Search in sources :

Example 41 with Account

use of com.cloud.user.Account in project cloudstack by apache.

the class Site2SiteVpnManagerImpl method createVpnGateway.

@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_GATEWAY_CREATE, eventDescription = "creating s2s vpn gateway", async = true)
public Site2SiteVpnGateway createVpnGateway(CreateVpnGatewayCmd cmd) {
    Account caller = CallContext.current().getCallingAccount();
    Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
    //Verify that caller can perform actions in behalf of vpc owner
    _accountMgr.checkAccess(caller, null, false, owner);
    Long vpcId = cmd.getVpcId();
    VpcVO vpc = _vpcDao.findById(vpcId);
    if (vpc == null) {
        throw new InvalidParameterValueException("Invalid VPC " + vpcId + " for site to site vpn gateway creation!");
    }
    Site2SiteVpnGatewayVO gws = _vpnGatewayDao.findByVpcId(vpcId);
    if (gws != null) {
        throw new InvalidParameterValueException("The VPN gateway of VPC " + vpcId + " already existed!");
    }
    //Use source NAT ip for VPC
    List<IPAddressVO> ips = _ipAddressDao.listByAssociatedVpc(vpcId, true);
    if (ips.size() != 1) {
        throw new CloudRuntimeException("Cannot found source nat ip of vpc " + vpcId);
    }
    Site2SiteVpnGatewayVO gw = new Site2SiteVpnGatewayVO(owner.getAccountId(), owner.getDomainId(), ips.get(0).getId(), vpcId);
    if (cmd.getDisplay() != null) {
        gw.setDisplay(cmd.getDisplay());
    }
    _vpnGatewayDao.persist(gw);
    return gw;
}
Also used : Account(com.cloud.user.Account) VpcVO(com.cloud.network.vpc.VpcVO) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) Site2SiteVpnGatewayVO(com.cloud.network.dao.Site2SiteVpnGatewayVO) IPAddressVO(com.cloud.network.dao.IPAddressVO) ActionEvent(com.cloud.event.ActionEvent)

Example 42 with Account

use of com.cloud.user.Account in project cloudstack by apache.

the class ProjectManagerImpl method addAccountToProject.

@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_ACCOUNT_ADD, eventDescription = "adding account to project", async = true)
public boolean addAccountToProject(long projectId, String accountName, String email) {
    Account caller = CallContext.current().getCallingAccount();
    //check that the project exists
    Project project = getProject(projectId);
    if (project == null) {
        InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find project with specified id");
        ex.addProxyObject(String.valueOf(projectId), "projectId");
        throw ex;
    }
    //User can be added to Active project only
    if (project.getState() != Project.State.Active) {
        InvalidParameterValueException ex = new InvalidParameterValueException("Can't add account to the specified project id in state=" + project.getState() + " as it's no longer active");
        ex.addProxyObject(project.getUuid(), "projectId");
        throw ex;
    }
    //check that account-to-add exists
    Account account = null;
    if (accountName != null) {
        account = _accountMgr.getActiveAccountByName(accountName, project.getDomainId());
        if (account == null) {
            InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find account name=" + accountName + " in specified domain id");
            DomainVO domain = ApiDBUtils.findDomainById(project.getDomainId());
            String domainUuid = String.valueOf(project.getDomainId());
            if (domain != null) {
                domainUuid = domain.getUuid();
            }
            ex.addProxyObject(domainUuid, "domainId");
            throw ex;
        }
        //verify permissions - only project owner can assign
        _accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
        //Check if the account already added to the project
        ProjectAccount projectAccount = _projectAccountDao.findByProjectIdAccountId(projectId, account.getId());
        if (projectAccount != null) {
            s_logger.debug("Account " + accountName + " already added to the project id=" + projectId);
            return true;
        }
    }
    if (_invitationRequired) {
        return inviteAccountToProject(project, account, email);
    } else {
        if (account == null) {
            throw new InvalidParameterValueException("Account information is required for assigning account to the project");
        }
        if (assignAccountToProject(project, account.getId(), ProjectAccount.Role.Regular) != null) {
            return true;
        } else {
            s_logger.warn("Failed to add account " + accountName + " to project id=" + projectId);
            return false;
        }
    }
}
Also used : Account(com.cloud.user.Account) DomainVO(com.cloud.domain.DomainVO) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) ActionEvent(com.cloud.event.ActionEvent)

Example 43 with Account

use of com.cloud.user.Account in project cloudstack by apache.

the class ProjectManagerImpl method activateProject.

