You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2012/12/11 23:19:36 UTC
[3/3] git commit: api: Fix APIAccessChecker and
StaticRoleBasedAPIAccessChecker
api: Fix APIAccessChecker and StaticRoleBasedAPIAccessChecker
- Add getCmd api interface in APIAccessChecker adapter to get cmd properties
- Add mechanism in StaticRoleBasedAPIAccessChecker to get config properties
- Add public interface to get the cmd properties for the adapter impl
Signed-off-by: Rohit Yadav <bh...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/6ce68b93
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/6ce68b93
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/6ce68b93
Branch: refs/heads/api_refactoring
Commit: 6ce68b93ccfe23c4001713ae38c6422029891726
Parents: f4892fb
Author: Rohit Yadav <bh...@apache.org>
Authored: Tue Dec 11 14:10:36 2012 -0800
Committer: Rohit Yadav <bh...@apache.org>
Committed: Tue Dec 11 14:10:36 2012 -0800
----------------------------------------------------------------------
api/src/com/cloud/acl/APIAccessChecker.java | 8 ++++++--
.../cloud/acl/StaticRoleBasedAPIAccessChecker.java | 14 +++++++++++---
2 files changed, 17 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/6ce68b93/api/src/com/cloud/acl/APIAccessChecker.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/acl/APIAccessChecker.java b/api/src/com/cloud/acl/APIAccessChecker.java
index 4ccf49f..234f665 100644
--- a/api/src/com/cloud/acl/APIAccessChecker.java
+++ b/api/src/com/cloud/acl/APIAccessChecker.java
@@ -16,6 +16,8 @@
// under the License.
package com.cloud.acl;
+import java.util.Properties;
+
import com.cloud.exception.PermissionDeniedException;
import com.cloud.user.Account;
import com.cloud.user.User;
@@ -25,6 +27,8 @@ import com.cloud.utils.component.Adapter;
* APIAccessChecker checks the ownership and access control to API requests
*/
public interface APIAccessChecker extends Adapter {
-
- boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException;
+ // Interface for checking access to an API for a user
+ boolean canAccessAPI(User user, String apiCommandName) throws PermissionDeniedException;
+ // Interface for getting API Cmd properties
+ Properties getApiCommands();
}
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/6ce68b93/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java b/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java
index cff098a..29dbc13 100644
--- a/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java
+++ b/server/src/com/cloud/acl/StaticRoleBasedAPIAccessChecker.java
@@ -61,6 +61,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
private static List<String> s_resourceDomainAdminCommands = null;
private static List<String> s_allCommands = null;
private static List<String> s_pluggableServiceCommands = null;
+ private Properties _apiCommands = null;
protected @Inject AccountManager _accountMgr;
@@ -90,6 +91,11 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
return commandExists;
}
+ @Override
+ public Properties getApiCommands() {
+ return _apiCommands;
+ }
+
private static boolean isCommandAvailableForAccount(short accountType, String commandName) {
boolean isCommandAvailable = false;
switch (accountType) {
@@ -140,6 +146,9 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
private void processConfigFiles(String[] apiConfig, boolean pluggableServicesConfig) {
try {
+ if (_apiCommands == null)
+ _apiCommands = new Properties();
+
Properties preProcessedCommands = new Properties();
if (apiConfig != null) {
for (String configFile : apiConfig) {
@@ -161,7 +170,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
for (Object key : preProcessedCommands.keySet()) {
String preProcessedCommand = preProcessedCommands.getProperty((String) key);
String[] commandParts = preProcessedCommand.split(";");
-
+ _apiCommands.setProperty(key.toString(), commandParts[0]);
if (pluggableServicesConfig) {
s_pluggableServiceCommands.add(commandParts[0]);
@@ -196,8 +205,7 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
} catch (FileNotFoundException fnfex) {
s_logger.error("Unable to find properties file", fnfex);
} catch (IOException ioex) {
- s_logger.error("Exception loading properties file", ioex);
+ s_logger.error("IO Exception loading properties file", ioex);
}
}
-
}