Example 6 with CloudAuthenticationException
use of com.cloud.exception.CloudAuthenticationException in project cloudstack by apache.
the class QueryManagerImpl method searchForDiskOfferingsInternal.
private Pair<List<DiskOfferingJoinVO>, Integer> searchForDiskOfferingsInternal(ListDiskOfferingsCmd cmd) {
// Note
// The list method for offerings is being modified in accordance with
// discussion with Will/Kevin
// For now, we will be listing the following based on the usertype
// 1. For root, we will list all offerings
// 2. For domainAdmin and regular users, we will list everything in
// their domains+parent domains ... all the way
// till
// root
Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm"));
isAscending = (isAscending == null ? true : isAscending);
Filter searchFilter = new Filter(DiskOfferingJoinVO.class, "sortKey", isAscending, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchCriteria<DiskOfferingJoinVO> sc = _diskOfferingJoinDao.createSearchCriteria();
sc.addAnd("type", Op.EQ, DiskOfferingVO.Type.Disk);
Account account = CallContext.current().getCallingAccount();
Object name = cmd.getDiskOfferingName();
Object id = cmd.getId();
Object keyword = cmd.getKeyword();
Long domainId = cmd.getDomainId();
Boolean isRootAdmin = _accountMgr.isRootAdmin(account.getAccountId());
Boolean isRecursive = cmd.isRecursive();
// associated with this domain
if (domainId != null) {
if (_accountMgr.isRootAdmin(account.getId()) || isPermissible(account.getDomainId(), domainId)) {
// check if the user's domain == do's domain || user's domain is
// a child of so's domain for non-root users
sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
if (!isRootAdmin) {
sc.addAnd("displayOffering", SearchCriteria.Op.EQ, 1);
}
return _diskOfferingJoinDao.searchAndCount(sc, searchFilter);
} else {
throw new PermissionDeniedException("The account:" + account.getAccountName() + " does not fall in the same domain hierarchy as the disk offering");
}
}
List<Long> domainIds = null;
// and everything above till root
if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
if (isRecursive) {
// domain + all sub-domains
if (account.getType() == Account.ACCOUNT_TYPE_NORMAL)
throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list disk offerings with isrecursive=true");
DomainVO domainRecord = _domainDao.findById(account.getDomainId());
sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domainRecord.getPath() + "%");
} else {
// domain + all ancestors
// find all domain Id up to root domain for this account
domainIds = new ArrayList<Long>();
DomainVO domainRecord = _domainDao.findById(account.getDomainId());
if (domainRecord == null) {
s_logger.error("Could not find the domainId for account:" + account.getAccountName());
throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
}
domainIds.add(domainRecord.getId());
while (domainRecord.getParent() != null) {
domainRecord = _domainDao.findById(domainRecord.getParent());
domainIds.add(domainRecord.getId());
}
SearchCriteria<DiskOfferingJoinVO> spc = _diskOfferingJoinDao.createSearchCriteria();
spc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
// include public offering as where
spc.addOr("domainId", SearchCriteria.Op.NULL);
sc.addAnd("domainId", SearchCriteria.Op.SC, spc);
// non-root users should not see system offering at all
sc.addAnd("systemUse", SearchCriteria.Op.EQ, false);
}
}
if (keyword != null) {
SearchCriteria<DiskOfferingJoinVO> ssc = _diskOfferingJoinDao.createSearchCriteria();
ssc.addOr("displayText", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (id != null) {
sc.addAnd("id", SearchCriteria.Op.EQ, id);
}
if (name != null) {
sc.addAnd("name", SearchCriteria.Op.EQ, name);
}
return _diskOfferingJoinDao.searchAndCount(sc, searchFilter);
}
Also used :
Account(com.cloud.user.Account)
CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException)
DiskOfferingJoinVO(com.cloud.api.query.vo.DiskOfferingJoinVO)
DomainVO(com.cloud.domain.DomainVO)
TemplateFilter(com.cloud.template.VirtualMachineTemplate.TemplateFilter)
Filter(com.cloud.utils.db.Filter)
InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException)
PermissionDeniedException(com.cloud.exception.PermissionDeniedException)
Example 7 with CloudAuthenticationException
use of com.cloud.exception.CloudAuthenticationException in project cloudstack by apache.
the class QueryManagerImpl method listDataCentersInternal.
