Updated Branches: refs/heads/4.3 b792e5627 -> 98ed8b7e5
Added missing @Inject to the ipAddressManager Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/98ed8b7e Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/98ed8b7e Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/98ed8b7e Branch: refs/heads/4.3 Commit: 98ed8b7e59d7a9445b53b11dc2607b4d1816955a Parents: b792e56 Author: Alena Prokharchyk <[email protected]> Authored: Thu Nov 21 12:50:04 2013 -0800 Committer: Alena Prokharchyk <[email protected]> Committed: Thu Nov 21 12:50:04 2013 -0800 ---------------------------------------------------------------------- .../src/com/cloud/user/AccountManagerImpl.java | 147 +++++++++---------- 1 file changed, 71 insertions(+), 76 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/98ed8b7e/server/src/com/cloud/user/AccountManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index 27fd66a..f8c59e2 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -235,7 +235,6 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M @Inject private AffinityGroupDao _affinityGroupDao; @Inject - private AccountGuestVlanMapDao _accountGuestVlanMapDao; @Inject private DataCenterVnetDao _dataCenterVnetDao; @@ -253,6 +252,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M private List<UserAuthenticator> _userAuthenticators; List<UserAuthenticator> _userPasswordEncoders; + @Inject protected IpAddressManager _ipAddrMgr; private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("AccountChecker")); @@ -263,15 +263,15 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M AccountVO _systemAccount; List<SecurityChecker> _securityCheckers; - - int _cleanupInterval; + + int _cleanupInterval; public List<UserAuthenticator> getUserAuthenticators() { - return _userAuthenticators; + return _userAuthenticators; } public void setUserAuthenticators(List<UserAuthenticator> authenticators) { - _userAuthenticators = authenticators; + _userAuthenticators = authenticators; } public List<UserAuthenticator> getUserPasswordEncoders() { @@ -283,13 +283,13 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } public List<SecurityChecker> getSecurityCheckers() { - return _securityCheckers; - } + return _securityCheckers; + } + + public void setSecurityCheckers(List<SecurityChecker> securityCheckers) { + _securityCheckers = securityCheckers; + } - public void setSecurityCheckers(List<SecurityChecker> securityCheckers) { - _securityCheckers = securityCheckers; - } - @Override public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException { _systemAccount = _accountDao.findById(AccountVO.ACCOUNT_ID_SYSTEM); @@ -317,7 +317,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M public UserVO getSystemUser() { if (_systemUser == null) { _systemUser = _userDao.findById(User.UID_SYSTEM); - } + } return _systemUser; } @@ -491,14 +491,14 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M UserAccountVO user = null; user = _userAccountDao.lockRow(id, true); user.setLoginAttempts(attempts); - if(toDisable) { + if (toDisable) { user.setState(State.disabled.toString()); } _userAccountDao.update(id, user); } }); } catch (Exception e) { - s_logger.error("Failed to update login attempts for user with id " + id ); + s_logger.error("Failed to update login attempts for user with id " + id); } } @@ -518,7 +518,6 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return success; } - protected boolean lockAccount(long accountId) { boolean success = false; Account account = _accountDao.findById(accountId); @@ -544,7 +543,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M public boolean deleteAccount(AccountVO account, long callerUserId, Account caller) { long accountId = account.getId(); - //delete the account record + // delete the account record if (!_accountDao.remove(accountId)) { s_logger.error("Unable to delete account " + accountId); return false; @@ -557,13 +556,12 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return cleanupAccount(account, callerUserId, caller); } - protected boolean cleanupAccount(AccountVO account, long callerUserId, Account caller) { long accountId = account.getId(); boolean accountCleanupNeeded = false; try { - //cleanup the users from the account + // cleanup the users from the account List<UserVO> users = _userDao.listByAccount(accountId); for (UserVO user : users) { if (!