Example 56 with Domain
use of com.cloud.domain.Domain in project cloudstack by apache.
the class ApiResponseHelper method populateDomain.
private void populateDomain(ControlledEntityResponse response, long domainId) {
Domain domain = ApiDBUtils.findDomainById(domainId);
response.setDomainId(domain.getUuid());
response.setDomainName(domain.getName());
}
Also used :
Domain(com.cloud.domain.Domain)
Example 57 with Domain
use of com.cloud.domain.Domain in project cloudstack by apache.
the class ApiResponseHelper method createLBHealthCheckPolicyResponse.
@Override
public LBHealthCheckResponse createLBHealthCheckPolicyResponse(List<? extends HealthCheckPolicy> healthcheckPolicies, LoadBalancer lb) {
LBHealthCheckResponse hcResponse = new LBHealthCheckResponse();
if (lb == null) {
return hcResponse;
}
hcResponse.setlbRuleId(lb.getUuid());
Account account = ApiDBUtils.findAccountById(lb.getAccountId());
if (account != null) {
hcResponse.setAccountName(account.getAccountName());
Domain domain = ApiDBUtils.findDomainById(account.getDomainId());
if (domain != null) {
hcResponse.setDomainId(domain.getUuid());
hcResponse.setDomainName(domain.getName());
}
}
List<LBHealthCheckPolicyResponse> responses = new ArrayList<LBHealthCheckPolicyResponse>();
for (HealthCheckPolicy healthcheckPolicy : healthcheckPolicies) {
LBHealthCheckPolicyResponse ruleResponse = new LBHealthCheckPolicyResponse(healthcheckPolicy);
responses.add(ruleResponse);
}
hcResponse.setRules(responses);
hcResponse.setObjectName("healthcheckpolicies");
return hcResponse;
}
Also used :
ProjectAccount(com.cloud.projects.ProjectAccount)
UserAccount(com.cloud.user.UserAccount)
Account(com.cloud.user.Account)
LBHealthCheckPolicyResponse(org.apache.cloudstack.api.response.LBHealthCheckPolicyResponse)
ArrayList(java.util.ArrayList)
LBHealthCheckResponse(org.apache.cloudstack.api.response.LBHealthCheckResponse)
Domain(com.cloud.domain.Domain)
HealthCheckPolicy(com.cloud.network.rules.HealthCheckPolicy)
Example 58 with Domain
use of com.cloud.domain.Domain in project cloudstack by apache.
the class ApiResponseHelper method createPhysicalNetworkResponse.
@Override
public PhysicalNetworkResponse createPhysicalNetworkResponse(PhysicalNetwork result) {
PhysicalNetworkResponse response = new PhysicalNetworkResponse();
DataCenter zone = ApiDBUtils.findZoneById(result.getDataCenterId());
if (zone != null) {
response.setZoneId(zone.getUuid());
}
response.setNetworkSpeed(result.getSpeed());
response.setVlan(result.getVnetString());
if (result.getDomainId() != null) {
Domain domain = ApiDBUtils.findDomainById(result.getDomainId());
if (domain != null) {
response.setDomainId(domain.getUuid());
}
}
response.setId(result.getUuid());
if (result.getBroadcastDomainRange() != null) {
response.setBroadcastDomainRange(result.getBroadcastDomainRange().toString());
}
response.setIsolationMethods(result.getIsolationMethods());
response.setTags(result.getTags());
if (result.getState() != null) {
response.setState(result.getState().toString());
}
response.setName(result.getName());
response.setObjectName("physicalnetwork");
return response;
}
Also used :
DataCenter(com.cloud.dc.DataCenter)
PhysicalNetworkResponse(org.apache.cloudstack.api.response.PhysicalNetworkResponse)
Domain(com.cloud.domain.Domain)
Example 59 with Domain
use of com.cloud.domain.Domain in project cloudstack by apache.
the class ApiResponseHelper method populateOwner.
// TODO: we may need to refactor once ControlledEntityResponse and
// ControlledEntity id to uuid conversion are all done.
// currently code is scattered in
private void populateOwner(ControlledEntityResponse response, ControlledEntity object) {
Account account = ApiDBUtils.findAccountById(object.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
// find the project
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
response.setProjectId(project.getUuid());
response.setProjectName(project.getName());
} else {
response.setAccountName(account.getAccountName());
}
Domain domain = ApiDBUtils.findDomainById(object.getDomainId());
response.setDomainId(domain.getUuid());
response.setDomainName(domain.getName());
}
Also used :
ProjectAccount(com.cloud.projects.ProjectAccount)
UserAccount(com.cloud.user.UserAccount)
Account(com.cloud.user.Account)
Project(com.cloud.projects.Project)
Domain(com.cloud.domain.Domain)
Example 60 with Domain
use of com.cloud.domain.Domain in project cloudstack by apache.
the class TemplateManagerImpl method updateTemplateOrIsoPermissions.
