You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/01/17 23:40:10 UTC
[08/50] [abbrv] git commit: updated refs/heads/rbac to 929fbab
Removed all reminants of the IdentityService. Created the KeysManager to move the management
of keys out of management server
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/68b8891c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/68b8891c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/68b8891c
Branch: refs/heads/rbac
Commit: 68b8891c620e78009ec4dbcbd326e4bbfa79da4e
Parents: 2893120
Author: Alex Huang <al...@citrix.com>
Authored: Tue Jan 14 11:21:25 2014 -0800
Committer: Alex Huang <al...@citrix.com>
Committed: Tue Jan 14 13:11:35 2014 -0800
----------------------------------------------------------------------
api/src/com/cloud/server/ResourceTag.java | 38 ++-
api/src/org/apache/cloudstack/api/BaseCmd.java | 9 +-
.../apache/cloudstack/api/IdentityService.java | 23 --
awsapi/pom.xml | 4 -
deps/XenServerJava/pom.xml | 1 -
.../spring-engine-schema-core-daos-context.xml | 1 -
engine/storage/integration-test/pom.xml | 2 -
.../framework/config/ConfigDepot.java | 2 +
.../framework/config/impl/ConfigDepotImpl.java | 8 +-
framework/security/pom.xml | 8 +-
.../spring-framework-security-core-context.xml | 1 +
.../framework/security/keys/KeysManager.java | 38 +++
.../security/keys/KeysManagerImpl.java | 127 +++++++++
plugins/hypervisors/hyperv/pom.xml | 1 -
plugins/hypervisors/kvm/pom.xml | 2 -
plugins/hypervisors/xen/pom.xml | 2 -
.../resources/components-example.xml | 1 -
.../network-elements/juniper-contrail/pom.xml | 2 -
.../IntegrationTestConfiguration.java | 5 +-
server/pom.xml | 1 -
.../spring-server-core-managers-context.xml | 4 -
server/src/com/cloud/api/ApiDBUtils.java | 8 -
server/src/com/cloud/configuration/Config.java | 3 -
.../AgentBasedConsoleProxyManager.java | 12 +-
.../com/cloud/consoleproxy/AgentHookBase.java | 27 +-
.../consoleproxy/ConsoleProxyManagerImpl.java | 70 ++---
.../src/com/cloud/server/ManagementServer.java | 8 -
.../com/cloud/server/ManagementServerImpl.java | 73 -----
.../com/cloud/servlet/ConsoleProxyServlet.java | 27 +-
.../cloud/tags/TaggedResourceManagerImpl.java | 277 ++++++-------------
.../cloud/uuididentity/IdentityServiceImpl.java | 44 ---
.../com/cloud/uuididentity/dao/IdentityDao.java | 38 ---
.../cloud/uuididentity/dao/IdentityDaoImpl.java | 241 ----------------
.../com/cloud/uuididentity/dao/IdentityVO.java | 25 --
server/test/resources/network-mgr-component.xml | 1 -
services/console-proxy-rdp/rdpconsole/pom.xml | 1 -
systemvm/pom.xml | 3 -
37 files changed, 359 insertions(+), 779 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/api/src/com/cloud/server/ResourceTag.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/server/ResourceTag.java b/api/src/com/cloud/server/ResourceTag.java
index 89458fc..41931f0 100644
--- a/api/src/com/cloud/server/ResourceTag.java
+++ b/api/src/com/cloud/server/ResourceTag.java
@@ -24,25 +24,49 @@ public interface ResourceTag extends ControlledEntity, Identity, InternalIdentit
// FIXME - extract enum to another interface as its used both by resourceTags and resourceMetaData code
public enum ResourceObjectType {
- UserVm(true, true), Template(true, true), ISO(true, false), Volume(true, true), Snapshot(true, false), Network(true, true), Nic(false, true), LoadBalancer(true, true), PortForwardingRule(
- true, true), FirewallRule(true, true), SecurityGroup(true, false), PublicIpAddress(true, true), Project(true, false), Vpc(true, true), NetworkACL(true, true), StaticRoute(
- true, false), VMSnapshot(true, false), RemoteAccessVpn(true, true), Zone(false, true), ServiceOffering(false, true), Storage(false, true), PrivateGateway(false,
- true), NetworkACLList(false, true), VpnGateway(false, true), CustomerGateway(false, true), VpnConnection(false, true), User(true, true), DiskOffering(false, true);
+ UserVm(true, true),
+ Template(true, true),
+ ISO(true, false),
+ Volume(true, true),
+ Snapshot(true, false),
+ Network(true, true),
+ Nic(false, true),
+ LoadBalancer(true, true),
+ PortForwardingRule(true, true),
+ FirewallRule(true, true),
+ SecurityGroup(true, false),
+ PublicIpAddress(true, true),
+ Project(true, false),
+ Vpc(true, true),
+ NetworkACL(true, true),
+ StaticRoute(true, false),
+ VMSnapshot(true, false),
+ RemoteAccessVpn(true, true),
+ Zone(false, true),
+ ServiceOffering(false, true),
+ Storage(false, true),
+ PrivateGateway(false, true),
+ NetworkACLList(false, true),
+ VpnGateway(false, true),
+ CustomerGateway(false, true),
+ VpnConnection(false, true),
+ User(true, true),
+ DiskOffering(false, true);
ResourceObjectType(boolean resourceTagsSupport, boolean resourceMetadataSupport) {
this.resourceTagsSupport = resourceTagsSupport;
- this.metadataSupport = resourceMetadataSupport;
+ metadataSupport = resourceMetadataSupport;
}
private final boolean resourceTagsSupport;
private final boolean metadataSupport;
public boolean resourceTagsSupport() {
- return this.resourceTagsSupport;
+ return resourceTagsSupport;
}
public boolean resourceMetadataSupport() {
- return this.metadataSupport;
+ return metadataSupport;
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/api/src/org/apache/cloudstack/api/BaseCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/BaseCmd.java b/api/src/org/apache/cloudstack/api/BaseCmd.java
index 0cfb950..4229ec9 100644
--- a/api/src/org/apache/cloudstack/api/BaseCmd.java
+++ b/api/src/org/apache/cloudstack/api/BaseCmd.java
@@ -26,6 +26,8 @@ import java.util.regex.Pattern;
import javax.inject.Inject;
+import org.apache.log4j.Logger;
+
import org.apache.cloudstack.affinity.AffinityGroupService;
import org.apache.cloudstack.alert.AlertService;
import org.apache.cloudstack.network.element.InternalLoadBalancerElementService;
@@ -33,7 +35,6 @@ import org.apache.cloudstack.network.lb.ApplicationLoadBalancerService;
import org.apache.cloudstack.network.lb.InternalLoadBalancerVMService;
import org.apache.cloudstack.query.QueryService;
import org.apache.cloudstack.usage.UsageService;
-import org.apache.log4j.Logger;
import com.cloud.configuration.ConfigurationService;
import com.cloud.domain.Domain;
@@ -153,8 +154,6 @@ public abstract class BaseCmd {
@Inject
public ResourceLimitService _resourceLimitService;
@Inject
- public IdentityService _identityService;
- @Inject
public StorageNetworkService _storageNetworkService;
@Inject
public TaggedResourceService _taggedResourceService;
@@ -358,11 +357,11 @@ public abstract class BaseCmd {
}
public void setFullUrlParams(Map<String, String> map) {
- this.fullUrlParams = map;
+ fullUrlParams = map;
}
public Map<String, String> getFullUrlParams() {
- return this.fullUrlParams;
+ return fullUrlParams;
}
public Long finalyzeAccountId(String accountName, Long domainId, Long projectId, boolean enabledOnly) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/api/src/org/apache/cloudstack/api/IdentityService.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/IdentityService.java b/api/src/org/apache/cloudstack/api/IdentityService.java
deleted file mode 100644
index 8451945..0000000
--- a/api/src/org/apache/cloudstack/api/IdentityService.java
+++ /dev/null
@@ -1,23 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.api;
-
-public interface IdentityService {
- Long getIdentityId(String tableName, String identityString);
-
- String getIdentityUuid(String tableName, String identityString);
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/awsapi/pom.xml
----------------------------------------------------------------------
diff --git a/awsapi/pom.xml b/awsapi/pom.xml
index f031230..cb0a88d 100644
--- a/awsapi/pom.xml
+++ b/awsapi/pom.xml
@@ -223,7 +223,6 @@
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
- <version>1.6.1</version>
<scope>runtime</scope>
</dependency>
<dependency>
@@ -271,8 +270,6 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
- <!-- TODO: do we need this explicit version override? -->
- <version>1.45</version>
<scope>runtime</scope>
</dependency>
<dependency>
@@ -320,7 +317,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
- <version>${cs.checkstyle.version}</version>
<executions>
<execution>
<phase>none</phase>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/deps/XenServerJava/pom.xml
----------------------------------------------------------------------
diff --git a/deps/XenServerJava/pom.xml b/deps/XenServerJava/pom.xml
index 5c885b4..9bba24b 100644
--- a/deps/XenServerJava/pom.xml
+++ b/deps/XenServerJava/pom.xml
@@ -40,7 +40,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
