Search in sources :

Example 66 with PermissionDeniedException

use of com.cloud.legacymodel.exceptions.PermissionDeniedException in project cosmic by MissionCriticalCloud.

the class TemplateManagerImpl method listTemplatePermissions.

@Override
public List<String> listTemplatePermissions(final BaseListTemplateOrIsoPermissionsCmd cmd) {
    final Account caller = CallContext.current().getCallingAccount();
    final Long id = cmd.getId();
    if (id.equals(Long.valueOf(1))) {
        throw new PermissionDeniedException("unable to list permissions for " + cmd.getMediaType() + " with id " + id);
    }
    final VirtualMachineTemplate template = this._tmpltDao.findById(id);
    if (template == null) {
        throw new InvalidParameterValueException("unable to find " + cmd.getMediaType() + " with id " + id);
    }
    if (cmd instanceof ListTemplatePermissionsCmd) {
        if (template.getFormat().equals(ImageFormat.ISO)) {
            throw new InvalidParameterValueException("Please provide a valid template");
        }
    } else if (cmd instanceof ListIsoPermissionsCmd) {
        if (!template.getFormat().equals(ImageFormat.ISO)) {
            throw new InvalidParameterValueException("Please provide a valid iso");
        }
    }
    if (!template.isPublicTemplate()) {
        this._accountMgr.checkAccess(caller, null, true, template);
    }
    final List<String> accountNames = new ArrayList<>();
    final List<LaunchPermissionVO> permissions = this._launchPermissionDao.findByTemplate(id);
    if (permissions != null && !permissions.isEmpty()) {
        for (final LaunchPermissionVO permission : permissions) {
            final Account acct = this._accountDao.findById(permission.getAccountId());
            accountNames.add(acct.getAccountName());
        }
    }
    // also add the owner if not public
    if (!template.isPublicTemplate()) {
        final Account templateOwner = this._accountDao.findById(template.getAccountId());
        accountNames.add(templateOwner.getAccountName());
    }
    return accountNames;
}
Also used : Account(com.cloud.legacymodel.user.Account) ListTemplatePermissionsCmd(com.cloud.api.command.user.template.ListTemplatePermissionsCmd) VirtualMachineTemplate(com.cloud.legacymodel.storage.VirtualMachineTemplate) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) ArrayList(java.util.ArrayList) ListIsoPermissionsCmd(com.cloud.api.command.user.iso.ListIsoPermissionsCmd) PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException) LaunchPermissionVO(com.cloud.storage.LaunchPermissionVO)

Example 67 with PermissionDeniedException

use of com.cloud.legacymodel.exceptions.PermissionDeniedException in project cosmic by MissionCriticalCloud.

the class QueryManagerImpl method searchForUsersInternal.