@DB
@Override
public boolean updateTemplateOrIsoPermissions(BaseUpdateTemplateOrIsoPermissionsCmd cmd) {
// Input validation
final Long id = cmd.getId();
final Account caller = CallContext.current().getCallingAccount();
List<String> accountNames = cmd.getAccountNames();
List<Long> projectIds = cmd.getProjectIds();
Boolean isFeatured = cmd.isFeatured();
Boolean isPublic = cmd.isPublic();
Boolean isExtractable = cmd.isExtractable();
String operation = cmd.getOperation();
String mediaType = "";
VMTemplateVO template = _tmpltDao.findById(id);
if (template == null) {
throw new InvalidParameterValueException("unable to find " + mediaType + " with id " + id);
}
if (cmd instanceof UpdateTemplatePermissionsCmd) {
mediaType = "template";
if (template.getFormat().equals(ImageFormat.ISO)) {
throw new InvalidParameterValueException("Please provide a valid template");
}
}
if (cmd instanceof UpdateIsoPermissionsCmd) {
mediaType = "iso";
if (!template.getFormat().equals(ImageFormat.ISO)) {
throw new InvalidParameterValueException("Please provide a valid iso");
}
}
// convert projectIds to accountNames
if (projectIds != null) {
// CS-17842, initialize accountNames list
if (accountNames == null) {
accountNames = new ArrayList<String>();
}
for (Long projectId : projectIds) {
Project project = _projectMgr.getProject(projectId);
if (project == null) {
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
}
if (!_projectMgr.canAccessProjectAccount(caller, project.getProjectAccountId())) {
throw new InvalidParameterValueException("Account " + caller + " can't access project id=" + projectId);
}
accountNames.add(_accountMgr.getAccount(project.getProjectAccountId()).getAccountName());
}
}
//_accountMgr.checkAccess(caller, AccessType.ModifyEntry, true, template);
//TODO: should we replace all ModifyEntry as OperateEntry?
_accountMgr.checkAccess(caller, AccessType.OperateEntry, true, template);
// If the template is removed throw an error.
if (template.getRemoved() != null) {
s_logger.error("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id + " as it is removed ");
}
if (id.equals(Long.valueOf(1))) {
throw new InvalidParameterValueException("unable to update permissions for " + mediaType + " with id " + id);
}
boolean isAdmin = _accountMgr.isAdmin(caller.getId());
// check configuration parameter(allow.public.user.templates) value for
// the template owner
boolean allowPublicUserTemplates = AllowPublicUserTemplates.valueIn(template.getAccountId());
if (!isAdmin && !allowPublicUserTemplates && isPublic != null && isPublic) {
throw new InvalidParameterValueException("Only private " + mediaType + "s can be created.");
}
if (accountNames != null) {
if ((operation == null) || (!operation.equalsIgnoreCase("add") && !operation.equalsIgnoreCase("remove") && !operation.equalsIgnoreCase("reset"))) {
throw new InvalidParameterValueException("Invalid operation on accounts, the operation must be either 'add' or 'remove' in order to modify launch permissions." + " Given operation is: '" + operation + "'");
}
}
Long ownerId = template.getAccountId();
if (ownerId == null) {
// publishing to individual users is irrelevant
throw new InvalidParameterValueException("Update template permissions is an invalid operation on template " + template.getName());
}
//Only admin or owner of the template should be able to change its permissions
if (caller.getId() != ownerId && !isAdmin) {
throw new InvalidParameterValueException("Unable to grant permission to account " + caller.getAccountName() + " as it is neither admin nor owner or the template");
}
VMTemplateVO updatedTemplate = _tmpltDao.createForUpdate();
if (isPublic != null) {
updatedTemplate.setPublicTemplate(isPublic.booleanValue());
}
if (isFeatured != null) {
updatedTemplate.setFeatured(isFeatured.booleanValue());
}
if (isExtractable != null) {
// Only Root admins allowed to change it for templates
if (!template.getFormat().equals(ImageFormat.ISO) && !_accountMgr.isRootAdmin(caller.getId())) {
throw new InvalidParameterValueException("Only ROOT admins are allowed to modify isExtractable attribute.");
} else {
// For Isos normal user can change it, as their are no derivatives.
