You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2013/12/05 03:45:03 UTC
git commit: updated refs/heads/rbac to c3f480e
Updated Branches:
refs/heads/rbac cf69731a5 -> c3f480e9b
Updated db schema based on latest FS. Still need to fix old code in
AclServiceImpl, RoleBasedEntityAccessChecker and QueryManagerImpl to
make all build.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/c3f480e9
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/c3f480e9
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/c3f480e9
Branch: refs/heads/rbac
Commit: c3f480e9b98d2ba2b8babd7fd035ccf68630a043
Parents: cf69731
Author: Min Chen <mi...@citrix.com>
Authored: Wed Dec 4 18:44:30 2013 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Wed Dec 4 18:44:30 2013 -0800
----------------------------------------------------------------------
.../cloudstack/acl/AclEntityPermissionVO.java | 133 -------------------
.../cloudstack/acl/AclGroupRoleMapVO.java | 81 -----------
.../acl/AclPolicyPermissionMapVO.java | 81 -----------
.../cloudstack/acl/AclRolePermissionVO.java | 118 ----------------
.../org/apache/cloudstack/acl/AclRoleVO.java | 124 -----------------
.../acl/dao/AclEntityPermissionDao.java | 32 -----
.../acl/dao/AclEntityPermissionDaoImpl.java | 85 ------------
.../acl/dao/AclGroupPolicyMapDao.java | 17 +++
.../acl/dao/AclGroupPolicyMapDaoImpl.java | 61 +++++++++
.../cloudstack/acl/dao/AclGroupRoleMapDao.java | 33 -----
.../acl/dao/AclGroupRoleMapDaoImpl.java | 80 -----------
.../apache/cloudstack/acl/dao/AclPolicyDao.java | 28 ++++
.../cloudstack/acl/dao/AclPolicyDaoImpl.java | 59 ++++++++
.../acl/dao/AclPolicyPermissionMapDao.java | 25 ----
.../acl/dao/AclPolicyPermissionMapDaoImpl.java | 43 ------
.../apache/cloudstack/acl/dao/AclRoleDao.java | 28 ----
.../cloudstack/acl/dao/AclRoleDaoImpl.java | 59 --------
.../acl/dao/AclRolePermissionDao.java | 36 -----
.../acl/dao/AclRolePermissionDaoImpl.java | 96 -------------
.../com/cloud/api/query/QueryManagerImpl.java | 4 +-
.../apache/cloudstack/acl/AclServiceImpl.java | 41 +++---
21 files changed, 186 insertions(+), 1078 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/AclEntityPermissionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclEntityPermissionVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclEntityPermissionVO.java
deleted file mode 100644
index 151e9c0..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/AclEntityPermissionVO.java
+++ /dev/null
@@ -1,133 +0,0 @@
-package org.apache.cloudstack.acl;
-
-import java.util.Date;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.EnumType;
-import javax.persistence.Enumerated;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-import com.cloud.utils.db.GenericDao;
-
-@Entity
-@Table(name = ("acl_entity_permission"))
-public class AclEntityPermissionVO implements AclEntityPermission {
-
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- private long id;
-
- @Column(name = "group_id")
- private long aclGroupId;
-
- @Column(name = "entity_type")
- private String entityType;
-
- @Column(name = "entity_id")
- private long entityId;
-
- @Column(name = "entity_uuid")
- private String entityUuid;
-
- @Column(name = "access_type")
- @Enumerated(value = EnumType.STRING)
- AccessType accessType;
-
- @Column(name = "permission")
- private boolean allowed;
-
- @Column(name = GenericDao.REMOVED_COLUMN)
- private Date removed;
-
- @Column(name = GenericDao.CREATED_COLUMN)
- private Date created;
-
- public AclEntityPermissionVO() {
-
- }
-
- public AclEntityPermissionVO(long groupId, String entityType, long entityId, String entityUuid, AccessType atype,
- boolean permission) {
- aclGroupId = groupId;
- this.entityType = entityType;
- this.entityId = entityId;
- this.entityUuid = entityUuid;
- accessType = atype;
- allowed = permission;
- }
-
- @Override
- public long getId() {
- return id;
- }
-
- @Override
- public Long getAclGroupId() {
- return aclGroupId;
- }
-
- @Override
- public String getEntityType() {
- return entityType;
- }
-
- @Override
- public Long getEntityId() {
- return entityId;
- }
-
- public String getEntityUuid() {
- return entityUuid;
- }
-
- @Override
- public AccessType getAccessType() {
- return accessType;
- }
-
-
- public void setAclGroupId(long aclGroupId) {
- this.aclGroupId = aclGroupId;
- }
-
- public void setEntityType(String entityType) {
- this.entityType = entityType;
- }
-