private Pair<List<DataCenterJoinVO>, Integer> listDataCentersInternal(ListZonesCmd cmd) {
Account account = CallContext.current().getCallingAccount();
Long domainId = cmd.getDomainId();
Long id = cmd.getId();
String keyword = cmd.getKeyword();
String name = cmd.getName();
String networkType = cmd.getNetworkType();
Map<String, String> resourceTags = cmd.getTags();
SearchBuilder<DataCenterJoinVO> sb = _dcJoinDao.createSearchBuilder();
if (resourceTags != null && !resourceTags.isEmpty()) {
SearchBuilder<ResourceTagVO> tagSearch = _resourceTagDao.createSearchBuilder();
for (int count = 0; count < resourceTags.size(); count++) {
tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), SearchCriteria.Op.EQ);
tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), SearchCriteria.Op.EQ);
tagSearch.cp();
}
tagSearch.and("resourceType", tagSearch.entity().getResourceType(), SearchCriteria.Op.EQ);
sb.groupBy(sb.entity().getId());
sb.join("tagSearch", tagSearch, sb.entity().getId(), tagSearch.entity().getResourceId(), JoinBuilder.JoinType.INNER);
}
Filter searchFilter = new Filter(DataCenterJoinVO.class, null, false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchCriteria<DataCenterJoinVO> sc = sb.create();
if (networkType != null) {
sc.addAnd("networkType", SearchCriteria.Op.EQ, networkType);
}
if (id != null) {
sc.addAnd("id", SearchCriteria.Op.EQ, id);
} else if (name != null) {
sc.addAnd("name", SearchCriteria.Op.EQ, name);
} else {
if (keyword != null) {
SearchCriteria<DataCenterJoinVO> ssc = _dcJoinDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
/*
* List all resources due to Explicit Dedication except the
* dedicated resources of other account
*/
if (domainId != null) {
//
// for domainId != null // right now, we made the decision to
// only list zones associated // with this domain, private zone
sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
if (_accountMgr.isNormalUser(account.getId())) {
// accountId == null (zones dedicated to a domain) or
// accountId = caller
SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
sdc.addOr("accountId", SearchCriteria.Op.EQ, account.getId());
sdc.addOr("accountId", SearchCriteria.Op.NULL);
sc.addAnd("accountId", SearchCriteria.Op.SC, sdc);
}
} else if (_accountMgr.isNormalUser(account.getId())) {
// it was decided to return all zones for the user's domain, and
// everything above till root
// list all zones belonging to this domain, and all of its
// parents
// check the parent, if not null, add zones for that parent to
// list
// find all domain Id up to root domain for this account
List<Long> domainIds = new ArrayList<Long>();
DomainVO domainRecord = _domainDao.findById(account.getDomainId());
if (domainRecord == null) {
s_logger.error("Could not find the domainId for account:" + account.getAccountName());
throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
}
domainIds.add(domainRecord.getId());
while (domainRecord.getParent() != null) {
domainRecord = _domainDao.findById(domainRecord.getParent());
domainIds.add(domainRecord.getId());
}
// domainId == null (public zones) or domainId IN [all domain id
// up to root domain]
SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
sdc.addOr("domainId", SearchCriteria.Op.NULL);
sc.addAnd("domainId", SearchCriteria.Op.SC, sdc);
// remove disabled zones
sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled);
// accountId == null (zones dedicated to a domain) or
// accountId = caller
SearchCriteria<DataCenterJoinVO> sdc2 = _dcJoinDao.createSearchCriteria();
sdc2.addOr("accountId", SearchCriteria.Op.EQ, account.getId());
sdc2.addOr("accountId", SearchCriteria.Op.NULL);
sc.addAnd("accountId", SearchCriteria.Op.SC, sdc2);
// remove Dedicated zones not dedicated to this domainId or
// subdomainId
List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds);
if (!dedicatedZoneIds.isEmpty()) {
sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
}
} else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
// it was decided to return all zones for the domain admin, and
// everything above till root, as well as zones till the domain
// leaf
List<Long> domainIds = new ArrayList<Long>();
DomainVO domainRecord = _domainDao.findById(account.getDomainId());
if (domainRecord == null) {
s_logger.error("Could not find the domainId for account:" + account.getAccountName());
throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
}
domainIds.add(domainRecord.getId());
// find all domain Ids till leaf
List<DomainVO> allChildDomains = _domainDao.findAllChildren(domainRecord.getPath(), domainRecord.getId());
for (DomainVO domain : allChildDomains) {
domainIds.add(domain.getId());
}
// then find all domain Id up to root domain for this account
while (domainRecord.getParent() != null) {
domainRecord = _domainDao.findById(domainRecord.getParent());
domainIds.add(domainRecord.getId());
}
// domainId == null (public zones) or domainId IN [all domain id
// up to root domain]
SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
sdc.addOr("domainId", SearchCriteria.Op.NULL);
sc.addAnd("domainId", SearchCriteria.Op.SC, sdc);
// remove disabled zones
sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled);
// remove Dedicated zones not dedicated to this domainId or
// subdomainId
List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds);
if (!dedicatedZoneIds.isEmpty()) {
sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
}
}
// handle available=FALSE option, only return zones with at least
// one VM running there
Boolean available = cmd.isAvailable();
if (account != null) {
if ((available != null) && Boolean.FALSE.equals(available)) {
// data centers with
Set<Long> dcIds = new HashSet<Long>();
// at least one VM
// running
List<DomainRouterVO> routers = _routerDao.listBy(account.getId());
for (DomainRouterVO router : routers) {
dcIds.add(router.getDataCenterId());
}
if (dcIds.size() == 0) {
return new Pair<List<DataCenterJoinVO>, Integer>(new ArrayList<DataCenterJoinVO>(), 0);
} else {
sc.addAnd("id", SearchCriteria.Op.IN, dcIds.toArray());
}
}
}
}
if (resourceTags != null && !resourceTags.isEmpty()) {
int count = 0;
sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Zone.toString());
for (Map.Entry<String, String> entry : resourceTags.entrySet()) {
sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), entry.getKey());
sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), entry.getValue());
count++;
}
}
return _dcJoinDao.searchAndCount(sc, searchFilter);
}
Also used :
DataCenterJoinVO(com.cloud.api.query.vo.DataCenterJoinVO)
Account(com.cloud.user.Account)
HashSet(java.util.HashSet)
Set(java.util.Set)
CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException)
ArrayList(java.util.ArrayList)
ResourceTagVO(com.cloud.tags.ResourceTagVO)
ArrayList(java.util.ArrayList)
List(java.util.List)
SearchCriteria(com.cloud.utils.db.SearchCriteria)
DomainVO(com.cloud.domain.DomainVO)
TemplateFilter(com.cloud.template.VirtualMachineTemplate.TemplateFilter)
Filter(com.cloud.utils.db.Filter)
Map(java.util.Map)
DomainRouterVO(com.cloud.vm.DomainRouterVO)
Example 8 with CloudAuthenticationException
use of com.cloud.exception.CloudAuthenticationException in project cloudstack by apache.
