You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by pr...@apache.org on 2013/12/13 01:42:43 UTC
[1/4] git commit: updated refs/heads/rbac to 7c6f1c1
Updated Branches:
refs/heads/rbac 67b97539a -> 7c6f1c14c
Changes to SecurityChecker
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1a985227
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1a985227
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1a985227
Branch: refs/heads/rbac
Commit: 1a985227b5b91f0233f9dd1e5f973012b3007a1f
Parents: 67b9753
Author: Prachi Damle <pr...@cloud.com>
Authored: Mon Dec 2 15:27:44 2013 -0800
Committer: Prachi Damle <pr...@cloud.com>
Committed: Thu Dec 12 16:30:53 2013 -0800
----------------------------------------------------------------------
.../apache/cloudstack/acl/SecurityChecker.java | 30 +++++++++++++++++---
api/src/org/apache/cloudstack/api/ACL.java | 2 ++
.../api/command/user/vm/StartVMCmd.java | 3 +-
.../entity/RoleBasedEntityAccessChecker.java | 6 ++++
server/src/com/cloud/acl/DomainChecker.java | 9 +++++-
5 files changed, 43 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1a985227/api/src/org/apache/cloudstack/acl/SecurityChecker.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/SecurityChecker.java b/api/src/org/apache/cloudstack/acl/SecurityChecker.java
index 4348255..d467307 100644
--- a/api/src/org/apache/cloudstack/acl/SecurityChecker.java
+++ b/api/src/org/apache/cloudstack/acl/SecurityChecker.java
@@ -67,18 +67,40 @@ public interface SecurityChecker extends Adapter {
/**
* Checks if the account can access the object.
- *
+ *
* @param caller
* account to check against.
* @param entity
* object that the account is trying to access.
* @param accessType
* TODO
- * @return true if access allowed. false if this adapter cannot provide permission.
+ * @return true if access allowed. false if this adapter cannot provide
+ * permission.
* @throws PermissionDeniedException
- * if this adapter is suppose to authenticate ownership and the check failed.
+ * if this adapter is suppose to authenticate ownership and the
+ * check failed.
+ */
+ boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType)
+ throws PermissionDeniedException;
+
+ /**
+ * Checks if the account can access the object.
+ *
+ * @param caller
+ * account to check against.
+ * @param entity
+ * object that the account is trying to access.
+ * @param accessType
+ * TODO
+ * @param action
+ * name of the API
+ * @return true if access allowed. false if this adapter cannot provide
+ * permission.
+ * @throws PermissionDeniedException
+ * if this adapter is suppose to authenticate ownership and the
+ * check failed.
*/
- boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType) throws PermissionDeniedException;
+ boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType, String action) throws PermissionDeniedException;
/**
* Checks if the user belongs to an account that can access the object.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1a985227/api/src/org/apache/cloudstack/api/ACL.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/ACL.java b/api/src/org/apache/cloudstack/api/ACL.java
index ce93b6a..58698711 100644
--- a/api/src/org/apache/cloudstack/api/ACL.java
+++ b/api/src/org/apache/cloudstack/api/ACL.java
@@ -30,6 +30,8 @@ public @interface ACL {
AccessType accessType() default AccessType.ListEntry;
+ String action() default "";
+
boolean checkKeyAccess() default false;
boolean checkValueAccess() default false;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1a985227/api/src/org/apache/cloudstack/api/command/user/vm/StartVMCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/vm/StartVMCmd.java b/api/src/org/apache/cloudstack/api/command/user/vm/StartVMCmd.java
index 6497306..98a7ece 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vm/StartVMCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vm/StartVMCmd.java
@@ -18,7 +18,6 @@ package org.apache.cloudstack.api.command.user.vm;
import org.apache.log4j.Logger;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
@@ -53,7 +52,7 @@ public class StartVMCmd extends BaseAsyncCmd {
// ////////////// API parameters /////////////////////
// ///////////////////////////////////////////////////
- @ACL(accessType = AccessType.OperateEntry)
+ @ACL
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType=UserVmResponse.class,
required = true, description = "The ID of the virtual machine")
private Long id;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1a985227/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
----------------------------------------------------------------------
diff --git a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
index 6d1fe01..ca55e1a 100644
--- a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
+++ b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
@@ -70,6 +70,12 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
@Override
public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType)
throws PermissionDeniedException {
+ return checkAccess(caller, entity, accessType, null);
+ }
+
+ @Override
+ public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType, String action)
+ throws PermissionDeniedException {
if (entity instanceof VirtualMachine) {
String entityType = AclEntityType.VM.toString();
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1a985227/server/src/com/cloud/acl/DomainChecker.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index 4df968e..5d38e9b 100755
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -93,7 +93,8 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
}
@Override
- public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType) throws PermissionDeniedException {
+ public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType)
+ throws PermissionDeniedException {
if (entity instanceof VirtualMachineTemplate) {
VirtualMachineTemplate template = (VirtualMachineTemplate) entity;
@@ -315,4 +316,10 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
}
return false;
}
+
+ @Override
+ public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType, String action)
+ throws PermissionDeniedException {
+ return checkAccess(caller, entity, accessType);
+ }
}
[3/4] ControlledEntity Interface change to return EntityType and
added values to the AclEntityType enum and
Posted by pr...@apache.org.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/ResourceTagJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/ResourceTagJoinVO.java b/server/src/com/cloud/api/query/vo/ResourceTagJoinVO.java
index cd94ba5..eaa6d5e 100644
--- a/server/src/com/cloud/api/query/vo/ResourceTagJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/ResourceTagJoinVO.java
@@ -23,6 +23,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.server.ResourceTag.ResourceObjectType;
@Entity
@@ -178,4 +180,9 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
public String getCustomer() {
return customer;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.ResourceTag;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/SecurityGroupJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/SecurityGroupJoinVO.java b/server/src/com/cloud/api/query/vo/SecurityGroupJoinVO.java
index ca1fa85..0e187cb 100644
--- a/server/src/com/cloud/api/query/vo/SecurityGroupJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/SecurityGroupJoinVO.java
@@ -23,6 +23,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.network.security.SecurityRule.SecurityRuleType;
import com.cloud.server.ResourceTag.ResourceObjectType;
@@ -302,4 +304,9 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
public String getTagCustomer() {
return tagCustomer;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.SecurityGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/TemplateJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/TemplateJoinVO.java b/server/src/com/cloud/api/query/vo/TemplateJoinVO.java
index ca5963e..34cbb7a 100644
--- a/server/src/com/cloud/api/query/vo/TemplateJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/TemplateJoinVO.java
@@ -27,6 +27,7 @@ import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
@@ -532,4 +533,9 @@ public class TemplateJoinVO extends BaseViewVO implements ControlledViewEntity {
public String getTempZonePair() {
return tempZonePair;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachineTemplate;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/UserVmJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/UserVmJoinVO.java b/server/src/com/cloud/api/query/vo/UserVmJoinVO.java
index 5aae820..2cafbf2 100644
--- a/server/src/com/cloud/api/query/vo/UserVmJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/UserVmJoinVO.java
@@ -28,6 +28,8 @@ import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.network.Network.GuestType;
import com.cloud.network.Networks.TrafficType;
@@ -899,4 +901,9 @@ public class UserVmJoinVO extends BaseViewVO implements ControlledViewEntity {
public String getDetailValue() {
return detailValue;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachine;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/VolumeJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/VolumeJoinVO.java b/server/src/com/cloud/api/query/vo/VolumeJoinVO.java
index 7c03cd7..f83ef7b 100644
--- a/server/src/com/cloud/api/query/vo/VolumeJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/VolumeJoinVO.java
@@ -25,6 +25,9 @@ import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
+
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.server.ResourceTag.ResourceObjectType;
import com.cloud.storage.Storage;
@@ -695,5 +698,8 @@ public class VolumeJoinVO extends BaseViewVO implements ControlledViewEntity {
return path;
}
-
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Volume;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/response/SecurityGroupResultObject.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/response/SecurityGroupResultObject.java b/server/src/com/cloud/api/response/SecurityGroupResultObject.java
index aab13cd..9ed8fe8 100644
--- a/server/src/com/cloud/api/response/SecurityGroupResultObject.java
+++ b/server/src/com/cloud/api/response/SecurityGroupResultObject.java
@@ -21,6 +21,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.api.ApiDBUtils;
import com.cloud.network.security.SecurityGroup;
@@ -204,4 +205,9 @@ public class SecurityGroupResultObject implements ControlledEntity, InternalIden
}
return resultObjects;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.SecurityGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/network/vpc/PrivateGatewayProfile.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/PrivateGatewayProfile.java b/server/src/com/cloud/network/vpc/PrivateGatewayProfile.java
index 421c2ab..807a9d0 100644
--- a/server/src/com/cloud/network/vpc/PrivateGatewayProfile.java
+++ b/server/src/com/cloud/network/vpc/PrivateGatewayProfile.java
@@ -16,6 +16,8 @@
// under the License.
package com.cloud.network.vpc;
+import org.apache.cloudstack.acl.AclEntityType;
+
public class PrivateGatewayProfile implements PrivateGateway {
VpcGateway vpcGateway;
@@ -111,4 +113,8 @@ public class PrivateGatewayProfile implements PrivateGateway {
return vpcGateway.getNetworkACLId();
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VpcGateway;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/user/AccountManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index 65ba15f..26e8b58 100755
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -2394,7 +2394,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
// get caller role permission on VM List
//TODO: this method needs to pass the entity type instead of current hard-code to VM for now. Also, api action name
// should be passed in caller context.