- public void setEntityId(long entityId) {
- this.entityId = entityId;
- }
-
- public void setEntityUuid(String entityUuid) {
- this.entityUuid = entityUuid;
- }
-
- public void setAccessType(AccessType accessType) {
- this.accessType = accessType;
- }
-
- public Date getRemoved() {
- return removed;
- }
-
- public Date getCreated() {
- return created;
- }
-
- @Override
- public boolean isAllowed() {
- return allowed;
- }
-
- public void setAllowed(boolean allowed) {
- this.allowed = allowed;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/AclGroupRoleMapVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclGroupRoleMapVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclGroupRoleMapVO.java
deleted file mode 100644
index b866524..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/AclGroupRoleMapVO.java
+++ /dev/null
@@ -1,81 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl;
-
-import java.util.Date;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-import org.apache.cloudstack.api.InternalIdentity;
-
-import com.cloud.utils.db.GenericDao;
-
-@Entity
-@Table(name = ("acl_group_role_map"))
-public class AclGroupRoleMapVO implements InternalIdentity {
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- private Long id;
-
- @Column(name = "group_id")
- private long aclGroupId;
-
- @Column(name = "role_id")
- private long aclRoleId;
-
- @Column(name = GenericDao.REMOVED_COLUMN)
- private Date removed;
-
- @Column(name = GenericDao.CREATED_COLUMN)
- private Date created;
-
- public AclGroupRoleMapVO() {
- }
-
- public AclGroupRoleMapVO(long aclGroupId, long aclRoleId) {
- this.aclGroupId = aclGroupId;
- this.aclRoleId = aclRoleId;
- }
-
- @Override
- public long getId() {
- return id;
- }
-
- public long getAclGroupId() {
- return aclGroupId;
- }
-
-
- public long getAclRoleId() {
- return aclRoleId;
- }
-
- public Date getRemoved() {
- return removed;
- }
-
- public Date getCreated() {
- return created;
- }
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionMapVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionMapVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionMapVO.java
deleted file mode 100644
index 7ffecbf..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionMapVO.java
+++ /dev/null
@@ -1,81 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl;
-
-import java.util.Date;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-import org.apache.cloudstack.api.InternalIdentity;
-
-import com.cloud.utils.db.GenericDao;
-
-@Entity
-@Table(name = ("acl_policy_permission_map"))
-public class AclPolicyPermissionMapVO implements InternalIdentity {
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- private Long id;
-
- @Column(name = "policy_id")
- private long aclPolicyId;
-
- @Column(name = "permission_id")
- private long aclPermissionId;
-
- @Column(name = GenericDao.REMOVED_COLUMN)
- private Date removed;
-
- @Column(name = GenericDao.CREATED_COLUMN)
- private Date created;
-
- public AclPolicyPermissionMapVO() {
- }
-
- public AclPolicyPermissionMapVO(long aclPolicyId, long aclPermissionId) {
- this.aclPolicyId = aclPolicyId;
- this.aclPermissionId = aclPermissionId;
- }
-
- @Override
- public long getId() {
- return id;
- }
-
-
- public long getAclPolicyId() {
- return aclPolicyId;
- }
-
- public long getAclPermissionId() {
- return aclPermissionId;
- }
-
- public Date getRemoved() {
- return removed;
- }
-
- public Date getCreated() {
- return created;
- }
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/AclRolePermissionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclRolePermissionVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclRolePermissionVO.java
deleted file mode 100644
index d1a8e32..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/AclRolePermissionVO.java
+++ /dev/null
@@ -1,118 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.EnumType;
-import javax.persistence.Enumerated;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-@Entity
-@Table(name = ("acl_role_permission"))
-public class AclRolePermissionVO implements AclRolePermission {
-
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- private long id;
-
- @Column(name = "role_id")
- private long aclRoleId;
-
- @Column(name = "entity_type")
- private String entityType;
-
- @Column(name = "access_type")
- @Enumerated(value = EnumType.STRING)
- AccessType accessType;
-
- @Column(name = "scope")