private Pair<List<UserAccountJoinVO>, Integer> searchForUsersInternal(final ListUsersCmd cmd) throws PermissionDeniedException {
    final Account caller = CallContext.current().getCallingAccount();
    final List<Long> permittedAccounts = new ArrayList<>();
    final boolean listAll = cmd.listAll();
    Long id = cmd.getId();
    if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
        final long currentId = CallContext.current().getCallingUser().getId();
        if (id != null && currentId != id.longValue()) {
            throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
        }
        id = currentId;
    }
    final Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(cmd.getDomainId(), cmd.isRecursive(), null);
    _accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), null, permittedAccounts, domainIdRecursiveListProject, listAll, false);
    final Long domainId = domainIdRecursiveListProject.first();
    final Boolean isRecursive = domainIdRecursiveListProject.second();
    final ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
    final Filter searchFilter = new Filter(UserAccountJoinVO.class, "id", true, cmd.getStartIndex(), cmd.getPageSizeVal());
    final Object username = cmd.getUsername();
    final Object type = cmd.getAccountType();
    final Object accountName = cmd.getAccountName();
    final Object state = cmd.getState();
    final Object keyword = cmd.getKeyword();
    final SearchBuilder<UserAccountJoinVO> sb = _userAccountJoinDao.createSearchBuilder();
    _accountMgr.buildACLViewSearchBuilder(sb, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
    sb.and("username", sb.entity().getUsername(), SearchCriteria.Op.LIKE);
    if (id != null && id == 1) {
        // system user should NOT be searchable
        final List<UserAccountJoinVO> emptyList = new ArrayList<>();
        return new Pair<>(emptyList, 0);
    } else if (id != null) {
        sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
    } else {
        // this condition is used to exclude system user from the search
        // results
        sb.and("id", sb.entity().getId(), SearchCriteria.Op.NEQ);
    }
    sb.and("type", sb.entity().getAccountType(), SearchCriteria.Op.EQ);
    sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
    sb.and("accountName", sb.entity().getAccountName(), SearchCriteria.Op.EQ);
    sb.and("state", sb.entity().getState(), SearchCriteria.Op.EQ);
    if (accountName == null && domainId != null) {
        sb.and("domainPath", sb.entity().getDomainPath(), SearchCriteria.Op.LIKE);
    }
    final SearchCriteria<UserAccountJoinVO> sc = sb.create();
    // building ACL condition
    _accountMgr.buildACLViewSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria);
    if (keyword != null) {
        final SearchCriteria<UserAccountJoinVO> ssc = _userAccountJoinDao.createSearchCriteria();
        ssc.addOr("username", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("firstname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("lastname", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("email", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("state", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("accountName", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("accountType", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        sc.addAnd("username", SearchCriteria.Op.SC, ssc);
    }
    if (username != null) {
        sc.setParameters("username", username);
    }
    if (id != null) {
        sc.setParameters("id", id);
    } else {
        // Don't return system user, search builder with NEQ
        sc.setParameters("id", 1);
    }
    if (type != null) {
        sc.setParameters("type", type);
    }
    if (accountName != null) {
        sc.setParameters("accountName", accountName);
        if (domainId != null) {
            sc.setParameters("domainId", domainId);
        }
    } else if (domainId != null) {
        final DomainVO domainVO = _domainDao.findById(domainId);
        sc.setParameters("domainPath", domainVO.getPath() + "%");
    }
    if (state != null) {
        sc.setParameters("state", state);
    }
    return _userAccountJoinDao.searchAndCount(sc, searchFilter);
}
Also used : Account(com.cloud.legacymodel.user.Account) Ternary(com.cloud.legacymodel.utils.Ternary) ArrayList(java.util.ArrayList) ListProjectResourcesCriteria(com.cloud.projects.Project.ListProjectResourcesCriteria) DomainVO(com.cloud.domain.DomainVO) UserAccountJoinVO(com.cloud.api.query.vo.UserAccountJoinVO) Filter(com.cloud.utils.db.Filter) TemplateFilter(com.cloud.legacymodel.storage.VirtualMachineTemplate.TemplateFilter) PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException) Pair(com.cloud.legacymodel.utils.Pair)

Example 68 with PermissionDeniedException

use of com.cloud.legacymodel.exceptions.PermissionDeniedException in project cosmic by MissionCriticalCloud.

the class QueryManagerImpl method searchForDiskOfferingsInternal.