- AclPolicyPermission policyPerm = _aclService.getAclPolicyPermission(caller.getId(), AclEntityType.VM.toString(), "listVirtualMachine");
+ AclPolicyPermission policyPerm = _aclService.getAclPolicyPermission(caller.getId(),
+ AclEntityType.VirtualMachine.toString(), "listVirtualMachine");
if (policyPerm == null) {
// no list entry permission
throw new PermissionDeniedException("Caller has no policy permission assigned to list VM");
[2/4] git commit: updated refs/heads/rbac to 7c6f1c1
Posted by pr...@apache.org.
Changes to RoleBasedEntityAccessChecker to replace Role by Policy
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/d2c74bcf
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/d2c74bcf
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/d2c74bcf
Branch: refs/heads/rbac
Commit: d2c74bcf140a8f06206db1423df89039c4f0dc44
Parents: 1a98522
Author: Prachi Damle <pr...@cloud.com>
Authored: Thu Dec 12 16:25:38 2013 -0800
Committer: Prachi Damle <pr...@cloud.com>
Committed: Thu Dec 12 16:30:56 2013 -0800
----------------------------------------------------------------------
.../acl/api/RoleBasedAPIAccessChecker.java | 5 +-
.../entity/RoleBasedEntityAccessChecker.java | 103 ++++++-------------
.../apache/cloudstack/acl/AclServiceImpl.java | 9 +-
setup/db/db/schema-421to430.sql | 3 +-
4 files changed, 40 insertions(+), 80 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d2c74bcf/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/api/RoleBasedAPIAccessChecker.java
----------------------------------------------------------------------
diff --git a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/api/RoleBasedAPIAccessChecker.java b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/api/RoleBasedAPIAccessChecker.java
index f43194a..23f25ca 100644
--- a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/api/RoleBasedAPIAccessChecker.java
+++ b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/api/RoleBasedAPIAccessChecker.java
@@ -22,6 +22,7 @@ import javax.ejb.Local;
import javax.inject.Inject;
import org.apache.cloudstack.acl.APIChecker;
+import org.apache.cloudstack.acl.AclPolicy;
import org.apache.cloudstack.acl.AclRole;
import org.apache.cloudstack.acl.AclService;
import org.apache.log4j.Logger;
@@ -54,10 +55,10 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
throw new PermissionDeniedException("The account id=" + user.getAccountId() + "for user id=" + user.getId() + "is null");
}
- List<AclRole> roles = _aclService.listAclPolicies(account.getAccountId());
+ List<AclPolicy> policies = _aclService.listAclPolicies(account.getAccountId());
- boolean isAllowed = _aclService.isAPIAccessibleForPolicies(commandName, roles);
+ boolean isAllowed = _aclService.isAPIAccessibleForPolicies(commandName, policies);
if (!isAllowed) {
throw new PermissionDeniedException("The API does not exist or is blacklisted. api: " + commandName);
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d2c74bcf/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
----------------------------------------------------------------------
diff --git a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
index ca55e1a..129c001 100644
--- a/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
+++ b/plugins/acl/role-based-access-checkers/src/org/apache/cloudstack/acl/entity/RoleBasedEntityAccessChecker.java
@@ -21,28 +21,20 @@ import java.util.List;
import javax.inject.Inject;
-import org.apache.cloudstack.acl.AclEntityPermissionVO;
-import org.apache.cloudstack.acl.AclEntityType;
-import org.apache.cloudstack.acl.AclGroupAccountMapVO;
-import org.apache.cloudstack.acl.AclRole;
-import org.apache.cloudstack.acl.AclRolePermissionVO;
+import org.apache.cloudstack.acl.AclPolicy;
+import org.apache.cloudstack.acl.AclPolicyPermissionVO;
import org.apache.cloudstack.acl.AclService;
import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.acl.PermissionScope;
import org.apache.cloudstack.acl.SecurityChecker;
-import org.apache.cloudstack.acl.SecurityChecker.AccessType;
-import org.apache.cloudstack.acl.dao.AclEntityPermissionDao;
import org.apache.cloudstack.acl.dao.AclGroupAccountMapDao;
-import org.apache.cloudstack.acl.dao.AclGroupDao;
-import org.apache.cloudstack.acl.dao.AclRolePermissionDao;
-import org.apache.cloudstack.api.InternalIdentity;
+import org.apache.cloudstack.acl.dao.AclPolicyPermissionDao;
import org.apache.log4j.Logger;
import com.cloud.acl.DomainChecker;
-import com.cloud.api.ApiDispatcher;
import com.cloud.domain.dao.DomainDao;
import com.cloud.exception.PermissionDeniedException;
-import com.cloud.template.VirtualMachineTemplate;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
import com.cloud.vm.VirtualMachine;
@@ -62,10 +54,8 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
AclGroupAccountMapDao _aclGroupAccountMapDao;
@Inject
- AclEntityPermissionDao _entityPermissionDao;
+ AclPolicyPermissionDao _policyPermissionDao;
- @Inject
- AclRolePermissionDao _rolePermissionDao;
@Override
public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType)
@@ -76,71 +66,42 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
@Override
public boolean checkAccess(Account caller, ControlledEntity entity, AccessType accessType, String action)
throws PermissionDeniedException {
- if (entity instanceof VirtualMachine) {
- String entityType = AclEntityType.VM.toString();
+ String entityType = entity.getEntityType().toString();
- if (accessType == null) {
- accessType = AccessType.ListEntry;
- }
+ if (accessType == null) {
+ accessType = AccessType.ListEntry;
+ }
- // check if explicit allow/deny is present for this entity in
- // acl_entity_permission
-
- if (entity instanceof InternalIdentity) {
- InternalIdentity entityWithId = (InternalIdentity) entity;
-
- List<AclGroupAccountMapVO> acctGroups = _aclGroupAccountMapDao.listByAccountId(caller.getId());
-
- for (AclGroupAccountMapVO groupMapping : acctGroups) {
- AclEntityPermissionVO entityPermission = _entityPermissionDao.findByGroupAndEntity(
- groupMapping.getAclGroupId(), entityType, entityWithId.getId(), accessType);
-
- if (entityPermission != null) {
- if (entityPermission.isAllowed()) {
- return true;
- } else {
- if (s_logger.isDebugEnabled()) {
- s_logger.debug("Account " + caller + " does not have permission to access resource "
- + entity + " for access type: " + accessType);
- }
- throw new PermissionDeniedException(caller
- + " does not have permission to access resource " + entity);
- }
+ // get all Policies of this caller w.r.t the entity
+ List<AclPolicy> policies = _aclService.getEffectivePolicies(caller, entity);
+ HashMap<AclPolicy, Boolean> policyPermissionMap = new HashMap<AclPolicy, Boolean>();
+
+ for (AclPolicy policy : policies) {
+ List<AclPolicyPermissionVO> permissions = _policyPermissionDao.listByPolicyActionAndEntity(policy.getId(),
+ action, entityType);
+ for (AclPolicyPermissionVO permission : permissions) {
+ if (checkPermissionScope(caller, permission.getScope(), entity)) {
+ if (permission.getEntityType().equals(entityType)) {
+ policyPermissionMap.put(policy, permission.getPermission().isGranted());
+ break;
+ } else if (permission.getEntityType().equals("*")) {
+ policyPermissionMap.put(policy, permission.getPermission().isGranted());
}
}
}
-
- // get all Roles of this caller w.r.t the entity
- List<AclRole> roles = _aclService.getEffectivePolicies(caller, entity);
- HashMap<AclRole, Boolean> rolePermissionMap = new HashMap<AclRole, Boolean>();
-
- for (AclRole role : roles) {
- List<AclRolePermissionVO> permissions = _rolePermissionDao.listByRoleAndEntity(role.getId(),
- entityType, accessType);
- for (AclRolePermissionVO permission : permissions) {
- if (checkPermissionScope(caller, permission.getScope(), entity)) {
- if (permission.getEntityType().equals(entityType)) {
- rolePermissionMap.put(role, permission.isAllowed());
- break;
- } else if (permission.getEntityType().equals("*")) {
- rolePermissionMap.put(role, permission.isAllowed());
- }
- }
- }
- if (rolePermissionMap.containsKey(role) && rolePermissionMap.get(role)) {
- return true;
- }
+ if (policyPermissionMap.containsKey(policy) && policyPermissionMap.get(policy)) {
+ return true;
}
+ }
- if (!roles.isEmpty()) { // Since we reach this point, none of the
- // roles granted access
- if (s_logger.isDebugEnabled()) {
- s_logger.debug("Account " + caller + " does not have permission to access resource " + entity
- + " for access type: " + accessType);
- }
- throw new PermissionDeniedException(caller + " does not have permission to access resource " + entity);
+ if (!policies.isEmpty()) { // Since we reach this point, none of the
+ // roles granted access
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("Account " + caller + " does not have permission to access resource " + entity
+ + " for access type: " + accessType);
}
+ throw new PermissionDeniedException(caller + " does not have permission to access resource " + entity);
}
return false;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d2c74bcf/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/org/apache/cloudstack/acl/AclServiceImpl.java b/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
index 1ab4efe..f8ea1e6 100644
--- a/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
+++ b/server/src/org/apache/cloudstack/acl/AclServiceImpl.java
@@ -365,7 +365,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
@Override
public List<AclPolicy> listAclPolicies(long accountId) {
- // static roles of the account
+ // static policies of the account
SearchBuilder<AclGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
@@ -377,12 +377,12 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
SearchCriteria<Long> policySc = policySB.create();
policySc.setJoinParameters("accountgroupjoin", "account", accountId);
- List<Long> roleIds = _aclGroupPolicyMapDao.customSearch(policySc, null);
+ List<Long> policyIds = _aclGroupPolicyMapDao.customSearch(policySc, null);
SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
sb.and("ids", sb.entity().getId(), Op.IN);
SearchCriteria<AclPolicyVO> sc = sb.create();
- sc.setParameters("ids", roleIds.toArray(new Object[roleIds.size()]));
+ sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
List<AclPolicyVO> policies = _aclPolicyDao.customSearch(sc, null);
return new ArrayList<AclPolicy>(policies);
@@ -647,7 +647,6 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
SearchBuilder<AclPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
sb.and("action", sb.entity().getAction(), Op.EQ);
sb.and("policyId", sb.entity().getAclPolicyId(), Op.IN);
- sb.and("entityType", sb.entity().getEntityType(), Op.NULL);
SearchCriteria<AclPolicyPermissionVO> sc = sb.create();
sc.setParameters("policyId", policyIds.toArray(new Object[policyIds.size()]));
@@ -667,7 +666,7 @@ public class AclServiceImpl extends ManagerBase implements AclService, Manager {
// Get the static Policies of the Caller
List<AclPolicy> policies = listAclPolicies(caller.getId());
- // add any dynamic roles w.r.t the entity
+ // add any dynamic policies w.r.t the entity
if (caller.getId() == entity.getAccountId()) {
// The caller owns the entity
AclPolicy owner = _aclPolicyDao.findByName(Domain.ROOT_DOMAIN, "RESOURCE_OWNER");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d2c74bcf/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index f15f2e4..ef07458 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -378,8 +378,7 @@ INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id,
INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain admin role', UUID(), 1, 1, Now(), 'Static');
INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id, account_id, created, policy_type) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), 1, 1, Now(), 'Static');
INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin role', UUID(), 1, 1, Now(), 'Static');
--- RESOURCE_OWNER dynamic policy we will handle that inside java logic
--- INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), 1, 1, Now(), 'Dynamic');
+INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, domain_id, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 'Resource owner role', UUID(), 1, 1, Now(), 'Dynamic');
INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, domain_id, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', UUID(), 1, 1, Now());
[4/4] git commit: updated refs/heads/rbac to 7c6f1c1
Posted by pr...@apache.org.