- <version>${cs.checkstyle.version}</version>
<executions>
<execution>
<phase>none</phase>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
----------------------------------------------------------------------
diff --git a/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml b/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
index 6dd1d4b..1a400e0 100644
--- a/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
+++ b/engine/schema/resources/META-INF/cloudstack/core/spring-engine-schema-core-daos-context.xml
@@ -171,7 +171,6 @@
<bean id="hostTagsDaoImpl" class="com.cloud.host.dao.HostTagsDaoImpl" />
<bean id="hostTransferMapDaoImpl" class="com.cloud.cluster.agentlb.dao.HostTransferMapDaoImpl" />
<bean id="iPAddressDaoImpl" class="com.cloud.network.dao.IPAddressDaoImpl" />
- <bean id="identityDaoImpl" class="com.cloud.uuididentity.dao.IdentityDaoImpl" />
<bean id="imageStoreDaoImpl" class="org.apache.cloudstack.storage.image.db.ImageStoreDaoImpl" />
<bean id="imageStoreDetailsDaoImpl" class="org.apache.cloudstack.storage.image.db.ImageStoreDetailsDaoImpl" />
<bean id="imageStoreJoinDaoImpl" class="com.cloud.api.query.dao.ImageStoreJoinDaoImpl" />
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/engine/storage/integration-test/pom.xml
----------------------------------------------------------------------
diff --git a/engine/storage/integration-test/pom.xml b/engine/storage/integration-test/pom.xml
index e002ab3..7bb27e0 100644
--- a/engine/storage/integration-test/pom.xml
+++ b/engine/storage/integration-test/pom.xml
@@ -119,8 +119,6 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <!-- TODO: Is this version override required -->
- <version>4.2.2</version>
<scope>compile</scope>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/config/src/org/apache/cloudstack/framework/config/ConfigDepot.java
----------------------------------------------------------------------
diff --git a/framework/config/src/org/apache/cloudstack/framework/config/ConfigDepot.java b/framework/config/src/org/apache/cloudstack/framework/config/ConfigDepot.java
index 7df0049..50e9d89 100644
--- a/framework/config/src/org/apache/cloudstack/framework/config/ConfigDepot.java
+++ b/framework/config/src/org/apache/cloudstack/framework/config/ConfigDepot.java
@@ -27,4 +27,6 @@ public interface ConfigDepot {
ConfigKey<?> get(String paramName);
Set<ConfigKey<?>> getConfigListByScope(String scope);
+
+ <T> void set(ConfigKey<T> key, T value);
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigDepotImpl.java
----------------------------------------------------------------------
diff --git a/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigDepotImpl.java b/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigDepotImpl.java
index 2f6e524..929b299 100644
--- a/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigDepotImpl.java
+++ b/framework/config/src/org/apache/cloudstack/framework/config/impl/ConfigDepotImpl.java
@@ -172,7 +172,7 @@ public class ConfigDepotImpl implements ConfigDepot, ConfigDepotAdmin {
@Inject
public void setScopedStorages(List<ScopedConfigStorage> scopedStorages) {
- this._scopedStorages = scopedStorages;
+ _scopedStorages = scopedStorages;
}
public List<Configurable> getConfigurables() {
@@ -181,7 +181,7 @@ public class ConfigDepotImpl implements ConfigDepot, ConfigDepotAdmin {
@Inject
public void setConfigurables(List<Configurable> configurables) {
- this._configurables = configurables;
+ _configurables = configurables;
}
@Override
@@ -189,4 +189,8 @@ public class ConfigDepotImpl implements ConfigDepot, ConfigDepotAdmin {
return _scopeLevelConfigsMap.get(ConfigKey.Scope.valueOf(scope));
}
+ @Override
+ public <T> void set(ConfigKey<T> key, T value) {
+ _configDao.update(key.key(), value.toString());
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/security/pom.xml
----------------------------------------------------------------------
diff --git a/framework/security/pom.xml b/framework/security/pom.xml
index a5fa5f0..42627f5 100644
--- a/framework/security/pom.xml
+++ b/framework/security/pom.xml
@@ -25,7 +25,7 @@
<artifactId>cloudstack-framework</artifactId>
<version>4.4.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
- </parent>
+ </parent>
<dependencies>
<dependency>
<groupId>org.apache.cloudstack</groupId>
@@ -43,6 +43,10 @@
<version>${project.version}</version>
</dependency>
<dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.cloudstack</groupId>
<artifactId>cloud-framework-db</artifactId>
<version>${project.version}</version>
@@ -51,6 +55,6 @@
<groupId>org.apache.cloudstack</groupId>
<artifactId>cloud-framework-config</artifactId>
<version>${project.version}</version>
- </dependency>
+ </dependency>
</dependencies>
</project>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/security/resources/META-INF/cloudstack/core/spring-framework-security-core-context.xml
----------------------------------------------------------------------
diff --git a/framework/security/resources/META-INF/cloudstack/core/spring-framework-security-core-context.xml b/framework/security/resources/META-INF/cloudstack/core/spring-framework-security-core-context.xml
index 3775565..fe05bc1 100644
--- a/framework/security/resources/META-INF/cloudstack/core/spring-framework-security-core-context.xml
+++ b/framework/security/resources/META-INF/cloudstack/core/spring-framework-security-core-context.xml
@@ -28,4 +28,5 @@
>
<bean id="keystoreManagerImpl" class="org.apache.cloudstack.framework.security.keystore.KeystoreManagerImpl" />
<bean id="keystoreDaoImpl" class="org.apache.cloudstack.framework.security.keystore.KeystoreDaoImpl" />
+ <bean id="keysManagerImpl" class="org.apache.cloudstack.framework.security.keys.KeysManagerImpl"/>
</beans>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManager.java
----------------------------------------------------------------------
diff --git a/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManager.java b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManager.java
new file mode 100644
index 0000000..d6d2e01
--- /dev/null
+++ b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManager.java
@@ -0,0 +1,38 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.framework.security.keys;
+
+import org.apache.cloudstack.framework.config.ConfigKey;
+
+/**
+ *
+ * Started this file to manage keys. Will be needed by other services.
+ *
+ */
+public interface KeysManager {
+ final ConfigKey<String> EncryptionKey = new ConfigKey<String>("Hidden", String.class, "security.encryption.key", null, "base64 encoded key data", false);
+ final ConfigKey<String> EncryptionIV = new ConfigKey<String>("Hidden", String.class, "security.encryption.iv", null, "base64 encoded IV data", false);
+ final ConfigKey<String> HashKey = new ConfigKey<String>("Hidden", String.class, "security.hash.key", null, "for generic key-ed hash", false);
+
+ String getEncryptionKey();
+
+ String getEncryptionIV();
+
+ void resetEncryptionKeyIV();
+
+ String getHashKey();
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java
----------------------------------------------------------------------
diff --git a/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java
new file mode 100644
index 0000000..550bd15
--- /dev/null
+++ b/framework/security/src/org/apache/cloudstack/framework/security/keys/KeysManagerImpl.java
@@ -0,0 +1,127 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.framework.security.keys;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.inject.Inject;
+import javax.net.ssl.KeyManager;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.log4j.Logger;
+
+import org.apache.cloudstack.framework.config.ConfigDepot;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.config.Configurable;
+import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.config.impl.ConfigurationVO;
+
+import com.cloud.utils.db.DB;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+/**
+ * To be perfectly honest, I'm not sure why we need this class. This used
+ * to be in ManagementServerImpl. I moved the functionality because it seems
+ * many features will need this. However, the right thing will be for setup
+ * and upgrade to take care of key generation. Here, the methods appear to
+ * mainly be used for dynamic generation. I added this class because after
+ * talking to Kelven, we think there will be other functionalities we need
+ * to centralize to this class. We'll see how that works out.
+ *
+ * There's multiple problems here that we need to fix.
