Search in sources :

Example 61 with Account

use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.

the class ManagementServerImpl method listCapabilities.

@Override
public Map<String, Object> listCapabilities(final ListCapabilitiesCmd cmd) {
    final Map<String, Object> capabilities = new HashMap<>();
    final Account caller = getCaller();
    final boolean elasticLoadBalancerEnabled;
    final boolean KVMSnapshotEnabled;
    String supportELB = "false";
    final long diskOffMinSize = VolumeOrchestrationService.CustomDiskOfferingMinSize.value();
    final long diskOffMaxSize = VolumeOrchestrationService.CustomDiskOfferingMaxSize.value();
    KVMSnapshotEnabled = Boolean.parseBoolean(_configDao.getValue("KVM.snapshot.enabled"));
    final boolean userPublicTemplateEnabled = TemplateManager.AllowPublicUserTemplates.valueIn(caller.getId());
    // add some parameters UI needs to handle API throttling
    final boolean apiLimitEnabled = Boolean.parseBoolean(_configDao.getValue(Config.ApiLimitEnabled.key()));
    final Integer apiLimitInterval = Integer.valueOf(_configDao.getValue(Config.ApiLimitInterval.key()));
    final Integer apiLimitMax = Integer.valueOf(_configDao.getValue(Config.ApiLimitMax.key()));
    final boolean allowUserViewDestroyedVM = QueryService.AllowUserViewDestroyedVM.valueIn(caller.getId()) | _accountService.isAdmin(caller.getId());
    final boolean allowUserExpungeRecoverVM = UserVmManager.AllowUserExpungeRecoverVm.valueIn(caller.getId()) | _accountService.isAdmin(caller.getId());
    final boolean XenServerDeploymentsEnabled = xenserverDeploymentsEnabled.value();
    final boolean KvmDeploymentsEnabled = kvmDeploymentsEnabled.value();
    // check if region-wide secondary storage is used
    boolean regionSecondaryEnabled = false;
    final List<ImageStoreVO> imgStores = _imgStoreDao.findRegionImageStores();
    if (imgStores != null && imgStores.size() > 0) {
        regionSecondaryEnabled = true;
    }
    capabilities.put("userPublicTemplateEnabled", userPublicTemplateEnabled);
    capabilities.put("cloudStackVersion", getVersion());
    capabilities.put("supportELB", supportELB);
    capabilities.put("projectInviteRequired", _projectMgr.projectInviteRequired());
    capabilities.put("allowusercreateprojects", _projectMgr.allowUserToCreateProject());
    capabilities.put("customDiskOffMinSize", diskOffMinSize);
    capabilities.put("customDiskOffMaxSize", diskOffMaxSize);
    capabilities.put("regionSecondaryEnabled", regionSecondaryEnabled);
    capabilities.put("KVMSnapshotEnabled", KVMSnapshotEnabled);
    capabilities.put("allowUserViewDestroyedVM", allowUserViewDestroyedVM);
    capabilities.put("allowUserExpungeRecoverVM", allowUserExpungeRecoverVM);
    capabilities.put("xenserverDeploymentsEnabled", XenServerDeploymentsEnabled);
    capabilities.put("KVMDeploymentsEnabled", KvmDeploymentsEnabled);
    if (apiLimitEnabled) {
        capabilities.put("apiLimitInterval", apiLimitInterval);
        capabilities.put("apiLimitMax", apiLimitMax);
    }
    return capabilities;
}
Also used : Account(com.cloud.legacymodel.user.Account) HashMap(java.util.HashMap) ImageStoreVO(com.cloud.storage.datastore.db.ImageStoreVO)

Example 62 with Account

use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.

the class ManagementServerImpl method searchForConfigurations.