ControlledEntity Interface change to return EntityType and added values to the AclEntityType enum and
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/7c6f1c14
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/7c6f1c14
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/7c6f1c14
Branch: refs/heads/rbac
Commit: 7c6f1c14c296c8b7e09eccedbac395ccceba5570
Parents: d2c74bc
Author: Prachi Damle <pr...@cloud.com>
Authored: Thu Dec 12 16:30:05 2013 -0800
Committer: Prachi Damle <pr...@cloud.com>
Committed: Thu Dec 12 16:31:00 2013 -0800
----------------------------------------------------------------------
api/src/com/cloud/network/NetworkProfile.java | 7 +++
.../cloud/network/vpc/StaticRouteProfile.java | 6 +++
.../apache/cloudstack/acl/AclEntityType.java | 37 +++++++++++++-
.../cloudstack/acl/AclPolicyPermission.java | 13 ++++-
.../apache/cloudstack/acl/ControlledEntity.java | 1 +
.../firewall/CreateEgressFirewallRuleCmd.java | 13 +++--
.../user/firewall/CreateFirewallRuleCmd.java | 6 +++
.../firewall/CreatePortForwardingRuleCmd.java | 6 +++
.../user/nat/CreateIpForwardingRuleCmd.java | 6 +++
.../src/com/cloud/network/addr/PublicIp.java | 11 +++-
.../cloud/network/rules/StaticNatRuleImpl.java | 6 +++
engine/schema/src/com/cloud/event/EventVO.java | 7 +++
.../com/cloud/network/UserIpv6AddressVO.java | 11 +++-
.../schema/src/com/cloud/network/VpnUserVO.java | 8 ++-
.../com/cloud/network/as/AutoScalePolicyVO.java | 7 +++
.../cloud/network/as/AutoScaleVmGroupVO.java | 7 +++
.../cloud/network/as/AutoScaleVmProfileVO.java | 6 +++
.../src/com/cloud/network/as/ConditionVO.java | 6 +++
.../src/com/cloud/network/dao/IPAddressVO.java | 7 +++
.../src/com/cloud/network/dao/NetworkVO.java | 6 +++
.../cloud/network/dao/RemoteAccessVpnVO.java | 29 +++++++----
.../network/dao/Site2SiteCustomerGatewayVO.java | 13 +++--
.../network/dao/Site2SiteVpnConnectionVO.java | 33 +++++++-----
.../network/dao/Site2SiteVpnGatewayVO.java | 25 +++++----
.../com/cloud/network/rules/FirewallRuleVO.java | 13 +++--
.../cloud/network/security/SecurityGroupVO.java | 12 +++--
.../com/cloud/network/vpc/StaticRouteVO.java | 6 +++
.../src/com/cloud/network/vpc/VpcGatewayVO.java | 53 +++++++++++---------
.../schema/src/com/cloud/network/vpc/VpcVO.java | 35 +++++++------
.../com/cloud/projects/ProjectInvitationVO.java | 8 ++-
.../src/com/cloud/storage/SnapshotVO.java | 8 +++
.../src/com/cloud/storage/VMTemplateVO.java | 7 +++
.../schema/src/com/cloud/storage/VolumeVO.java | 14 ++++--
.../src/com/cloud/tags/ResourceTagVO.java | 40 ++++++++-------
engine/schema/src/com/cloud/user/AccountVO.java | 7 +++
.../schema/src/com/cloud/user/SSHKeyPairVO.java | 28 +++++++----
.../src/com/cloud/vm/InstanceGroupVO.java | 42 +++++++++-------
.../schema/src/com/cloud/vm/VMInstanceVO.java | 13 +++--
.../src/com/cloud/vm/dao/NicIpAliasVO.java | 8 +++
.../src/com/cloud/vm/dao/NicSecondaryIpVO.java | 7 +++
.../src/com/cloud/vm/snapshot/VMSnapshotVO.java | 14 ++++--
.../org/apache/cloudstack/acl/AclGroupVO.java | 5 ++
.../org/apache/cloudstack/acl/AclPolicyVO.java | 5 ++
.../acl/dao/AclPolicyPermissionDao.java | 1 +
.../acl/dao/AclPolicyPermissionDaoImpl.java | 9 ++++
.../cloudstack/affinity/AffinityGroupVO.java | 6 +++
.../engine/cloud/entity/api/db/VMEntityVO.java | 7 +++
.../region/gslb/GlobalLoadBalancerRuleVO.java | 8 +++
.../storage/image/store/TemplateObject.java | 6 +++
.../storage/snapshot/SnapshotObject.java | 6 +++
.../storage/image/TemplateEntityImpl.java | 7 +++
.../storage/snapshot/SnapshotEntityImpl.java | 6 +++
.../cloudstack/storage/volume/VolumeObject.java | 7 +++
.../com/cloud/api/query/vo/AclGroupJoinVO.java | 5 ++
.../com/cloud/api/query/vo/AclPolicyJoinVO.java | 5 ++
.../cloud/api/query/vo/AffinityGroupJoinVO.java | 6 +++
.../cloud/api/query/vo/DomainRouterJoinVO.java | 7 +++
.../src/com/cloud/api/query/vo/EventJoinVO.java | 7 +++
.../cloud/api/query/vo/InstanceGroupJoinVO.java | 7 +++
.../api/query/vo/ProjectInvitationJoinVO.java | 7 +++
.../cloud/api/query/vo/ResourceTagJoinVO.java | 7 +++
.../cloud/api/query/vo/SecurityGroupJoinVO.java | 7 +++
.../com/cloud/api/query/vo/TemplateJoinVO.java | 6 +++
.../com/cloud/api/query/vo/UserVmJoinVO.java | 7 +++
.../com/cloud/api/query/vo/VolumeJoinVO.java | 8 ++-
.../api/response/SecurityGroupResultObject.java | 6 +++
.../network/vpc/PrivateGatewayProfile.java | 6 +++
.../src/com/cloud/user/AccountManagerImpl.java | 3 +-
68 files changed, 603 insertions(+), 156 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/com/cloud/network/NetworkProfile.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/NetworkProfile.java b/api/src/com/cloud/network/NetworkProfile.java
index 542df3e..025b8d2 100644
--- a/api/src/com/cloud/network/NetworkProfile.java
+++ b/api/src/com/cloud/network/NetworkProfile.java
@@ -18,6 +18,8 @@ package com.cloud.network;
import java.net.URI;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.network.Networks.BroadcastDomainType;
import com.cloud.network.Networks.Mode;
import com.cloud.network.Networks.TrafficType;
@@ -276,4 +278,9 @@ public class NetworkProfile implements Network {
public String getIp6Cidr() {
return ip6Cidr;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Network;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/com/cloud/network/vpc/StaticRouteProfile.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/vpc/StaticRouteProfile.java b/api/src/com/cloud/network/vpc/StaticRouteProfile.java
index 301bb23..e3bbc68 100644
--- a/api/src/com/cloud/network/vpc/StaticRouteProfile.java
+++ b/api/src/com/cloud/network/vpc/StaticRouteProfile.java
@@ -16,6 +16,7 @@
// under the License.