_userDao.remove(user.getId())) { @@ -578,7 +576,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M _gslbService.revokeAllGslbRulesForAccount(caller, accountId); } - //delete the account from project accounts + // delete the account from project accounts _projectAccountDao.removeAccountFromProjects(accountId); // delete all vm groups belonging to accont @@ -686,7 +684,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } } - //Delete all VPCs + // Delete all VPCs boolean vpcsDeleted = true; s_logger.debug("Deleting vpcs for account " + account.getId()); List<? extends Vpc> vpcs = _vpcMgr.getVpcsForAccount(account.getId()); @@ -707,8 +705,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M for (IpAddress ip : ipsToRelease) { s_logger.debug("Releasing ip " + ip + " as a part of account id=" + accountId + " cleanup"); if (!_ipAddrMgr.disassociatePublicIpAddress(ip.getId(), callerUserId, caller)) { - s_logger.warn("Failed to release ip address " + ip + " as a part of account id=" + accountId + " clenaup"); - accountCleanupNeeded = true; + s_logger.warn("Failed to release ip address " + ip + " as a part of account id=" + accountId + " clenaup"); + accountCleanupNeeded = true; } } } @@ -752,18 +750,19 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M s_logger.debug("Releasing portable ip " + ip + " as a part of account id=" + accountId + " cleanup"); _ipAddrMgr.releasePortableIpAddress(ip.getId()); } - //release dedication if any + // release dedication if any List<DedicatedResourceVO> dedicatedResources = _dedicatedDao.listByAccountId(accountId); if (dedicatedResources != null && !dedicatedResources.isEmpty()) { s_logger.debug("Releasing dedicated resources for account " + accountId); - for (DedicatedResourceVO dr : dedicatedResources){ + for (DedicatedResourceVO dr : dedicatedResources) { if (!_dedicatedDao.remove(dr.getId())) { s_logger.warn("Fail to release dedicated resources for account " + accountId); } } } - // Updating and deleting the resourceLimit and resourceCount should be the last step in cleanupAccount process. + // Updating and deleting the resourceLimit and resourceCount should be the last step in cleanupAccount +// process. // Update resource count for this account and for parent domains. List<ResourceCountVO> resourceCounts = _resourceCountDao.listByOwnerId(accountId, ResourceOwnerType.Account); for (ResourceCountVO resourceCount : resourceCounts) { @@ -856,15 +855,15 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M // ////////////// API commands ///////////////////// // /////////////////////////////////////////////////// - @Override @DB @ActionEvents({ - @ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_CREATE, eventDescription = "creating Account"), - @ActionEvent(eventType = EventTypes.EVENT_USER_CREATE, eventDescription = "creating User") + @ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_CREATE, eventDescription = "creating Account"), + @ActionEvent(eventType = EventTypes.EVENT_USER_CREATE, eventDescription = "creating User") }) - public UserAccount createUserAccount(final String userName, final String password, final String firstName, final String lastName, final String email, final String timezone, String accountName, final short accountType, - Long domainId, final String networkDomain, final Map<String, String> details, String accountUUID, final String userUUID) { + public UserAccount createUserAccount(final String userName, final String password, final String firstName, final String lastName, final String email, final String timezone, String accountName, + final short accountType, + Long domainId, final String networkDomain, final Map<String, String> details, String accountUUID, final String userUUID) { if (accountName == null) { accountName = userName; @@ -914,15 +913,15 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M public Pair<Long, Account> doInTransaction(TransactionStatus status) { // create account String accountUUID = accountUUIDFinal; - if(accountUUID == null){ + if (accountUUID == null) { accountUUID = UUID.randomUUID().toString(); } AccountVO account = createAccount(accountNameFinal, accountType, domainIdFinal, networkDomain, details, accountUUID); long accountId = account.getId(); - + // create the first user for the account UserVO user = createUser(accountId, userName, password, firstName, lastName, email, timezone, userUUID); - + if (accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) { // set registration token byte[] bytes = (domainIdFinal + accountNameFinal + userName + System.currentTimeMillis()).getBytes(); @@ -938,7 +937,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M CallContext.current().putContextParameter(Account.class, account.getUuid()); - //check success + // check success return _userAccountDao.findById(userId); } @@ -1009,7 +1008,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M