+ * - Multiple servers can be generating keys. This is not atomic.
+ * - The functionality of generating the keys should be moved over to setup/upgrade.
+ *
+ */
+public class KeysManagerImpl implements KeysManager, Configurable {
+ private static final Logger s_logger = Logger.getLogger(KeysManagerImpl.class);
+
+ @Inject
+ ConfigurationDao _configDao;
+ @Inject
+ ConfigDepot _configDepot;
+
+ @Override
+ public String getHashKey() {
+ String value = HashKey.value();
+ if (value == null) {
+ _configDepot.set(HashKey, getBase64EncodedRandomKey(128));
+ }
+
+ return HashKey.value();
+ }
+
+ @Override
+ public String getEncryptionKey() {
+ String value = EncryptionKey.value();
+ if (value == null) {
+ _configDepot.set(EncryptionKey, getBase64EncodedRandomKey(128));
+ }
+ return EncryptionKey.value();
+ }
+
+ @Override
+ public String getEncryptionIV() {
+ String value = EncryptionIV.value();
+ if (value == null) {
+ _configDepot.set(EncryptionIV, getBase64EncodedRandomKey(128));
+ }
+ return EncryptionIV.value();
+ }
+
+ private static String getBase64EncodedRandomKey(int nBits) {
+ SecureRandom random;
+ try {
+ random = SecureRandom.getInstance("SHA1PRNG");
+ byte[] keyBytes = new byte[nBits / 8];
+ random.nextBytes(keyBytes);
+ return Base64.encodeBase64URLSafeString(keyBytes);
+ } catch (NoSuchAlgorithmException e) {
+ s_logger.error("Unhandled exception: ", e);
+ }
+ return null;
+ }
+
+ @Override
+ @DB
+ public void resetEncryptionKeyIV() {
+
+ SearchBuilder<ConfigurationVO> sb = _configDao.createSearchBuilder();
+ sb.and("name1", sb.entity().getName(), SearchCriteria.Op.EQ);
+ sb.or("name2", sb.entity().getName(), SearchCriteria.Op.EQ);
+ sb.done();
+
+ SearchCriteria<ConfigurationVO> sc = sb.create();
+ sc.setParameters("name1", EncryptionKey.key());
+ sc.setParameters("name2", EncryptionIV.key());
+
+ _configDao.expunge(sc);
+ }
+
+ @Override
+ public String getConfigComponentName() {
+ return KeyManager.class.getSimpleName();
+ }
+
+ @Override
+ public ConfigKey<?>[] getConfigKeys() {
+ return new ConfigKey<?>[] {EncryptionKey, EncryptionIV, HashKey};
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/hypervisors/hyperv/pom.xml
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/hyperv/pom.xml b/plugins/hypervisors/hyperv/pom.xml
index 162fd64..fca7cd9 100644
--- a/plugins/hypervisors/hyperv/pom.xml
+++ b/plugins/hypervisors/hyperv/pom.xml
@@ -90,7 +90,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
- <version>2.12</version>
<configuration>
<!-- Exclude tests that require an agent, they appear under a different profile -->
<excludes>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/hypervisors/kvm/pom.xml
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/kvm/pom.xml b/plugins/hypervisors/kvm/pom.xml
index 81cc372..5eba1e0 100644
--- a/plugins/hypervisors/kvm/pom.xml
+++ b/plugins/hypervisors/kvm/pom.xml
@@ -67,7 +67,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
- <version>2.5.1</version>
<executions>
<execution>
<id>copy-dependencies</id>
@@ -85,7 +84,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
- <version>2.14</version>
<configuration>
<excludes>
<exclude>**/Qemu*.java</exclude>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/hypervisors/xen/pom.xml
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/xen/pom.xml b/plugins/hypervisors/xen/pom.xml
index 7011218..39c0908 100644
--- a/plugins/hypervisors/xen/pom.xml
+++ b/plugins/hypervisors/xen/pom.xml
@@ -33,8 +33,6 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <!-- TODO: Check if we need this version override -->
- <version>4.2.2</version>
<scope>compile</scope>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/network-elements/dns-notifier/resources/components-example.xml
----------------------------------------------------------------------
diff --git a/plugins/network-elements/dns-notifier/resources/components-example.xml b/plugins/network-elements/dns-notifier/resources/components-example.xml
index 418835a..5977387 100755
--- a/plugins/network-elements/dns-notifier/resources/components-example.xml
+++ b/plugins/network-elements/dns-notifier/resources/components-example.xml
@@ -185,7 +185,6 @@ under the License.
<dao name="UserDao" class="com.cloud.user.dao.UserDaoImpl" singleton="false"/>
<dao name="NetworkOfferingServiceDao" class="com.cloud.offerings.dao.NetworkOfferingServiceMapDaoImpl" singleton="false"/>
<dao name="VirtualRouterProviderDao" class="com.cloud.network.dao.VirtualRouterProviderDaoImpl" singleton="false"/>
- <dao name="IdentityDao" class="com.cloud.uuididentity.dao.IdentityDaoImpl" singleton="false"/>
<dao name="Site2SiteCustomerGatewayDao" class="com.cloud.network.dao.Site2SiteCustomerGatewayDaoImpl" singleton="false"/>
<dao name="Site2SiteVpnGatewayDao" class="com.cloud.network.dao.Site2SiteVpnGatewayDaoImpl" singleton="false"/>
<dao name="Site2SiteVpnConnectionDao" class="com.cloud.network.dao.Site2SiteVpnConnectionDaoImpl" singleton="false"/>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/network-elements/juniper-contrail/pom.xml
----------------------------------------------------------------------
diff --git a/plugins/network-elements/juniper-contrail/pom.xml b/plugins/network-elements/juniper-contrail/pom.xml
index 7b377a0..ae6961e 100644
--- a/plugins/network-elements/juniper-contrail/pom.xml
+++ b/plugins/network-elements/juniper-contrail/pom.xml
@@ -85,7 +85,6 @@
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
- <version>${cs.guava.version}</version>
</dependency>
<dependency>
<groupId>net.juniper.contrail</groupId>
@@ -95,7 +94,6 @@
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
- <version>${cs.mysql.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/plugins/network-elements/juniper-contrail/test/org/apache/cloudstack/network/contrail/management/IntegrationTestConfiguration.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/juniper-contrail/test/org/apache/cloudstack/network/contrail/management/IntegrationTestConfiguration.java b/plugins/network-elements/juniper-contrail/test/org/apache/cloudstack/network/contrail/management/IntegrationTestConfiguration.java
index 2a2babc..416653d 100644
--- a/plugins/network-elements/juniper-contrail/test/org/apache/cloudstack/network/contrail/management/IntegrationTestConfiguration.java
+++ b/plugins/network-elements/juniper-contrail/test/org/apache/cloudstack/network/contrail/management/IntegrationTestConfiguration.java
@@ -21,6 +21,7 @@ import java.io.IOException;
import javax.inject.Inject;
+import org.eclipse.jetty.security.IdentityService;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.mockito.invocation.InvocationOnMock;
@@ -42,7 +43,6 @@ import org.apache.cloudstack.affinity.dao.AffinityGroupDao;
import org.apache.cloudstack.affinity.dao.AffinityGroupDaoImpl;
import org.apache.cloudstack.affinity.dao.AffinityGroupDomainMapDaoImpl;
import org.apache.cloudstack.affinity.dao.AffinityGroupVMMapDaoImpl;
-import org.apache.cloudstack.api.IdentityService;
import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.engine.datacenter.entity.api.db.dao.DcDetailsDaoImpl;
import org.apache.cloudstack.engine.orchestration.service.VolumeOrchestrationService;
@@ -270,7 +270,6 @@ import com.cloud.utils.db.EntityManager;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.db.TransactionCallbackNoReturn;
import com.cloud.utils.db.TransactionStatus;
-import com.cloud.uuididentity.dao.IdentityDaoImpl;
import com.cloud.vm.ItWorkDaoImpl;
import com.cloud.vm.dao.ConsoleProxyDaoImpl;
import com.cloud.vm.dao.DomainRouterDaoImpl;
@@ -298,7 +297,7 @@ import com.cloud.vm.snapshot.dao.VMSnapshotDaoImpl;
EventDaoImpl.class, EventJoinDaoImpl.class, EventUtils.class, EventUtils.class, FirewallManagerImpl.class, FirewallRulesCidrsDaoImpl.class,
