Moti Asayag has uploaded a new change for review. Change subject: engine: Allow using vnic profiles internally ......................................................................
engine: Allow using vnic profiles internally When action is being executed internally, there is no user associated with the action, and the action should be treated as executed by the admin. In that case, there is no need to search for a permissions on a vnic profile to be used by the user. Change-Id: I7665d5d53519cdb2560ae2aed0b02c4229c80964 Bug-Url: https://bugzilla.redhat.com/1018229 Signed-off-by: Moti Asayag <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromSnapshotCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmTemplateCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RestoreAllSnapshotsCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/TryBackToAllSnapshotsOfVmCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/template/VmTemplateInterfaceCommandBase.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/AbstractVmInterfaceCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/VnicProfileHelper.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/snapshots/SnapshotsManager.java 9 files changed, 32 insertions(+), 26 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/18/20718/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromSnapshotCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromSnapshotCommand.java index b068baa..72f3505 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromSnapshotCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromSnapshotCommand.java @@ -136,7 +136,7 @@ AuditLogType.ADD_VM_FROM_SNAPSHOT_INVALID_INTERFACES); for (VmNetworkInterface iface : vmFromConfiguration.getInterfaces()) { - vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser().getId()); + vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser()); } vnicProfileHelper.auditInvalidInterfaces(getVmName()); diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmCommand.java index 5e603ac..898a356 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmCommand.java @@ -1024,7 +1024,7 @@ for (VmNetworkInterface iface : getVm().getInterfaces()) { initInterface(iface); - vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser().getId()); + vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser()); vmInterfaceManager.add(iface, getCompensationContext(), getParameters().isImportAsNewEntity(), diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmTemplateCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmTemplateCommand.java index 12788a0..1ad424a 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmTemplateCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ImportVmTemplateCommand.java @@ -387,7 +387,7 @@ nic.setSpeed(iface.getSpeed()); nic.setType(iface.getType()); - vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser().getId()); + vnicProfileHelper.updateNicWithVnicProfileForUser(iface, getCurrentUser()); nic.setVnicProfileId(iface.getVnicProfileId()); getVmNicDao().save(nic); getCompensationContext().snapshotNewEntity(nic); diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RestoreAllSnapshotsCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RestoreAllSnapshotsCommand.java index 12297a7..d0381ed 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RestoreAllSnapshotsCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RestoreAllSnapshotsCommand.java @@ -267,7 +267,7 @@ snapshotsManager.attempToRestoreVmConfigurationFromSnapshot(getVm(), targetSnapshot, targetSnapshot.getId(), - getCompensationContext(), getVm().getVdsGroupCompatibilityVersion(), getCurrentUser().getId()); + getCompensationContext(), getVm().getVdsGroupCompatibilityVersion(), getCurrentUser()); getSnapshotDao().remove(targetSnapshot.getId()); // add active snapshot with status locked, so that other commands that depend on the VM's snapshots won't run in parallel snapshotsManager.addActiveSnapshot(targetSnapshot.getId(), diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/TryBackToAllSnapshotsOfVmCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/TryBackToAllSnapshotsOfVmCommand.java index 8d526f7..02b5cff 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/TryBackToAllSnapshotsOfVmCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/TryBackToAllSnapshotsOfVmCommand.java @@ -112,7 +112,7 @@ snapshotsManager.attempToRestoreVmConfigurationFromSnapshot(getVm(), getDstSnapshot(), getSnapshotDao().getId(getVm().getId(), SnapshotType.ACTIVE), - getCompensationContext(), getVm().getVdsGroupCompatibilityVersion(), getCurrentUser().getId()); + getCompensationContext(), getVm().getVdsGroupCompatibilityVersion(), getCurrentUser()); } @Override diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/template/VmTemplateInterfaceCommandBase.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/template/VmTemplateInterfaceCommandBase.java index 1344290..0582dbc 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/template/VmTemplateInterfaceCommandBase.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/template/VmTemplateInterfaceCommandBase.java @@ -52,7 +52,7 @@ getParameters().getNetworkName(), getParameters().isPortMirroring(), getVmTemplate(), - getCurrentUser().getId()))) { + getCurrentUser()))) { return false; } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/AbstractVmInterfaceCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/AbstractVmInterfaceCommand.java index 4897c3d..9bdd494 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/AbstractVmInterfaceCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/AbstractVmInterfaceCommand.java @@ -99,7 +99,7 @@ getParameters().getNetworkName(), getParameters().isPortMirroring(), getVm().getStaticData(), - getCurrentUser().getId()))) { + getCurrentUser()))) { return false; } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/VnicProfileHelper.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/VnicProfileHelper.java index 95b241b..984fb5f 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/VnicProfileHelper.