use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ManagementServerImpl method listCapabilities.
@Override
public Map<String, Object> listCapabilities(final ListCapabilitiesCmd cmd) {
final Map<String, Object> capabilities = new HashMap<>();
final Account caller = getCaller();
final boolean elasticLoadBalancerEnabled;
final boolean KVMSnapshotEnabled;
String supportELB = "false";
final long diskOffMinSize = VolumeOrchestrationService.CustomDiskOfferingMinSize.value();
final long diskOffMaxSize = VolumeOrchestrationService.CustomDiskOfferingMaxSize.value();
KVMSnapshotEnabled = Boolean.parseBoolean(_configDao.getValue("KVM.snapshot.enabled"));
final boolean userPublicTemplateEnabled = TemplateManager.AllowPublicUserTemplates.valueIn(caller.getId());
// add some parameters UI needs to handle API throttling
final boolean apiLimitEnabled = Boolean.parseBoolean(_configDao.getValue(Config.ApiLimitEnabled.key()));
final Integer apiLimitInterval = Integer.valueOf(_configDao.getValue(Config.ApiLimitInterval.key()));
final Integer apiLimitMax = Integer.valueOf(_configDao.getValue(Config.ApiLimitMax.key()));
final boolean allowUserViewDestroyedVM = QueryService.AllowUserViewDestroyedVM.valueIn(caller.getId()) | _accountService.isAdmin(caller.getId());
final boolean allowUserExpungeRecoverVM = UserVmManager.AllowUserExpungeRecoverVm.valueIn(caller.getId()) | _accountService.isAdmin(caller.getId());
final boolean XenServerDeploymentsEnabled = xenserverDeploymentsEnabled.value();
final boolean KvmDeploymentsEnabled = kvmDeploymentsEnabled.value();
// check if region-wide secondary storage is used
boolean regionSecondaryEnabled = false;
final List<ImageStoreVO> imgStores = _imgStoreDao.findRegionImageStores();
if (imgStores != null && imgStores.size() > 0) {
regionSecondaryEnabled = true;
}
capabilities.put("userPublicTemplateEnabled", userPublicTemplateEnabled);
capabilities.put("cloudStackVersion", getVersion());
capabilities.put("supportELB", supportELB);
capabilities.put("projectInviteRequired", _projectMgr.projectInviteRequired());
capabilities.put("allowusercreateprojects", _projectMgr.allowUserToCreateProject());
capabilities.put("customDiskOffMinSize", diskOffMinSize);
capabilities.put("customDiskOffMaxSize", diskOffMaxSize);
capabilities.put("regionSecondaryEnabled", regionSecondaryEnabled);
capabilities.put("KVMSnapshotEnabled", KVMSnapshotEnabled);
capabilities.put("allowUserViewDestroyedVM", allowUserViewDestroyedVM);
capabilities.put("allowUserExpungeRecoverVM", allowUserExpungeRecoverVM);
capabilities.put("xenserverDeploymentsEnabled", XenServerDeploymentsEnabled);
capabilities.put("KVMDeploymentsEnabled", KvmDeploymentsEnabled);
if (apiLimitEnabled) {
capabilities.put("apiLimitInterval", apiLimitInterval);
capabilities.put("apiLimitMax", apiLimitMax);
}
return capabilities;
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ManagementServerImpl method searchForConfigurations.