- @Enumerated(value = EnumType.STRING)
- PermissionScope scope;
-
- @Column(name = "permission")
- private boolean allowed;
-
-
- public AclRolePermissionVO() {
-
- }
-
- public AclRolePermissionVO(long roleId, String entityType, AccessType atype) {
- aclRoleId = roleId;
- this.entityType = entityType;
- accessType = atype;
- }
-
- @Override
- public long getId() {
- return id;
- }
-
- @Override
- public Long getAclRoleId() {
- return aclRoleId;
- }
-
- @Override
- public String getEntityType() {
- return entityType;
- }
-
- @Override
- public AccessType getAccessType() {
- return accessType;
- }
-
-
- public void setAclRoleId(long aclRoleId) {
- this.aclRoleId = aclRoleId;
- }
-
- public void setEntityType(String entityType) {
- this.entityType = entityType;
- }
-
- public void setAccessType(AccessType accessType) {
- this.accessType = accessType;
- }
-
- @Override
- public PermissionScope getScope() {
- return scope;
- }
-
- public void setScope(PermissionScope scope) {
- this.scope = scope;
- }
-
- @Override
- public boolean isAllowed() {
- return allowed;
- }
-
- public void setAllowed(boolean allowed) {
- this.allowed = allowed;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/AclRoleVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclRoleVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclRoleVO.java
deleted file mode 100644
index 30ba472..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/AclRoleVO.java
+++ /dev/null
@@ -1,124 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl;
-
-import java.util.Date;
-import java.util.UUID;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.EnumType;
-import javax.persistence.Enumerated;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-import com.cloud.utils.db.GenericDao;
-
-@Entity
-@Table(name = ("acl_role"))
-public class AclRoleVO implements AclRole {
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "id")
- private long id;
-
- @Column(name = "name")
- private String name;
-
- @Column(name = "description")
- private String description;
-
- @Column(name = "uuid")
- private String uuid;
-
-
- @Column(name = "domain_id")
- private long domainId;
-
- @Column(name = GenericDao.REMOVED_COLUMN)
- private Date removed;
-
- @Column(name = GenericDao.CREATED_COLUMN)
- private Date created;
-
- @Column(name = "role_type")
- @Enumerated(value = EnumType.STRING)
- private AclRole.RoleType roleType;
-
- public AclRoleVO() {
- uuid = UUID.randomUUID().toString();
- }
-
- public AclRoleVO(String name, String description) {
- this.name = name;
- this.description = description;
- uuid = UUID.randomUUID().toString();
- this.roleType = AclRole.RoleType.Static;
- }
-
- @Override
- public long getId() {
- return id;
- }
-
- @Override
- public String getName() {
- return name;
- }
-
- @Override
- public String getDescription() {
- return description;
- }
-
-
- @Override
- public String getUuid() {
- return uuid;
- }
-
- public void setUuid(String uuid) {
- this.uuid = uuid;
- }
-
- public Date getRemoved() {
- return removed;
- }
-
- public Date getCreated() {
- return created;
- }
-
- @Override
- public long getDomainId() {
- return domainId;
- }
-
- public void setDomainId(long domainId) {
- this.domainId = domainId;
- }
-
- public RoleType getRoleType() {
- return roleType;
- }
-
- public void setRoleType(RoleType roleType) {
- this.roleType = roleType;
- }
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDao.java
deleted file mode 100644
index 74427a1..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDao.java
+++ /dev/null
@@ -1,32 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.acl.AclEntityPermissionVO;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclEntityPermissionDao extends GenericDao<AclEntityPermissionVO, Long> {
-
- AclEntityPermissionVO findByGroupAndEntity(long groupId, String entityType, long entityId, AccessType accessType);
-
- List<Long> findEntityIdByGroupAndPermission(long groupId, String entityType, AccessType accessType, boolean isAllowed);
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDaoImpl.java
deleted file mode 100644
index aa7aaf4..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclEntityPermissionDaoImpl.java
+++ /dev/null
@@ -1,85 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.springframework.stereotype.Component;
-