@Override
public Pair<List<? extends Configuration>, Integer> searchForConfigurations(final ListCfgsByCmd cmd) {
    final Filter searchFilter = new Filter(ConfigurationVO.class, "name", true, cmd.getStartIndex(), cmd.getPageSizeVal());
    final SearchCriteria<ConfigurationVO> sc = _configDao.createSearchCriteria();
    final Long userId = CallContext.current().getCallingUserId();
    final Account caller = CallContext.current().getCallingAccount();
    final User user = _userDao.findById(userId);
    final Object name = cmd.getConfigName();
    final Object category = cmd.getCategory();
    final Object keyword = cmd.getKeyword();
    final Long zoneId = cmd.getZoneId();
    final Long clusterId = cmd.getClusterId();
    final Long storagepoolId = cmd.getStoragepoolId();
    final Long accountId = cmd.getAccountId();
    String scope = null;
    Long id = null;
    int paramCountCheck = 0;
    if (!_accountMgr.isRootAdmin(caller.getId()) && accountId == null) {
        throw new InvalidParameterValueException("Please specify AccountId to list the config for the given account.");
    }
    if (accountId != null) {
        final Account accountToUpdate = _accountDao.findById(accountId);
        _accountMgr.checkAccess(caller, null, true, accountToUpdate);
        scope = ConfigKey.Scope.Account.toString();
        id = accountId;
        paramCountCheck++;
    }
    if (_accountMgr.isRootAdmin(caller.getId())) {
        if (zoneId != null) {
            scope = ConfigKey.Scope.Zone.toString();
            id = zoneId;
            paramCountCheck++;
        }
        if (clusterId != null) {
            scope = ConfigKey.Scope.Cluster.toString();
            id = clusterId;
            paramCountCheck++;
        }
        if (storagepoolId != null) {
            scope = ConfigKey.Scope.StoragePool.toString();
            id = storagepoolId;
            paramCountCheck++;
        }
    }
    if (paramCountCheck > 1) {
        throw new InvalidParameterValueException("cannot handle multiple IDs, provide only one ID corresponding to the scope");
    }
    if (keyword != null) {
        final SearchCriteria<ConfigurationVO> ssc = _configDao.createSearchCriteria();
        ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("instance", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("component", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("category", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        ssc.addOr("value", SearchCriteria.Op.LIKE, "%" + keyword + "%");
        sc.addAnd("name", SearchCriteria.Op.SC, ssc);
    }
    if (name != null) {
        sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + name + "%");
    }
    if (category != null) {
        sc.addAnd("category", SearchCriteria.Op.EQ, category);
    }
    // hidden configurations are not displayed using the search API
    sc.addAnd("category", SearchCriteria.Op.NEQ, "Hidden");
    if (scope != null && !scope.isEmpty()) {
        // getting the list of parameters at requested scope
        sc.addAnd("scope", SearchCriteria.Op.EQ, scope);
    }
    final Pair<List<ConfigurationVO>, Integer> result = _configDao.searchAndCount(sc, searchFilter);
    if (scope != null && !scope.isEmpty()) {
        // Populate values corresponding the resource id
        final List<ConfigurationVO> configVOList = new ArrayList<>();
        for (final ConfigurationVO param : result.first()) {
            final ConfigurationVO configVo = _configDao.findByName(param.getName());
            if (configVo != null) {
                final ConfigKey<?> key = _configDepot.get(param.getName());
                if (key != null) {
                    configVo.setValue(key.valueIn(id).toString());
                    configVOList.add(configVo);
                } else {
                    s_logger.warn("ConfigDepot could not find parameter " + param.getName() + " for scope " + scope);
                }
            } else {
                s_logger.warn("Configuration item  " + param.getName() + " not found in " + scope);
            }
        }
        return new Pair<>(configVOList, configVOList.size());
    }
    return new Pair<>(result.first(), result.second());
}
Also used : Account(com.cloud.legacymodel.user.Account) User(com.cloud.legacymodel.user.User) ArrayList(java.util.ArrayList) ConfigurationVO(com.cloud.framework.config.impl.ConfigurationVO) Filter(com.cloud.utils.db.Filter) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) ArrayList(java.util.ArrayList) ExcludeList(com.cloud.deploy.DeploymentPlanner.ExcludeList) List(java.util.List) SSHKeyPair(com.cloud.legacymodel.user.SSHKeyPair) Pair(com.cloud.legacymodel.utils.Pair)

Example 63 with Account

use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.

the class ConsoleProxyServlet method doGet.