FirewallRulesDaoImpl.class, GuestOSCategoryDaoImpl.class, GuestOSDaoImpl.class, HostDaoImpl.class, HostDetailsDaoImpl.class, HostJoinDaoImpl.class,
HostPodDaoImpl.class, HostTagsDaoImpl.class, HostTransferMapDaoImpl.class, HypervisorCapabilitiesDaoImpl.class, HypervisorGuruManagerImpl.class,
- IdentityDaoImpl.class, ImageStoreDaoImpl.class, ImageStoreJoinDaoImpl.class, InstanceGroupDaoImpl.class, InstanceGroupJoinDaoImpl.class,
+ ImageStoreDaoImpl.class, ImageStoreJoinDaoImpl.class, InstanceGroupDaoImpl.class, InstanceGroupJoinDaoImpl.class,
InstanceGroupVMMapDaoImpl.class, IpAddressManagerImpl.class, Ipv6AddressManagerImpl.class, ItWorkDaoImpl.class, LBHealthCheckPolicyDaoImpl.class,
LBStickinessPolicyDaoImpl.class, LaunchPermissionDao.class, LoadBalancerDaoImpl.class, LoadBalancerVMMapDaoImpl.class, LoadBalancingRulesManagerImpl.class,
ManagementServerHostDaoImpl.class, MockAccountManager.class, NetworkACLDaoImpl.class, NetworkACLItemDaoImpl.class, NetworkACLManagerImpl.class,
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/pom.xml
----------------------------------------------------------------------
diff --git a/server/pom.xml b/server/pom.xml
index 86e7b76..1646dc7 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -189,7 +189,6 @@
</plugin>
<plugin>
<artifactId>maven-antrun-plugin</artifactId>
- <version>1.7</version>
<executions>
<execution>
<id>generate-resource</id>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/resources/META-INF/cloudstack/core/spring-server-core-managers-context.xml
----------------------------------------------------------------------
diff --git a/server/resources/META-INF/cloudstack/core/spring-server-core-managers-context.xml b/server/resources/META-INF/cloudstack/core/spring-server-core-managers-context.xml
index c447057..53a294e 100644
--- a/server/resources/META-INF/cloudstack/core/spring-server-core-managers-context.xml
+++ b/server/resources/META-INF/cloudstack/core/spring-server-core-managers-context.xml
@@ -120,12 +120,8 @@
<property name="hvGuruList" value="#{hypervisorGurusRegistry.registered}" />
</bean>
- <bean id="identityServiceImpl" class="com.cloud.uuididentity.IdentityServiceImpl" />
-
<bean id="uUIDManagerImpl" class="com.cloud.uuididentity.UUIDManagerImpl" />
- <bean id="keystoreManagerImpl" class="org.apache.cloudstack.framework.security.keystore.KeystoreManagerImpl" />
-
<bean id="loadBalancingRulesManagerImpl" class="com.cloud.network.lb.LoadBalancingRulesManagerImpl" >
<property name="lbProviders" value="#{loadBalancingServiceProvidersRegistry.registered}" />
</bean>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/api/ApiDBUtils.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiDBUtils.java b/server/src/com/cloud/api/ApiDBUtils.java
index 4414e3b..a23244b 100755
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@ -738,14 +738,6 @@ public class ApiDBUtils {
return s_vmDao.findById(vmId);
}
- public static long getMemoryOrCpuCapacitybyHost(Long hostId, short capacityType) {
- // TODO: This method is for the API only, but it has configuration values (ramSize for system vms)
- // so if this Utils class can have some kind of config rather than a static initializer (maybe from
- // management server instantiation?) then maybe the management server method can be moved entirely
- // into this utils class.
- return s_ms.getMemoryOrCpuCapacityByHost(hostId, capacityType);
- }
-
public static long getStorageCapacitybyPool(Long poolId, short capacityType) {
// TODO: This method is for the API only, but it has configuration values (ramSize for system vms)
// so if this Utils class can have some kind of config rather than a static initializer (maybe from
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/configuration/Config.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 0c58141..9117bc4 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -1372,9 +1372,6 @@ public enum Config {
"The allowable clock difference in milliseconds between when an SSO login request is made and when it is received.",
null),
//NetworkType("Hidden", ManagementServer.class, String.class, "network.type", "vlan", "The type of network that this deployment will use.", "vlan,direct"),
- HashKey("Hidden", ManagementServer.class, String.class, "security.hash.key", null, "for generic key-ed hash", null),
- EncryptionKey("Hidden", ManagementServer.class, String.class, "security.encryption.key", null, "base64 encoded key data", null),
- EncryptionIV("Hidden", ManagementServer.class, String.class, "security.encryption.iv", null, "base64 encoded IV data", null),
RouterRamSize("Hidden", NetworkOrchestrationService.class, Integer.class, "router.ram.size", "128", "Default RAM for router VM (in MB).", null),
DefaultPageSize("Advanced", ManagementServer.class, Long.class, "default.page.size", "500", "Default page size for API list* commands", null),
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java b/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
index 2036609..3a1c387 100755
--- a/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
+++ b/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
@@ -25,6 +25,7 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
import org.apache.cloudstack.framework.security.keystore.KeystoreManager;
import com.cloud.agent.AgentManager;
@@ -53,7 +54,6 @@ public class AgentBasedConsoleProxyManager extends ManagerBase implements Consol
protected HostDao _hostDao;
@Inject
protected UserVmDao _userVmDao;
- private String _instance;
protected String _consoleProxyUrlDomain;
@Inject
private VMInstanceDao _instanceDao;
@@ -74,11 +74,13 @@ public class AgentBasedConsoleProxyManager extends ManagerBase implements Consol
ConfigurationDao _configDao;
@Inject
ManagementServer _ms;
+ @Inject
+ KeysManager _keysMgr;
public class AgentBasedAgentHook extends AgentHookBase {
- public AgentBasedAgentHook(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, ManagementServer ms) {
- super(instanceDao, hostDao, cfgDao, ksMgr, agentMgr, ms);
+ public AgentBasedAgentHook(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, KeysManager keysMgr) {
+ super(instanceDao, hostDao, cfgDao, ksMgr, agentMgr, keysMgr);
}
@Override
@@ -119,11 +121,9 @@ public class AgentBasedConsoleProxyManager extends ManagerBase implements Consol
_sslEnabled = true;
}
- _instance = configs.get("instance.name");
-
_consoleProxyUrlDomain = configs.get("consoleproxy.url.domain");
- _listener = new ConsoleProxyListener(new AgentBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr, _agentMgr, _ms));
+ _listener = new ConsoleProxyListener(new AgentBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr, _agentMgr, _keysMgr));
_agentMgr.registerForHostEvents(_listener, true, true, false);
if (s_logger.isInfoEnabled()) {
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/consoleproxy/AgentHookBase.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/consoleproxy/AgentHookBase.java b/server/src/com/cloud/consoleproxy/AgentHookBase.java
index 57fa43a..9dfffd4 100644
--- a/server/src/com/cloud/consoleproxy/AgentHookBase.java
+++ b/server/src/com/cloud/consoleproxy/AgentHookBase.java
@@ -26,6 +26,7 @@ import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
import org.apache.cloudstack.framework.security.keystore.KeystoreManager;
import com.cloud.agent.AgentManager;
@@ -45,7 +46,6 @@ import com.cloud.host.Host;
import com.cloud.host.HostVO;
import com.cloud.host.Status;
import com.cloud.host.dao.HostDao;
-import com.cloud.server.ManagementServer;
import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
import com.cloud.servlet.ConsoleProxyServlet;
import com.cloud.utils.Ternary;
@@ -65,17 +65,16 @@ public abstract class AgentHookBase implements AgentHook {
ConfigurationDao _configDao;
AgentManager _agentMgr;
KeystoreManager _ksMgr;
- ManagementServer _ms;
