Updated Branches: refs/heads/javelin fac227024 -> 1294cdc70
pulled from master Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/1294cdc7 Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/1294cdc7 Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/1294cdc7 Branch: refs/heads/javelin Commit: 1294cdc701bb7c278f2a0ea49d19f6a177ea2bf2 Parents: d6f44a4 345c179 Author: Alex Huang <[email protected]> Authored: Thu Jan 10 16:01:01 2013 -0800 Committer: Alex Huang <[email protected]> Committed: Thu Jan 10 16:01:01 2013 -0800 ---------------------------------------------------------------------- api/src/com/cloud/user/AccountService.java | 3 + api/src/org/apache/cloudstack/acl/RoleType.java | 37 + .../api-discovery_commands.properties.in | 23 - .../acl/StaticRoleBasedAPIAccessChecker.java | 129 +-- .../api/command/user/discovery/ListApisCmd.java | 7 +- .../cloudstack/discovery/ApiDiscoveryService.java | 3 +- .../discovery/ApiDiscoveryServiceImpl.java | 10 +- .../server/ManagementServerSimulatorImpl.java | 18 +- .../network/element/CiscoNexusVSMElement.java | 7 +- .../element/F5ExternalLoadBalancerElement.java | 7 +- .../element/JuniperSRXExternalFirewallElement.java | 7 +- .../cloud/network/element/NetscalerElement.java | 6 +- .../cloud/network/element/NiciraNvpElement.java | 972 ++++++++------- server/src/com/cloud/api/ApiServer.java | 41 +- .../network/element/VirtualRouterElement.java | 6 +- .../com/cloud/server/ManagementServerExtImpl.java | 6 +- .../src/com/cloud/server/ManagementServerImpl.java | 6 +- server/src/com/cloud/user/AccountManagerImpl.java | 26 + .../com/cloud/user/MockAccountManagerImpl.java | 6 + utils/src/com/cloud/utils/PropertiesUtil.java | 40 + .../cloud/utils/component/PluggableService.java | 4 +- 21 files changed, 710 insertions(+), 654 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1294cdc7/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java ---------------------------------------------------------------------- diff --cc plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java index e0c35a5,689540a..32de070 --- a/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java +++ b/plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java @@@ -16,31 -16,23 +16,28 @@@ // under the License. package org.apache.cloudstack.acl; - import java.io.File; - import java.io.FileInputStream; - import java.io.FileNotFoundException; - import java.io.IOException; - import java.io.InputStream; - import java.util.ArrayList; - import java.util.Arrays; -import com.cloud.exception.PermissionDeniedException; -import com.cloud.server.ManagementServer; -import com.cloud.utils.component.AdapterBase; -import com.cloud.utils.component.ComponentLocator; -import com.cloud.utils.component.PluggableService; ++import static org.apache.cloudstack.acl.RoleType.Admin; ++import static org.apache.cloudstack.acl.RoleType.DomainAdmin; ++import static org.apache.cloudstack.acl.RoleType.ResourceAdmin; ++import static org.apache.cloudstack.acl.RoleType.User; + -import javax.ejb.Local; -import javax.naming.ConfigurationException; + import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; - import java.util.Properties; import java.util.Set; -import static org.apache.cloudstack.acl.RoleType.*; +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; + import org.apache.log4j.Logger; +import com.cloud.exception.PermissionDeniedException; +import com.cloud.user.AccountManager; - import com.cloud.utils.PropertiesUtil; +import com.cloud.utils.component.AdapterBase; +import com.cloud.utils.component.PluggableService; + // This is the default API access checker that grab's the user's account // based on the account type, access is granted @Local(value=APIAccessChecker.class) @@@ -70,47 -55,46 +67,42 @@@ public class StaticRoleBasedAPIAccessCh } @Override - public boolean canAccessAPI(RoleType roleType, String apiCommandName) - throws PermissionDeniedException{ - - boolean commandExists = s_allCommands.contains(apiCommandName); - - if(commandExists) { - return isCommandAvailableForAccount(roleType, apiCommandName); - } - - return commandExists; - } - - private static boolean isCommandAvailableForAccount(RoleType roleType, String commandName) { - boolean isCommandAvailable = false; - switch (roleType) { - case Admin: - isCommandAvailable = s_adminCommands.contains(commandName); - break; - case DomainAdmin: - isCommandAvailable = s_resellerCommands.contains(commandName); - break; - case ResourceAdmin: - isCommandAvailable = s_resourceDomainAdminCommands.contains(commandName); - break; - case User: - isCommandAvailable = s_userCommands.contains(commandName); - break; + public boolean canAccessAPI(RoleType roleType, String commandName) + throws PermissionDeniedException { + + boolean commandExists = s_allCommands.contains(commandName); + boolean commandAccessible = false; + + if (commandExists) { + switch (roleType) { - case Admin: - commandAccessible = s_adminCommands.contains(commandName); - break; - case DomainAdmin: - commandAccessible = s_resellerCommands.contains(commandName); - break; - case ResourceAdmin: - commandAccessible = s_resourceDomainAdminCommands.contains(commandName); - break; - case User: - commandAccessible = s_userCommands.contains(commandName); - break; ++ case Admin: ++ commandAccessible = s_adminCommands.contains(commandName); ++ break; ++ case DomainAdmin: ++ commandAccessible = s_resellerCommands.contains(commandName); ++ break; ++ case ResourceAdmin: ++ commandAccessible = s_resourceDomainAdminCommands.contains(commandName); ++ break; ++ case User: ++ commandAccessible = s_userCommands.contains(commandName); ++ break; + } } - return isCommandAvailable; + return commandExists && commandAccessible; } @Override public boolean configure(String name, Map<String, Object> params) throws ConfigurationException { super.configure(name, params); - List<String> configFiles = new ArrayList<String>(); + // Read command properties files to build the static map per role. - ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name); - List<PluggableService> services = locator.getAllPluggableServices(); - services.add((PluggableService) ComponentLocator.getComponent(ManagementServer.Name)); - + Map<String, String> configPropertiesMap = new HashMap<String, String>(); - for (PluggableService service : services) { + for (PluggableService service : _services) { - configFiles.addAll(Arrays.asList(service.getPropertiesFiles())); + configPropertiesMap.putAll(service.getProperties()); } - processConfigFiles(configFiles); + processConfigFiles(configPropertiesMap); return true; } http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1294cdc7/plugins/hypervisors/vmware/src/com/cloud/network/element/CiscoNexusVSMElement.java ---------------------------------------------------------------------- diff --cc plugins/hypervisors/vmware/src/com/cloud/network/element/CiscoNexusVSMElement.java index 71683dc,2cf8787..f6a812d --- a/plugins/hypervisors/vmware/src/com/cloud/network/element/CiscoNexusVSMElement.java +++ b/plugins/hypervisors/vmware/src/com/cloud/network/element/CiscoNexusVSMElement.java @@@ -23,10 -24,9 +24,11 @@@ import java.util.ArrayList import java.util.Set; import javax.ejb.Local; +import javax.inject.Inject; + import com.cloud.utils.PropertiesUtil; import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; import com.cloud.api.commands.DeleteCiscoNexusVSMCmd; import com.cloud.api.commands.EnableCiscoNexusVSMCmd; http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1294cdc7/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java ---------------------------------------------------------------------- diff --cc plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java index 8c01d5f,438498f..1773026 --- a/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java +++ b/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java @@@ -23,10 -24,9 +24,11 @@@ import java.util.Map import java.util.Set; import javax.ejb.Local; +import javax.inject.Inject; + import com.cloud.utils.PropertiesUtil; import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; import com.cloud.api.ApiDBUtils; import com.cloud.api.commands.AddExternalLoadBalancerCmd; http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1294cdc7/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java ---------------------------------------------------------------------- diff --cc plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java index 93d3fb7,55722ae..63781bb --- a/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java +++ b/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java @@@ -23,10 -24,9 +24,11 @@@ import java.util.Map import java.util.Set; import javax.ejb.Local; +import javax.inject.Inject; + import com.cloud.utils.PropertiesUtil; import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; import com.cloud.api.ApiDBUtils; import com.cloud.api.commands.AddExternalFirewallCmd; http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1294cdc7/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java ---------------------------------------------------------------------- diff --cc plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java index 1990706,ac1619e..faff153 --- a/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java +++ b/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java @@@ -25,10 -25,9 +25,11 @@@ import java.util.Map import java.util.Set; import javax.ejb.Local; +import javax.inject.Inject; + import com.cloud.utils.PropertiesUtil; import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer;