@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) {
    if (_accountMgr == null || _vmMgr == null || _ms == null) {
        sendResponse(resp, "Service is not ready");
        return;
    }
    if (_keysMgr.getHashKey() == null) {
        s_logger.debug("Console/thumbnail access denied. Ticket service is not ready yet");
        sendResponse(resp, "Service is not ready");
        return;
    }
    String userId = null;
    String account = null;
    Account accountObj = null;
    addSecurityHeaders(resp);
    final Map<String, Object[]> params = new HashMap<>();
    params.putAll(req.getParameterMap());
    final HttpSession session = req.getSession(false);
    if (session == null) {
        if (verifyRequest(params)) {
            userId = (String) params.get("userid")[0];
            account = (String) params.get("account")[0];
            accountObj = (Account) params.get("accountobj")[0];
        } else {
            s_logger.debug("Invalid web session or API key in request, reject console/thumbnail access");
            sendResponse(resp, "Access denied. Invalid web session or API key in request");
            return;
        }
    } else {
        // adjust to latest API refactoring changes
        if (session.getAttribute("userid") != null) {
            userId = ((Long) session.getAttribute("userid")).toString();
        }
        accountObj = (Account) session.getAttribute("accountobj");
        if (accountObj != null) {
            account = "" + accountObj.getId();
        }
    }
    // Do a sanity check here to make sure the user hasn't already been deleted
    if ((userId == null) || (account == null) || (accountObj == null) || !verifyUser(Long.valueOf(userId))) {
        s_logger.debug("Invalid user/account, reject console/thumbnail access");
        sendResponse(resp, "Access denied. Invalid or inconsistent account is found");
        return;
    }
    final String cmd = req.getParameter("cmd");
    if (cmd == null || !isValidCmd(cmd)) {
        s_logger.debug("invalid console servlet command: " + cmd);
        sendResponse(resp, "");
        return;
    }
    final String vmIdString = req.getParameter("vm");
    final VirtualMachine vm = _entityMgr.findByUuid(VirtualMachine.class, vmIdString);
    if (vm == null) {
        s_logger.info("invalid console servlet command parameter: " + vmIdString);
        sendResponse(resp, "");
        return;
    }
    final Long vmId = vm.getId();
    if (!checkSessionPermision(req, vmId, accountObj)) {
        sendResponse(resp, "Permission denied");
        return;
    }
    if (cmd.equalsIgnoreCase("thumbnail")) {
        handleThumbnailRequest(req, resp, vmId);
    } else if (cmd.equalsIgnoreCase("access")) {
        handleAccessRequest(req, resp, vmId);
    } else {
        handleAuthRequest(req, resp, vmId);
    }
}
Also used : Account(com.cloud.legacymodel.user.Account) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) VirtualMachine(com.cloud.legacymodel.vm.VirtualMachine)

Example 64 with Account

use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.

the class ProjectManagerImpl method updateProject.

@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_UPDATE, eventDescription = "updating project", async = true)
public Project updateProject(final long projectId, final String displayText, final String newOwnerName) throws ResourceAllocationException {
    final Account caller = CallContext.current().getCallingAccount();
    // check that the project exists
    final ProjectVO project = getProject(projectId);
    if (project == null) {
        throw new InvalidParameterValueException("Unable to find the project id=" + projectId);
    }
    // verify permissions
    _accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
    Transaction.execute(new TransactionCallbackWithExceptionNoReturn<ResourceAllocationException>() {

