
+ * @return
+ */
+ private Account getCaller() {
+ Account caller = CallContext.current().getCallingAccount();
+ return caller;
}
private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, String publicKey, String privateKey, Account owner) {
@@ -3633,7 +3689,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public String getVMPassword(GetVMPasswordCmd cmd) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
UserVmVO vm = _userVmDao.findById(cmd.getId());
if (vm == null) {
@@ -3809,7 +3865,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
}
private VirtualMachine upgradeStoppedSystemVm(Long systemVmId, Long serviceOfferingId, Map<String, String> customparameters) {
- Account caller = CallContext.current().getCallingAccount();
+ Account caller = getCaller();
VMInstanceVO systemVm = _vmInstanceDao.findByIdTypes(systemVmId, VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm);
if (systemVm == null) {