final Random _random = new Random(System.currentTimeMillis());
- private String _hashKey;
-
- public AgentHookBase(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, ManagementServer ms) {
- this._instanceDao = instanceDao;
- this._hostDao = hostDao;
- this._agentMgr = agentMgr;
- this._configDao = cfgDao;
- this._ksMgr = ksMgr;
- this._ms = ms;
+ KeysManager _keysMgr;
+
+ public AgentHookBase(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, KeysManager keysMgr) {
+ _instanceDao = instanceDao;
+ _hostDao = hostDao;
+ _agentMgr = agentMgr;
+ _configDao = cfgDao;
+ _ksMgr = ksMgr;
+ _keysMgr = keysMgr;
}
@Override
@@ -230,15 +229,15 @@ public abstract class AgentHookBase implements AgentHook {
// if we failed after reset, something is definitely wrong
for (int i = 0; i < 2; i++) {
- key = _ms.getEncryptionKey();
- iv = _ms.getEncryptionIV();
+ key = _keysMgr.getEncryptionKey();
+ iv = _keysMgr.getEncryptionIV();
keyIvPair = new ConsoleProxyPasswordBasedEncryptor.KeyIVPair(key, iv);
if (keyIvPair.getIvBytes() == null || keyIvPair.getIvBytes().length != 16 || keyIvPair.getKeyBytes() == null || keyIvPair.getKeyBytes().length != 16) {
s_logger.warn("Console access AES KeyIV sanity check failed, reset and regenerate");
- _ms.resetEncryptionKeyIV();
+ _keysMgr.resetEncryptionKeyIV();
} else {
break;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 466ebc2..47330d7 100755
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -36,6 +36,7 @@ import com.google.gson.GsonBuilder;
import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
import org.apache.cloudstack.framework.security.keystore.KeystoreDao;
import org.apache.cloudstack.framework.security.keystore.KeystoreManager;
import org.apache.cloudstack.framework.security.keystore.KeystoreVO;
@@ -54,7 +55,6 @@ import com.cloud.agent.api.check.CheckSshAnswer;
import com.cloud.agent.api.check.CheckSshCommand;
import com.cloud.agent.api.proxy.ConsoleProxyLoadAnswer;
import com.cloud.agent.manager.Commands;
-import com.cloud.certificate.dao.CertificateDao;
import com.cloud.cluster.ClusterManager;
import com.cloud.configuration.Config;
import com.cloud.configuration.ZoneConfig;
@@ -99,16 +99,13 @@ import com.cloud.resource.ResourceManager;
import com.cloud.resource.ResourceStateAdapter;
import com.cloud.resource.ServerResource;
import com.cloud.resource.UnableDeleteHostException;
-import com.cloud.server.ManagementServer;
import com.cloud.service.ServiceOfferingVO;
import com.cloud.service.dao.ServiceOfferingDao;
-import com.cloud.storage.StorageManager;
import com.cloud.storage.StoragePoolStatus;
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
import com.cloud.storage.VMTemplateVO;
import com.cloud.storage.dao.DiskOfferingDao;
import com.cloud.storage.dao.VMTemplateDao;
-import com.cloud.template.TemplateManager;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.utils.DateUtil;
@@ -182,57 +179,44 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
@Inject
private ConfigurationDao _configDao;
@Inject
- private CertificateDao _certDao;
- @Inject
private VMInstanceDao _instanceDao;
@Inject
private TemplateDataStoreDao _vmTemplateStoreDao;
@Inject
private AgentManager _agentMgr;
@Inject
- private StorageManager _storageMgr;
- @Inject
- NetworkOrchestrationService _networkMgr;
+ private NetworkOrchestrationService _networkMgr;
@Inject
- NetworkModel _networkModel;
+ private NetworkModel _networkModel;
@Inject
- AccountManager _accountMgr;
+ private AccountManager _accountMgr;
@Inject
- ServiceOfferingDao _offeringDao;
+ private ServiceOfferingDao _offeringDao;
@Inject
- DiskOfferingDao _diskOfferingDao;
+ private DiskOfferingDao _diskOfferingDao;
@Inject
- NetworkOfferingDao _networkOfferingDao;
+ private NetworkOfferingDao _networkOfferingDao;
@Inject
- PrimaryDataStoreDao _storagePoolDao;
+ private PrimaryDataStoreDao _storagePoolDao;
@Inject
- UserVmDetailsDao _vmDetailsDao;
+ private UserVmDetailsDao _vmDetailsDao;
@Inject
- ResourceManager _resourceMgr;
+ private ResourceManager _resourceMgr;
@Inject
- NetworkDao _networkDao;
+ private NetworkDao _networkDao;
@Inject
- RulesManager _rulesMgr;
+ private RulesManager _rulesMgr;
@Inject
- TemplateManager templateMgr;
+ private IPAddressDao _ipAddressDao;
@Inject
- IPAddressDao _ipAddressDao;
+ private KeysManager _keysMgr;
@Inject
- ManagementServer _ms;
- @Inject
- ClusterManager _clusterMgr;
+ private VirtualMachineManager _itMgr;
private ConsoleProxyListener _listener;
private ServiceOfferingVO _serviceOffering;
- NetworkOffering _publicNetworkOffering;
- NetworkOffering _managementNetworkOffering;
- NetworkOffering _linkLocalNetworkOffering;
-
- @Inject
- private VirtualMachineManager _itMgr;
-
/*
* private final ExecutorService _requestHandlerScheduler = Executors.newCachedThreadPool(new
* NamedThreadFactory("Request-handler"));
@@ -267,8 +251,8 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
public class VmBasedAgentHook extends AgentHookBase {
- public VmBasedAgentHook(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, ManagementServer ms) {
- super(instanceDao, hostDao, cfgDao, ksMgr, agentMgr, ms);
+ public VmBasedAgentHook(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, KeystoreManager ksMgr, AgentManager agentMgr, KeysManager keysMgr) {
+ super(instanceDao, hostDao, cfgDao, ksMgr, agentMgr, keysMgr);
}
@Override
@@ -884,14 +868,6 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
return l.size() < launchLimit;
}
- private HypervisorType currentHypervisorType(long dcId) {
- List<ConsoleProxyVO> l =
- _consoleProxyDao.getProxyListInStates(dcId, VirtualMachine.State.Starting, VirtualMachine.State.Running, VirtualMachine.State.Stopping,
- VirtualMachine.State.Stopped, VirtualMachine.State.Migrating, VirtualMachine.State.Shutdowned, VirtualMachine.State.Unknown);
-
- return l.size() > 0 ? l.get(0).getHypervisorType() : HypervisorType.Any;
- }
-
private boolean checkCapacity(ConsoleProxyLoadInfo proxyCountInfo, ConsoleProxyLoadInfo vmCountInfo) {
if (proxyCountInfo.getCount() * _capacityPerProxy - vmCountInfo.getCount() <= _standbyCapacity) {
@@ -969,11 +945,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
}
} else {
if (s_logger.isDebugEnabled()) {
- if (template == null) {
- s_logger.debug("Zone host is ready, but console proxy template is null");
- } else {
- s_logger.debug("Zone host is ready, but console proxy template: " + template.getId() + " is not ready on secondary storage.");
- }
+ s_logger.debug("Zone host is ready, but console proxy template: " + template.getId() + " is not ready on secondary storage.");
}
}
}
@@ -1262,7 +1234,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
value = agentMgrConfigs.get("port");
_mgmtPort = NumbersUtil.parseInt(value, 8250);
- _listener = new ConsoleProxyListener(new VmBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr, _agentMgr, _ms));
+ _listener = new ConsoleProxyListener(new VmBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr, _agentMgr, _keysMgr));
_agentMgr.registerForHostEvents(_listener, true, true, false);
_itMgr.registerGuru(VirtualMachine.Type.ConsoleProxy, this);
@@ -1677,13 +1649,11 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
@Override
public HostVO createHostVOForDirectConnectAgent(HostVO host, StartupCommand[] startup, ServerResource resource, Map<String, String> details, List<String> hostTags) {
- // TODO Auto-generated method stub
return null;
}
@Override
public DeleteHostAnswer deleteHost(HostVO host, boolean isForced, boolean isForceDeleteStorage) throws UnableDeleteHostException {
- // TODO Auto-generated method stub
return null;
}
@@ -1704,7 +1674,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
@Inject
public void setConsoleProxyAllocators(List<ConsoleProxyAllocator> consoleProxyAllocators) {