private Pair<List<DiskOfferingJoinVO>, Integer> searchForDiskOfferingsInternal(final ListDiskOfferingsCmd cmd) {
    // Note
    // The list method for offerings is being modified in accordance with
    // discussion with Will/Kevin
    // For now, we will be listing the following based on the usertype
    // 1. For root, we will list all offerings
    // 2. For domainAdmin and regular users, we will list everything in
    // their domains+parent domains ... all the way
    // till
    // root
    Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm"));
    isAscending = isAscending == null ? true : isAscending;
    final Filter searchFilter = new Filter(DiskOfferingJoinVO.class, "sortKey", isAscending, cmd.getStartIndex(), cmd.getPageSizeVal());
    final SearchCriteria<DiskOfferingJoinVO> sc = _diskOfferingJoinDao.createSearchCriteria();
    sc.addAnd("type", Op.EQ, DiskOfferingVO.Type.Disk);
    final Account account = CallContext.current().getCallingAccount();
    final Object name = cmd.getDiskOfferingName();
    final Object id = cmd.getId();
    final Object keyword = cmd.getKeyword();
    final Long domainId = cmd.getDomainId();
    final Boolean isRootAdmin = _accountMgr.isRootAdmin(account.getAccountId());
    final Boolean isRecursive = cmd.isRecursive();
    // associated with this domain
    if (domainId != null) {
        if (_accountMgr.isRootAdmin(account.getId()) || isPermissible(account.getDomainId(), domainId)) {
            // check if the user's domain == do's domain || user's domain is
            // a child of so's domain for non-root users
            sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
            if (!isRootAdmin) {
                sc.addAnd("displayOffering", SearchCriteria.Op.EQ, 1);
            }
            return _diskOfferingJoinDao.searchAndCount(sc, searchFilter);
        } else {
            throw new PermissionDeniedException("The account:" + account.getAccountName() + " does not fall in the same domain hierarchy as the disk offering");
        }
    }
    final List<Long> domainIds;
    // and everything above till root
    if (_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
        if (isRecursive) {
            // domain + all sub-domains
            if (account.getType() == Account.ACCOUNT_TYPE_NORMAL) {
                throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list disk offerings with isrecursive=true");
            }
            final DomainVO domainRecord = _domainDao.findById(account.getDomainId());
            sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domainRecord.getPath() + "%");
        } else {
            // domain + all ancestors
            // find all domain Id up to root domain for this account
            domainIds = new ArrayList<>();
            DomainVO domainRecord = _domainDao.findById(account.getDomainId());
            if (domainRecord == null) {
                s_logger.error("Could not find the domainId for account:" + account.getAccountName());
                throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
            }
            domainIds.add(domainRecord.getId());
            while (domainRecord.getParent() != null) {
                domainRecord = _domainDao.findById(domainRecord.getParent());
                domainIds.add(domainRecord.getId());
            }
            final SearchCriteria<DiskOfferingJoinVO> spc = _diskOfferingJoinDao.createSearchCriteria();
            spc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
            // include public offering as where
            spc.addOr("domainId", SearchCriteria.Op.NULL);
            sc.addAnd("domainId", SearchCriteria.Op.SC, spc);
            // non-root users should not see system offering at all
            sc.addAnd("systemUse", SearchCriteria.Op.EQ, false);
        }
    }
    if (keyword != null) {
        final SearchCriteria<DiskOfferingJoinVO> ssc = _diskOfferingJoinDao.createSearchCriteria();
        ssc.addOr("displayText", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        sc.addAnd("name", SearchCriteria.Op.SC, ssc);
    }
    if (id != null) {
        sc.addAnd("id", SearchCriteria.Op.EQ, id);
    }
    if (name != null) {
        sc.addAnd("name", SearchCriteria.Op.EQ, name);
    }
    return _diskOfferingJoinDao.searchAndCount(sc, searchFilter);
}
Also used : Account(com.cloud.legacymodel.user.Account) CloudAuthenticationException(com.cloud.legacymodel.exceptions.CloudAuthenticationException) DiskOfferingJoinVO(com.cloud.api.query.vo.DiskOfferingJoinVO) DomainVO(com.cloud.domain.DomainVO) Filter(com.cloud.utils.db.Filter) TemplateFilter(com.cloud.legacymodel.storage.VirtualMachineTemplate.TemplateFilter) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException)

Example 69 with PermissionDeniedException

use of com.cloud.legacymodel.exceptions.PermissionDeniedException in project cosmic by MissionCriticalCloud.

the class QueryManagerImpl method listProjectsInternal.

