Example 46 with CallContext
use of com.cloud.context.CallContext in project cosmic by MissionCriticalCloud.
the class RulesManagerImpl method revokeStaticNatRule.
@Override
@ActionEvent(eventType = EventTypes.EVENT_NET_RULE_DELETE, eventDescription = "revoking forwarding rule", async = true)
public boolean revokeStaticNatRule(final long ruleId, final boolean apply) {
final CallContext ctx = CallContext.current();
final Account caller = ctx.getCallingAccount();
final FirewallRuleVO rule = _firewallDao.findById(ruleId);
if (rule == null) {
throw new InvalidParameterValueException("Unable to find " + ruleId);
}
_accountMgr.checkAccess(caller, null, true, rule);
if (!revokeStaticNatRuleInternal(ruleId, caller, ctx.getCallingUserId(), apply)) {
throw new CloudRuntimeException("Failed to revoke forwarding rule");
}
return true;
}
Also used :
Account(com.cloud.user.Account)
InvalidParameterValueException(com.cloud.utils.exception.InvalidParameterValueException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
CallContext(com.cloud.context.CallContext)
ActionEvent(com.cloud.event.ActionEvent)
Example 47 with CallContext
use of com.cloud.context.CallContext in project cosmic by MissionCriticalCloud.
the class RulesManagerImpl method revokePortForwardingRule.
@Override
@ActionEvent(eventType = EventTypes.EVENT_NET_RULE_DELETE, eventDescription = "revoking forwarding rule", async = true)
public boolean revokePortForwardingRule(final long ruleId, final boolean apply) {
final CallContext ctx = CallContext.current();
final Account caller = ctx.getCallingAccount();
final PortForwardingRuleVO rule = _portForwardingDao.findById(ruleId);
if (rule == null) {
throw new InvalidParameterValueException("Unable to find " + ruleId);
}
_accountMgr.checkAccess(caller, null, true, rule);
if (!revokePortForwardingRuleInternal(ruleId, caller, ctx.getCallingUserId(), apply)) {
throw new CloudRuntimeException("Failed to delete port forwarding rule");
}
return true;
}
Also used :
Account(com.cloud.user.Account)
InvalidParameterValueException(com.cloud.utils.exception.InvalidParameterValueException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
CallContext(com.cloud.context.CallContext)
ActionEvent(com.cloud.event.ActionEvent)
Example 48 with CallContext
use of com.cloud.context.CallContext in project cosmic by MissionCriticalCloud.
the class LdapCreateAccountCmd method execute.
@Override
public void execute() throws ServerApiException {
final CallContext callContext = getCurrentContext();
final String finalAccountName = getAccountName();
final Long finalDomainId = getDomainId();
callContext.setEventDetails("Account Name: " + finalAccountName + ", Domain Id:" + finalDomainId);
try {
final LdapUser user = _ldapManager.getUser(username);
validateUser(user);
final UserAccount userAccount = createCloudstackUserAccount(user, finalAccountName, finalDomainId);
if (userAccount != null) {
final AccountResponse response = _responseGenerator.createUserAccountResponse(ResponseView.Full, userAccount);
response.setResponseName(getCommandName());
setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create a user account");
}
} catch (final NoLdapUserMatchingQueryException e) {
throw new ServerApiException(ApiErrorCode.RESOURCE_UNAVAILABLE_ERROR, "No LDAP user exists with the username of " + username);
}
}
Also used :
NoLdapUserMatchingQueryException(com.cloud.ldap.NoLdapUserMatchingQueryException)
LdapUser(com.cloud.ldap.LdapUser)
ServerApiException(com.cloud.api.ServerApiException)
AccountResponse(com.cloud.api.response.AccountResponse)
CallContext(com.cloud.context.CallContext)
UserAccount(com.cloud.user.UserAccount)
Example 49 with CallContext
use of com.cloud.context.CallContext in project cosmic by MissionCriticalCloud.
the class CertServiceImpl method listSslCerts.