package com.cloud.network.vpc;
+import org.apache.cloudstack.acl.AclEntityType;
public class StaticRouteProfile implements StaticRoute {
private long id;
@@ -104,4 +105,9 @@ public class StaticRouteProfile implements StaticRoute {
return netmask;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.StaticRoute;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/acl/AclEntityType.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/AclEntityType.java b/api/src/org/apache/cloudstack/acl/AclEntityType.java
index 109c7dc..096fcd2 100644
--- a/api/src/org/apache/cloudstack/acl/AclEntityType.java
+++ b/api/src/org/apache/cloudstack/acl/AclEntityType.java
@@ -2,6 +2,39 @@ package org.apache.cloudstack.acl;
public enum AclEntityType {
// currently supported entity, to be added one by one after we support acl on the entity
- VM,
- VOLUME;
+ VirtualMachine,
+ Volume,
+ ResourceTag,
+ Account,
+ AffinityGroup,
+ AutoScalePolicy,
+ AutoScaleVmGroup,
+ AutoScaleVmProfile,
+ Condition,
+ Vpc,
+ VpcGateway,
+ VpnUser,
+ VMSnapshot,
+ VirtualMachineTemplate,
+ UserIpv6Address,
+ StaticRoute,
+ SSHKeyPair,
+ Snapshot,
+ Site2SiteVpnGateway,
+ Site2SiteVpnConnection,
+ Site2SiteCustomerGateway,
+ SecurityGroup,
+ RemoteAccessVpn,
+ PublicIpAddress,
+ ProjectInvitation,
+ NicSecondaryIp,
+ NicIpAlias,
+ Network,
+ IpAddress,
+ InstanceGroup,
+ GlobalLoadBalancerRule,
+ FirewallRule,
+ Event,
+ AclPolicy,
+ AclGroup;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java b/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java
index 02d557e..c5f5cbe 100644
--- a/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java
+++ b/api/src/org/apache/cloudstack/acl/AclPolicyPermission.java
@@ -36,8 +36,17 @@ public interface AclPolicyPermission extends InternalIdentity {
Permission getPermission();
public enum Permission {
- Allow,
- Deny
+ Allow(true), Deny(false);
+
+ boolean result;
+
+ Permission(boolean result) {
+ this.result = result;
+ }
+
+ public boolean isGranted() {
+ return result;
+ }
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/acl/ControlledEntity.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/ControlledEntity.java b/api/src/org/apache/cloudstack/acl/ControlledEntity.java
index 3e04126..5b95927 100644
--- a/api/src/org/apache/cloudstack/acl/ControlledEntity.java
+++ b/api/src/org/apache/cloudstack/acl/ControlledEntity.java
@@ -30,4 +30,5 @@ public interface ControlledEntity extends OwnedBy, PartOf {
Domain
}
+ AclEntityType getEntityType();
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
index 05a2c5d..75e87ab 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
@@ -22,13 +22,13 @@ import java.util.List;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.BaseAsyncCreateCmd;
-import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.FirewallResponse;
@@ -112,7 +112,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F
return vpcId;
}
-
+
// ///////////////////////////////////////////////////
// ///////////// API Implementation///////////////////
@@ -246,7 +246,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F
if (getVpcId() != null ){
throw new InvalidParameterValueException("Unable to create firewall rule for the network id=" + networkId +
- " as firewall egress rule can be created only for non vpc networks.");
+ " as firewall egress rule can be created only for non vpc networks.");
}
try {
@@ -287,7 +287,7 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F
return getNetworkId();
}
-
+
@Override
public Integer getIcmpCode() {
if (icmpCode != null) {
@@ -339,4 +339,9 @@ public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements F
return null;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
index 9f84152..53ba0fe 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
@@ -19,6 +19,7 @@ package org.apache.cloudstack.api.command.user.firewall;
import java.util.ArrayList;
import java.util.List;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -328,4 +329,9 @@ public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements Firewal
return FirewallRule.TrafficType.Ingress;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
index ff63d08..1ebe3d4 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.firewall;
import java.util.List;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -398,4 +399,9 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P
return null;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java b/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java
index 39790fa..4e78230 100644
--- a/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/nat/CreateIpForwardingRuleCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.nat;
import java.util.List;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.api.ApiConstants;
@@ -314,4 +315,9 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Sta
return null;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/components-api/src/com/cloud/network/addr/PublicIp.java
----------------------------------------------------------------------
diff --git a/engine/components-api/src/com/cloud/network/addr/PublicIp.java b/engine/components-api/src/com/cloud/network/addr/PublicIp.java
index b18c691..c0c1091 100644
--- a/engine/components-api/src/com/cloud/network/addr/PublicIp.java
+++ b/engine/components-api/src/com/cloud/network/addr/PublicIp.java
@@ -18,6 +18,8 @@ package com.cloud.network.addr;
import java.util.Date;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.dc.VlanVO;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.IPAddressVO;
@@ -40,7 +42,7 @@ public class PublicIp implements PublicIpAddress {
public static PublicIp createFromAddrAndVlan(IPAddressVO addr, VlanVO vlan) {
return new PublicIp(addr, vlan, NetUtils.createSequenceBasedMacAddress(addr.getMacAddress()));
}
-
+
@Override
public Ip getAddress() {
return _addr.getAddress();
@@ -194,7 +196,7 @@ public class PublicIp implements PublicIpAddress {
public boolean getSystem() {
return _addr.getSystem();
}
-
+
@Override
public Long getVpcId() {
return _addr.getVpcId();
@@ -232,4 +234,9 @@ public class PublicIp implements PublicIpAddress {
public Long getIpMacAddress() {
return _addr.getMacAddress();
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.PublicIpAddress;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java
----------------------------------------------------------------------
diff --git a/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java b/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java
index 6103689..8c3d557 100644
--- a/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java
+++ b/engine/components-api/src/com/cloud/network/rules/StaticNatRuleImpl.java
@@ -18,6 +18,7 @@ package com.cloud.network.rules;
import java.util.List;
+import org.apache.cloudstack.acl.AclEntityType;
public class StaticNatRuleImpl implements StaticNatRule {
long id;
@@ -144,4 +145,9 @@ public class StaticNatRuleImpl implements StaticNatRule {
return null;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/event/EventVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/event/EventVO.java b/engine/schema/src/com/cloud/event/EventVO.java
index 2c30ead..d422fc1 100644
--- a/engine/schema/src/com/cloud/event/EventVO.java
+++ b/engine/schema/src/com/cloud/event/EventVO.java
@@ -29,6 +29,8 @@ import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@@ -191,4 +193,9 @@ public class EventVO implements Event {
public void setArchived(Boolean archived) {
this.archived = archived;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Event;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java b/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java
index 70eb12d..d3cc95a 100644
--- a/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java
+++ b/engine/schema/src/com/cloud/network/UserIpv6AddressVO.java
@@ -29,6 +29,8 @@ import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@@ -72,10 +74,10 @@ public class UserIpv6AddressVO implements UserIpv6Address {
@Column(name="domain_id")
private Long domainId = null;
-
+
@Column(name = GenericDao.CREATED_COLUMN)
Date created;
-
+
protected UserIpv6AddressVO() {
this.uuid = UUID.randomUUID().toString();
}
@@ -185,4 +187,9 @@ public class UserIpv6AddressVO implements UserIpv6Address {
public void setCreated(Date created) {
this.created = created;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.UserIpv6Address;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/VpnUserVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/VpnUserVO.java b/engine/schema/src/com/cloud/network/VpnUserVO.java
index 5a8e531..f54a13b 100644
--- a/engine/schema/src/com/cloud/network/VpnUserVO.java
+++ b/engine/schema/src/com/cloud/network/VpnUserVO.java
@@ -27,9 +27,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
-import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.acl.AclEntityType;
import com.cloud.utils.db.Encrypt;
-import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name=("vpn_users"))
@@ -128,4 +127,9 @@ public class VpnUserVO implements VpnUser {
public void setUuid(String uuid) {
this.uuid = uuid;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VpnUser;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java b/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java
index f8fbcb4..f42364a 100644
--- a/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java
+++ b/engine/schema/src/com/cloud/network/as/AutoScalePolicyVO.java
@@ -29,6 +29,8 @@ import javax.persistence.InheritanceType;
import javax.persistence.Table;
import com.cloud.utils.db.GenericDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@@ -131,4 +133,9 @@ public class AutoScalePolicyVO implements AutoScalePolicy, InternalIdentity {
public void setQuietTime(Integer quietTime) {
this.quietTime = quietTime;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AutoScalePolicy;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java b/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java
index d1d85f9..9a8c238 100644
--- a/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java
+++ b/engine/schema/src/com/cloud/network/as/AutoScaleVmGroupVO.java
@@ -29,6 +29,8 @@ import javax.persistence.InheritanceType;
import javax.persistence.Table;
import com.cloud.utils.db.GenericDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@@ -188,4 +190,9 @@ public class AutoScaleVmGroupVO implements AutoScaleVmGroup, InternalIdentity {
public String getUuid() {
return uuid;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AutoScaleVmGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java b/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java
index 011be2b..9b048b9 100644
--- a/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java
+++ b/engine/schema/src/com/cloud/network/as/AutoScaleVmProfileVO.java
@@ -33,6 +33,7 @@ import javax.persistence.Inheritance;
import javax.persistence.InheritanceType;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.Identity;
import com.cloud.utils.Pair;
import com.cloud.utils.db.GenericDao;
@@ -215,4 +216,9 @@ public class AutoScaleVmProfileVO implements AutoScaleVmProfile, Identity, Inter
public long getAutoScaleUserId() {
return autoscaleUserId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AutoScaleVmProfile;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/as/ConditionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/as/ConditionVO.java b/engine/schema/src/com/cloud/network/as/ConditionVO.java
index bbae72f..e57bef0 100644
--- a/engine/schema/src/com/cloud/network/as/ConditionVO.java
+++ b/engine/schema/src/com/cloud/network/as/ConditionVO.java
@@ -29,6 +29,7 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.Identity;