-import org.apache.cloudstack.acl.AclEntityPermissionVO;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclEntityPermissionDaoImpl extends GenericDaoBase<AclEntityPermissionVO, Long> implements AclEntityPermissionDao {
- private SearchBuilder<AclEntityPermissionVO> findByGroupEntity;
-
- public AclEntityPermissionDaoImpl()
- {
-
- }
-
- @Override
- public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- super.configure(name, params);
-
- findByGroupEntity = createSearchBuilder();
- findByGroupEntity.and("groupId", findByGroupEntity.entity().getAclGroupId(), SearchCriteria.Op.EQ);
- findByGroupEntity.and("entityType", findByGroupEntity.entity().getEntityType(), SearchCriteria.Op.EQ);
- findByGroupEntity.and("entityId", findByGroupEntity.entity().getEntityId(), SearchCriteria.Op.EQ);
- findByGroupEntity.and("accessType", findByGroupEntity.entity().getAccessType(), SearchCriteria.Op.EQ);
- findByGroupEntity.and("allowed", findByGroupEntity.entity().isAllowed(), SearchCriteria.Op.EQ);
- findByGroupEntity.done();
-
- return true;
- }
-
- @Override
- public AclEntityPermissionVO findByGroupAndEntity(long groupId, String entityType, long entityId, AccessType accessType) {
- SearchCriteria<AclEntityPermissionVO> sc = findByGroupEntity.create();
- sc.setParameters("groupId", groupId);
- sc.setParameters("entityType", entityType);
- sc.setParameters("entityId", entityId);
- sc.setParameters("accessType", accessType);
- return findOneBy(sc);
- }
-
- @Override
- public List<Long> findEntityIdByGroupAndPermission(long groupId, String entityType, AccessType accessType, boolean isAllowed) {
- List<Long> idList = new ArrayList<Long>();
- SearchCriteria<AclEntityPermissionVO> sc = findByGroupEntity.create();
- sc.setParameters("groupId", groupId);
- sc.setParameters("entityType", entityType);
- sc.setParameters("allowed", isAllowed);
- sc.setParameters("accessType", accessType);
- List<AclEntityPermissionVO> permList = listBy(sc);
- if (permList != null) {
- for (AclEntityPermissionVO perm : permList) {
- idList.add(perm.getEntityId());
- }
- }
- return idList;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDao.java
new file mode 100644
index 0000000..a92ce26
--- /dev/null
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDao.java
@@ -0,0 +1,17 @@
+package org.apache.cloudstack.acl.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.acl.AclGroupPolicyMapVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface AclGroupPolicyMapDao extends GenericDao<AclGroupPolicyMapVO, Long> {
+
+ List<AclGroupPolicyMapVO> listByGroupId(long groupId);
+
+ List<AclGroupPolicyMapVO> listByPolicyId(long policyId);
+
+ AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId);
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDaoImpl.java
new file mode 100644
index 0000000..cb34a57
--- /dev/null
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupPolicyMapDaoImpl.java
@@ -0,0 +1,61 @@
+package org.apache.cloudstack.acl.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.acl.AclGroupPolicyMapVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+public class AclGroupPolicyMapDaoImpl extends GenericDaoBase<AclGroupPolicyMapVO, Long> implements AclGroupPolicyMapDao {
+
+ private SearchBuilder<AclGroupPolicyMapVO> ListByGroupId;
+ private SearchBuilder<AclGroupPolicyMapVO> ListByPolicyId;
+ private SearchBuilder<AclGroupPolicyMapVO> findByPolicyGroupId;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ ListByGroupId = createSearchBuilder();
+ ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+ ListByGroupId.done();
+
+ ListByPolicyId = createSearchBuilder();
+ ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ ListByPolicyId.done();
+
+ findByPolicyGroupId = createSearchBuilder();
+ findByPolicyGroupId.and("policyId", findByPolicyGroupId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+ findByPolicyGroupId.and("groupId", findByPolicyGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+ findByPolicyGroupId.done();
+
+ return true;
+ }
+
+ @Override
+ public List<AclGroupPolicyMapVO> listByGroupId(long groupId) {
+ SearchCriteria<AclGroupPolicyMapVO> sc = ListByGroupId.create();
+ sc.setParameters("groupId", groupId);
+ return listBy(sc);
+ }
+
+ @Override
+ public List<AclGroupPolicyMapVO> listByPolicyId(long policyId) {
+ SearchCriteria<AclGroupPolicyMapVO> sc = ListByPolicyId.create();
+ sc.setParameters("policyId", policyId);
+ return listBy(sc);
+ }
+
+ @Override
+ public AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId) {