@Override
public List<SslCertResponse> listSslCerts(final ListSslCertsCmd listSslCertCmd) {
final CallContext ctx = CallContext.current();
final Account caller = ctx.getCallingAccount();
final Long certId = listSslCertCmd.getCertId();
final Long accountId = listSslCertCmd.getAccountId();
final Long lbRuleId = listSslCertCmd.getLbId();
final Long projectId = listSslCertCmd.getProjectId();
final List<SslCertResponse> certResponseList = new ArrayList<>();
if (certId == null && accountId == null && lbRuleId == null && projectId == null) {
throw new InvalidParameterValueException("Invalid parameters either certificate ID or Account ID or Loadbalancer ID or Project ID required");
}
List<LoadBalancerCertMapVO> certLbMap = null;
SslCertVO certVO = null;
if (certId != null) {
certVO = _sslCertDao.findById(certId);
if (certVO == null) {
throw new InvalidParameterValueException("Invalid certificate id: " + certId);
}
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, certVO);
certLbMap = _lbCertDao.listByCertId(certId);
certResponseList.add(createCertResponse(certVO, certLbMap));
return certResponseList;
}
if (lbRuleId != null) {
final LoadBalancer lb = _entityMgr.findById(LoadBalancerVO.class, lbRuleId);
if (lb == null) {
throw new InvalidParameterValueException("Found no loadbalancer with id: " + lbRuleId);
}
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, lb);
// get the cert id
final LoadBalancerCertMapVO lbCertMapRule;
lbCertMapRule = _lbCertDao.findByLbRuleId(lbRuleId);
if (lbCertMapRule == null) {
s_logger.debug("No certificate bound to loadbalancer id: " + lbRuleId);
return certResponseList;
}
certVO = _sslCertDao.findById(lbCertMapRule.getCertId());
certLbMap = _lbCertDao.listByCertId(lbCertMapRule.getCertId());
certResponseList.add(createCertResponse(certVO, certLbMap));
return certResponseList;
}
if (projectId != null) {
final Project project = _projectMgr.getProject(projectId);
if (project == null) {
throw new InvalidParameterValueException("Found no project with id: " + projectId);
}
final List<SslCertVO> projectCertVOList = _sslCertDao.listByAccountId(project.getProjectAccountId());
if (projectCertVOList == null || projectCertVOList.isEmpty()) {
return certResponseList;
}
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
for (final SslCertVO cert : projectCertVOList) {
certLbMap = _lbCertDao.listByCertId(cert.getId());
certResponseList.add(createCertResponse(cert, certLbMap));
}
return certResponseList;
}
// reached here look by accountId
final List<SslCertVO> certVOList = _sslCertDao.listByAccountId(accountId);
if (certVOList == null || certVOList.isEmpty()) {
return certResponseList;
}
_accountMgr.checkAccess(caller, SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
for (final SslCertVO cert : certVOList) {
certLbMap = _lbCertDao.listByCertId(cert.getId());
certResponseList.add(createCertResponse(cert, certLbMap));
}
return certResponseList;
}
Also used :
Account(com.cloud.user.Account)
ArrayList(java.util.ArrayList)
LoadBalancerCertMapVO(com.cloud.network.dao.LoadBalancerCertMapVO)
LoadBalancer(com.cloud.network.rules.LoadBalancer)
CallContext(com.cloud.context.CallContext)
Project(com.cloud.projects.Project)
InvalidParameterValueException(com.cloud.utils.exception.InvalidParameterValueException)
SslCertVO(com.cloud.network.dao.SslCertVO)
SslCertResponse(com.cloud.api.response.SslCertResponse)
Example 50 with CallContext
use of com.cloud.context.CallContext in project cosmic by MissionCriticalCloud.
the class LoadBalancingRulesManagerImpl method assignCertToLoadBalancer.