import com.cloud.utils.db.GenericDao;
import org.apache.cloudstack.api.InternalIdentity;
@@ -126,4 +127,9 @@ public class ConditionVO implements Condition, Identity, InternalIdentity {
public Date getRemoved() {
return removed;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Condition;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/IPAddressVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/IPAddressVO.java b/engine/schema/src/com/cloud/network/dao/IPAddressVO.java
index c5f17504..a4c2267 100644
--- a/engine/schema/src/com/cloud/network/dao/IPAddressVO.java
+++ b/engine/schema/src/com/cloud/network/dao/IPAddressVO.java
@@ -31,6 +31,8 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.network.IpAddress;
import com.cloud.utils.net.Ip;
@@ -333,4 +335,9 @@ public class IPAddressVO implements IpAddress {
public Long getNetworkId() {
return sourceNetworkId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.IpAddress;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/NetworkVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/NetworkVO.java b/engine/schema/src/com/cloud/network/dao/NetworkVO.java
index 6580ea0..1ca7a93 100644
--- a/engine/schema/src/com/cloud/network/dao/NetworkVO.java
+++ b/engine/schema/src/com/cloud/network/dao/NetworkVO.java
@@ -29,6 +29,7 @@ import javax.persistence.Table;
import javax.persistence.TableGenerator;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.network.Network;
@@ -562,4 +563,9 @@ public class NetworkVO implements Network {
public Long getNetworkACLId() {
return networkACLId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Network;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java b/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java
index af82281..349f4bd 100644
--- a/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java
+++ b/engine/schema/src/com/cloud/network/dao/RemoteAccessVpnVO.java
@@ -25,6 +25,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.network.RemoteAccessVpn;
@Entity
@@ -35,13 +37,13 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
@Column(name="network_id")
private Long networkId;
-
+
@Column(name="domain_id")
private long domainId;
@Column(name="vpn_server_addr_id")
private long serverAddressId;
-
+
@Column(name="local_ip")
private String localIp;
@@ -50,22 +52,22 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
@Column(name="ipsec_psk")
private String ipsecPresharedKey;
-
+
@Column(name="state")
private State state;
-
+
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name="uuid")
private String uuid;
@Column(name="vpc_id")
private Long vpcId;
-
- public RemoteAccessVpnVO() {
+
+ public RemoteAccessVpnVO() {
this.uuid = UUID.randomUUID().toString();
}
@@ -81,12 +83,12 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
this.uuid = UUID.randomUUID().toString();
this.vpcId = vpcId;
}
-
+
@Override
public State getState() {
return state;
}
-
+
public void setState(State state) {
this.state = state;
}
@@ -95,7 +97,7 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
public long getAccountId() {
return accountId;
}
-
+
@Override
public long getServerAddressId() {
return serverAddressId;
@@ -128,7 +130,7 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
public long getDomainId() {
return domainId;
}
-
+
@Override
public Long getNetworkId() {
return networkId;
@@ -148,4 +150,9 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
public Long getVpcId() {
return vpcId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.RemoteAccessVpn;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
index fe0a403..6a87b62 100644
--- a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
@@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
-//
+//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@@ -29,6 +29,8 @@ import javax.persistence.Table;
import com.cloud.network.Site2SiteCustomerGateway;
import com.cloud.utils.db.Encrypt;
import com.cloud.utils.db.GenericDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@@ -72,7 +74,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
@Column(name="domain_id")
private Long domainId;
-
+
@Column(name="account_id")
private Long accountId;
@@ -195,7 +197,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
public String getUuid() {
return uuid;
}
-
+
@Override
public long getDomainId() {
return domainId;
@@ -205,4 +207,9 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
public long getAccountId() {
return accountId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Site2SiteCustomerGateway;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
index d99823f..ba73b95 100644
--- a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnConnectionVO.java
@@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
-//
+//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@@ -31,6 +31,8 @@ import javax.persistence.Table;
import com.cloud.network.Site2SiteVpnConnection;
import com.cloud.network.Site2SiteVpnConnection.State;
import com.cloud.utils.db.GenericDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@@ -40,32 +42,32 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name="uuid")
- private String uuid;
-
+ private String uuid;
+
@Column(name="vpn_gateway_id")
private long vpnGatewayId;
-
+
@Column(name="customer_gateway_id")
private long customerGatewayId;
@Column(name="state")
@Enumerated(value=EnumType.STRING)
private State state;
-
+
@Column(name="domain_id")
private Long domainId;
-
+
@Column(name="account_id")
private Long accountId;
@Column(name=GenericDao.CREATED_COLUMN)
private Date created;
-
+
@Column(name=GenericDao.REMOVED_COLUMN)
private Date removed;
-
+
@Column(name="passive")
private boolean passive;
@@ -80,12 +82,12 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna
this.domainId = domainId;
this.passive = passive;
}
-
+
@Override
public long getId() {
return id;
}
-
+
@Override
public State getState() {
return state;
@@ -130,11 +132,11 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna
public void setRemoved(Date removed) {
this.removed = removed;
}
-
+
public String getUuid() {
return uuid;
}
-
+
@Override
public long getDomainId() {
return domainId;
@@ -152,4 +154,9 @@ public class Site2SiteVpnConnectionVO implements Site2SiteVpnConnection, Interna
public void setPassive(boolean passive) {
this.passive = passive;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Site2SiteVpnConnection;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
index 1e12971..69b129e 100644
--- a/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteVpnGatewayVO.java
@@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
-//
+//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@@ -28,6 +28,8 @@ import javax.persistence.Table;
import com.cloud.network.Site2SiteVpnGateway;
import com.cloud.utils.db.GenericDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@@ -37,10 +39,10 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name="uuid")
- private String uuid;
-
+ private String uuid;
+
@Column(name="addr_id")
private long addrId;
@@ -49,13 +51,13 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
@Column(name="domain_id")
private Long domainId;
-
+
@Column(name="account_id")
private Long accountId;
@Column(name=GenericDao.REMOVED_COLUMN)
private Date removed;
-
+
public Site2SiteVpnGatewayVO() { }
public Site2SiteVpnGatewayVO(long accountId, long domainId, long addrId, long vpcId) {
@@ -65,7 +67,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
this.accountId = accountId;
this.domainId = domainId;
}
-
+
@Override
public long getId() {
return id;
@@ -75,7 +77,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
public long getVpcId() {
return vpcId;
}
-
+
public void setVpcId(long vpcId) {
this.vpcId = vpcId;
}
@@ -101,7 +103,7 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
public String getUuid() {
return uuid;
}
-
+
@Override
public long getDomainId() {
return domainId;
@@ -111,4 +113,9 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway {
public long getAccountId() {
return accountId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Site2SiteVpnGateway;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
index a51c364..48a6d7d 100644
--- a/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
+++ b/engine/schema/src/com/cloud/network/rules/FirewallRuleVO.java
@@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
-//
+//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@@ -34,6 +34,8 @@ import javax.persistence.InheritanceType;
import javax.persistence.Table;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.NetUtils;
@@ -192,7 +194,7 @@ public class FirewallRuleVO implements FirewallRule {
this.uuid = UUID.randomUUID().toString();
}
- public FirewallRuleVO(String xId, Long ipAddressId, Integer portStart, Integer portEnd, String protocol,
+ public FirewallRuleVO(String xId, Long ipAddressId, Integer portStart, Integer portEnd, String protocol,
long networkId, long accountId, long domainId, Purpose purpose, List<String> sourceCidrs, Integer icmpCode,
Integer icmpType, Long related, TrafficType trafficType) {
this.xId = xId;
@@ -230,7 +232,7 @@ public class FirewallRuleVO implements FirewallRule {
this.type = type;
}
- public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId,
+ public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId,
long domainId, Purpose purpose, List<String> sourceCidrs, Integer icmpCode, Integer icmpType, Long related) {
this(xId, ipAddressId, port, port, protocol, networkId, accountId, domainId, purpose, sourceCidrs, icmpCode, icmpType, related, null);
}
@@ -272,4 +274,9 @@ public class FirewallRuleVO implements FirewallRule {
public TrafficType getTrafficType() {
return trafficType;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.FirewallRule;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java b/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java
index be7c593..a4214f4 100644
--- a/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java
+++ b/engine/schema/src/com/cloud/network/security/SecurityGroupVO.java
@@ -25,6 +25,7 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
@@ -50,7 +51,7 @@ public class SecurityGroupVO implements SecurityGroup {
@Column(name = "uuid")
private String uuid;
-
+
public SecurityGroupVO() {
this.uuid = UUID.randomUUID().toString();
}
@@ -87,13 +88,18 @@ public class SecurityGroupVO implements SecurityGroup {
public long getAccountId() {
return accountId;
}
-
+
@Override
public String getUuid() {
return this.uuid;
}
-
+
public void setUuid(String uuid) {
this.uuid = uuid;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.SecurityGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java b/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java
index eb4c61b..b7c4991 100644
--- a/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java
+++ b/engine/schema/src/com/cloud/network/vpc/StaticRouteVO.java
@@ -28,6 +28,7 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.Identity;
import com.cloud.utils.db.GenericDao;
import org.apache.cloudstack.api.InternalIdentity;
@@ -138,4 +139,9 @@ public class StaticRouteVO implements StaticRoute {
buf.append(uuid).append("|").append(cidr).append("|").append(vpcGatewayId).append("]");
return buf.toString();
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.StaticRoute;
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java b/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java
index 54cfbd1..9288375 100644
--- a/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java
+++ b/engine/schema/src/com/cloud/network/vpc/VpcGatewayVO.java
@@ -28,58 +28,60 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@Table(name="vpc_gateways")
