You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2020/09/18 12:40:16 UTC
[GitHub] [cloudstack] DaanHoogland commented on a change in pull request #4135: Remove use of blacklist/whitelist terms
DaanHoogland commented on a change in pull request #4135:
URL: https://github.com/apache/cloudstack/pull/4135#discussion_r490916649
##########
File path: plugins/acl/dynamic-role-based/src/main/java/org/apache/cloudstack/acl/DynamicRoleBasedAPIAccessChecker.java
##########
@@ -54,7 +54,7 @@ protected DynamicRoleBasedAPIAccessChecker() {
}
private void denyApiAccess(final String commandName) throws PermissionDeniedException {
- throw new PermissionDeniedException("The API " + commandName + " is blacklisted for the account's role.");
+ throw new PermissionDeniedException("The API " + commandName + " is deny listed for the account's role.");
Review comment:
```suggestion
throw new PermissionDeniedException("The API " + commandName + " is denied for the account's role.");
```
##########
File path: plugins/acl/static-role-based/src/main/java/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
##########
@@ -90,7 +90,7 @@ public boolean checkAccess(User user, String commandName) throws PermissionDenie
}
if (commandNames.contains(commandName)) {
- throw new PermissionDeniedException("The API is blacklisted. Role type=" + roleType.toString() + " is not allowed to request the api: " + commandName);
+ throw new PermissionDeniedException("The API is deny listed. Role type=" + roleType.toString() + " is not allowed to request the api: " + commandName);
Review comment:
```suggestion
throw new PermissionDeniedException("The API is denied. Role type=" + roleType.toString() + " is not allowed to request the api: " + commandName);
```
##########
File path: server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
##########
@@ -2516,15 +2516,15 @@ public UserVm updateVirtualMachine(UpdateVMCmd cmd) throws ResourceUnavailableEx
}
if (caller != null && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
- // Ensure blacklisted detail is not passed by non-root-admin user
+ // Ensure deny listed detail is not passed by non-root-admin user
for (final String detailName : details.keySet()) {
- if (userBlacklistedSettings.contains(detailName)) {
+ if (userDenyListedSettings.contains(detailName)) {
throw new InvalidParameterValueException("You're not allowed to add or edit the restricted setting: " + detailName);
}
}
- // Add any hidden/blacklisted detail
+ // Add any hidden/denylisted detail
Review comment:
```suggestion
// Add any hidden/denied detail
```
##########
File path: server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
##########
@@ -5312,7 +5312,7 @@ protected boolean isValidXenOrVmwareConfiguration(String cfg, String[] allowedKe
* @param vm
*/
protected void persistExtraConfigKvm(String decodedUrl, UserVm vm) {
- // validate config against blacklisted cfg commands
+ // validate config against denylisted cfg commands
Review comment:
```suggestion
// validate config against denied cfg commands
```
##########
File path: plugins/database/mysql-ha/src/main/java/com/cloud/utils/db/StaticStrategy.java
##########
@@ -44,21 +44,21 @@ public JdbcConnection pickConnection(InvocationHandler proxy, List<String> confi
SQLException ex = null;
- List<String> whiteList = new ArrayList<String>(numHosts);
- whiteList.addAll(configuredHosts);
+ List<String> allowList = new ArrayList<String>(numHosts);
+ allowList.addAll(configuredHosts);
- Map<String, Long> blackList = ((LoadBalancedConnectionProxy) proxy).getGlobalBlacklist();
+ Map<String, Long> denylist = ((LoadBalancedConnectionProxy) proxy).getGlobalBlacklist();
Review comment:
maybe good to change that method name as well? `getGlobalBlacklist()` ==>> `getGlobalDenylist()`
##########
File path: server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
##########
@@ -1000,7 +1000,7 @@ private String validateConfigurationValue(final String name, String value, final
if (route != null) {
final String routeToVerify = route.trim();
if (!NetUtils.isValidIp4Cidr(routeToVerify)) {
- throw new InvalidParameterValueException("Invalid value for blacklisted route: " + route + ". Valid format is list"
+ throw new InvalidParameterValueException("Invalid value for deny listed route: " + route + ". Valid format is list"
Review comment:
```suggestion
throw new InvalidParameterValueException("Invalid value for route in deny list: " + route + ". Valid format is list"
```
##########
File path: engine/schema/src/main/resources/META-INF/db/schema-410to420.sql
##########
@@ -2065,7 +2065,7 @@ alter table `cloud`.`vpc_gateways` add column network_acl_id bigint unsigned def
update `cloud`.`vpc_gateways` set network_acl_id = 2;
-INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'VpcManager', 'blacklisted.routes', NULL, 'Routes that are blacklisted, can not be used for Static Routes creation for the VPC Private Gateway');
+INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'VpcManager', 'blacklisted.routes', NULL, 'Routes that are denied, can not be used for Static Routes creation for the VPC Private Gateway');
Review comment:
this should be done in a 4.14 to 4.15 upgrade file and not in this old one.
##########
File path: server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
##########
@@ -2516,15 +2516,15 @@ public UserVm updateVirtualMachine(UpdateVMCmd cmd) throws ResourceUnavailableEx
}
if (caller != null && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
- // Ensure blacklisted detail is not passed by non-root-admin user
+ // Ensure deny listed detail is not passed by non-root-admin user
Review comment:
```suggestion
// Ensure denied detail is not passed by non-root-admin user
```
##########
File path: server/src/main/java/com/cloud/network/vpc/VpcManagerImpl.java
##########
@@ -2272,9 +2272,9 @@ public StaticRoute createStaticRoute(final long gatewayId, final String cidr) th
throw new InvalidParameterValueException("CIDR should be outside of link local cidr " + NetUtils.getLinkLocalCIDR());
}
- // 3) Verify against blacklisted routes
- if (isCidrBlacklisted(cidr, vpc.getZoneId())) {
- throw new InvalidParameterValueException("The static gateway cidr overlaps with one of the blacklisted routes of the zone the VPC belongs to");
+ // 3) Verify against deny listed routes
+ if (isCidrDenylisted(cidr, vpc.getZoneId())) {
+ throw new InvalidParameterValueException("The static gateway cidr overlaps with one of the deny listed routes of the zone the VPC belongs to");
Review comment:
```suggestion
// 3) Verify against denied routes
if (isCidrDenylisted(cidr, vpc.getZoneId())) {
throw new InvalidParameterValueException("The static gateway cidr overlaps with one of the denied routes of the zone the VPC belongs to");
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org