@Override
public Pair<List<? extends Configuration>, Integer> searchForConfigurations(final ListCfgsByCmd cmd) {
final Filter searchFilter = new Filter(ConfigurationVO.class, "name", true, cmd.getStartIndex(), cmd.getPageSizeVal());
final SearchCriteria<ConfigurationVO> sc = _configDao.createSearchCriteria();
final Long userId = CallContext.current().getCallingUserId();
final Account caller = CallContext.current().getCallingAccount();
final User user = _userDao.findById(userId);
final Object name = cmd.getConfigName();
final Object category = cmd.getCategory();
final Object keyword = cmd.getKeyword();
final Long zoneId = cmd.getZoneId();
final Long clusterId = cmd.getClusterId();
final Long storagepoolId = cmd.getStoragepoolId();
final Long accountId = cmd.getAccountId();
String scope = null;
Long id = null;
int paramCountCheck = 0;
if (!_accountMgr.isRootAdmin(caller.getId()) && accountId == null) {
throw new InvalidParameterValueException("Please specify AccountId to list the config for the given account.");
}
if (accountId != null) {
final Account accountToUpdate = _accountDao.findById(accountId);
_accountMgr.checkAccess(caller, null, true, accountToUpdate);
scope = ConfigKey.Scope.Account.toString();
id = accountId;
paramCountCheck++;
}
if (_accountMgr.isRootAdmin(caller.getId())) {
if (zoneId != null) {
scope = ConfigKey.Scope.Zone.toString();
id = zoneId;
paramCountCheck++;
}
if (clusterId != null) {
scope = ConfigKey.Scope.Cluster.toString();
id = clusterId;
paramCountCheck++;
}
if (storagepoolId != null) {
scope = ConfigKey.Scope.StoragePool.toString();
id = storagepoolId;
paramCountCheck++;
}
}
if (paramCountCheck > 1) {
throw new InvalidParameterValueException("cannot handle multiple IDs, provide only one ID corresponding to the scope");
}
if (keyword != null) {
final SearchCriteria<ConfigurationVO> ssc = _configDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("instance", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("component", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("description", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("category", SearchCriteria.Op.LIKE, "%" + keyword + "%");
ssc.addOr("value", SearchCriteria.Op.LIKE, "%" + keyword + "%");
sc.addAnd("name", SearchCriteria.Op.SC, ssc);
}
if (name != null) {
sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + name + "%");
}
if (category != null) {
sc.addAnd("category", SearchCriteria.Op.EQ, category);
}
// hidden configurations are not displayed using the search API
sc.addAnd("category", SearchCriteria.Op.NEQ, "Hidden");
if (scope != null && !scope.isEmpty()) {
// getting the list of parameters at requested scope
sc.addAnd("scope", SearchCriteria.Op.EQ, scope);
}
final Pair<List<ConfigurationVO>, Integer> result = _configDao.searchAndCount(sc, searchFilter);
if (scope != null && !scope.isEmpty()) {
// Populate values corresponding the resource id
final List<ConfigurationVO> configVOList = new ArrayList<>();
for (final ConfigurationVO param : result.first()) {
final ConfigurationVO configVo = _configDao.findByName(param.getName());
if (configVo != null) {
final ConfigKey<?> key = _configDepot.get(param.getName());
if (key != null) {
configVo.setValue(key.valueIn(id).toString());
configVOList.add(configVo);
} else {
s_logger.warn("ConfigDepot could not find parameter " + param.getName() + " for scope " + scope);
}
} else {
s_logger.warn("Configuration item " + param.getName() + " not found in " + scope);
}
}
return new Pair<>(configVOList, configVOList.size());
}
return new Pair<>(result.first(), result.second());
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ConsoleProxyServlet method doGet.
@Override
protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) {
if (_accountMgr == null || _vmMgr == null || _ms == null) {
sendResponse(resp, "Service is not ready");
return;
}
if (_keysMgr.getHashKey() == null) {
s_logger.debug("Console/thumbnail access denied. Ticket service is not ready yet");
sendResponse(resp, "Service is not ready");
return;
}
String userId = null;
String account = null;
Account accountObj = null;
addSecurityHeaders(resp);
final Map<String, Object[]> params = new HashMap<>();
params.putAll(req.getParameterMap());
final HttpSession session = req.getSession(false);
if (session == null) {
if (verifyRequest(params)) {
userId = (String) params.get("userid")[0];
account = (String) params.get("account")[0];
accountObj = (Account) params.get("accountobj")[0];
} else {
s_logger.debug("Invalid web session or API key in request, reject console/thumbnail access");
sendResponse(resp, "Access denied. Invalid web session or API key in request");
return;
}
} else {
// adjust to latest API refactoring changes
if (session.getAttribute("userid") != null) {
userId = ((Long) session.getAttribute("userid")).toString();
}
accountObj = (Account) session.getAttribute("accountobj");
if (accountObj != null) {
account = "" + accountObj.getId();
}
}
// Do a sanity check here to make sure the user hasn't already been deleted
if ((userId == null) || (account == null) || (accountObj == null) || !verifyUser(Long.valueOf(userId))) {
s_logger.debug("Invalid user/account, reject console/thumbnail access");
sendResponse(resp, "Access denied. Invalid or inconsistent account is found");
return;
}
final String cmd = req.getParameter("cmd");
if (cmd == null || !isValidCmd(cmd)) {
s_logger.debug("invalid console servlet command: " + cmd);
sendResponse(resp, "");
return;
}
final String vmIdString = req.getParameter("vm");
final VirtualMachine vm = _entityMgr.findByUuid(VirtualMachine.class, vmIdString);
if (vm == null) {
s_logger.info("invalid console servlet command parameter: " + vmIdString);
sendResponse(resp, "");
return;
}
final Long vmId = vm.getId();
if (!checkSessionPermision(req, vmId, accountObj)) {
sendResponse(resp, "Permission denied");
return;
}
if (cmd.equalsIgnoreCase("thumbnail")) {
handleThumbnailRequest(req, resp, vmId);
} else if (cmd.equalsIgnoreCase("access")) {
handleAccessRequest(req, resp, vmId);
} else {
handleAuthRequest(req, resp, vmId);
}
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method updateProject.