+ SearchCriteria<AclGroupPolicyMapVO> sc = findByPolicyGroupId.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("groupId", groupId);
+ return findOneBy(sc);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDao.java
deleted file mode 100644
index 0dfddb4..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDao.java
+++ /dev/null
@@ -1,33 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.acl.AclGroupRoleMapVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclGroupRoleMapDao extends GenericDao<AclGroupRoleMapVO, Long> {
-
- List<AclGroupRoleMapVO> listByGroupId(long groupId);
-
- List<AclGroupRoleMapVO> listByRoleId(long roleId);
-
- AclGroupRoleMapVO findByGroupAndRole(long groupId, long roleId);
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDaoImpl.java
deleted file mode 100644
index 3204dae..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclGroupRoleMapDaoImpl.java
+++ /dev/null
@@ -1,80 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.springframework.stereotype.Component;
-
-import org.apache.cloudstack.acl.AclGroupRoleMapVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclGroupRoleMapDaoImpl extends GenericDaoBase<AclGroupRoleMapVO, Long> implements AclGroupRoleMapDao {
- private SearchBuilder<AclGroupRoleMapVO> ListByGroupId;
- private SearchBuilder<AclGroupRoleMapVO> ListByRoleId;
- private SearchBuilder<AclGroupRoleMapVO> findByRoleGroupId;
-
- @Override
- public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- super.configure(name, params);
-
- ListByGroupId = createSearchBuilder();
- ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
- ListByGroupId.done();
-
- ListByRoleId = createSearchBuilder();
- ListByRoleId.and("roleId", ListByRoleId.entity().getAclRoleId(), SearchCriteria.Op.EQ);
- ListByRoleId.done();
-
- findByRoleGroupId = createSearchBuilder();
- findByRoleGroupId.and("roleId", findByRoleGroupId.entity().getAclRoleId(), SearchCriteria.Op.EQ);
- findByRoleGroupId.and("groupId", findByRoleGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
- findByRoleGroupId.done();
-
- return true;
- }
-
- @Override
- public List<AclGroupRoleMapVO> listByGroupId(long groupId) {
- SearchCriteria<AclGroupRoleMapVO> sc = ListByGroupId.create();
- sc.setParameters("groupId", groupId);
- return listBy(sc);
- }
-
- @Override
- public List<AclGroupRoleMapVO> listByRoleId(long roleId) {
- SearchCriteria<AclGroupRoleMapVO> sc = ListByRoleId.create();
- sc.setParameters("roleId", roleId);
- return listBy(sc);
- }
-
- @Override
- public AclGroupRoleMapVO findByGroupAndRole(long groupId, long roleId) {
- SearchCriteria<AclGroupRoleMapVO> sc = findByRoleGroupId.create();
- sc.setParameters("roleId", roleId);
- sc.setParameters("groupId", groupId);
- return findOneBy(sc);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDao.java
new file mode 100644
index 0000000..c74b53a
--- /dev/null
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDao.java
@@ -0,0 +1,28 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl.dao;
+
+import org.apache.cloudstack.acl.AclPolicy;
+import org.apache.cloudstack.acl.AclPolicyVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface AclPolicyDao extends GenericDao<AclPolicyVO, Long> {
+
+ AclPolicy findByName(Long domainId, String policyName);
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDaoImpl.java
new file mode 100644
index 0000000..3cb32fd
--- /dev/null
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyDaoImpl.java
@@ -0,0 +1,59 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.acl.dao;
+
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.springframework.stereotype.Component;
+
+import org.apache.cloudstack.acl.AclPolicy;
+import org.apache.cloudstack.acl.AclPolicyVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+public class AclPolicyDaoImpl extends GenericDaoBase<AclPolicyVO, Long> implements AclPolicyDao {
+ private SearchBuilder<AclPolicyVO> nameSearch;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ super.configure(name, params);
+
+ nameSearch = createSearchBuilder();
+ nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
+ nameSearch.and("domainId", nameSearch.entity().getDomainId(), SearchCriteria.Op.EQ);
+ nameSearch.done();
+
+
+ return true;
+ }
+
+ @Override
+ public AclPolicy findByName(Long domainId, String name) {
+ SearchCriteria<AclPolicyVO> sc = nameSearch.create();