the class CallContext method register.
public static CallContext register(long callingUserId, long callingAccountId, String contextId) throws CloudAuthenticationException {
Account account = s_entityMgr.findById(Account.class, callingAccountId);
if (account == null) {
throw new CloudAuthenticationException("The account is no longer current.").add(Account.class, Long.toString(callingAccountId));
}
User user = s_entityMgr.findById(User.class, callingUserId);
if (user == null) {
throw new CloudAuthenticationException("The user is no longer current.").add(User.class, Long.toString(callingUserId));
}
return register(user, account, contextId);
}
Also used :
Account(com.cloud.user.Account)
User(com.cloud.user.User)
CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException)
Example 9 with CloudAuthenticationException
use of com.cloud.exception.CloudAuthenticationException in project cloudstack by apache.
the class LogContext method register.
public static LogContext register(String callingUserUuid, String callingAccountUuid) {
Account account = s_entityMgr.findByUuid(Account.class, callingAccountUuid);
if (account == null) {
throw new CloudAuthenticationException("The account is no longer current.").add(Account.class, callingAccountUuid);
}
User user = s_entityMgr.findByUuid(User.class, callingUserUuid);
if (user == null) {
throw new CloudAuthenticationException("The user is no longer current.").add(User.class, callingUserUuid);
}
return register(user, account);
}
Also used :
Account(com.cloud.user.Account)
User(com.cloud.user.User)
CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException)
Example 10 with CloudAuthenticationException
use of com.cloud.exception.CloudAuthenticationException in project cloudstack by apache.
the class LogContext method register.
public static LogContext register(long callingUserId, long callingAccountId, String contextId) throws CloudAuthenticationException {
Account account = s_entityMgr.findById(Account.class, callingAccountId);
if (account == null) {
throw new CloudAuthenticationException("The account is no longer current.").add(Account.class, Long.toString(callingAccountId));
}
User user = s_entityMgr.findById(User.class, callingUserId);
if (user == null) {
throw new CloudAuthenticationException("The user is no longer current.").add(User.class, Long.toString(callingUserId));
}
return register(user, account, contextId);
}
Also used :
Account(com.cloud.user.Account)
User(com.cloud.user.User)
CloudAuthenticationException(com.cloud.exception.CloudAuthenticationException)
Aggregations
CloudAuthenticationException (com.cloud.exception.CloudAuthenticationException)14
Account (com.cloud.user.Account)10
User (com.cloud.user.User)7
Domain (com.cloud.domain.Domain)4
DomainVO (com.cloud.domain.DomainVO)4
UserAccount (com.cloud.user.UserAccount)4
TemplateFilter (com.cloud.template.VirtualMachineTemplate.TemplateFilter)3
Filter (com.cloud.utils.db.Filter)3
ArrayList (java.util.ArrayList)3
ServerApiException (org.apache.cloudstack.api.ServerApiException)3
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)2
PermissionDeniedException (com.cloud.exception.PermissionDeniedException)2
UserAccountVO (com.cloud.user.UserAccountVO)2
IOException (java.io.IOException)2
HashSet (java.util.HashSet)2
List (java.util.List)2
LoginCmdResponse (org.apache.cloudstack.api.response.LoginCmdResponse)2
DataCenterJoinVO (com.cloud.api.query.vo.DataCenterJoinVO)1
DiskOfferingJoinVO (com.cloud.api.query.vo.DiskOfferingJoinVO)1
ServiceOfferingJoinVO (com.cloud.api.query.vo.ServiceOfferingJoinVO)1