- this._consoleProxyAllocators = consoleProxyAllocators;
+ _consoleProxyAllocators = consoleProxyAllocators;
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/server/ManagementServer.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServer.java b/server/src/com/cloud/server/ManagementServer.java
index b93e027..5a6ca78 100755
--- a/server/src/com/cloud/server/ManagementServer.java
+++ b/server/src/com/cloud/server/ManagementServer.java
@@ -61,12 +61,4 @@ public interface ManagementServer extends ManagementService, PluggableService {
public long getMemoryOrCpuCapacityByHost(Long hostId, short capacityType);
- String getHashKey();
-
- String getEncryptionKey();
-
- String getEncryptionIV();
-
- void resetEncryptionKeyIV();
-
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index a015b4b..59767f3 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -19,8 +19,6 @@ package com.cloud.server;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
import java.net.URLDecoder;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
@@ -756,9 +754,6 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Inject
ClusterManager _clusterMgr;
- private String _hashKey = null;
- private String _encryptionKey = null;
- private String _encryptionIV = null;
@Inject
protected AffinityGroupVMMapDao _affinityGroupVMMapDao;
@@ -942,15 +937,6 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
return result;
}
- private Date massageDate(Date date, int hourOfDay, int minute, int second) {
- Calendar cal = Calendar.getInstance();
- cal.setTime(date);
- cal.set(Calendar.HOUR_OF_DAY, hourOfDay);
- cal.set(Calendar.MINUTE, minute);
- cal.set(Calendar.SECOND, second);
- return cal.getTime();
- }
-
@Override
public List<? extends Cluster> searchForClusters(long zoneId, Long startIndex, Long pageSizeVal, String hypervisorType) {
Filter searchFilter = new Filter(ClusterVO.class, "id", true, startIndex, pageSizeVal);
@@ -3392,65 +3378,6 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
}
@Override
- public String getHashKey() {
- // although we may have race conditioning here, database transaction serialization should
- // give us the same key
- if (_hashKey == null) {
- _hashKey = _configDao.getValueAndInitIfNotExist(Config.HashKey.key(), Config.HashKey.getCategory(), getBase64EncodedRandomKey(128), Config.HashKey.getDescription());
- }
- return _hashKey;
- }
-
- @Override
- public String getEncryptionKey() {
- if (_encryptionKey == null) {
- _encryptionKey = _configDao.getValueAndInitIfNotExist(Config.EncryptionKey.key(), Config.EncryptionKey.getCategory(), getBase64EncodedRandomKey(128),
- Config.EncryptionKey.getDescription());
- }
- return _encryptionKey;
- }
-
- @Override
- public String getEncryptionIV() {
- if (_encryptionIV == null) {
- _encryptionIV = _configDao.getValueAndInitIfNotExist(Config.EncryptionIV.key(), Config.EncryptionIV.getCategory(), getBase64EncodedRandomKey(128),
- Config.EncryptionIV.getDescription());
- }
- return _encryptionIV;
- }
-
- @Override
- @DB
- public void resetEncryptionKeyIV() {
-
- SearchBuilder<ConfigurationVO> sb = _configDao.createSearchBuilder();
- sb.and("name1", sb.entity().getName(), SearchCriteria.Op.EQ);
- sb.or("name2", sb.entity().getName(), SearchCriteria.Op.EQ);
- sb.done();
-
- SearchCriteria<ConfigurationVO> sc = sb.create();
- sc.setParameters("name1", Config.EncryptionKey.key());
- sc.setParameters("name2", Config.EncryptionIV.key());
-
- _configDao.expunge(sc);
- _encryptionKey = null;
- _encryptionIV = null;
- }
-
- private static String getBase64EncodedRandomKey(int nBits) {
- SecureRandom random;
- try {
- random = SecureRandom.getInstance("SHA1PRNG");
- byte[] keyBytes = new byte[nBits / 8];
- random.nextBytes(keyBytes);
- return Base64.encodeBase64URLSafeString(keyBytes);
- } catch (NoSuchAlgorithmException e) {
- s_logger.error("Unhandled exception: ", e);
- }
- return null;
- }
-
- @Override
public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
String accountName = cmd.getAccountName();
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/servlet/ConsoleProxyServlet.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/servlet/ConsoleProxyServlet.java b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
index 0359a45..e0deaa2 100644
--- a/server/src/com/cloud/servlet/ConsoleProxyServlet.java
+++ b/server/src/com/cloud/servlet/ConsoleProxyServlet.java
@@ -43,7 +43,7 @@ import org.springframework.web.context.support.SpringBeanAutowiringSupport;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
-import org.apache.cloudstack.api.IdentityService;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.host.HostVO;
@@ -81,13 +81,13 @@ public class ConsoleProxyServlet extends HttpServlet {
@Inject
ManagementServer _ms;
@Inject
- IdentityService _identityService;
- @Inject
EntityManager _entityMgr;
@Inject
UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ KeysManager _keysMgr;
- static ManagementServer s_ms;
+ static KeysManager s_keysMgr;
private final Gson _gson = new GsonBuilder().create();
@@ -97,7 +97,7 @@ public class ConsoleProxyServlet extends HttpServlet {
@Override
public void init(ServletConfig config) throws ServletException {
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, config.getServletContext());
- s_ms = _ms;
+ s_keysMgr = _keysMgr;
}
@Override
@@ -114,7 +114,7 @@ public class ConsoleProxyServlet extends HttpServlet {
return;
}
- if (_ms.getHashKey() == null) {
+ if (_keysMgr.getHashKey() == null) {
s_logger.debug("Console/thumbnail access denied. Ticket service is not ready yet");
sendResponse(resp, "Service is not ready");
return;
@@ -165,13 +165,15 @@ public class ConsoleProxyServlet extends HttpServlet {
}
String vmIdString = req.getParameter("vm");
- Long vmId = _identityService.getIdentityId("vm_instance", vmIdString);
- if (vmId == null) {
+ VirtualMachine vm = _entityMgr.findByUuid(VirtualMachine.class, vmIdString);
+ if (vm == null) {
s_logger.info("invalid console servlet command parameter: " + vmIdString);
sendResponse(resp, "");
return;
}
+ Long vmId = vm.getId();
+
if (!checkSessionPermision(req, vmId, accountObj)) {
sendResponse(resp, "Permission denied");
return;
@@ -344,8 +346,8 @@ public class ConsoleProxyServlet extends HttpServlet {
}
private String getEncryptorPassword() {
- String key = _ms.getEncryptionKey();
- String iv = _ms.getEncryptionIV();
+ String key = _keysMgr.getEncryptionKey();
+ String iv = _keysMgr.getEncryptionIV();
ConsoleProxyPasswordBasedEncryptor.KeyIVPair keyIvPair = new ConsoleProxyPasswordBasedEncryptor.KeyIVPair(key, iv);
return _gson.toJson(keyIvPair);
@@ -360,8 +362,7 @@ public class ConsoleProxyServlet extends HttpServlet {
Ternary<String, String, String> parsedHostInfo = parseHostInfo(portInfo.first());
String sid = vm.getVncPassword();
- String tag = String.valueOf(vm.getId());
- tag = _identityService.getIdentityUuid("vm_instance", tag);
+ String tag = vm.getUuid();
String ticket = genAccessTicket(host, String.valueOf(portInfo.second()), sid, tag);
ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor(getEncryptorPassword());
@@ -440,7 +441,7 @@ public class ConsoleProxyServlet extends HttpServlet {
long ts = normalizedHashTime.getTime();
ts = ts / 60000; // round up to 1 minute
- String secretKey = s_ms.getHashKey();
+ String secretKey = s_keysMgr.getHashKey();
SecretKeySpec keySpec = new SecretKeySpec(secretKey.getBytes(), "HmacSHA1");
mac.init(keySpec);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/tags/TaggedResourceManagerImpl.java b/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
index a202ad2..be896f0 100644
--- a/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
+++ b/server/src/com/cloud/tags/TaggedResourceManagerImpl.java
@@ -25,166 +25,113 @@ import javax.ejb.Local;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