@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_UPDATE, eventDescription = "updating project", async = true)
public Project updateProject(final long projectId, final String displayText, final String newOwnerName) throws ResourceAllocationException {
final Account caller = CallContext.current().getCallingAccount();
// check that the project exists
final ProjectVO project = getProject(projectId);
if (project == null) {
throw new InvalidParameterValueException("Unable to find the project id=" + projectId);
}
// verify permissions
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
Transaction.execute(new TransactionCallbackWithExceptionNoReturn<ResourceAllocationException>() {
@Override
public void doInTransactionWithoutResult(final TransactionStatus status) throws ResourceAllocationException {
if (displayText != null) {
project.setDisplayText(displayText);
_projectDao.update(projectId, project);
}
if (newOwnerName != null) {
// check that the new owner exists
final Account futureOwnerAccount = _accountMgr.getActiveAccountByName(newOwnerName, project.getDomainId());
if (futureOwnerAccount == null) {
throw new InvalidParameterValueException("Unable to find account name=" + newOwnerName + " in domain id=" + project.getDomainId());
}
final Account currentOwnerAccount = getProjectOwner(projectId);
if (currentOwnerAccount.getId() != futureOwnerAccount.getId()) {
final ProjectAccountVO futureOwner = _projectAccountDao.findByProjectIdAccountId(projectId, futureOwnerAccount.getAccountId());
if (futureOwner == null) {
throw new InvalidParameterValueException("Account " + newOwnerName + " doesn't belong to the project. Add it to the project first and then change the project's ownership");
}
// do resource limit check
_resourceLimitMgr.checkResourceLimit(_accountMgr.getAccount(futureOwnerAccount.getId()), ResourceType.project);
// unset the role for the old owner
final ProjectAccountVO currentOwner = _projectAccountDao.findByProjectIdAccountId(projectId, currentOwnerAccount.getId());
currentOwner.setAccountRole(Role.Regular);
_projectAccountDao.update(currentOwner.getId(), currentOwner);
_resourceLimitMgr.decrementResourceCount(currentOwnerAccount.getId(), ResourceType.project);
// set new owner
futureOwner.setAccountRole(Role.Admin);
_projectAccountDao.update(futureOwner.getId(), futureOwner);
_resourceLimitMgr.incrementResourceCount(futureOwnerAccount.getId(), ResourceType.project);
} else {
s_logger.trace("Future owner " + newOwnerName + "is already the owner of the project id=" + projectId);
}
}
}
});
return _projectDao.findById(projectId);
}
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method enableProject.
@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_CREATE, eventDescription = "creating project", async = true)
@DB
public Project enableProject(final long projectId) {
final Account caller = CallContext.current().getCallingAccount();
final ProjectVO project = getProject(projectId);
// verify input parameters
if (project == null) {
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
}
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
// at this point enabling project doesn't require anything, so just update the state
project.setState(State.Active);
_projectDao.update(projectId, project);
return project;
}
Aggregations