throw new InvalidParameterValueException("unable to find user by id"); } - //don't allow updating system account + // don't allow updating system account if (account != null && (account.getId() == Account.ACCOUNT_ID_SYSTEM)) { throw new PermissionDeniedException("user id : " + id + " is system account, update is not allowed"); } @@ -1172,15 +1171,14 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M @Override public Boolean doInTransaction(TransactionStatus status) { boolean success = doSetUserStatus(userId, State.enabled); - + // make sure the account is enabled too success = success && enableAccount(user.getAccountId()); - + return success; } }); - if (success) { // whenever the user is successfully enabled, reset the login attempts to zero updateLoginAttempts(userId, 0, false); @@ -1281,7 +1279,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M checkAccess(caller, null, true, account); - //don't allow to delete default account (system and admin) + // don't allow to delete default account (system and admin) if (account.isDefault()) { throw new InvalidParameterValueException("The account is default and can't be removed"); } @@ -1500,8 +1498,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) { throw new InvalidParameterValueException("The specified user doesn't exist in the system"); } - - //don't allow to delete default user (system and admin users) + + // don't allow to delete default user (system and admin users) if (user.isDefault()) { throw new InvalidParameterValueException("The user is default and can't be removed"); } @@ -1555,11 +1553,11 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M try { List<AccountVO> accountsForCleanupInDomain = _accountDao.findCleanupsForRemovedAccounts(domainId); if (accountsForCleanupInDomain.isEmpty()) { - //release dedication if any, before deleting the domain + // release dedication if any, before deleting the domain List<DedicatedResourceVO> dedicatedResources = _dedicatedDao.listByDomainId(domainId); if (dedicatedResources != null && !dedicatedResources.isEmpty()) { s_logger.debug("Releasing dedicated resources for domain" + domainId); - for (DedicatedResourceVO dr : dedicatedResources){ + for (DedicatedResourceVO dr : dedicatedResources) { if (!_dedicatedDao.remove(dr.getId())) { s_logger.warn("Fail to release dedicated resources for domain " + domainId); } @@ -1684,18 +1682,18 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M // Account type to role type translation switch (accountType) { - case Account.ACCOUNT_TYPE_ADMIN: - roleType = RoleType.Admin; - break; - case Account.ACCOUNT_TYPE_DOMAIN_ADMIN: - roleType = RoleType.DomainAdmin; - break; - case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN: - roleType = RoleType.ResourceAdmin; - break; - case Account.ACCOUNT_TYPE_NORMAL: - roleType = RoleType.User; - break; + case Account.ACCOUNT_TYPE_ADMIN: + roleType = RoleType.Admin; + break; + case Account.ACCOUNT_TYPE_DOMAIN_ADMIN: + roleType = RoleType.DomainAdmin; + break; + case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN: + roleType = RoleType.ResourceAdmin; + break; + case Account.ACCOUNT_TYPE_NORMAL: + roleType = RoleType.User; + break; } return roleType; } @@ -1710,7 +1708,6 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return _userDao.findByIdIncludingRemoved(userId); } - @Override public User getActiveUserByRegistrationToken(String registrationToken) { return _userDao.findUserByRegistrationToken(registrationToken); @@ -1770,20 +1767,20 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M @Override public AccountVO doInTransaction(TransactionStatus status) { AccountVO account = _accountDao.persist(new AccountVO(accountName, domainId, networkDomain, accountType, uuid)); - + if (account == null) { throw new CloudRuntimeException("Failed to create account name " + accountName + " in domain id=" + domainId); } - + Long accountId = account.getId(); - + if (details != null) { _accountDetailsDao.persist(accountId, details); } - + // Create resource count records for the account _resourceCountDao.createResourceCounts(accountId, ResourceLimit.ResourceOwnerType.Account); - + // Create default security group _networkGroupMgr.createDefaultSecurityGroup(accountId); @@ -1798,7 +1795,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } String encodedPassword = null; - for (UserAuthenticator authenticator : _userPasswordEncoders) { + for (UserAuthenticator authenticator : _userPasswordEncoders) { encodedPassword = authenticator.encode(password); if (encodedPassword != null) { break; @@ -1808,8 +1805,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M