You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/01/24 03:33:28 UTC
[1/2] git commit: updated refs/heads/rbac to d47d4bb
Updated Branches:
refs/heads/rbac af14699c4 -> d47d4bbd2
Guard NPE due to empty policies.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/d47d4bbd
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/d47d4bbd
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/d47d4bbd
Branch: refs/heads/rbac
Commit: d47d4bbd2069e72031fd6728a448948d8fde1c6e
Parents: 344d3a3
Author: Min Chen <mi...@citrix.com>
Authored: Thu Jan 23 18:32:20 2014 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Thu Jan 23 18:32:48 2014 -0800
----------------------------------------------------------------------
server/src/com/cloud/api/query/QueryManagerImpl.java | 2 +-
.../org/apache/cloudstack/iam/server/IAMServiceImpl.java | 9 ++++++++-
2 files changed, 9 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d47d4bbd/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index e84356b..182a5e4 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -2268,7 +2268,7 @@ public class QueryManagerImpl extends ManagerBase implements QueryService {
Object id = cmd.getId();
Object keyword = cmd.getKeyword();
Long domainId = cmd.getDomainId();
- Boolean isRootAdmin = _accountMgr.isRootAdmin(account.getType());
+ Boolean isRootAdmin = _accountMgr.isRootAdmin(account.getAccountId());
// Keeping this logic consistent with domain specific zones
// if a domainId is provided, we just return the disk offering
// associated with this domain
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d47d4bbd/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
index 8a070dd..d84dad4 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
@@ -137,6 +137,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
groupSB.selectFields(groupSB.entity().getAclGroupId());
groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
SearchCriteria<Long> groupSc = groupSB.create();
+ groupSc.setParameters("account", accountId);
List<Long> groupIds = _aclGroupAccountMapDao.customSearch(groupSc, null);
@@ -340,7 +341,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
policySc.setJoinParameters("accountgroupjoin", "account", accountId);
List<Long> policyIds = _aclGroupPolicyMapDao.customSearch(policySc, null);
-
+ if (policyIds == null || policyIds.size() == 0) {
+ return new ArrayList<AclPolicy>();
+ }
SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
sb.and("ids", sb.entity().getId(), Op.IN);
SearchCriteria<AclPolicyVO> sc = sb.create();
@@ -609,6 +612,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
boolean allowed = false;
+ if (policies == null || policies.size() == 0) {
+ return allowed;
+ }
+
List<Long> policyIds = new ArrayList<Long>();
for (AclPolicy policy : policies) {
policyIds.add(policy.getId());
[2/2] git commit: updated refs/heads/rbac to d47d4bb
Posted by mc...@apache.org.
Add missing AclApiServiceImpl bean into spring xml.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/344d3a37
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/344d3a37
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/344d3a37
Branch: refs/heads/rbac
Commit: 344d3a37ccced9334f09538136432c620570f1c7
Parents: af14699
Author: Min Chen <mi...@citrix.com>
Authored: Thu Jan 23 18:14:41 2014 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Thu Jan 23 18:32:48 2014 -0800
----------------------------------------------------------------------
.../spring-acl-role-based-access-checkers-context.xml | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/344d3a37/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
----------------------------------------------------------------------
diff --git a/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml b/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
index 66f5253..5cc2dbd 100644
--- a/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
+++ b/services/iam/plugin/resources/META-INF/cloudstack/acl-role-based-access-checkers/spring-acl-role-based-access-checkers-context.xml
@@ -30,5 +30,6 @@
<bean id="RoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.RoleBasedAPIAccessChecker" />
<bean id="RoleBasedEntityAccessChecker" class="org.apache.cloudstack.acl.RoleBasedEntityAccessChecker" />
<bean id="RoleBasedEntityQuerySelector" class="org.apache.cloudstack.acl.RoleBasedEntityQuerySelector" />
+ <bean id="AclApiServiceImpl" class="org.apache.cloudstack.acl.api.AclApiServiceImpl" />
</beans>