Example 66 with Account
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method activateProject.
@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_ACTIVATE, eventDescription = "activating project")
@DB
public Project activateProject(final long projectId) {
final Account caller = CallContext.current().getCallingAccount();
// check that the project exists
final ProjectVO project = getProject(projectId);
if (project == null) {
final InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find project with specified id");
ex.addProxyObject(String.valueOf(projectId), "projectId");
throw ex;
}
// verify permissions
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
// allow project activation only when it's in Suspended state
final Project.State currentState = project.getState();
if (currentState == State.Active) {
s_logger.debug("The project id=" + projectId + " is already active, no need to activate it again");
return project;
}
if (currentState != State.Suspended) {
throw new InvalidParameterValueException("Can't activate the project in " + currentState + " state");
}
Transaction.execute(new TransactionCallbackNoReturn() {
@Override
public void doInTransactionWithoutResult(final TransactionStatus status) {
project.setState(Project.State.Active);
_projectDao.update(projectId, project);
_accountMgr.enableAccount(project.getProjectAccountId());
}
});
return _projectDao.findById(projectId);
}
Also used :
Account(com.cloud.legacymodel.user.Account)
State(com.cloud.projects.Project.State)
InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException)
TransactionStatus(com.cloud.utils.db.TransactionStatus)
TransactionCallbackNoReturn(com.cloud.utils.db.TransactionCallbackNoReturn)
ActionEvent(com.cloud.event.ActionEvent)
DB(com.cloud.utils.db.DB)
Example 67 with Account
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method addAccountToProject.
@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_ACCOUNT_ADD, eventDescription = "adding account to project", async = true)
public boolean addAccountToProject(final long projectId, final String accountName, final String email) {
final Account caller = CallContext.current().getCallingAccount();
// check that the project exists
final Project project = getProject(projectId);
if (project == null) {
final InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find project with specified id");
ex.addProxyObject(String.valueOf(projectId), "projectId");
throw ex;
}
// User can be added to Active project only
if (project.getState() != Project.State.Active) {
final InvalidParameterValueException ex = new InvalidParameterValueException("Can't add account to the specified project id in state=" + project.getState() + " as it's no longer active");
ex.addProxyObject(project.getUuid(), "projectId");
throw ex;
}
// check that account-to-add exists
Account account = null;
if (accountName != null) {
account = _accountMgr.getActiveAccountByName(accountName, project.getDomainId());
if (account == null) {
final InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find account name=" + accountName + " in specified domain id");
final DomainVO domain = ApiDBUtils.findDomainById(project.getDomainId());
String domainUuid = String.valueOf(project.getDomainId());
if (domain != null) {
domainUuid = domain.getUuid();
}
ex.addProxyObject(domainUuid, "domainId");
throw ex;
}
// verify permissions - only project owner can assign
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
// Check if the account already added to the project
final ProjectAccount projectAccount = _projectAccountDao.findByProjectIdAccountId(projectId, account.getId());
if (projectAccount != null) {
s_logger.debug("Account " + accountName + " already added to the project id=" + projectId);
return true;
}
}
if (_invitationRequired) {
return inviteAccountToProject(project, account, email);
} else {
if (account == null) {
throw new InvalidParameterValueException("Account information is required for assigning account to the project");
}
if (assignAccountToProject(project, account.getId(), ProjectAccount.Role.Regular) != null) {
return true;
} else {
s_logger.warn("Failed to add account " + accountName + " to project id=" + projectId);
return false;
}
}
}
Also used :
Account(com.cloud.legacymodel.user.Account)
DomainVO(com.cloud.domain.DomainVO)
InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException)
ActionEvent(com.cloud.event.ActionEvent)
Example 68 with Account
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method deleteProjectInvitation.
@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_INVITATION_REMOVE, eventDescription = "removing project invitation", async = true)
public boolean deleteProjectInvitation(final long id) {
final Account caller = CallContext.current().getCallingAccount();
final ProjectInvitation invitation = _projectInvitationDao.findById(id);
if (invitation == null) {
throw new InvalidParameterValueException("Unable to find project invitation by id " + id);
}
// check that the project exists
final Project project = getProject(invitation.getProjectId());
// check permissions - only project owner can remove the invitations
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
if (_projectInvitationDao.remove(id)) {
s_logger.debug("Project Invitation id=" + id + " is removed");
return true;
} else {
s_logger.debug("Failed to remove project invitation id=" + id);
return false;
}
}
Also used :
Account(com.cloud.legacymodel.user.Account)
InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException)
ActionEvent(com.cloud.event.ActionEvent)
DB(com.cloud.utils.db.DB)
Example 69 with Account
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ProjectManagerImpl method createProject.
