http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/network/as/AutoScaleManagerImpl.java ---------------------------------------------------------------------- diff --cc server/src/com/cloud/network/as/AutoScaleManagerImpl.java index e07e502,2fa3821..755fc54 --- a/server/src/com/cloud/network/as/AutoScaleManagerImpl.java +++ b/server/src/com/cloud/network/as/AutoScaleManagerImpl.java @@@ -59,8 -54,11 +59,9 @@@ import org.apache.cloudstack.config.Api import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.framework.config.dao.ConfigurationDao; -import org.apache.log4j.Logger; - import com.cloud.api.ApiDBUtils; - import com.cloud.api.ApiDispatcher; + import com.cloud.api.dispatch.DispatchChainFactory; + import com.cloud.api.dispatch.DispatchTask; import com.cloud.configuration.ConfigurationManager; import com.cloud.dc.DataCenter; import com.cloud.dc.DataCenter.NetworkType; @@@ -126,9 -124,14 +127,11 @@@ import com.cloud.vm.UserVmService @Local(value = {AutoScaleService.class, AutoScaleManager.class}) public class AutoScaleManagerImpl<Type> extends ManagerBase implements AutoScaleManager, AutoScaleService { private static final Logger s_logger = Logger.getLogger(AutoScaleManagerImpl.class); - private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1); + private ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1); - @Inject() + @Inject + protected DispatchChainFactory dispatchChainFactory = null; + @Inject EntityManager _entityMgr; @Inject AccountDao _accountDao;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/network/vpc/VpcManagerImpl.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/resource/ResourceManagerImpl.java ---------------------------------------------------------------------- diff --cc server/src/com/cloud/resource/ResourceManagerImpl.java index 689a0d7,2625885..f9a59ba --- a/server/src/com/cloud/resource/ResourceManagerImpl.java +++ b/server/src/com/cloud/resource/ResourceManagerImpl.java @@@ -821,70 -836,73 +836,73 @@@ public class ResourceManagerImpl extend @Override public void doInTransactionWithoutResult(TransactionStatus status) { - _dcDao.releasePrivateIpAddress(host.getPrivateIpAddress(), host.getDataCenterId(), null); - _agentMgr.disconnectWithoutInvestigation(hostId, Status.Event.Remove); + _dcDao.releasePrivateIpAddress(host.getPrivateIpAddress(), host.getDataCenterId(), null); + _agentMgr.disconnectWithoutInvestigation(hostId, Status.Event.Remove); - // delete host details - _hostDetailsDao.deleteDetails(hostId); + // delete host details + _hostDetailsDao.deleteDetails(hostId); + // if host is GPU enabled, delete GPU entries + _hostGpuGroupsDao.deleteGpuEntries(hostId); + - host.setGuid(null); - Long clusterId = host.getClusterId(); - host.setClusterId(null); - _hostDao.update(host.getId(), host); + host.setGuid(null); + Long clusterId = host.getClusterId(); + host.setClusterId(null); + _hostDao.update(host.getId(), host); - _hostDao.remove(hostId); - if (clusterId != null) { - List<HostVO> hosts = listAllHostsInCluster(clusterId); - if (hosts.size() == 0) { - ClusterVO cluster = _clusterDao.findById(clusterId); - cluster.setGuid(null); - _clusterDao.update(clusterId, cluster); - } - } - - try { - resourceStateTransitTo(host, ResourceState.Event.DeleteHost, _nodeId); - } catch (NoTransitionException e) { - s_logger.debug("Cannot transmit host " + host.getId() + "to Enabled state", e); - } + _hostDao.remove(hostId); + if (clusterId != null) { + List<HostVO> hosts = listAllHostsInCluster(clusterId); + if (hosts.size() == 0) { + ClusterVO cluster = _clusterDao.findById(clusterId); + cluster.setGuid(null); + _clusterDao.update(clusterId, cluster); + } + } - // Delete the associated entries in host ref table - _storagePoolHostDao.deletePrimaryRecordsForHost(hostId); + try { + resourceStateTransitTo(host, ResourceState.Event.DeleteHost, _nodeId); + } catch (NoTransitionException e) { + s_logger.debug("Cannot transmit host " + host.getId() + "to Enabled state", e); + } - // Make sure any VMs that were marked as being on this host are cleaned up - List<VMInstanceVO> vms = _vmDao.listByHostId(hostId); - for (VMInstanceVO vm : vms) { - // this is how