public class VpcGatewayVO implements VpcGateway {
-
+
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name = "ip4_address")
String ip4Address;
-
- @Column(name="gateway")
+
+ @Column(name="gateway")
String gateway;
-
- @Column(name="netmask")
+
+ @Column(name="netmask")
String netmask;
-
- @Column(name="vlan_tag")
+
+ @Column(name="vlan_tag")
String broadcastUri;
-
+
@Column(name = "type")
@Enumerated(value = EnumType.STRING)
VpcGateway.Type type;
-
+
@Column(name="vpc_id")
Long vpcId;
-
+
@Column(name="zone_id")
long zoneId;
-
+
@Column(name="network_id")
long networkId;
-
+
@Column(name=GenericDao.CREATED_COLUMN)
Date created;
-
+
@Column(name=GenericDao.REMOVED_COLUMN)
Date removed;
-
+
@Column(name="uuid")
private String uuid;
-
+
@Column(name = "account_id")
long accountId;
@Column(name = "domain_id")
long domainId;
-
+
@Column(name="state")
@Enumerated(value=EnumType.STRING)
State state;
@@ -95,7 +97,7 @@ public class VpcGatewayVO implements VpcGateway {
protected VpcGatewayVO(){
this.uuid = UUID.randomUUID().toString();
}
-
+
/**
* @param ip4Address
* @param type
@@ -110,7 +112,7 @@ public class VpcGatewayVO implements VpcGateway {
* @param account_id
* @param sourceNat
*/
- public VpcGatewayVO(String ip4Address, Type type, long vpcId, long zoneId, long networkId, String broadcastUri,
+ public VpcGatewayVO(String ip4Address, Type type, long vpcId, long zoneId, long networkId, String broadcastUri,
String gateway, String netmask, long accountId, long domainId, boolean sourceNat, long networkACLId) {
this.ip4Address = ip4Address;
this.type = type;
@@ -131,9 +133,9 @@ public class VpcGatewayVO implements VpcGateway {
@Override
public String getUuid() {
- return this.uuid;
+ return this.uuid;
}
-
+
@Override
public long getId() {
return id;
@@ -163,7 +165,7 @@ public class VpcGatewayVO implements VpcGateway {
public long getNetworkId() {
return networkId;
}
-
+
@Override
public String toString() {
StringBuilder buf = new StringBuilder("VpcGateway[");
@@ -185,7 +187,7 @@ public class VpcGatewayVO implements VpcGateway {
public String getBroadcastUri() {
return broadcastUri;
}
-
+
@Override
public long getAccountId() {
return accountId;
@@ -218,4 +220,9 @@ public class VpcGatewayVO implements VpcGateway {
public long getNetworkACLId() {
return networkACLId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VpcGateway;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/network/vpc/VpcVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/vpc/VpcVO.java b/engine/schema/src/com/cloud/network/vpc/VpcVO.java
index 7b784eb..ed179be 100644
--- a/engine/schema/src/com/cloud/network/vpc/VpcVO.java
+++ b/engine/schema/src/com/cloud/network/vpc/VpcVO.java
@@ -26,6 +26,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@@ -34,13 +36,13 @@ public class VpcVO implements Vpc {
@Id
@Column(name="id")
long id;
-
+
@Column(name="uuid")
private String uuid;
-
+
@Column(name="name")
private String name;
-
+
@Column(name = "display_text")
String displayText;
@@ -49,36 +51,36 @@ public class VpcVO implements Vpc {
@Column(name="cidr")
private String cidr = null;
-
+
@Column(name="domain_id")
Long domainId = null;
-
+
@Column(name="account_id")
Long accountId = null;
@Column(name="state")
@Enumerated(value=EnumType.STRING)
State state;
-
+
@Column(name="vpc_offering_id")
long vpcOfferingId;
-
+
@Column(name=GenericDao.REMOVED_COLUMN)
Date removed;
@Column(name=GenericDao.CREATED_COLUMN)
Date created;
-
+
@Column(name="network_domain")
String networkDomain;
-
+
@Column(name="restart_required")
boolean restartRequired = false;
-
+
public VpcVO() {
this.uuid = UUID.randomUUID().toString();
}
-
+
public VpcVO(long zoneId, String name, String displayText, long accountId, long domainId, long vpcOffId, String cidr,
String networkDomain) {
this.zoneId = zoneId;
@@ -117,7 +119,7 @@ public class VpcVO implements Vpc {
public String getCidr() {
return cidr;
}
-
+
@Override
public long getDomainId() {
return domainId;
@@ -158,7 +160,7 @@ public class VpcVO implements Vpc {
public void setDisplayText(String displayText) {
this.displayText = displayText;
}
-
+
@Override
public String toString() {
StringBuilder buf = new StringBuilder("[VPC [");
@@ -169,7 +171,7 @@ public class VpcVO implements Vpc {
public String getNetworkDomain() {
return networkDomain;
}
-
+
public void setRestartRequired(boolean restartRequired) {
this.restartRequired = restartRequired;
}
@@ -178,4 +180,9 @@ public class VpcVO implements Vpc {
public boolean isRestartRequired() {
return restartRequired;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Vpc;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java b/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java
index 78f05c7..aee3bd9 100644
--- a/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java
+++ b/engine/schema/src/com/cloud/projects/ProjectInvitationVO.java
@@ -28,9 +28,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
-import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.acl.AclEntityType;
import com.cloud.utils.db.GenericDao;
-import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name = "project_invitations")
@@ -147,4 +146,9 @@ public class ProjectInvitationVO implements ProjectInvitation {
public long getAccountId() {
return forAccountId == null ? -1 : forAccountId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.ProjectInvitation;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/storage/SnapshotVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/storage/SnapshotVO.java b/engine/schema/src/com/cloud/storage/SnapshotVO.java
index e391274..eeb1ebb 100644
--- a/engine/schema/src/com/cloud/storage/SnapshotVO.java
+++ b/engine/schema/src/com/cloud/storage/SnapshotVO.java
@@ -21,6 +21,9 @@ import com.cloud.utils.db.GenericDao;
import com.google.gson.annotations.Expose;
import javax.persistence.*;
+
+import org.apache.cloudstack.acl.AclEntityType;
+
import java.util.Date;
import java.util.UUID;
@@ -226,4 +229,9 @@ public class SnapshotVO implements Snapshot {
public void setUuid(String uuid) {
this.uuid = uuid;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Snapshot;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/storage/VMTemplateVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/storage/VMTemplateVO.java b/engine/schema/src/com/cloud/storage/VMTemplateVO.java
index 6c2447c..418f0d1 100755
--- a/engine/schema/src/com/cloud/storage/VMTemplateVO.java
+++ b/engine/schema/src/com/cloud/storage/VMTemplateVO.java
@@ -31,6 +31,8 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.storage.Storage.ImageFormat;
import com.cloud.storage.Storage.TemplateType;
@@ -573,4 +575,9 @@ public class VMTemplateVO implements VirtualMachineTemplate {
this.updated = updated;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachineTemplate;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/storage/VolumeVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/storage/VolumeVO.java b/engine/schema/src/com/cloud/storage/VolumeVO.java
index 1bdd09f..9a05d5d 100755
--- a/engine/schema/src/com/cloud/storage/VolumeVO.java
+++ b/engine/schema/src/com/cloud/storage/VolumeVO.java
@@ -32,10 +32,11 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.utils.NumbersUtil;
import com.cloud.utils.db.GenericDao;
-import com.cloud.vm.VirtualMachine.State;
@Entity
@Table(name = "volumes")
@@ -156,7 +157,7 @@ public class VolumeVO implements Volume {
@Column(name = "iso_id")
private Long isoId;
-
+
@Transient
// @Column(name="reservation")
String reservationId;
@@ -558,7 +559,7 @@ public class VolumeVO implements Volume {
public void setFormat(Storage.ImageFormat format) {
this.format = format;
}
-
+
public void setVmSnapshotChainSize(Long vmSnapshotChainSize){
this.vmSnapshotChainSize = vmSnapshotChainSize;
}
@@ -574,10 +575,15 @@ public class VolumeVO implements Volume {
public void setIsoId(Long isoId) {
this.isoId =isoId;
}
-
+
// don't use this directly, use volume state machine instead
// This method is used by UpdateVolume as a part of "Better control over first class objects in CS"
public void setState(State state) {
this.state = state;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Volume;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/tags/ResourceTagVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/tags/ResourceTagVO.java b/engine/schema/src/com/cloud/tags/ResourceTagVO.java
index 6130390..19851c4 100644
--- a/engine/schema/src/com/cloud/tags/ResourceTagVO.java
+++ b/engine/schema/src/com/cloud/tags/ResourceTagVO.java
@@ -27,53 +27,52 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
-import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.acl.AclEntityType;
import com.cloud.server.ResourceTag;
-import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name="resource_tags")
public class ResourceTagVO implements ResourceTag {
-
+
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name="uuid")
private String uuid;
-
+
@Column(name="key")
private String key;
-
+
@Column(name="value")
String value;
-
+
@Column(name="domain_id")
long domainId;
@Column(name="account_id")
long accountId;
-
+
@Column(name="resource_id")
long resourceId;
-
+
@Column(name="resource_uuid")
private String resourceUuid;
-
+
@Column(name="resource_type")
@Enumerated(value=EnumType.STRING)
private ResourceObjectType resourceType;
-
+
@Column(name="customer")
String customer;
-
+
protected ResourceTagVO(){
this.uuid = UUID.randomUUID().toString();
}
-
+
/**
* @param key
* @param value
@@ -84,7 +83,7 @@ public class ResourceTagVO implements ResourceTag {
* @param customer TODO
* @param resourceUuid TODO
*/
- public ResourceTagVO(String key, String value, long accountId, long domainId, long resourceId,
+ public ResourceTagVO(String key, String value, long accountId, long domainId, long resourceId,
ResourceObjectType resourceType, String customer, String resourceUuid) {
super();
this.key = key;
@@ -97,8 +96,8 @@ public class ResourceTagVO implements ResourceTag {
this.customer = customer;
this.resourceUuid = resourceUuid;
}
-
-
+
+
@Override
public String toString() {
StringBuilder buf = new StringBuilder("Tag[");
@@ -107,7 +106,7 @@ public class ResourceTagVO implements ResourceTag {
.append("|accountId=").append(accountId).append("]");
return buf.toString();
}
-
+
@Override
public long getId() {
return id;
@@ -147,7 +146,7 @@ public class ResourceTagVO implements ResourceTag {
public String getUuid() {
return uuid;
}
-
+
@Override
public String getCustomer() {
return customer;
@@ -157,4 +156,9 @@ public class ResourceTagVO implements ResourceTag {
public String getResourceUuid() {
return resourceUuid;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.ResourceTag;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/user/AccountVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/user/AccountVO.java b/engine/schema/src/com/cloud/user/AccountVO.java
index 4a7e73b..2a0bbde 100644
--- a/engine/schema/src/com/cloud/user/AccountVO.java
+++ b/engine/schema/src/com/cloud/user/AccountVO.java
@@ -28,6 +28,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@@ -186,4 +188,9 @@ public class AccountVO implements Account {
public boolean isDefault() {
return isDefault;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Account;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/user/SSHKeyPairVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/user/SSHKeyPairVO.java b/engine/schema/src/com/cloud/user/SSHKeyPairVO.java
index ab7eb8e..26df45f 100644
--- a/engine/schema/src/com/cloud/user/SSHKeyPairVO.java
+++ b/engine/schema/src/com/cloud/user/SSHKeyPairVO.java
@@ -16,6 +16,7 @@
// under the License.