@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_CREATE, eventDescription = "creating project", create = true)
@DB
public Project createProject(final String name, final String displayText, final String accountName, final Long domainId) throws ResourceAllocationException {
final Account caller = CallContext.current().getCallingAccount();
Account owner = caller;
// check if the user authorized to create the project
if (_accountMgr.isNormalUser(caller.getId()) && !_allowUserToCreateProject) {
throw new PermissionDeniedException("Regular user is not permitted to create a project");
}
// Verify request parameters
if ((accountName != null && domainId == null) || (domainId != null && accountName == null)) {
throw new InvalidParameterValueException("Account name and domain id must be specified together");
}
if (accountName != null) {
owner = _accountMgr.finalizeOwner(caller, accountName, domainId, null);
}
// don't allow 2 projects with the same name inside the same domain
if (_projectDao.findByNameAndDomain(name, owner.getDomainId()) != null) {
throw new InvalidParameterValueException("Project with name " + name + " already exists in domain id=" + owner.getDomainId());
}
// do resource limit check
_resourceLimitMgr.checkResourceLimit(owner, ResourceType.project);
final Account ownerFinal = owner;
return Transaction.execute(new TransactionCallback<Project>() {
@Override
public Project doInTransaction(final TransactionStatus status) {
// Create an account associated with the project
final StringBuilder acctNm = new StringBuilder("PrjAcct-");
acctNm.append(name).append("-").append(ownerFinal.getDomainId());
final Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.ACCOUNT_TYPE_PROJECT, domainId, null, null, UUID.randomUUID().toString());
final Project project = _projectDao.persist(new ProjectVO(name, displayText, ownerFinal.getDomainId(), projectAccount.getId()));
// assign owner to the project
assignAccountToProject(project, ownerFinal.getId(), ProjectAccount.Role.Admin);
if (project != null) {
CallContext.current().setEventDetails("Project id=" + project.getId());
CallContext.current().putContextParameter(Project.class, project.getUuid());
}
// Increment resource count
_resourceLimitMgr.incrementResourceCount(ownerFinal.getId(), ResourceType.project);
return project;
}
});
}
Also used :
Account(com.cloud.legacymodel.user.Account)
InvalidParameterValueException(com.cloud.legacymodel.exceptions.InvalidParameterValueException)
TransactionStatus(com.cloud.utils.db.TransactionStatus)
PermissionDeniedException(com.cloud.legacymodel.exceptions.PermissionDeniedException)
ActionEvent(com.cloud.event.ActionEvent)
DB(com.cloud.utils.db.DB)
Example 70 with Account
use of com.cloud.legacymodel.user.Account in project cosmic by MissionCriticalCloud.
the class ApiRateLimitServiceImpl method checkAccess.
@Override
public boolean checkAccess(final User user, final String apiCommandName) throws PermissionDeniedException {
// check if api rate limiting is enabled or not
if (!enabled) {
return true;
}
final Long accountId = user.getAccountId();
final Account account = _accountService.getAccount(accountId);
if (_accountService.isRootAdmin(account.getId())) {
// no API throttling on root admin
return true;
}
StoreEntry entry = _store.get(accountId);
if (entry == null) {
/* Populate the entry, thus unlocking any underlying mutex */
entry = _store.create(accountId, timeToLive);
}
/* Increment the client count and see whether we have hit the maximum allowed clients yet. */
final int current = entry.incrementAndGet();
if (current <= maxAllowed) {
s_logger.trace("account (" + account.getAccountId() + "," + account.getAccountName() + ") has current count = " + current);
return true;
} else {
final long expireAfter = entry.getExpireDuration();
// for this exception, we can just show the same message to user and admin users.
final String msg = "The given user has reached his/her account api limit, please retry after " + expireAfter + " ms.";
s_logger.warn(msg);
throw new RequestLimitException(msg);
}
}
Also used :
Account(com.cloud.legacymodel.user.Account)
RequestLimitException(com.cloud.legacymodel.exceptions.RequestLimitException)
Aggregations
Account (com.cloud.legacymodel.user.Account)435
InvalidParameterValueException (com.cloud.legacymodel.exceptions.InvalidParameterValueException)229
ActionEvent (com.cloud.event.ActionEvent)120
ArrayList (java.util.ArrayList)103
CloudRuntimeException (com.cloud.legacymodel.exceptions.CloudRuntimeException)98
PermissionDeniedException (com.cloud.legacymodel.exceptions.PermissionDeniedException)78
User (com.cloud.legacymodel.user.User)73
DB (com.cloud.utils.db.DB)59
List (java.util.List)58
Pair (com.cloud.legacymodel.utils.Pair)53
Network (com.cloud.legacymodel.network.Network)48
CallContext (com.cloud.context.CallContext)47
DomainVO (com.cloud.domain.DomainVO)47
UserAccount (com.cloud.legacymodel.user.UserAccount)47
Filter (com.cloud.utils.db.Filter)47
TransactionStatus (com.cloud.utils.db.TransactionStatus)40
Domain (com.cloud.legacymodel.domain.Domain)39
ResourceUnavailableException (com.cloud.legacymodel.exceptions.ResourceUnavailableException)37
Test (org.junit.Test)36
Ternary (com.cloud.legacymodel.utils.Ternary)34