@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_ACTIVATE, eventDescription = "activating project")
@DB
public Project activateProject(final long projectId) {
    Account caller = CallContext.current().getCallingAccount();
    //check that the project exists
    final ProjectVO project = getProject(projectId);
    if (project == null) {
        InvalidParameterValueException ex = new InvalidParameterValueException("Unable to find project with specified id");
        ex.addProxyObject(String.valueOf(projectId), "projectId");
        throw ex;
    }
    //verify permissions
    _accountMgr.checkAccess(caller, AccessType.ModifyProject, true, _accountMgr.getAccount(project.getProjectAccountId()));
    //allow project activation only when it's in Suspended state
    Project.State currentState = project.getState();
    if (currentState == State.Active) {
        s_logger.debug("The project id=" + projectId + " is already active, no need to activate it again");
        return project;
    }
    if (currentState != State.Suspended) {
        throw new InvalidParameterValueException("Can't activate the project in " + currentState + " state");
    }
    Transaction.execute(new TransactionCallbackNoReturn() {

        @Override
        public void doInTransactionWithoutResult(TransactionStatus status) {
            project.setState(Project.State.Active);
            _projectDao.update(projectId, project);
            _accountMgr.enableAccount(project.getProjectAccountId());
        }
    });
    return _projectDao.findById(projectId);
}
Also used : Account(com.cloud.user.Account) State(com.cloud.projects.Project.State) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) TransactionStatus(com.cloud.utils.db.TransactionStatus) TransactionCallbackNoReturn(com.cloud.utils.db.TransactionCallbackNoReturn) ActionEvent(com.cloud.event.ActionEvent) DB(com.cloud.utils.db.DB)

Example 44 with Account

use of com.cloud.user.Account in project cloudstack by apache.

the class Site2SiteVpnManagerImpl method updateCustomerGateway.

@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_CUSTOMER_GATEWAY_UPDATE, eventDescription = "update s2s vpn customer gateway", create = true)
public Site2SiteCustomerGateway updateCustomerGateway(UpdateVpnCustomerGatewayCmd cmd) {
    CallContext.current().setEventDetails(" Id: " + cmd.getId());
    Account caller = CallContext.current().getCallingAccount();
    Long id = cmd.getId();
    Site2SiteCustomerGatewayVO gw = _customerGatewayDao.findById(id);
    if (gw == null) {
        throw new InvalidParameterValueException("Find to find customer gateway with id " + id);
    }
    _accountMgr.checkAccess(caller, null, false, gw);
    List<Site2SiteVpnConnectionVO> conns = _vpnConnectionDao.listByCustomerGatewayId(id);
    if (conns != null) {
        for (Site2SiteVpnConnection conn : conns) {
            if (conn.getState() != State.Error) {
                throw new InvalidParameterValueException("Unable to update customer gateway with connections in non-Error state!");
            }
        }
    }
    String name = cmd.getName();
    String gatewayIp = cmd.getGatewayIp();
    if (!NetUtils.isValidIp(gatewayIp)) {
        throw new InvalidParameterValueException("The customer gateway ip " + gatewayIp + " is invalid!");
    }
    if (name == null) {
        name = "VPN-" + gatewayIp;
    }
    String guestCidrList = cmd.getGuestCidrList();
    if (!NetUtils.validateGuestCidrList(guestCidrList)) {
        throw new InvalidParameterValueException("The customer gateway guest cidr list " + guestCidrList + " contains invalid guest cidr!");
    }
    String ipsecPsk = cmd.getIpsecPsk();
    String ikePolicy = cmd.getIkePolicy();
    String espPolicy = cmd.getEspPolicy();
    if (!NetUtils.isValidS2SVpnPolicy("ike", ikePolicy)) {
        throw new InvalidParameterValueException("The customer gateway IKE policy" + ikePolicy + " is invalid!  Verify the required Diffie Hellman (DH) group is specified.");
    }
    if (!NetUtils.isValidS2SVpnPolicy("esp", espPolicy)) {
        throw new InvalidParameterValueException("The customer gateway ESP policy" + espPolicy + " is invalid!");
    }
    Long ikeLifetime = cmd.getIkeLifetime();
    if (ikeLifetime == null) {
        // Default value of lifetime is 1 day
        ikeLifetime = (long) 86400;
    }
    if (ikeLifetime > 86400) {
        throw new InvalidParameterValueException("The IKE lifetime " + ikeLifetime + " of vpn connection is invalid!");
    }
    Long espLifetime = cmd.getEspLifetime();
    if (espLifetime == null) {
        // Default value of lifetime is 1 hour
        espLifetime = (long) 3600;
    }
    if (espLifetime > 86400) {
        throw new InvalidParameterValueException("The ESP lifetime " + espLifetime + " of vpn connection is invalid!");
    }
    Boolean dpd = cmd.getDpd();
    if (dpd == null) {
        dpd = false;
    }
    Boolean encap = cmd.getEncap();
    if (encap == null) {
        encap = false;
    }
    checkCustomerGatewayCidrList(guestCidrList);
    long accountId = gw.getAccountId();
    Site2SiteCustomerGatewayVO existedGw = _customerGatewayDao.findByGatewayIpAndAccountId(gatewayIp, accountId);
    if (existedGw != null && existedGw.getId() != gw.getId()) {
        throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed in the system!");
    }
    existedGw = _customerGatewayDao.findByNameAndAccountId(name, accountId);
    if (existedGw != null && existedGw.getId() != gw.getId()) {
        throw new InvalidParameterValueException("The customer gateway with name " + name + " already existed!");
    }
    gw.setName(name);
    gw.setGatewayIp(gatewayIp);
    gw.setGuestCidrList(guestCidrList);
    gw.setIkePolicy(ikePolicy);
    gw.setEspPolicy(espPolicy);
    gw.setIpsecPsk(ipsecPsk);
    gw.setIkeLifetime(ikeLifetime);
    gw.setEspLifetime(espLifetime);
    gw.setDpd(dpd);
    gw.setEncap(encap);
    _customerGatewayDao.persist(gw);
    return gw;
}
Also used : Account(com.cloud.user.Account) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) Site2SiteCustomerGatewayVO(com.cloud.network.dao.Site2SiteCustomerGatewayVO) Site2SiteVpnConnectionVO(com.cloud.network.dao.Site2SiteVpnConnectionVO) Site2SiteVpnConnection(com.cloud.network.Site2SiteVpnConnection) ActionEvent(com.cloud.event.ActionEvent)