package com.cloud.user;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.api.InternalIdentity;
import javax.persistence.Column;
@@ -29,27 +30,27 @@ import javax.persistence.Transient;
@Entity
@Table(name="ssh_keypairs")
public class SSHKeyPairVO implements SSHKeyPair {
-
+
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private Long id = null;
-
+
@Column(name="account_id")
private long accountId;
-
+
@Column(name="domain_id")
private long domainId;
-
+
@Column(name="keypair_name")
private String name;
-
+
@Column(name="fingerprint")
private String fingerprint;
-
+
@Column(name="public_key", length=5120)
private String publicKey;
-
+
@Transient
private String privateKey;
@@ -57,7 +58,7 @@ public class SSHKeyPairVO implements SSHKeyPair {
public long getId() {
return id;
}
-
+
@Override
public long getAccountId() {
return accountId;
@@ -67,7 +68,7 @@ public class SSHKeyPairVO implements SSHKeyPair {
public long getDomainId() {
return domainId;
}
-
+
@Override
public String getFingerprint() {
return fingerprint;
@@ -82,7 +83,7 @@ public class SSHKeyPairVO implements SSHKeyPair {
public String getPublicKey() {
return publicKey;
}
-
+
@Override
public String getPrivateKey() {
return privateKey;
@@ -111,9 +112,14 @@ public class SSHKeyPairVO implements SSHKeyPair {
public void setPublicKey(String publicKey) {
this.publicKey = publicKey;
}
-
+
public void setPrivateKey(String privateKey) {
this.privateKey = privateKey;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.SSHKeyPair;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/vm/InstanceGroupVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/InstanceGroupVO.java b/engine/schema/src/com/cloud/vm/InstanceGroupVO.java
index ad66b5a..e9e2c8f 100644
--- a/engine/schema/src/com/cloud/vm/InstanceGroupVO.java
+++ b/engine/schema/src/com/cloud/vm/InstanceGroupVO.java
@@ -28,9 +28,8 @@ import javax.persistence.PrimaryKeyJoinColumn;
import javax.persistence.SecondaryTable;
import javax.persistence.Table;
-import org.apache.cloudstack.api.Identity;
+import org.apache.cloudstack.acl.AclEntityType;
import com.cloud.utils.db.GenericDao;
-import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name="instance_group")
@@ -41,16 +40,16 @@ public class InstanceGroupVO implements InstanceGroup {
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
-
+
@Column(name="name")
String name;
-
+
@Column(name="account_id")
private long accountId;
-
+
@Column(name="domain_id", table="account", insertable=false, updatable=false)
private long domainId;
-
+
@Column(name=GenericDao.REMOVED_COLUMN)
private Date removed;
@@ -59,47 +58,47 @@ public class InstanceGroupVO implements InstanceGroup {
@Column(name="uuid")
private String uuid;
-
+
@Column(name="type", table="account", insertable=false, updatable=false)
private short accountType;
-
+
public InstanceGroupVO(String name, long accountId) {
this.name = name;
this.accountId = accountId;
this.uuid = UUID.randomUUID().toString();
}
-
+
protected InstanceGroupVO() {
super();
}
-
+
@Override
public long getId() {
return id;
}
-
+
@Override
public String getName() {
- return name;
+ return name;
}
-
+
@Override
public long getAccountId() {
return accountId;
}
-
+
public long getDomainId() {
return domainId;
}
-
+
public Date getRemoved() {
return removed;
}
-
+
public Date getCreated() {
return created;
}
-
+
public void setName(String name) {
this.name = name;
}
@@ -108,13 +107,18 @@ public class InstanceGroupVO implements InstanceGroup {
public String getUuid() {
return this.uuid;
}
-
+
public void setUuid(String uuid) {
this.uuid = uuid;
}
-
+
@Override
public Short getAccountType() {
return accountType;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.InstanceGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/vm/VMInstanceVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/VMInstanceVO.java b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
index 8cf7fd0..8122658 100644
--- a/engine/schema/src/com/cloud/vm/VMInstanceVO.java
+++ b/engine/schema/src/com/cloud/vm/VMInstanceVO.java
@@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
-//
+//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@@ -36,6 +36,8 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.utils.db.Encrypt;
import com.cloud.utils.db.GenericDao;
@@ -153,7 +155,7 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject<State, Vi
@Column(name="tags")
protected String tags;
*/
-
+
@Transient
Map<String, String> details;
@@ -162,7 +164,7 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject<State, Vi
@Column(name="disk_offering_id")
protected Long diskOfferingId;
-
+
public VMInstanceVO(long id,
long serviceOfferingId,
String name,
@@ -501,4 +503,9 @@ public class VMInstanceVO implements VirtualMachine, FiniteStateObject<State, Vi
return this.dynamicallyScalable;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachine;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/vm/dao/NicIpAliasVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/dao/NicIpAliasVO.java b/engine/schema/src/com/cloud/vm/dao/NicIpAliasVO.java
index 4ed89d8..b3efd17 100644
--- a/engine/schema/src/com/cloud/vm/dao/NicIpAliasVO.java
+++ b/engine/schema/src/com/cloud/vm/dao/NicIpAliasVO.java
@@ -28,6 +28,9 @@ import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+
+import org.apache.cloudstack.acl.AclEntityType;
+
import java.util.Date;
import java.util.UUID;
@@ -223,4 +226,9 @@ public class NicIpAliasVO implements NicIpAlias {
return startIpOfSubnet;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.NicIpAlias;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/vm/dao/NicSecondaryIpVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/dao/NicSecondaryIpVO.java b/engine/schema/src/com/cloud/vm/dao/NicSecondaryIpVO.java
index 770e188..b3ce95a 100644
--- a/engine/schema/src/com/cloud/vm/dao/NicSecondaryIpVO.java
+++ b/engine/schema/src/com/cloud/vm/dao/NicSecondaryIpVO.java
@@ -26,6 +26,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
import com.cloud.vm.NicSecondaryIp;
@@ -157,4 +159,9 @@ public class NicSecondaryIpVO implements NicSecondaryIp {
public void setVmId(Long vmId) {
this.vmId = vmId;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.NicSecondaryIp;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/com/cloud/vm/snapshot/VMSnapshotVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/vm/snapshot/VMSnapshotVO.java b/engine/schema/src/com/cloud/vm/snapshot/VMSnapshotVO.java
index a888c12..056355a 100644
--- a/engine/schema/src/com/cloud/vm/snapshot/VMSnapshotVO.java
+++ b/engine/schema/src/com/cloud/vm/snapshot/VMSnapshotVO.java
@@ -33,6 +33,7 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.subsystem.api.storage.VMSnapshotOptions;
import com.cloud.utils.db.GenericDao;
@@ -83,14 +84,14 @@ public class VMSnapshotVO implements VMSnapshot {
@Column(name = "current")
Boolean current;
-
+
@Column(name = "parent")
Long parent;
-
+
@Column(name = "updated")
@Temporal(value = TemporalType.TIMESTAMP)
Date updated;
-
+
@Column(name="update_count", updatable = true, nullable=false)
protected long updatedCount;
@@ -231,8 +232,13 @@ public class VMSnapshotVO implements VMSnapshot {
public Type getType() {
return type;
}
-
+
public void setRemoved(Date removed) {
this.removed = removed;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VMSnapshot;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/acl/AclGroupVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclGroupVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclGroupVO.java
index e86e710..e39b8a5 100644
--- a/engine/schema/src/org/apache/cloudstack/acl/AclGroupVO.java
+++ b/engine/schema/src/org/apache/cloudstack/acl/AclGroupVO.java
@@ -116,4 +116,9 @@ public class AclGroupVO implements AclGroup {
public Date getCreated() {
return created;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AclGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/acl/AclPolicyVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclPolicyVO.java
index 5210016..7245a7b 100644
--- a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyVO.java
+++ b/engine/schema/src/org/apache/cloudstack/acl/AclPolicyVO.java
@@ -133,4 +133,9 @@ public class AclPolicyVO implements AclPolicy {
this.policyType = policyType;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AclPolicy;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDao.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDao.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDao.java
index 2defc1c..a64abfd 100644
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDao.java
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDao.java
@@ -33,5 +33,6 @@ public interface AclPolicyPermissionDao extends GenericDao<AclPolicyPermissionVO
List<AclPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, PermissionScope scope);
+ List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType);
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java
index fefafde..fc7b0a9 100644
--- a/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java
+++ b/engine/schema/src/org/apache/cloudstack/acl/dao/AclPolicyPermissionDaoImpl.java
@@ -92,4 +92,13 @@ public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissi
return listBy(sc);
}
+ @Override
+ public List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) {
+ SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
+ sc.setParameters("policyId", policyId);
+ sc.setParameters("entityType", entityType);
+ sc.setParameters("action", action);
+ return listBy(sc);
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java b/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java
index 44f8dd8..879d98a 100644
--- a/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java
+++ b/engine/schema/src/org/apache/cloudstack/affinity/AffinityGroupVO.java
@@ -28,6 +28,7 @@ import javax.persistence.Id;
import javax.persistence.Table;
import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.AclEntityType;
@Entity
@Table(name = ("affinity_group"))
@@ -124,4 +125,9 @@ public class AffinityGroupVO implements AffinityGroup {
return buf.toString();
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AffinityGroup;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java b/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java
index b1df967..e9b455b 100644
--- a/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java
+++ b/engine/schema/src/org/apache/cloudstack/engine/cloud/entity/api/db/VMEntityVO.java
@@ -37,6 +37,8 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.utils.db.Encrypt;
import com.cloud.utils.db.GenericDao;