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/vm/VnicProfileHelper.java @@ -11,6 +11,7 @@ import org.ovirt.engine.core.common.FeatureSupported; import org.ovirt.engine.core.common.VdcObjectType; import org.ovirt.engine.core.common.businessentities.ActionGroup; +import org.ovirt.engine.core.common.businessentities.DbUser; import org.ovirt.engine.core.common.businessentities.Entities; import org.ovirt.engine.core.common.businessentities.VmBase; import org.ovirt.engine.core.common.businessentities.network.Network; @@ -52,11 +53,11 @@ * * @param iface * The vm network interface to be updated - * @param userId - * The id of the user which performs the action + * @param user + * The user which performs the action */ - public void updateNicWithVnicProfileForUser(VmNetworkInterface vmInterface, Guid userId) { - if (!updateNicWithVnicProfile(vmInterface, userId)) { + public void updateNicWithVnicProfileForUser(VmNetworkInterface vmInterface, DbUser user) { + if (!updateNicWithVnicProfile(vmInterface, user)) { markNicHasNoProfile(vmInterface); } } @@ -66,11 +67,11 @@ * * @param iface * The vm network interface to be updated - * @param userId - * The id of the user which performs the action + * @param user + * The user which performs the action * @return {@code true} if the vnic profile id is updated, else {@code false} */ - private boolean updateNicWithVnicProfile(VmNetworkInterface iface, Guid userId) { + private boolean updateNicWithVnicProfile(VmNetworkInterface iface, DbUser user) { if (iface.getNetworkName() == null) { if (FeatureSupported.networkLinking(compatibilityVersion)) { @@ -88,7 +89,7 @@ VnicProfile vnicProfile = getVnicProfileForNetwork(network, iface.getVnicProfileName()); if (vnicProfile == null) { - vnicProfile = findVnicProfileForUser(userId, network); + vnicProfile = findVnicProfileForUser(user, network); if (vnicProfile == null) { return false; } @@ -98,11 +99,12 @@ return true; } - private VnicProfile findVnicProfileForUser(Guid userId, Network network) { + private VnicProfile findVnicProfileForUser(DbUser user, Network network) { List<VnicProfile> networkProfiles = getVnicProfileDao().getAllForNetwork(network.getId()); for (VnicProfile profile : networkProfiles) { - if (isVnicProfilePermitted(userId, profile, false)) { + if ((user == null && !profile.isPortMirroring()) + || (user != null && isVnicProfilePermitted(user, profile, false))) { return profile; } } @@ -126,9 +128,9 @@ return null; } - private static boolean isVnicProfilePermitted(Guid userId, VnicProfile profile, boolean portMirroringRequired) { + private static boolean isVnicProfilePermitted(DbUser user, VnicProfile profile, boolean portMirroringRequired) { return portMirroringRequired == profile.isPortMirroring() - && getPermissionDAO().getEntityPermissions(userId, + && getPermissionDAO().getEntityPermissions(user.getId(), ActionGroup.CONFIGURE_VM_NETWORK, profile.getId(), VdcObjectType.VnicProfile) != null; @@ -154,7 +156,7 @@ String networkName, boolean portMirroring, VmBase vm, - Guid userId) { + DbUser user) { if (networkName == null) { return ValidationResult.VALID; @@ -177,7 +179,7 @@ List<VnicProfile> vnicProfiles = getVnicProfileDao().getAllForNetwork(network.getId()); for (VnicProfile profile : vnicProfiles) { - if (isVnicProfilePermitted(userId, profile, portMirroring)) { + if (isVnicProfilePermitted(user, profile, portMirroring)) { nic.setVnicProfileId(profile.getId()); return ValidationResult.VALID; } diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/snapshots/SnapshotsManager.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/snapshots/SnapshotsManager.java index 20c0703..8b4dfd6 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/snapshots/SnapshotsManager.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/snapshots/SnapshotsManager.java @@ -14,6 +14,7 @@ import org.ovirt.engine.core.bll.utils.ClusterUtils; import org.ovirt.engine.core.bll.utils.VmDeviceUtils; import org.ovirt.engine.core.common.AuditLogType; +import org.ovirt.engine.core.common.businessentities.DbUser; import org.ovirt.engine.core.common.businessentities.Disk; import org.ovirt.engine.core.common.businessentities.DiskImage; import org.ovirt.engine.core.common.businessentities.ImageStatus; @@ -299,12 +300,13 @@ * The snapshot containing the configuration. * @param version * The compatibility version of the VM's cluster - * @param userId + * @param user + * The user that performs the action */ public void attempToRestoreVmConfigurationFromSnapshot(VM vm, Snapshot snapshot, Guid activeSnapshotId, - CompensationContext compensationContext, Version version, Guid userId) { + CompensationContext compensationContext, Version version, DbUser user) { boolean vmUpdatedFromConfiguration = false; if (snapshot.getVmConfiguration() != null) { vmUpdatedFromConfiguration = updateVmFromConfiguration(vm, snapshot.getVmConfiguration()); @@ -320,7 +322,7 @@ if (vmUpdatedFromConfiguration) { getVmStaticDao().update(vm.getStaticData()); - synchronizeNics(vm, compensationContext, userId); + synchronizeNics(vm, compensationContext, user); for (VmDevice vmDevice : getVmDeviceDao().getVmDeviceByVmId(vm.getId())) { if (deviceCanBeRemoved(vmDevice)) { @@ -406,8 +408,10 @@ * The nics from snapshot. * @param version * The compatibility version of the VM's cluster + * @param user + * The user that performs the action */ - protected void synchronizeNics(VM vm, CompensationContext compensationContext, Guid userId) { + protected void synchronizeNics(VM vm, CompensationContext compensationContext, DbUser user) { VmInterfaceManager vmInterfaceManager = new VmInterfaceManager(); VnicProfileHelper vnicProfileHelper = new VnicProfileHelper(vm.getVdsGroupId(), @@ -423,7 +427,7 @@ vmInterface.setId(Guid.newGuid()); } - vnicProfileHelper.updateNicWithVnicProfileForUser(vmInterface, userId); + vnicProfileHelper.updateNicWithVnicProfileForUser(vmInterface, user); vmInterfaceManager.add(vmInterface, compensationContext, false, vm.getOs(), vm.getVdsGroupCompatibilityVersion()); } -- To view, visit http://gerrit.ovirt.org/20718 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I7665d5d53519cdb2560ae2aed0b02c4229c80964 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Moti Asayag <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