-import org.apache.cloudstack.context.CallContext;
-import org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDao;
import org.apache.log4j.Logger;
-import org.springframework.stereotype.Component;
+
+import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.api.InternalIdentity;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
import com.cloud.api.query.dao.ResourceTagJoinDao;
-import com.cloud.dc.dao.DataCenterDao;
+import com.cloud.dc.DataCenterVO;
import com.cloud.domain.Domain;
+import com.cloud.domain.PartOf;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
-import com.cloud.network.dao.FirewallRulesDao;
-import com.cloud.network.dao.IPAddressDao;
-import com.cloud.network.dao.LoadBalancerDao;
-import com.cloud.network.dao.NetworkDao;
-import com.cloud.network.dao.RemoteAccessVpnDao;
-import com.cloud.network.dao.Site2SiteCustomerGatewayDao;
-import com.cloud.network.dao.Site2SiteVpnConnectionDao;
-import com.cloud.network.dao.Site2SiteVpnGatewayDao;
-import com.cloud.network.rules.dao.PortForwardingRulesDao;
-import com.cloud.network.security.dao.SecurityGroupDao;
-import com.cloud.network.vpc.NetworkACLItemDao;
-import com.cloud.network.vpc.dao.NetworkACLDao;
-import com.cloud.network.vpc.dao.StaticRouteDao;
-import com.cloud.network.vpc.dao.VpcDao;
-import com.cloud.network.vpc.dao.VpcGatewayDao;
-import com.cloud.projects.dao.ProjectDao;
+import com.cloud.network.dao.IPAddressVO;
+import com.cloud.network.dao.LoadBalancerVO;
+import com.cloud.network.dao.NetworkVO;
+import com.cloud.network.dao.RemoteAccessVpnVO;
+import com.cloud.network.dao.Site2SiteCustomerGatewayVO;
+import com.cloud.network.dao.Site2SiteVpnConnectionVO;
+import com.cloud.network.dao.Site2SiteVpnGatewayVO;
+import com.cloud.network.rules.FirewallRuleVO;
+import com.cloud.network.rules.PortForwardingRuleVO;
+import com.cloud.network.security.SecurityGroupVO;
+import com.cloud.network.vpc.NetworkACLItemVO;
+import com.cloud.network.vpc.NetworkACLVO;
+import com.cloud.network.vpc.StaticRouteVO;
+import com.cloud.network.vpc.VpcVO;
+import com.cloud.projects.ProjectVO;
import com.cloud.server.ResourceTag;
import com.cloud.server.ResourceTag.ResourceObjectType;
import com.cloud.server.TaggedResourceService;
-import com.cloud.service.dao.ServiceOfferingDao;
-import com.cloud.storage.dao.DiskOfferingDao;
-import com.cloud.storage.dao.SnapshotDao;
-import com.cloud.storage.dao.VMTemplateDao;
-import com.cloud.storage.dao.VolumeDao;
+import com.cloud.service.ServiceOfferingVO;
+import com.cloud.storage.DiskOfferingVO;
+import com.cloud.storage.SnapshotVO;
+import com.cloud.storage.VMTemplateVO;
+import com.cloud.storage.VolumeVO;
import com.cloud.tags.dao.ResourceTagDao;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.DomainManager;
-import com.cloud.user.dao.UserDao;
+import com.cloud.user.OwnedBy;
+import com.cloud.user.UserVO;
import com.cloud.utils.Pair;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.DB;
-import com.cloud.utils.db.DbUtil;
-import com.cloud.utils.db.GenericDao;
+import com.cloud.utils.db.EntityManager;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.db.TransactionCallbackNoReturn;
import com.cloud.utils.db.TransactionStatus;
-import com.cloud.utils.exception.CloudRuntimeException;
-import com.cloud.uuididentity.dao.IdentityDao;
-import com.cloud.vm.dao.NicDao;
-import com.cloud.vm.dao.UserVmDao;
-import com.cloud.vm.snapshot.dao.VMSnapshotDao;
+import com.cloud.vm.NicVO;
+import com.cloud.vm.UserVmVO;
+import com.cloud.vm.snapshot.VMSnapshotVO;
-@Component
@Local(value = {TaggedResourceService.class})
public class TaggedResourceManagerImpl extends ManagerBase implements TaggedResourceService {
public static final Logger s_logger = Logger.getLogger(TaggedResourceManagerImpl.class);
- private static Map<ResourceObjectType, GenericDao<?, Long>> s_daoMap = new HashMap<ResourceObjectType, GenericDao<?, Long>>();
+ private static final Map<ResourceObjectType, Class<?>> s_typeMap = new HashMap<ResourceObjectType, Class<?>>();
+ static {
+ s_typeMap.put(ResourceObjectType.UserVm, UserVmVO.class);
+ s_typeMap.put(ResourceObjectType.Volume, VolumeVO.class);
+ s_typeMap.put(ResourceObjectType.Template, VMTemplateVO.class);
+ s_typeMap.put(ResourceObjectType.ISO, VMTemplateVO.class);
+ s_typeMap.put(ResourceObjectType.Snapshot, SnapshotVO.class);
+ s_typeMap.put(ResourceObjectType.Network, NetworkVO.class);
+ s_typeMap.put(ResourceObjectType.LoadBalancer, LoadBalancerVO.class);
+ s_typeMap.put(ResourceObjectType.PortForwardingRule, PortForwardingRuleVO.class);
+ s_typeMap.put(ResourceObjectType.FirewallRule, FirewallRuleVO.class);
+ s_typeMap.put(ResourceObjectType.SecurityGroup, SecurityGroupVO.class);
+ s_typeMap.put(ResourceObjectType.PublicIpAddress, IPAddressVO.class);
+ s_typeMap.put(ResourceObjectType.Project, ProjectVO.class);
+ s_typeMap.put(ResourceObjectType.Vpc, VpcVO.class);
+ s_typeMap.put(ResourceObjectType.Nic, NicVO.class);
+ s_typeMap.put(ResourceObjectType.NetworkACL, NetworkACLVO.class);
+ s_typeMap.put(ResourceObjectType.StaticRoute, StaticRouteVO.class);
+ s_typeMap.put(ResourceObjectType.VMSnapshot, VMSnapshotVO.class);
+ s_typeMap.put(ResourceObjectType.RemoteAccessVpn, RemoteAccessVpnVO.class);
+ s_typeMap.put(ResourceObjectType.Zone, DataCenterVO.class);
+ s_typeMap.put(ResourceObjectType.ServiceOffering, ServiceOfferingVO.class);
+ s_typeMap.put(ResourceObjectType.Storage, StoragePoolVO.class);
+ s_typeMap.put(ResourceObjectType.PrivateGateway, RemoteAccessVpnVO.class);
+ s_typeMap.put(ResourceObjectType.NetworkACLList, NetworkACLItemVO.class);
+ s_typeMap.put(ResourceObjectType.VpnGateway, Site2SiteVpnGatewayVO.class);
+ s_typeMap.put(ResourceObjectType.CustomerGateway, Site2SiteCustomerGatewayVO.class);
+ s_typeMap.put(ResourceObjectType.VpnConnection, Site2SiteVpnConnectionVO.class);
+ s_typeMap.put(ResourceObjectType.User, UserVO.class);
+ s_typeMap.put(ResourceObjectType.DiskOffering, DiskOfferingVO.class);
+ }
@Inject
+ EntityManager _entityMgr;
+ @Inject
AccountManager _accountMgr;
@Inject
ResourceTagDao _resourceTagDao;
@Inject
ResourceTagJoinDao _resourceTagJoinDao;
@Inject
- IdentityDao _identityDao;
- @Inject
DomainManager _domainMgr;
- @Inject
- UserVmDao _userVmDao;
- @Inject
- VolumeDao _volumeDao;
- @Inject
- VMTemplateDao _templateDao;
- @Inject
- SnapshotDao _snapshotDao;
- @Inject
- NetworkDao _networkDao;
- @Inject
- LoadBalancerDao _lbDao;
- @Inject
- PortForwardingRulesDao _pfDao;
- @Inject
- FirewallRulesDao _firewallDao;
- @Inject
- SecurityGroupDao _securityGroupDao;
- @Inject
- RemoteAccessVpnDao _vpnDao;
- @Inject
- IPAddressDao _publicIpDao;
- @Inject
- ProjectDao _projectDao;
- @Inject
- VpcDao _vpcDao;
- @Inject
- StaticRouteDao _staticRouteDao;
- @Inject
- VMSnapshotDao _vmSnapshotDao;
- @Inject
- NicDao _nicDao;
- @Inject
- NetworkACLItemDao _networkACLItemDao;
- @Inject
- DataCenterDao _dataCenterDao;
- @Inject
- ServiceOfferingDao _serviceOffDao;
- @Inject
- PrimaryDataStoreDao _storagePoolDao;
- @Inject
- VpcGatewayDao _vpcGatewayDao;
- @Inject
- NetworkACLDao _networkACLListDao;
- @Inject
- Site2SiteVpnGatewayDao _vpnGatewayDao;
- @Inject
- Site2SiteCustomerGatewayDao _customerGatewayDao;
- @Inject
- Site2SiteVpnConnectionDao _vpnConnectionDao;
- @Inject
- UserDao _userDao;
- @Inject
- DiskOfferingDao _diskOffDao;
+
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
- s_daoMap.put(ResourceObjectType.UserVm, _userVmDao);
- s_daoMap.put(ResourceObjectType.Volume, _volumeDao);
- s_daoMap.put(ResourceObjectType.Template, _templateDao);
- s_daoMap.put(ResourceObjectType.ISO, _templateDao);
- s_daoMap.put(ResourceObjectType.Snapshot, _snapshotDao);
- s_daoMap.put(ResourceObjectType.Network, _networkDao);
- s_daoMap.put(ResourceObjectType.LoadBalancer, _lbDao);
- s_daoMap.put(ResourceObjectType.PortForwardingRule, _pfDao);