Example 45 with Account

use of com.cloud.user.Account in project cloudstack by apache.

the class Site2SiteVpnManagerImpl method deleteCustomerGateway.

@Override
@ActionEvent(eventType = EventTypes.EVENT_S2S_VPN_CUSTOMER_GATEWAY_DELETE, eventDescription = "deleting s2s vpn customer gateway", create = true)
public boolean deleteCustomerGateway(DeleteVpnCustomerGatewayCmd cmd) {
    CallContext.current().setEventDetails(" Id: " + cmd.getId());
    Account caller = CallContext.current().getCallingAccount();
    Long id = cmd.getId();
    Site2SiteCustomerGateway customerGateway = _customerGatewayDao.findById(id);
    if (customerGateway == null) {
        throw new InvalidParameterValueException("Fail to find customer gateway with " + id + " !");
    }
    _accountMgr.checkAccess(caller, null, false, customerGateway);
    return doDeleteCustomerGateway(customerGateway);
}
Also used : Account(com.cloud.user.Account) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) Site2SiteCustomerGateway(com.cloud.network.Site2SiteCustomerGateway) ActionEvent(com.cloud.event.ActionEvent)

Aggregations

Account (com.cloud.user.Account)566 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)254 ArrayList (java.util.ArrayList)152 ActionEvent (com.cloud.event.ActionEvent)114 CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)98 PermissionDeniedException (com.cloud.exception.PermissionDeniedException)82 List (java.util.List)80 Test (org.junit.Test)73 User (com.cloud.user.User)66 AccountVO (com.cloud.user.AccountVO)64 DB (com.cloud.utils.db.DB)61 Network (com.cloud.network.Network)60 Pair (com.cloud.utils.Pair)52 DataCenter (com.cloud.dc.DataCenter)49 ResourceUnavailableException (com.cloud.exception.ResourceUnavailableException)46 Filter (com.cloud.utils.db.Filter)46 CallContext (org.apache.cloudstack.context.CallContext)45 DomainVO (com.cloud.domain.DomainVO)44 TransactionStatus (com.cloud.utils.db.TransactionStatus)44 NetworkVO (com.cloud.network.dao.NetworkVO)43