@@ -574,4 +576,9 @@ public class VMEntityVO implements VirtualMachine, FiniteStateObject<State, Virt
this.vmReservation = vmReservation;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachine;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/schema/src/org/apache/cloudstack/region/gslb/GlobalLoadBalancerRuleVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/region/gslb/GlobalLoadBalancerRuleVO.java b/engine/schema/src/org/apache/cloudstack/region/gslb/GlobalLoadBalancerRuleVO.java
index a70b305..b583192 100644
--- a/engine/schema/src/org/apache/cloudstack/region/gslb/GlobalLoadBalancerRuleVO.java
+++ b/engine/schema/src/org/apache/cloudstack/region/gslb/GlobalLoadBalancerRuleVO.java
@@ -20,6 +20,9 @@ package org.apache.cloudstack.region.gslb;
import com.cloud.region.ha.GlobalLoadBalancerRule;
import javax.persistence.*;
+
+import org.apache.cloudstack.acl.AclEntityType;
+
import java.util.UUID;
@Entity
@@ -180,4 +183,9 @@ public class GlobalLoadBalancerRuleVO implements GlobalLoadBalancerRule {
public GlobalLoadBalancerRule.State getState() {
return state;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.GlobalLoadBalancerRule;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/storage/image/src/org/apache/cloudstack/storage/image/store/TemplateObject.java
----------------------------------------------------------------------
diff --git a/engine/storage/image/src/org/apache/cloudstack/storage/image/store/TemplateObject.java b/engine/storage/image/src/org/apache/cloudstack/storage/image/store/TemplateObject.java
index 0a5b608..48855f5 100644
--- a/engine/storage/image/src/org/apache/cloudstack/storage/image/store/TemplateObject.java
+++ b/engine/storage/image/src/org/apache/cloudstack/storage/image/store/TemplateObject.java
@@ -25,6 +25,7 @@ import javax.inject.Inject;
import org.apache.log4j.Logger;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.subsystem.api.storage.DataObjectInStore;
import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
@@ -438,4 +439,9 @@ public class TemplateObject implements TemplateInfo {
return true;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachineTemplate;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
----------------------------------------------------------------------
diff --git a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotObject.java b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
index daf6477..00206a9 100644
--- a/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
+++ b/engine/storage/snapshot/src/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
@@ -23,6 +23,7 @@ import java.util.List;
import javax.inject.Inject;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.subsystem.api.storage.DataObjectInStore;
import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
@@ -367,4 +368,9 @@ public class SnapshotObject implements SnapshotInfo {
}
return true;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Snapshot;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/storage/src/org/apache/cloudstack/storage/image/TemplateEntityImpl.java
----------------------------------------------------------------------
diff --git a/engine/storage/src/org/apache/cloudstack/storage/image/TemplateEntityImpl.java b/engine/storage/src/org/apache/cloudstack/storage/image/TemplateEntityImpl.java
index 90506df..d986c84 100644
--- a/engine/storage/src/org/apache/cloudstack/storage/image/TemplateEntityImpl.java
+++ b/engine/storage/src/org/apache/cloudstack/storage/image/TemplateEntityImpl.java
@@ -23,6 +23,7 @@ import java.util.Date;
import java.util.List;
import java.util.Map;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.cloud.entity.api.TemplateEntity;
import org.apache.cloudstack.engine.subsystem.api.storage.TemplateInfo;
import org.apache.cloudstack.storage.image.datastore.ImageStoreInfo;
@@ -285,4 +286,10 @@ public class TemplateEntityImpl implements TemplateEntity {
return 0;
}
+ @Override
+ public AclEntityType getEntityType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/storage/src/org/apache/cloudstack/storage/snapshot/SnapshotEntityImpl.java
----------------------------------------------------------------------
diff --git a/engine/storage/src/org/apache/cloudstack/storage/snapshot/SnapshotEntityImpl.java b/engine/storage/src/org/apache/cloudstack/storage/snapshot/SnapshotEntityImpl.java
index fb3ec48..05ee9f6 100644
--- a/engine/storage/src/org/apache/cloudstack/storage/snapshot/SnapshotEntityImpl.java
+++ b/engine/storage/src/org/apache/cloudstack/storage/snapshot/SnapshotEntityImpl.java
@@ -21,6 +21,7 @@ import java.util.Date;
import java.util.List;
import java.util.Map;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.cloud.entity.api.SnapshotEntity;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
@@ -183,4 +184,9 @@ public class SnapshotEntityImpl implements SnapshotEntity {
return null;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Snapshot;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
----------------------------------------------------------------------
diff --git a/engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java b/engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
index f5a1276..d4d170e 100644
--- a/engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
+++ b/engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeObject.java
@@ -22,6 +22,8 @@ import javax.inject.Inject;
import com.cloud.storage.DiskOfferingVO;
import com.cloud.storage.dao.DiskOfferingDao;
+
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.engine.subsystem.api.storage.DataObjectInStore;
import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
@@ -640,4 +642,9 @@ public class VolumeObject implements VolumeInfo {
public Long getVmSnapshotChainSize() {
return this.volumeVO.getVmSnapshotChainSize();
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Volume;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/AclGroupJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/AclGroupJoinVO.java b/server/src/com/cloud/api/query/vo/AclGroupJoinVO.java
index de73061..e4ba3d9 100644
--- a/server/src/com/cloud/api/query/vo/AclGroupJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/AclGroupJoinVO.java
@@ -27,6 +27,7 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.acl.PermissionScope;
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
@@ -241,5 +242,9 @@ public class AclGroupJoinVO extends BaseViewVO implements ControlledViewEntity {
return permissionAccessType;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AclGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/AclPolicyJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/AclPolicyJoinVO.java b/server/src/com/cloud/api/query/vo/AclPolicyJoinVO.java
index 3f6eff0..aa8b916 100644
--- a/server/src/com/cloud/api/query/vo/AclPolicyJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/AclPolicyJoinVO.java
@@ -210,4 +210,9 @@ public class AclPolicyJoinVO extends BaseViewVO implements ControlledViewEntity
return permissionAllowDeny;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AclPolicy;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/AffinityGroupJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/AffinityGroupJoinVO.java b/server/src/com/cloud/api/query/vo/AffinityGroupJoinVO.java
index 3710957..0e731a3 100644
--- a/server/src/com/cloud/api/query/vo/AffinityGroupJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/AffinityGroupJoinVO.java
@@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
import org.apache.cloudstack.acl.ControlledEntity;
import com.cloud.vm.VirtualMachine;
@@ -192,5 +193,10 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
return aclType;
}
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.AffinityGroup;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/DomainRouterJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/DomainRouterJoinVO.java b/server/src/com/cloud/api/query/vo/DomainRouterJoinVO.java
index 33865e2..cf2f7fe 100644
--- a/server/src/com/cloud/api/query/vo/DomainRouterJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/DomainRouterJoinVO.java
@@ -26,6 +26,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.network.Network.GuestType;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.router.VirtualRouter;
@@ -503,4 +505,9 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
public VirtualRouter.Role getRole() {
return role;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.VirtualMachine;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/EventJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/EventJoinVO.java b/server/src/com/cloud/api/query/vo/EventJoinVO.java
index 87d20b9..f03cb43 100644
--- a/server/src/com/cloud/api/query/vo/EventJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/EventJoinVO.java
@@ -25,6 +25,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.event.Event.State;
import com.cloud.utils.db.GenericDao;
@@ -216,4 +218,9 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
public boolean getArchived() {
return archived;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.Event;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/InstanceGroupJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/InstanceGroupJoinVO.java b/server/src/com/cloud/api/query/vo/InstanceGroupJoinVO.java
index f4ce8d6..b30bfe1 100644
--- a/server/src/com/cloud/api/query/vo/InstanceGroupJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/InstanceGroupJoinVO.java
@@ -23,6 +23,8 @@ import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.utils.db.GenericDao;
@Entity
@@ -156,4 +158,9 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
public Date getCreated() {
return created;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.InstanceGroup;
+ }
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/7c6f1c14/server/src/com/cloud/api/query/vo/ProjectInvitationJoinVO.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/vo/ProjectInvitationJoinVO.java b/server/src/com/cloud/api/query/vo/ProjectInvitationJoinVO.java
index b598ba1..948d313 100644
--- a/server/src/com/cloud/api/query/vo/ProjectInvitationJoinVO.java
+++ b/server/src/com/cloud/api/query/vo/ProjectInvitationJoinVO.java
@@ -25,6 +25,8 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
+import org.apache.cloudstack.acl.AclEntityType;
+
import com.cloud.projects.ProjectInvitation.State;
import com.cloud.utils.db.GenericDao;
@@ -161,4 +163,9 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
public String getDomainPath() {
return domainPath;
}
+
+ @Override
+ public AclEntityType getEntityType() {
+ return AclEntityType.ProjectInvitation;
+ }
}