@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_LB_CERT_ASSIGN, eventDescription = "assigning certificate to load balancer", async = true)
public boolean assignCertToLoadBalancer(final long lbRuleId, final Long certId) {
final CallContext caller = CallContext.current();
final LoadBalancerVO loadBalancer = _lbDao.findById(Long.valueOf(lbRuleId));
if (loadBalancer == null) {
throw new InvalidParameterException("Invalid load balancer id: " + lbRuleId);
}
final SslCertVO certVO = _entityMgr.findById(SslCertVO.class, certId);
if (certVO == null) {
throw new InvalidParameterException("Invalid certificate id: " + certId);
}
_accountMgr.checkAccess(caller.getCallingAccount(), null, true, loadBalancer);
// check if LB and Cert belong to the same account
if (loadBalancer.getAccountId() != certVO.getAccountId()) {
throw new InvalidParameterValueException("Access denied for account " + certVO.getAccountId());
}
final String capability = getLBCapability(loadBalancer.getNetworkId(), Capability.SslTermination.getName());
if (capability == null) {
throw new InvalidParameterValueException("Ssl termination not supported by the loadbalancer");
}
// check if the lb is already bound
final LoadBalancerCertMapVO certMapRule = _lbCertMapDao.findByLbRuleId(loadBalancer.getId());
if (certMapRule != null) {
throw new InvalidParameterValueException("Another certificate is already bound to the LB");
}
// check for correct port
if (loadBalancer.getLbProtocol() == null || !(loadBalancer.getLbProtocol().equals(NetUtils.SSL_PROTO))) {
throw new InvalidParameterValueException("Bad LB protocol: Expected ssl got " + loadBalancer.getLbProtocol());
}
boolean success = false;
final FirewallRule.State backupState = loadBalancer.getState();
try {
loadBalancer.setState(FirewallRule.State.Add);
_lbDao.persist(loadBalancer);
final LoadBalancerCertMapVO certMap = new LoadBalancerCertMapVO(lbRuleId, certId, false);
_lbCertMapDao.persist(certMap);
applyLoadBalancerConfig(loadBalancer.getId());
success = true;
} catch (final ResourceUnavailableException e) {
if (isRollBackAllowedForProvider(loadBalancer)) {
loadBalancer.setState(backupState);
_lbDao.persist(loadBalancer);
final LoadBalancerCertMapVO certMap = _lbCertMapDao.findByLbRuleId(lbRuleId);
_lbCertMapDao.remove(certMap.getId());
s_logger.debug("LB Rollback rule id: " + loadBalancer.getId() + " while adding cert");
}
s_logger.warn("Unable to apply the load balancer config because resource is unavaliable.", e);
}
return success;
}
Also used :
InvalidParameterException(java.security.InvalidParameterException)
InvalidParameterValueException(com.cloud.utils.exception.InvalidParameterValueException)
LoadBalancerVO(com.cloud.network.dao.LoadBalancerVO)
SslCertVO(com.cloud.network.dao.SslCertVO)
ResourceUnavailableException(com.cloud.exception.ResourceUnavailableException)
LoadBalancerCertMapVO(com.cloud.network.dao.LoadBalancerCertMapVO)
CallContext(com.cloud.context.CallContext)
FirewallRule(com.cloud.network.rules.FirewallRule)
ActionEvent(com.cloud.event.ActionEvent)
DB(com.cloud.utils.db.DB)
Aggregations
CallContext (com.cloud.context.CallContext)72
Account (com.cloud.user.Account)41
User (com.cloud.user.User)26
InvalidParameterValueException (com.cloud.utils.exception.InvalidParameterValueException)26
VmWorkJobVO (com.cloud.framework.jobs.impl.VmWorkJobVO)22
ActionEvent (com.cloud.event.ActionEvent)20
ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)19
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)19
DB (com.cloud.utils.db.DB)12
LoadBalancerVO (com.cloud.network.dao.LoadBalancerVO)10
VMInstanceVO (com.cloud.vm.VMInstanceVO)10
NetworkRuleConflictException (com.cloud.exception.NetworkRuleConflictException)9
ServerApiException (com.cloud.api.ServerApiException)8
FirewallRule (com.cloud.network.rules.FirewallRule)8
ConcurrentOperationException (com.cloud.exception.ConcurrentOperationException)6
InsufficientAddressCapacityException (com.cloud.exception.InsufficientAddressCapacityException)6
InsufficientCapacityException (com.cloud.exception.InsufficientCapacityException)6
ResourceAllocationException (com.cloud.exception.ResourceAllocationException)6
Network (com.cloud.network.Network)6
PermissionDeniedException (com.cloud.exception.PermissionDeniedException)5