throw new CloudRuntimeException("Failed to encode password"); } - if(userUUID == null){ - userUUID = UUID.randomUUID().toString(); + if (userUUID == null) { + userUUID = UUID.randomUUID().toString(); } UserVO user = _userDao.persist(new UserVO(accountId, userName, encodedPassword, firstName, lastName, email, timezone, userUUID)); CallContext.current().putContextParameter(User.class, user.getUuid()); @@ -1824,7 +1821,6 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } // else log some kind of error event? This likely means the user doesn't exist, or has been deleted... } - @Override public UserAccount authenticateUser(String username, String password, Long domainId, String loginIpAddress, Map<String, Object[]> requestParameters) { UserAccount user = null; @@ -1925,7 +1921,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } if (user != null) { - //don't allow to authenticate system user + // don't allow to authenticate system user if (user.getId() == User.UID_SYSTEM) { s_logger.error("Failed to authenticate user: " + username + " in domain " + domainId); return null; @@ -1956,7 +1952,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M } boolean authenticated = false; - for(UserAuthenticator authenticator : _userAuthenticators) { + for (UserAuthenticator authenticator : _userAuthenticators) { if (authenticator.authenticate(username, password, domainId, requestParameters)) { authenticated = true; break; @@ -1984,7 +1980,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M // return null; } // Whenever the user is able to log in successfully, reset the login attempts to zero - if(!isInternalAccount(userAccount.getType())) + if (!isInternalAccount(userAccount.getType())) updateLoginAttempts(userAccount.getId(), 0, false); return userAccount; @@ -1997,11 +1993,11 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M if (userAccount != null) { if (userAccount.getState().equalsIgnoreCase(Account.State.enabled.toString())) { if (!isInternalAccount(userAccount.getType())) { - //Internal accounts are not disabled + // Internal accounts are not disabled int attemptsMade = userAccount.getLoginAttempts() + 1; if (attemptsMade < _allowedLoginAttempts) { updateLoginAttempts(userAccount.getId(), attemptsMade, false); - s_logger.warn("Login attempt failed. You have " + ( _allowedLoginAttempts - attemptsMade ) + " attempt(s) remaining"); + s_logger.warn("Login attempt failed. You have " + (_allowedLoginAttempts - attemptsMade) + " attempt(s) remaining"); } else { updateLoginAttempts(userAccount.getId(), _allowedLoginAttempts, true); s_logger.warn("User " + userAccount.getUsername() + " has been disabled due to multiple failed login attempts." + @@ -2023,7 +2019,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return _accountDao.findUserAccountByApiKey(apiKey); } - @Override @DB + @Override + @DB @ActionEvent(eventType = EventTypes.EVENT_REGISTER_FOR_SECRET_API_KEY, eventDescription = "register for the developer API keys") public String[] createApiKeyAndSecretKey(RegisterCmd cmd) { final Long userId = cmd.getId(); @@ -2033,7 +2030,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M throw new InvalidParameterValueException("unable to find user by id"); } - //don't allow updating system user + // don't allow updating system user if (user.getId() == User.UID_SYSTEM) { throw new PermissionDeniedException("user id : " + user.getId() + " is system account, update is not allowed"); } @@ -2106,8 +2103,6 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return null; } - - @Override public void buildACLSearchBuilder(SearchBuilder<? extends ControlledEntity> sb, Long domainId, boolean isRecursive, List<Long> permittedAccounts, ListProjectResourcesCriteria listProjectResourcesCriteria) { @@ -2177,7 +2172,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M @Override public void buildACLSearchParameters(Account caller, Long id, String accountName, Long projectId, List<Long> - permittedAccounts, Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject, + permittedAccounts, Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject, boolean listAll, boolean forProjectInvitation) { Long domainId = domainIdRecursiveListProject.first(); if (domainId != null) { @@ -2206,7 +2201,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M if (userAccount != null) { checkAccess(caller, null, false, userAccount); - //check permissions + // check permissions permittedAccounts.add(userAccount.getId()); } else { throw new InvalidParameterValueException("could not find account " + accountName + " in domain " + domain.getUuid());