+ sc.setParameters("name", name);
+ if (domainId != null) {
+ sc.setParameters("domainId", domainId);
+ }
+ return findOneBy(sc);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDao.java
deleted file mode 100644
index 0b18e36..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDao.java
+++ /dev/null
@@ -1,25 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import org.apache.cloudstack.acl.AclPolicyPermissionMapVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclPolicyPermissionMapDao extends GenericDao<AclPolicyPermissionMapVO, Long> {
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDaoImpl.java
deleted file mode 100644
index fe4579d..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionMapDaoImpl.java
+++ /dev/null
@@ -1,43 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.acl.AclPolicyPermissionMapVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-
-public class AclPolicyPermissionMapDaoImpl extends GenericDaoBase<AclPolicyPermissionMapVO, Long> implements
- AclPolicyPermissionMapDao {
-
- public AclPolicyPermissionMapDaoImpl()
- {
-
- }
-
- @Override
- public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- super.configure(name, params);
-
- return true;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDao.java
deleted file mode 100644
index e846ae2..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDao.java
+++ /dev/null
@@ -1,28 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import org.apache.cloudstack.acl.AclRole;
-import org.apache.cloudstack.acl.AclRoleVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclRoleDao extends GenericDao<AclRoleVO, Long> {
-
- AclRole findByName(Long domainId, String roleName);
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDaoImpl.java
deleted file mode 100644
index f1e0047..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRoleDaoImpl.java
+++ /dev/null
@@ -1,59 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.springframework.stereotype.Component;
-
-import org.apache.cloudstack.acl.AclRole;
-import org.apache.cloudstack.acl.AclRoleVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclRoleDaoImpl extends GenericDaoBase<AclRoleVO, Long> implements AclRoleDao {
- private SearchBuilder<AclRoleVO> nameSearch;
-
- @Override
- public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- super.configure(name, params);
-
- nameSearch = createSearchBuilder();
- nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
- nameSearch.and("domainId", nameSearch.entity().getDomainId(), SearchCriteria.Op.EQ);
- nameSearch.done();
-
-
- return true;
- }
-
- @Override
- public AclRole findByName(Long domainId, String name) {
- SearchCriteria<AclRoleVO> sc = nameSearch.create();
- sc.setParameters("name", name);
- if (domainId != null) {
- sc.setParameters("domainId", domainId);
- }
- return findOneBy(sc);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDao.java
deleted file mode 100644
index d249963..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDao.java
+++ /dev/null
@@ -1,36 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.acl.AclRolePermissionVO;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclRolePermissionDao extends GenericDao<AclRolePermissionVO, Long> {
-
- AclRolePermissionVO findByRoleEntityAndPermission(long roleId, String entityType, AccessType accessType, boolean isAllowed);
-
- AclRolePermissionVO findByRoleAndEntity(long roleId, String entityType, AccessType accessType);
-
- List<AclRolePermissionVO> listByRoleAndEntity(long roleId, String entityType, AccessType accessType);
-
- List<AclRolePermissionVO> listByRole(long roleId);
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDaoImpl.java
deleted file mode 100644
index 9ae81b2..0000000
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclRolePermissionDaoImpl.java
+++ /dev/null
@@ -1,96 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.acl.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.springframework.stereotype.Component;
-
-import org.apache.cloudstack.acl.AclRolePermissionVO;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclRolePermissionDaoImpl extends GenericDaoBase<AclRolePermissionVO, Long> implements AclRolePermissionDao {
- private SearchBuilder<AclRolePermissionVO> findByRoleEntity;
-
- public AclRolePermissionDaoImpl()
- {
-
- }
-
- @Override
- public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- super.configure(name, params);