updatedTemplate.setExtractable(isExtractable.booleanValue());
}
}
_tmpltDao.update(template.getId(), updatedTemplate);
//when operation is add/remove, accountNames can not be null
if (("add".equalsIgnoreCase(operation) || "remove".equalsIgnoreCase(operation)) && accountNames == null) {
throw new InvalidParameterValueException("Operation " + operation + " requires accounts or projectIds to be passed in");
}
//Derive the domain id from the template owner as updateTemplatePermissions is not cross domain operation
Account owner = _accountMgr.getAccount(ownerId);
final Domain domain = _domainDao.findById(owner.getDomainId());
if ("add".equalsIgnoreCase(operation)) {
final List<String> accountNamesFinal = accountNames;
final List<Long> accountIds = new ArrayList<Long>();
Transaction.execute(new TransactionCallbackNoReturn() {
@Override
public void doInTransactionWithoutResult(TransactionStatus status) {
for (String accountName : accountNamesFinal) {
Account permittedAccount = _accountDao.findActiveAccount(accountName, domain.getId());
if (permittedAccount != null) {
if (permittedAccount.getId() == caller.getId()) {
// don't grant permission to the template
continue;
// owner, they implicitly have permission
}
accountIds.add(permittedAccount.getId());
LaunchPermissionVO existingPermission = _launchPermissionDao.findByTemplateAndAccount(id, permittedAccount.getId());
if (existingPermission == null) {
LaunchPermissionVO launchPermission = new LaunchPermissionVO(id, permittedAccount.getId());
_launchPermissionDao.persist(launchPermission);
}
} else {
throw new InvalidParameterValueException("Unable to grant a launch permission to account " + accountName + " in domain id=" + domain.getUuid() + ", account not found. " + "No permissions updated, please verify the account names and retry.");
}
}
}
});
// add ACL permission in IAM
Map<String, Object> permit = new HashMap<String, Object>();
permit.put(ApiConstants.ENTITY_TYPE, VirtualMachineTemplate.class);
permit.put(ApiConstants.ENTITY_ID, id);
permit.put(ApiConstants.ACCESS_TYPE, AccessType.UseEntry);
permit.put(ApiConstants.IAM_ACTION, "listTemplates");
permit.put(ApiConstants.ACCOUNTS, accountIds);
_messageBus.publish(_name, EntityManager.MESSAGE_GRANT_ENTITY_EVENT, PublishScope.LOCAL, permit);
} else if ("remove".equalsIgnoreCase(operation)) {
List<Long> accountIds = new ArrayList<Long>();
for (String accountName : accountNames) {
Account permittedAccount = _accountDao.findActiveAccount(accountName, domain.getId());
if (permittedAccount != null) {
accountIds.add(permittedAccount.getId());
}
}
_launchPermissionDao.removePermissions(id, accountIds);
// remove ACL permission in IAM
Map<String, Object> permit = new HashMap<String, Object>();
permit.put(ApiConstants.ENTITY_TYPE, VirtualMachineTemplate.class);
permit.put(ApiConstants.ENTITY_ID, id);
permit.put(ApiConstants.ACCESS_TYPE, AccessType.UseEntry);
permit.put(ApiConstants.IAM_ACTION, "listTemplates");
permit.put(ApiConstants.ACCOUNTS, accountIds);
_messageBus.publish(_name, EntityManager.MESSAGE_REVOKE_ENTITY_EVENT, PublishScope.LOCAL, permit);
} else if ("reset".equalsIgnoreCase(operation)) {
// do we care whether the owning account is an admin? if the
// owner is an admin, will we still set public to false?
updatedTemplate = _tmpltDao.createForUpdate();
updatedTemplate.setPublicTemplate(false);
updatedTemplate.setFeatured(false);
_tmpltDao.update(template.getId(), updatedTemplate);
_launchPermissionDao.removeAllPermissions(id);
_messageBus.publish(_name, TemplateManager.MESSAGE_RESET_TEMPLATE_PERMISSION_EVENT, PublishScope.LOCAL, template.getId());
}
return true;
}
Also used :
Account(com.cloud.user.Account)
HashMap(java.util.HashMap)
VMTemplateVO(com.cloud.storage.VMTemplateVO)
ArrayList(java.util.ArrayList)
TransactionStatus(com.cloud.utils.db.TransactionStatus)
TransactionCallbackNoReturn(com.cloud.utils.db.TransactionCallbackNoReturn)
UpdateTemplatePermissionsCmd(org.apache.cloudstack.api.command.user.template.UpdateTemplatePermissionsCmd)
LaunchPermissionVO(com.cloud.storage.LaunchPermissionVO)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
UpdateIsoPermissionsCmd(org.apache.cloudstack.api.command.user.iso.UpdateIsoPermissionsCmd)
ArrayList(java.util.ArrayList)
List(java.util.List)
Project(com.cloud.projects.Project)
Domain(com.cloud.domain.Domain)
Map(java.util.Map)
HashMap(java.util.HashMap)
DB(com.cloud.utils.db.DB)
Aggregations
Domain (com.cloud.domain.Domain)81
Account (com.cloud.user.Account)42
ArrayList (java.util.ArrayList)23
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)20
Test (org.junit.Test)20
DeployDestination (com.cloud.deploy.DeployDestination)17
Network (com.cloud.network.Network)17
ReservationContext (com.cloud.vm.ReservationContext)17
DataCenter (com.cloud.dc.DataCenter)16
PhysicalNetworkVO (com.cloud.network.dao.PhysicalNetworkVO)16
NetworkOffering (com.cloud.offering.NetworkOffering)16
HostVO (com.cloud.host.HostVO)15
NetworkVO (com.cloud.network.dao.NetworkVO)15
UserAccount (com.cloud.user.UserAccount)15
URI (java.net.URI)12
DomainVO (com.cloud.domain.DomainVO)11
ProjectAccount (com.cloud.projects.ProjectAccount)11
Project (com.cloud.projects.Project)10
NiciraNvpDeviceVO (com.cloud.network.NiciraNvpDeviceVO)8
DB (com.cloud.utils.db.DB)8