- s_daoMap.put(ResourceObjectType.FirewallRule, _firewallDao);
- s_daoMap.put(ResourceObjectType.SecurityGroup, _securityGroupDao);
- s_daoMap.put(ResourceObjectType.PublicIpAddress, _publicIpDao);
- s_daoMap.put(ResourceObjectType.Project, _projectDao);
- s_daoMap.put(ResourceObjectType.Vpc, _vpcDao);
- s_daoMap.put(ResourceObjectType.Nic, _nicDao);
- s_daoMap.put(ResourceObjectType.NetworkACL, _networkACLItemDao);
- s_daoMap.put(ResourceObjectType.StaticRoute, _staticRouteDao);
- s_daoMap.put(ResourceObjectType.VMSnapshot, _vmSnapshotDao);
- s_daoMap.put(ResourceObjectType.RemoteAccessVpn, _vpnDao);
- s_daoMap.put(ResourceObjectType.Zone, _dataCenterDao);
- s_daoMap.put(ResourceObjectType.ServiceOffering, _serviceOffDao);
- s_daoMap.put(ResourceObjectType.Storage, _storagePoolDao);
- s_daoMap.put(ResourceObjectType.PrivateGateway, _vpcGatewayDao);
- s_daoMap.put(ResourceObjectType.NetworkACLList, _networkACLListDao);
- s_daoMap.put(ResourceObjectType.VpnGateway, _vpnGatewayDao);
- s_daoMap.put(ResourceObjectType.CustomerGateway, _customerGatewayDao);
- s_daoMap.put(ResourceObjectType.VpnConnection, _vpnConnectionDao);
- s_daoMap.put(ResourceObjectType.User, _userDao);
- s_daoMap.put(ResourceObjectType.DiskOffering, _diskOffDao);
-
return true;
}
@@ -200,59 +147,31 @@ public class TaggedResourceManagerImpl extends ManagerBase implements TaggedReso
@Override
public long getResourceId(String resourceId, ResourceObjectType resourceType) {
- GenericDao<?, Long> dao = s_daoMap.get(resourceType);
- if (dao == null) {
- throw new CloudRuntimeException("Dao is not loaded for the resource type " + resourceType);
- }
- Class<?> claz = DbUtil.getEntityBeanType(dao);
-
- Long identityId = null;
-
- while (claz != null && claz != Object.class) {
- try {
- String tableName = DbUtil.getTableName(claz);
- if (tableName == null) {
- throw new InvalidParameterValueException("Unable to find resource of type " + resourceType + " in the database");
- }
- identityId = _identityDao.getIdentityId(tableName, resourceId);
- if (identityId != null) {
- break;
- }
- } catch (Exception ex) {
- //do nothing here, it might mean uuid field is missing and we have to search further
- }
- claz = claz.getSuperclass();
+ Class<?> clazz = s_typeMap.get(resourceType);
+ Object entity = _entityMgr.findByUuid(clazz, resourceId);
+ if (entity != null) {
+ return ((InternalIdentity)entity).getId();
}
-
- if (identityId == null) {
- throw new InvalidParameterValueException("Unable to find resource by id " + resourceId + " and type " + resourceType);
+ entity = _entityMgr.findById(clazz, resourceId);
+ if (entity != null) {
+ return ((InternalIdentity)entity).getId();
}
- return identityId;
+ throw new InvalidParameterValueException("Unable to find resource by id " + resourceId + " and type " + resourceType);
}
private Pair<Long, Long> getAccountDomain(long resourceId, ResourceObjectType resourceType) {
+ Class<?> clazz = s_typeMap.get(resourceType);
- Pair<Long, Long> pair = null;
- GenericDao<?, Long> dao = s_daoMap.get(resourceType);
- Class<?> claz = DbUtil.getEntityBeanType(dao);
- while (claz != null && claz != Object.class) {
- try {
- String tableName = DbUtil.getTableName(claz);
- if (tableName == null) {
- throw new InvalidParameterValueException("Unable to find resource of type " + resourceType + " in the database");
- }
- pair = _identityDao.getAccountDomainInfo(tableName, resourceId, resourceType);
- if (pair.first() != null || pair.second() != null) {
- break;
- }
- } catch (Exception ex) {
- //do nothing here, it might mean uuid field is missing and we have to search further
- }
- claz = claz.getSuperclass();
+ Object entity = _entityMgr.findById(clazz, resourceId);
+ Long accountId = null;
+ Long domainId = null;
+ if (entity instanceof OwnedBy) {
+ accountId = ((OwnedBy)entity).getAccountId();
}
- Long accountId = pair.first();
- Long domainId = pair.second();
+ if (entity instanceof PartOf) {
+ domainId = ((PartOf)entity).getDomainId();
+ }
if (accountId == null) {
accountId = Account.ACCOUNT_ID_SYSTEM;
@@ -327,32 +246,14 @@ public class TaggedResourceManagerImpl extends ManagerBase implements TaggedReso
@Override
public String getUuid(String resourceId, ResourceObjectType resourceType) {
- GenericDao<?, Long> dao = s_daoMap.get(resourceType);
- Class<?> claz = DbUtil.getEntityBeanType(dao);
-
- String identiyUUId = null;
-
- while (claz != null && claz != Object.class) {
- try {
- String tableName = DbUtil.getTableName(claz);
- if (tableName == null) {
- throw new InvalidParameterValueException("Unable to find resource of type " + resourceType + " in the database");
- }
-
- claz = claz.getSuperclass();
- if (claz == Object.class) {
- identiyUUId = _identityDao.getIdentityUuid(tableName, resourceId);
- }
- } catch (Exception ex) {
- //do nothing here, it might mean uuid field is missing and we have to search further
- }
- }
+ Class<?> clazz = s_typeMap.get(resourceType);
- if (identiyUUId == null) {
- return resourceId;
+ Object entity = _entityMgr.findById(clazz, resourceId);
+ if (entity != null && entity instanceof Identity) {
+ return ((Identity)entity).getUuid();
}
- return identiyUUId;
+ return resourceId;
}
@Override
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/uuididentity/IdentityServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/uuididentity/IdentityServiceImpl.java b/server/src/com/cloud/uuididentity/IdentityServiceImpl.java
deleted file mode 100644
index 039bb31..0000000
--- a/server/src/com/cloud/uuididentity/IdentityServiceImpl.java
+++ /dev/null
@@ -1,44 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package com.cloud.uuididentity;
-
-import javax.ejb.Local;
-import javax.inject.Inject;
-
-import org.springframework.stereotype.Component;
-
-import org.apache.cloudstack.api.IdentityService;
-
-import com.cloud.utils.component.ManagerBase;
-import com.cloud.uuididentity.dao.IdentityDao;
-
-@Component
-@Local(value = {IdentityService.class})
-public class IdentityServiceImpl extends ManagerBase implements IdentityService {
- @Inject
- private IdentityDao _identityDao;
-
- @Override
- public Long getIdentityId(String tableName, String identityString) {
- return _identityDao.getIdentityId(tableName, identityString);
- }
-
- @Override
- public String getIdentityUuid(String tableName, String identityString) {
- return _identityDao.getIdentityUuid(tableName, identityString);
- }
-}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68b8891c/server/src/com/cloud/uuididentity/dao/IdentityDao.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/uuididentity/dao/IdentityDao.java b/server/src/com/cloud/uuididentity/dao/IdentityDao.java
deleted file mode 100644
index a0978fa..0000000
--- a/server/src/com/cloud/uuididentity/dao/IdentityDao.java
+++ /dev/null
@@ -1,38 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements. See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership. The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License. You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied. See the License for the
-// specific language governing permissions and limitations
-// under the License.
-
-package com.cloud.uuididentity.dao;
-
-import com.cloud.server.ResourceTag.ResourceObjectType;
-import com.cloud.utils.Pair;
-import com.cloud.utils.db.GenericDao;
-
-public interface IdentityDao extends GenericDao<IdentityVO, Long> {
- Long getIdentityId(String tableName, String identityString);
-
- String getIdentityUuid(String tableName, String identityString);
-
- void initializeDefaultUuid(String tableName);
-
- /**
- * @param tableName
- * @param identityId
- * @param resourceType TODO
- * @return
- */
- Pair<Long, Long> getAccountDomainInfo(String tableName, Long identityId, ResourceObjectType resourceType);
-}