private Pair<List<ProjectJoinVO>, Integer> listProjectsInternal(final ListProjectsCmd cmd) {
    final Long id = cmd.getId();
    final String name = cmd.getName();
    final String displayText = cmd.getDisplayText();
    final String state = cmd.getState();
    final String accountName = cmd.getAccountName();
    final Long domainId = cmd.getDomainId();
    final String keyword = cmd.getKeyword();
    final Long startIndex = cmd.getStartIndex();
    final Long pageSize = cmd.getPageSizeVal();
    final boolean listAll = cmd.listAll();
    final boolean isRecursive = cmd.isRecursive();
    cmd.getTags();
    final Account caller = CallContext.current().getCallingAccount();
    Long accountId = null;
    String path = null;
    final Filter searchFilter = new Filter(ProjectJoinVO.class, "id", false, startIndex, pageSize);
    final SearchBuilder<ProjectJoinVO> sb = _projectJoinDao.createSearchBuilder();
    // select distinct
    sb.select(null, Func.DISTINCT, sb.entity().getId());
    if (_accountMgr.isAdmin(caller.getId())) {
        if (domainId != null) {
            final DomainVO domain = _domainDao.findById(domainId);
            if (domain == null) {
                throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist in the system");
            }
            _accountMgr.checkAccess(caller, domain);
            if (accountName != null) {
                final Account owner = _accountMgr.getActiveAccountByName(accountName, domainId);
                if (owner == null) {
                    throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
                }
                accountId = owner.getId();
            }
        } else {
            // domainId == null
            if (accountName != null) {
                throw new InvalidParameterValueException("could not find account " + accountName + " because domain is not specified");
            }
        }
    } else {
        if (accountName != null && !accountName.equals(caller.getAccountName())) {
            throw new PermissionDeniedException("Can't list account " + accountName + " projects; unauthorized");
        }
        if (domainId != null && !domainId.equals(caller.getDomainId())) {
            throw new PermissionDeniedException("Can't list domain id= " + domainId + " projects; unauthorized");
        }
        accountId = caller.getId();
    }
    if (domainId == null && accountId == null && (_accountMgr.isNormalUser(caller.getId()) || !listAll)) {
        accountId = caller.getId();
    } else if (_accountMgr.isDomainAdmin(caller.getId()) || isRecursive && !listAll) {
        final DomainVO domain = _domainDao.findById(caller.getDomainId());
        path = domain.getPath();
    }
    if (path != null) {
        sb.and("domainPath", sb.entity().getDomainPath(), SearchCriteria.Op.LIKE);
    }
    if (accountId != null) {
        sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
    }
    final SearchCriteria<ProjectJoinVO> sc = sb.create();
    if (id != null) {
        sc.addAnd("id", Op.EQ, id);
    }
    if (domainId != null && !isRecursive) {
        sc.addAnd("domainId", Op.EQ, domainId);
    }
    if (name != null) {
        sc.addAnd("name", Op.EQ, name);
    }
    if (displayText != null) {
        sc.addAnd("displayText", Op.EQ, displayText);
    }
    if (accountId != null) {
        sc.setParameters("accountId", accountId);
    }
    if (state != null) {
        sc.addAnd("state", Op.EQ, state);
    }
    if (keyword != null) {
        final SearchCriteria<ProjectJoinVO> ssc = _projectJoinDao.createSearchCriteria();
        ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("displayText", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        sc.addAnd("name", SearchCriteria.Op.SC, ssc);
    }
    if (path != null) {
        sc.setParameters("domainPath", path);
    }
    // search distinct projects to get count
    final Pair<List<ProjectJoinVO>, Integer> uniquePrjPair = _projectJoinDao.searchAndCount(sc, searchFilter);
    final Integer count = uniquePrjPair.second();
    if (count.intValue() == 0) {
        // handle empty result cases
        return uniquePrjPair;
    }
    final List<ProjectJoinVO> uniquePrjs = uniquePrjPair.first();
    final Long[] prjIds = new Long[uniquePrjs.size()];
    int i = 0;
    for (final ProjectJoinVO v : uniquePrjs) {
        prjIds[i++] = v.getId();
    }
    final List<ProjectJoinVO> prjs = _projectJoinDao.searchByIds(prjIds);
    return new Pair<>(prjs, count);
}
Also used : Account(com.cloud.legacymodel.user.Account) ProjectJoinVO(com.cloud.api.query.vo.ProjectJoinVO) DomainVO(com.cloud.domain.DomainVO) Filter(com.cloud.utils.db.Filter) TemplateFilter(com.cloud.legacymodel.storage.VirtualMachineTemplate.TemplateFilter) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException) ArrayList(java.util.ArrayList) List(java.util.List) Pair(com.cloud.legacymodel.utils.Pair)

Example 70 with PermissionDeniedException

use of com.cloud.legacymodel.exceptions.PermissionDeniedException in project cosmic by MissionCriticalCloud.