        @Override
        public void doInTransactionWithoutResult(final TransactionStatus status) throws ResourceAllocationException {
            if (displayText != null) {
                project.setDisplayText(displayText);
                _projectDao.update(projectId, project);
            }
            if (newOwnerName != null) {
                // check that the new owner exists
                final Account futureOwnerAccount = _accountMgr.getActiveAccountByName(newOwnerName, project.getDomainId());
                if (futureOwnerAccount == null) {
                    throw new InvalidParameterValueException("Unable to find account name=" + newOwnerName + " in domain id=" + project.getDomainId());
                }
                final Account currentOwnerAccount = getProjectOwner(projectId);
                if (currentOwnerAccount.getId() != futureOwnerAccount.getId()) {
                    final ProjectAccountVO futureOwner = _projectAccountDao.findByProjectIdAccountId(projectId, futureOwnerAccount.getAccountId());
                    if (futureOwner == null) {
                        throw new InvalidParameterValueException("Account " + newOwnerName + " doesn't belong to the project. Add it to the project first and then change the project's ownership");
                    }
                    // do resource limit check
                    _resourceLimitMgr.checkResourceLimit(_accountMgr.getAccount(futureOwnerAccount.getId()), ResourceType.project);
                    // unset the role for the old owner
                    final ProjectAccountVO currentOwner = _projectAccountDao.findByProjectIdAccountId(projectId, currentOwnerAccount.getId());
                    currentOwner.setAccountRole(Role.Regular);
                    _projectAccountDao.update(currentOwner.getId(), currentOwner);
                    _resourceLimitMgr.decrementResourceCount(currentOwnerAccount.getId(), ResourceType.project);
                    // set new owner
                    futureOwner.setAccountRole(Role.Admin);
                    _projectAccountDao.update(futureOwner.getId(), futureOwner);
                    _resourceLimitMgr.incrementResourceCount(futureOwnerAccount.getId(), ResourceType.project);
                } else {
                    s_logger.trace("Future owner " + newOwnerName + "is already the owner of the project id=" + projectId);
                }
            }
        }
    });
    return _projectDao.findById(projectId);
}
Also used : Account(com.cloud.legacymodel.user.Account) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) TransactionStatus(com.cloud.utils.db.TransactionStatus) ResourceAllocationException(com.cloud.legacymodel.exceptions.ResourceAllocationException) ActionEvent(com.cloud.event.ActionEvent) DB(com.cloud.utils.db.DB)

Example 65 with Account

use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.

the class ProjectManagerImpl method enableProject.

@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_CREATE, eventDescription = "creating project", async = true)
@DB
public Project enableProject(final long projectId) {
    final Account caller = CallContext.current().getCallingAccount();
    final ProjectVO project = getProject(projectId);
    // verify input parameters
    if (project == null) {
        throw new InvalidParameterValueException("Unable to find project by id " + projectId);
    }
    _accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
    // at this point enabling project doesn't require anything, so just update the state
    project.setState(State.Active);
    _projectDao.update(projectId, project);
    return project;
}
Also used : Account(com.cloud.legacymodel.user.Account) InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException) ActionEvent(com.cloud.event.ActionEvent) DB(com.cloud.utils.db.DB)

Aggregations

Account (com.cloud.legacymodel.user.Account)435 InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)229 ActionEvent (com.cloud.event.ActionEvent)120 ArrayList (java.util.ArrayList)103 CloudRuntimeException (com.cloud.legacymodel.exceptions.CloudRuntimeException)98 PermissionDeniedException (com.cloud.legacymodel.exceptions.PermissionDeniedException)78 User (com.cloud.legacymodel.user.User)73 DB (com.cloud.utils.db.DB)59 List (java.util.List)58 Pair (com.cloud.legacymodel.utils.Pair)53 Network (com.cloud.legacymodel.network.Network)48 CallContext (com.cloud.context.CallContext)47 DomainVO (com.cloud.domain.DomainVO)47 UserAccount (com.cloud.legacymodel.user.UserAccount)47 Filter (com.cloud.utils.db.Filter)47 TransactionStatus (com.cloud.utils.db.TransactionStatus)40 Domain (com.cloud.legacymodel.domain.Domain)39 ResourceUnavailableException (com.cloud.legacymodel.exceptions.ResourceUnavailableException)37 Test (org.junit.Test)36 Ternary (com.cloud.legacymodel.utils.Ternary)34