VirtualMachineManagerImpl does it when it syncs VM states - vm.setState(State.Stopped); - vm.setHostId(null); - _vmDao.persist(vm); - } + // Delete the associated entries in host ref table + _storagePoolHostDao.deletePrimaryRecordsForHost(hostId); - // For pool ids you got, delete local storage host entries in pool table - // where - for (StoragePoolHostVO pool : pools) { - Long poolId = pool.getPoolId(); - StoragePoolVO storagePool = _storagePoolDao.findById(poolId); - if (storagePool.isLocal() && isForceDeleteStorage) { - storagePool.setUuid(null); - storagePool.setClusterId(null); - _storagePoolDao.update(poolId, storagePool); - _storagePoolDao.remove(poolId); - s_logger.debug("Local storage id=" + poolId + " is removed as a part of host removal id=" + hostId); - } - } - - // delete the op_host_capacity entry - Object[] capacityTypes = {Capacity.CAPACITY_TYPE_CPU, Capacity.CAPACITY_TYPE_MEMORY}; - SearchCriteria<CapacityVO> hostCapacitySC = _capacityDao.createSearchCriteria(); - hostCapacitySC.addAnd("hostOrPoolId", SearchCriteria.Op.EQ, hostId); - hostCapacitySC.addAnd("capacityType", SearchCriteria.Op.IN, capacityTypes); - _capacityDao.remove(hostCapacitySC); - // remove from dedicated resources - DedicatedResourceVO dr = _dedicatedDao.findByHostId(hostId); - if (dr != null) { - _dedicatedDao.remove(dr.getId()); - } + // Make sure any VMs that were marked as being on this host are cleaned up + List<VMInstanceVO> vms = _vmDao.listByHostId(hostId); + for (VMInstanceVO vm : vms) { + // this is how VirtualMachineManagerImpl does it when it syncs VM states + vm.setState(State.Stopped); + vm.setHostId(null); + _vmDao.persist(vm); + } + + // For pool ids you got, delete local storage host entries in pool table + // where + for (StoragePoolHostVO pool : pools) { + Long poolId = pool.getPoolId(); + StoragePoolVO storagePool = _storagePoolDao.findById(poolId); + if (storagePool.isLocal() && isForceDeleteStorage) { + storagePool.setUuid(null); + storagePool.setClusterId(null); + _storagePoolDao.update(poolId, storagePool); + _storagePoolDao.remove(poolId); + s_logger.debug("Local storage id=" + poolId + " is removed as a part of host removal id=" + hostId); + } + } + + // delete the op_host_capacity entry + Object[] capacityTypes = {Capacity.CAPACITY_TYPE_CPU, Capacity.CAPACITY_TYPE_MEMORY}; + SearchCriteria<CapacityVO> hostCapacitySC = _capacityDao.createSearchCriteria(); + hostCapacitySC.addAnd("hostOrPoolId", SearchCriteria.Op.EQ, hostId); + hostCapacitySC.addAnd("capacityType", SearchCriteria.Op.IN, capacityTypes); + _capacityDao.remove(hostCapacitySC); + // remove from dedicated resources + DedicatedResourceVO dr = _dedicatedDao.findByHostId(hostId); + if (dr != null) { + _dedicatedDao.remove(dr.getId()); + } } }); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/server/ManagementServerImpl.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/storage/VolumeApiServiceImpl.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/user/AccountManagerImpl.java ---------------------------------------------------------------------- diff --cc server/src/com/cloud/user/AccountManagerImpl.java index d5e4afc,c48e9b5..04d3e23 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@@ -2433,51 -2323,55 +2433,97 @@@ public class AccountManagerImpl extend } @Override - public UserAccount getUserByApiKey(String apiKey) { - return _userAccountDao.getUserByApiKey(apiKey); + public void buildACLViewSearchCriteria(SearchCriteria<? extends ControlledEntity> sc, SearchCriteria<? extends ControlledEntity> aclSc, boolean isRecursive, + List<Long> permittedDomains, + List<Long> permittedAccounts, List<Long> permittedResources, ListProjectResourcesCriteria listProjectResourcesCriteria) { + + if (listProjectResourcesCriteria != null) { + // add criteria for project or not + if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) { + sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.ACCOUNT_TYPE_PROJECT); + } else if (listProjectResourcesCriteria == ListProjectResourcesCriteria.ListProjectResourcesOnly) { + sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.ACCOUNT_TYPE_PROJECT); + } + } + + if (permittedDomains.isEmpty() && permittedAccounts.isEmpty() && permittedResources.isEmpty()) + // can access everything + return; + + // Note that this may have limitations on number of permitted domains, accounts, or resource ids are allowed due to sql package size limitation + if (!permittedDomains.isEmpty()) { + if (isRecursive) { + for (int i = 0; i < permittedDomains.size(); i++) { + Domain domain = _domainDao.findById(permittedDomains.get(i)); + aclSc.addOr("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%"); + } + } else { + aclSc.addOr("domainId", SearchCriteria.Op.IN, permittedDomains.toArray()); + } + } + if (!permittedAccounts.isEmpty()) { + aclSc.addOr("accountId", SearchCriteria.Op.IN, permittedAccounts.toArray()); + } + if (!permittedResources.isEmpty()) { + aclSc.addOr("id", SearchCriteria.Op.IN, permittedResources.toArray()); + } + + sc.addAnd("accountId", SearchCriteria.Op.SC, aclSc); + } + + @Override + public List<String> listAclGroupsByAccount(Long accountId) { + if (_querySelectors == null || _querySelectors.size() == 0) + return new ArrayList<String>(); + + QuerySelector qs = _querySelectors.get(0); + return qs.listAclGroupsByAccount(accountId); } + @Override + public Long finalyzeAccountId(final String accountName, final Long domainId, final Long projectId, final boolean enabledOnly) { + if (accountName != null) { + if (domainId == null) { + throw new InvalidParameterValueException("Account must be specified with domainId parameter"); + } + + final Domain domain = _domainMgr.getDomain(domainId); + if (domain == null) { + throw new InvalidParameterValueException("Unable to find domain by id"); + } + + final Account account = getActiveAccountByName(accountName, domainId); + if (account != null && account.getType() != Account.ACCOUNT_TYPE_PROJECT) { + if (!enabledOnly || account.getState() == Account.State.enabled) { + return account.getId(); + } else { + throw new PermissionDeniedException("Can't add resources to the account id=" + account.getId() + " in state=" + account.getState() + + " as it's no longer active"); + } + } else { + // idList is not used anywhere, so removed it now + // List<IdentityProxy> idList = new ArrayList<IdentityProxy>(); + // idList.add(new IdentityProxy("domain", domainId, "domainId")); + throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain with specified id"); + } + } + + if (projectId != null) { + final Project project = _projectMgr.getProject(projectId); + if (project != null) { + if (!enabledOnly || project.getState() == Project.State.Active) { + return project.getProjectAccountId(); + } else { + final PermissionDeniedException ex = + new PermissionDeniedException("Can't add resources to the project with specified projectId in state=" + project.getState() + + " as it's no longer active"); + ex.addProxyObject(project.getUuid(), "projectId"); + throw ex; + } + } else { + throw new InvalidParameterValueException("Unable to find project by id"); + } + } + return null; + } - } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/src/com/cloud/vm/UserVmManagerImpl.java ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/server/test/com/cloud/user/MockAccountManagerImpl.java ---------------------------------------------------------------------- diff --cc server/test/com/cloud/user/MockAccountManagerImpl.java index fa786bf,5a44800..b411b18 --- a/server/test/com/cloud/user/MockAccountManagerImpl.java +++ b/server/test/com/cloud/user/MockAccountManagerImpl.java @@@ -345,10 -322,9 +345,15 @@@ public class MockAccountManagerImpl ext } @Override + public void checkAccess(Account account, AccessType accessType, boolean sameOwner, String apiName, + ControlledEntity... entities) throws PermissionDeniedException { + // TODO Auto-generated method stub ++ } + ++ @Override + public Long finalyzeAccountId(String accountName, Long domainId, Long projectId, boolean enabledOnly) { + // TODO Auto-generated method stub + return null; } } http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/setup/db/db/schema-430to440.sql ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/99bdc8d8/tools/marvin/marvin/integration/lib/base.py ----------------------------------------------------------------------
