rbac to 288a811

mchen Mon, 09 Dec 2013 11:31:25 -0800

Updated Branches:
  refs/heads/rbac a416f6c3c -> 288a81180


Populate default group, policy, account mapping.

Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/288a8118
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/288a8118
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/288a8118

Branch: refs/heads/rbac
Commit: 288a81180c0164622c86604cb1be761a38ac2977
Parents: a416f6c
Author: Min Chen <[email protected]>
Authored: Mon Dec 9 11:29:39 2013 -0800
Committer: Min Chen <[email protected]>
Committed: Mon Dec 9 11:29:39 2013 -0800

----------------------------------------------------------------------
 .../com/cloud/upgrade/dao/Upgrade421to430.java  | 34 --------------------
 setup/db/db/schema-421to430.sql                 | 10 +++++-
 2 files changed, 9 insertions(+), 35 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/288a8118/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java 
b/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
index 94a0c91..1e6179e 100644
--- a/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
+++ b/engine/schema/src/com/cloud/upgrade/dao/Upgrade421to430.java
@@ -63,7 +63,6 @@ public class Upgrade421to430 implements DbUpgrade {
     @Override
     public void performDataMigration(Connection conn) {
         populateACLGroupAccountMap(conn);
-        populateACLGroupPolicyMap(conn);
         //populateACLRoleBasedAPIPermission(conn);
     }
 
@@ -112,39 +111,6 @@ public class Upgrade421to430 implements DbUpgrade {
         s_logger.debug("Completed populate acl_group_account_map for existing 
accounts.");
     }
 
-    // populate acl_group_policy_map table for existing accounts
-    private void populateACLGroupPolicyMap(Connection conn) {
-        PreparedStatement sqlInsert = null;
-        ResultSet rs = null;
-
-        s_logger.debug("Populating acl_group_policy_map table for default 
groups and policies...");
-        try {
-            sqlInsert = conn
-                    .prepareStatement("INSERT INTO 
`cloud`.`acl_group_policy_map` (group_id, policy_id, created) values(?, ?, 
Now())");
-            for (int i = 1; i < 6; i++) {
-                // insert entry in acl_group_policy_map table, 1 to 1 mapping 
for default group and policy
-                sqlInsert.setLong(1, i);
-                sqlInsert.setLong(2, i);
-                sqlInsert.executeUpdate();
-            }
-        } catch (SQLException e) {
-            String msg = "Unable to populate acl_group_policy_map for default 
groups and policies." + e.getMessage();
-            s_logger.error(msg);
-            throw new CloudRuntimeException(msg, e);
-        } finally {
-            try {
-                if (rs != null) {
-                    rs.close();
-                }
-
-                if (sqlInsert != null) {
-                    sqlInsert.close();
-                }
-            } catch (SQLException e) {
-            }
-        }
-        s_logger.debug("Completed populate acl_group_policy_map for existing 
accounts.");
-    }
 
     private void populateACLRoleBasedAPIPermission(Connection conn) {
         // read the commands.properties.in and populate the table

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/288a8118/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index 01c2daf..f15f2e4 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -378,7 +378,8 @@ INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, 
description, uuid, domain_id,
 INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, 
domain_id, account_id, created, policy_type) VALUES (3, 'DOMAIN_ADMIN', 'Domain 
admin role', UUID(), 1, 1, Now(), 'Static');
 INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, 
domain_id, account_id, created, policy_type) VALUES (4, 
'RESOURCE_DOMAIN_ADMIN', 'Resource domain admin role', UUID(), 1, 1, Now(), 
'Static');
 INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, 
domain_id, account_id, created, policy_type) VALUES (5, 'READ_ONLY_ADMIN', 
'Read only admin role', UUID(), 1, 1, Now(), 'Static');
-INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, 
domain_id, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 
'Resource owner role', UUID(), 1, 1, Now(), 'Dynamic');
+-- RESOURCE_OWNER dynamic policy we will handle that inside java logic
+-- INSERT IGNORE INTO `cloud`.`acl_policy` (id, name, description, uuid, 
domain_id, account_id, created, policy_type) VALUES (6, 'RESOURCE_OWNER', 
'Resource owner role', UUID(), 1, 1, Now(), 'Dynamic');
 
 
 INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, 
domain_id, account_id, created) VALUES (1, 'NORMAL', 'Domain user group', 
UUID(), 1, 1, Now());
@@ -387,6 +388,13 @@ INSERT IGNORE INTO `cloud`.`acl_group` (id, name, 
description, uuid, domain_id,
 INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, 
domain_id, account_id, created) VALUES (4, 'RESOURCE_DOMAIN_ADMIN', 'Resource 
domain admin group', UUID(), 1, 1, Now());
 INSERT IGNORE INTO `cloud`.`acl_group` (id, name, description, uuid, 
domain_id, account_id, created) VALUES (5, 'READ_ONLY_ADMIN', 'Read only admin 
group', UUID(), 1, 1, Now());
 
+INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) 
values(1, 1, Now());
+INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) 
values(2, 2, Now());
+INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) 
values(3, 3, Now());
+INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) 
values(4, 4, Now());
+INSERT INTO `cloud`.`acl_group_policy_map` (group_id, policy_id, created) 
values(5, 5, Now());
+
+
 CREATE OR REPLACE VIEW `cloud`.`acl_policy_view` AS
     select 
         acl_policy.id id,

git commit: updated refs/heads/rbac to 288a811

Reply via email to