the class QueryManagerImpl method searchForServiceOfferingsInternal.

private Pair<List<ServiceOfferingJoinVO>, Integer> searchForServiceOfferingsInternal(final ListServiceOfferingsCmd cmd) {
    // Note
    // The filteredOfferings method for offerings is being modified in accordance with
    // discussion with Will/Kevin
    // For now, we will be listing the following based on the usertype
    // 1. For root, we will filteredOfferings all offerings
    // 2. For domainAdmin and regular users, we will filteredOfferings everything in
    // their domains+parent domains ... all the way
    // till
    // root
    Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm"));
    isAscending = isAscending == null ? true : isAscending;
    final Filter searchFilter = new Filter(ServiceOfferingJoinVO.class, "sortKey", isAscending, cmd.getStartIndex(), cmd.getPageSizeVal());
    final Account caller = CallContext.current().getCallingAccount();
    final Object name = cmd.getServiceOfferingName();
    final Object id = cmd.getId();
    final Object keyword = cmd.getKeyword();
    final Long vmId = cmd.getVirtualMachineId();
    final Long domainId = cmd.getDomainId();
    final Boolean isSystem = cmd.getIsSystem();
    final String vmTypeStr = cmd.getSystemVmType();
    final ServiceOfferingVO currentVmOffering;
    final Boolean isRecursive = cmd.isRecursive();
    final SearchCriteria<ServiceOfferingJoinVO> sc = _srvOfferingJoinDao.createSearchCriteria();
    if (!_accountMgr.isRootAdmin(caller.getId()) && isSystem) {
        throw new InvalidParameterValueException("Only ROOT admins can access system's offering");
    }
    // domain
    if (domainId != null && !_accountMgr.isRootAdmin(caller.getId())) {
        // child of so's domain
        if (!isPermissible(caller.getDomainId(), domainId)) {
            throw new PermissionDeniedException("The account:" + caller.getAccountName() + " does not fall in the same domain hierarchy as the service offering");
        }
    }
    if (vmId != null) {
        final VMInstanceVO vmInstance = _vmInstanceDao.findById(vmId);
        if (vmInstance == null || vmInstance.getRemoved() != null) {
            final InvalidParameterValueException ex = new InvalidParameterValueException("unable to find a virtual machine with specified id");
            ex.addProxyObject(vmId.toString(), "vmId");
            throw ex;
        }
        _accountMgr.checkAccess(caller, null, true, vmInstance);
        currentVmOffering = _srvOfferingDao.findByIdIncludingRemoved(vmInstance.getId(), vmInstance.getServiceOfferingId());
        sc.addAnd("id", SearchCriteria.Op.NEQ, currentVmOffering.getId());
        // 1. Only return offerings with the same storage type
        sc.addAnd("useLocalStorage", SearchCriteria.Op.EQ, currentVmOffering.getUseLocalStorage());
        // 2.In case vm is running return only offerings greater than equal to current offering compute.
        if (vmInstance.getState() == VirtualMachine.State.Running) {
            sc.addAnd("cpu", Op.GTEQ, currentVmOffering.getCpu());
            sc.addAnd("ramSize", Op.GTEQ, currentVmOffering.getRamSize());
        }
    }
    // boolean includePublicOfferings = false;
    if (_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
        // For non-root users.
        if (isSystem) {
            throw new InvalidParameterValueException("Only root admins can access system's offering");
        }
        if (isRecursive) {
            // domain + all sub-domains
            if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
                throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list service offerings with isrecursive=true");
            }
            final DomainVO domainRecord = _domainDao.findById(caller.getDomainId());
            sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domainRecord.getPath() + "%");
        } else {
            // domain + all ancestors
            // find all domain Id up to root domain for this account
            final List<Long> domainIds = new ArrayList<>();
            DomainVO domainRecord;
            if (vmId != null) {
                final UserVmVO vmInstance = _userVmDao.findById(vmId);