-
- findByRoleEntity = createSearchBuilder();
- findByRoleEntity.and("roleId", findByRoleEntity.entity().getAclRoleId(), SearchCriteria.Op.EQ);
- findByRoleEntity.and().op("entityType", findByRoleEntity.entity().getEntityType(), SearchCriteria.Op.EQ);
- findByRoleEntity.or("entityTypeStar", findByRoleEntity.entity().getEntityType(), SearchCriteria.Op.EQ);
- findByRoleEntity.cp();
- findByRoleEntity.and("accessType", findByRoleEntity.entity().getAccessType(), SearchCriteria.Op.EQ);
- findByRoleEntity.and("allowed", findByRoleEntity.entity().isAllowed(), SearchCriteria.Op.EQ);
- findByRoleEntity.done();
-
- return true;
- }
-
- @Override
- public AclRolePermissionVO findByRoleEntityAndPermission(long roleId, String entityType, AccessType accessType, boolean isAllowed) {
- SearchCriteria<AclRolePermissionVO> sc = findByRoleEntity.create();
- sc.setParameters("roleId", roleId);
- sc.setParameters("entityType", entityType);
- sc.setParameters("accessType", accessType);
- sc.setParameters("entityTypeStar", "*");
- sc.setParameters("allowed", isAllowed);
- return findOneBy(sc);
- }
-
- @Override
- public AclRolePermissionVO findByRoleAndEntity(long roleId, String entityType, AccessType accessType) {
- SearchCriteria<AclRolePermissionVO> sc = findByRoleEntity.create();
- sc.setParameters("roleId", roleId);
- sc.setParameters("entityType", entityType);
- sc.setParameters("accessType", accessType);
- sc.setParameters("entityTypeStar", "*");
- return findOneBy(sc);
- }
-
- @Override
- public List<AclRolePermissionVO> listByRoleAndEntity(long roleId, String entityType, AccessType accessType) {
- SearchCriteria<AclRolePermissionVO> sc = findByRoleEntity.create();
- sc.setParameters("roleId", roleId);
- sc.setParameters("entityType", entityType);
- sc.setParameters("accessType", accessType);
- sc.setParameters("entityTypeStar", "*");
- return listBy(sc);
- }
-
- @Override
- public List<AclRolePermissionVO> listByRole(long roleId) {
- SearchCriteria<AclRolePermissionVO> sc = findByRoleEntity.create();
- sc.setParameters("roleId", roleId);
- return listBy(sc);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index d436453..8eff952 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -34,7 +34,7 @@ import org.apache.cloudstack.acl.AclRole;
import org.apache.cloudstack.acl.AclService;
import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.acl.dao.AclGroupDao;
-import org.apache.cloudstack.acl.dao.AclRoleDao;
+import org.apache.cloudstack.acl.dao.AclPolicyDao;
import org.apache.cloudstack.affinity.AffinityGroupDomainMapVO;
import org.apache.cloudstack.affinity.AffinityGroupResponse;
import org.apache.cloudstack.affinity.AffinityGroupVMMapVO;
@@ -353,7 +353,7 @@ public class QueryManagerImpl extends ManagerBase implements QueryService {
AclRoleJoinDao _aclRoleJoinDao;
@Inject
- AclRoleDao _aclRoleDao;
+ AclPolicyDao _aclRoleDao;
@Inject
AclGroupJoinDao _aclGroupJoinDao;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/c3f480e9/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/org/apache/cloudstack/acl/AclServiceImpl.java b/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
index 320b542..3e952f4 100644
--- a/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
+++ b/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
@@ -29,12 +29,11 @@ import org.apache.log4j.Logger;
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import org.apache.cloudstack.acl.dao.AclApiPermissionDao;
-import org.apache.cloudstack.acl.dao.AclEntityPermissionDao;
import org.apache.cloudstack.acl.dao.AclGroupAccountMapDao;
import org.apache.cloudstack.acl.dao.AclGroupDao;
-import org.apache.cloudstack.acl.dao.AclGroupRoleMapDao;
-import org.apache.cloudstack.acl.dao.AclRoleDao;
-import org.apache.cloudstack.acl.dao.AclRolePermissionDao;
+import org.apache.cloudstack.acl.dao.AclGroupPolicyMapDao;
+import org.apache.cloudstack.acl.dao.AclPolicyDao;
+import org.apache.cloudstack.acl.dao.AclPolicyPermissionDao;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.context.CallContext;
@@ -78,7 +77,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
AccountDao _accountDao;
@Inject
- AclRoleDao _aclRoleDao;
+ AclPolicyDao _aclRoleDao;
@Inject
AclGroupDao _aclGroupDao;
@@ -87,7 +86,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
EntityManager _entityMgr;
@Inject
- AclGroupRoleMapDao _aclGroupRoleMapDao;
+ AclGroupPolicyMapDao _aclGroupPolicyMapDao;