                domainRecord = _domainDao.findById(vmInstance.getDomainId());
                if (domainRecord == null) {
                    s_logger.error("Could not find the domainId for vmId:" + vmId);
                    throw new CloudAuthenticationException("Could not find the domainId for vmId:" + vmId);
                }
            } else {
                domainRecord = _domainDao.findById(caller.getDomainId());
                if (domainRecord == null) {
                    s_logger.error("Could not find the domainId for account:" + caller.getAccountName());
                    throw new CloudAuthenticationException("Could not find the domainId for account:" + caller.getAccountName());
                }
            }
            domainIds.add(domainRecord.getId());
            while (domainRecord.getParent() != null) {
                domainRecord = _domainDao.findById(domainRecord.getParent());
                domainIds.add(domainRecord.getId());
            }
            final SearchCriteria<ServiceOfferingJoinVO> spc = _srvOfferingJoinDao.createSearchCriteria();
            spc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
            // include public offering as well
            spc.addOr("domainId", SearchCriteria.Op.NULL);
            sc.addAnd("domainId", SearchCriteria.Op.SC, spc);
        }
    } else {
        // for root users
        if (caller.getDomainId() != 1 && isSystem) {
            // NON ROOT admin
            throw new InvalidParameterValueException("Non ROOT admins cannot access system's offering");
        }
        if (domainId != null) {
            sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
        }
    }
    if (keyword != null) {
        final SearchCriteria<ServiceOfferingJoinVO> ssc = _srvOfferingJoinDao.createSearchCriteria();
        ssc.addOr("displayText", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        sc.addAnd("name", SearchCriteria.Op.SC, ssc);
    }
    if (id != null) {
        sc.addAnd("id", SearchCriteria.Op.EQ, id);
    }
    if (isSystem != null) {
        // note that for non-root users, isSystem is always false when
        // control comes to here
        sc.addAnd("systemUse", SearchCriteria.Op.EQ, isSystem);
    }
    if (name != null) {
        sc.addAnd("name", SearchCriteria.Op.EQ, name);
    }
    if (vmTypeStr != null) {
        sc.addAnd("vmType", SearchCriteria.Op.EQ, vmTypeStr);
    }
    final Pair<List<ServiceOfferingJoinVO>, Integer> result = _srvOfferingJoinDao.searchAndCount(sc, searchFilter);
    return result;
}
Also used : Account(com.cloud.legacymodel.user.Account) UserVmVO(com.cloud.vm.UserVmVO) ServiceOfferingJoinVO(com.cloud.api.query.vo.ServiceOfferingJoinVO) CloudAuthenticationException(com.cloud.legacymodel.exceptions.CloudAuthenticationException) ArrayList(java.util.ArrayList) VMInstanceVO(com.cloud.vm.VMInstanceVO) ServiceOfferingVO(com.cloud.service.ServiceOfferingVO) DomainVO(com.cloud.domain.DomainVO) Filter(com.cloud.utils.db.Filter) TemplateFilter(com.cloud.legacymodel.storage.VirtualMachineTemplate.TemplateFilter) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException) ArrayList(java.util.ArrayList) List(java.util.List)

Aggregations

PermissionDeniedException (com.cloud.legacymodel.exceptions.PermissionDeniedException)73 Account (com.cloud.legacymodel.user.Account)64 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)59 ActionEvent (com.cloud.event.ActionEvent)26 CloudRuntimeException (com.cloud.legacymodel.exceptions.CloudRuntimeException)25 ArrayList (java.util.ArrayList)14 UserAccount (com.cloud.legacymodel.user.UserAccount)13 DB (com.cloud.utils.db.DB)13 DataCenterVO (com.cloud.dc.DataCenterVO)11 HashMap (java.util.HashMap)11 DomainVO (com.cloud.domain.DomainVO)9 ResourceUnavailableException (com.cloud.legacymodel.exceptions.ResourceUnavailableException)9 Project (com.cloud.projects.Project)9 InsufficientCapacityException (com.cloud.legacymodel.exceptions.InsufficientCapacityException)8 Pair (com.cloud.legacymodel.utils.Pair)8 VMTemplateVO (com.cloud.storage.VMTemplateVO)8 TransactionStatus (com.cloud.utils.db.TransactionStatus)8 List (java.util.List)8 Domain (com.cloud.legacymodel.domain.Domain)7 VolumeVO (com.cloud.storage.VolumeVO)7