@Inject
AclGroupAccountMapDao _aclGroupAccountMapDao;
@@ -96,10 +95,8 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
AclApiPermissionDao _apiPermissionDao;
@Inject
- AclRolePermissionDao _rolePermissionDao;
+ AclPolicyPermissionDao _policyPermissionDao;
- @Inject
- AclEntityPermissionDao _entityPermissionDao;
public static HashMap<String, Class> entityClassMap = new HashMap<String, Class>();
@@ -142,11 +139,11 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
AclRole role = _aclRoleDao.persist(rvo);
if (parentRoleId != null) {
// copy parent role permissions
- List<AclRolePermissionVO> perms = _rolePermissionDao.listByRole(parentRoleId);
+ List<AclRolePermissionVO> perms = _policyPermissionDao.listByRole(parentRoleId);
if (perms != null) {
for (AclRolePermissionVO perm : perms) {
perm.setAclRoleId(role.getId());
- _rolePermissionDao.persist(perm);
+ _policyPermissionDao.persist(perm);
}
}
}
@@ -176,10 +173,10 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
@Override
public void doInTransactionWithoutResult(TransactionStatus status) {
// remove this role related entry in acl_group_role_map
- List<AclGroupRoleMapVO> groupRoleMap = _aclGroupRoleMapDao.listByRoleId(role.getId());
+ List<AclGroupRoleMapVO> groupRoleMap = _aclGroupPolicyMapDao.listByRoleId(role.getId());
if (groupRoleMap != null) {
for (AclGroupRoleMapVO gr : groupRoleMap) {
- _aclGroupRoleMapDao.remove(gr.getId());
+ _aclGroupPolicyMapDao.remove(gr.getId());
}
}
@@ -364,11 +361,11 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
}
_accountMgr.checkAccess(caller, null, true, role);
- AclGroupRoleMapVO grMap = _aclGroupRoleMapDao.findByGroupAndRole(groupId, roleId);
+ AclGroupRoleMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndRole(groupId, roleId);
if (grMap == null) {
// not there already
grMap = new AclGroupRoleMapVO(groupId, roleId);
- _aclGroupRoleMapDao.persist(grMap);
+ _aclGroupPolicyMapDao.persist(grMap);
}
}
}
@@ -404,10 +401,10 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
}
_accountMgr.checkAccess(caller, null, true, role);
- AclGroupRoleMapVO grMap = _aclGroupRoleMapDao.findByGroupAndRole(groupId, roleId);
+ AclGroupRoleMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndRole(groupId, roleId);
if (grMap != null) {
// not removed yet
- _aclGroupRoleMapDao.remove(grMap.getId());
+ _aclGroupPolicyMapDao.remove(grMap.getId());
}
}
}
@@ -537,10 +534,10 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
@Override
public void doInTransactionWithoutResult(TransactionStatus status) {
// remove this group related entry in acl_group_role_map
- List<AclGroupRoleMapVO> groupRoleMap = _aclGroupRoleMapDao.listByGroupId(grp.getId());
+ List<AclGroupRoleMapVO> groupRoleMap = _aclGroupPolicyMapDao.listByGroupId(grp.getId());
if (groupRoleMap != null) {
for (AclGroupRoleMapVO gr : groupRoleMap) {
- _aclGroupRoleMapDao.remove(gr.getId());
+ _aclGroupPolicyMapDao.remove(gr.getId());
}
}
@@ -567,7 +564,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
SearchBuilder<AclGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
- GenericSearchBuilder<AclGroupRoleMapVO, Long> roleSB = _aclGroupRoleMapDao.createSearchBuilder(Long.class);
+ GenericSearchBuilder<AclGroupRoleMapVO, Long> roleSB = _aclGroupPolicyMapDao.createSearchBuilder(Long.class);
roleSB.selectFields(roleSB.entity().getAclRoleId());
roleSB.join("accountgroupjoin", groupSB, groupSB.entity().getAclGroupId(), roleSB.entity().getAclGroupId(),
JoinType.INNER);
@@ -575,7 +572,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
SearchCriteria<Long> roleSc = roleSB.create();
roleSc.setJoinParameters("accountgroupjoin", "account", accountId);
- List<Long> roleIds = _aclGroupRoleMapDao.customSearch(roleSc, null);
+ List<Long> roleIds = _aclGroupPolicyMapDao.customSearch(roleSc, null);
SearchBuilder<AclRoleVO> sb = _aclRoleDao.createSearchBuilder();
sb.and("ids", sb.entity().getId(), Op.IN);
@@ -591,7 +588,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
List<AclRole> roles = getAclRoles(accountId);
AclRolePermission curPerm = null;
for (AclRole role : roles) {
- AclRolePermission perm = _rolePermissionDao.findByRoleEntityAndPermission(role.getId(), entityType, accessType, true);
+ AclRolePermission perm = _policyPermissionDao.findByRoleEntityAndPermission(role.getId(), entityType, accessType, true);
if (perm == null)
continue;
if (curPerm == null) {