Example 66 with TransactionLegacy
use of com.cloud.utils.db.TransactionLegacy in project cloudstack by apache.
the class SecurityGroupRuleDaoImpl method remove.
@Override
@DB
public boolean remove(Long id) {
TransactionLegacy txn = TransactionLegacy.currentTxn();
txn.start();
SecurityGroupRuleVO entry = findById(id);
if (entry != null) {
_tagsDao.removeByIdAndType(id, ResourceObjectType.SecurityGroupRule);
}
boolean result = super.remove(id);
txn.commit();
return result;
}
Also used :
TransactionLegacy(com.cloud.utils.db.TransactionLegacy)
SecurityGroupRuleVO(com.cloud.network.security.SecurityGroupRuleVO)
DB(com.cloud.utils.db.DB)
Example 67 with TransactionLegacy
use of com.cloud.utils.db.TransactionLegacy in project cloudstack by apache.
the class ProjectDaoImpl method remove.
@Override
@DB
public boolean remove(Long projectId) {
boolean result = false;
TransactionLegacy txn = TransactionLegacy.currentTxn();
txn.start();
ProjectVO projectToRemove = findById(projectId);
projectToRemove.setName(null);
if (!update(projectId, projectToRemove)) {
s_logger.warn("Failed to reset name for the project id=" + projectId + " as a part of project remove");
return false;
}
_tagsDao.removeByIdAndType(projectId, ResourceObjectType.Project);
result = super.remove(projectId);
txn.commit();
return result;
}
Also used :
TransactionLegacy(com.cloud.utils.db.TransactionLegacy)
ProjectVO(com.cloud.projects.ProjectVO)
DB(com.cloud.utils.db.DB)
Example 68 with TransactionLegacy
use of com.cloud.utils.db.TransactionLegacy in project cloudstack by apache.
the class HostTagsDaoImpl method deleteTags.
@Override
public void deleteTags(long hostId) {
TransactionLegacy txn = TransactionLegacy.currentTxn();
txn.start();
SearchCriteria<HostTagVO> sc = HostSearch.create();
sc.setParameters("hostId", hostId);
expunge(sc);
txn.commit();
}
Also used :
TransactionLegacy(com.cloud.utils.db.TransactionLegacy)
HostTagVO(com.cloud.host.HostTagVO)
Example 69 with TransactionLegacy
use of com.cloud.utils.db.TransactionLegacy in project cloudstack by apache.
the class FirewallRulesDaoImpl method remove.
@Override
@DB
public boolean remove(Long id) {
TransactionLegacy txn = TransactionLegacy.currentTxn();
txn.start();
FirewallRuleVO entry = findById(id);
if (entry != null) {
if (entry.getPurpose() == Purpose.LoadBalancing) {
_tagsDao.removeByIdAndType(id, ResourceObjectType.LoadBalancer);
} else if (entry.getPurpose() == Purpose.PortForwarding) {
_tagsDao.removeByIdAndType(id, ResourceObjectType.PortForwardingRule);
} else if (entry.getPurpose() == Purpose.Firewall) {
_tagsDao.removeByIdAndType(id, ResourceObjectType.FirewallRule);
} else if (entry.getPurpose() == Purpose.NetworkACL) {
_tagsDao.removeByIdAndType(id, ResourceObjectType.NetworkACL);
}
}
boolean result = super.remove(id);
txn.commit();
return result;
}
Also used :
TransactionLegacy(com.cloud.utils.db.TransactionLegacy)
FirewallRuleVO(com.cloud.network.rules.FirewallRuleVO)
DB(com.cloud.utils.db.DB)
Example 70 with TransactionLegacy
use of com.cloud.utils.db.TransactionLegacy in project cloudstack by apache.
the class ConsoleProxyServlet method verifyRequest.
// copied and modified from ApiServer.java.
// TODO need to replace the whole servlet with a API command
private boolean verifyRequest(Map<String, Object[]> requestParameters) {
try {
String apiKey = null;
String secretKey = null;
String signature = null;
String unsignedRequest = null;
// - build a request string with sorted params, make sure it's all lowercase
// - sign the request, verify the signature is the same
List<String> parameterNames = new ArrayList<String>();
for (Object paramNameObj : requestParameters.keySet()) {
// put the name in a list that we'll sort later
parameterNames.add((String) paramNameObj);
}
Collections.sort(parameterNames);
for (String paramName : parameterNames) {
// parameters come as name/value pairs in the form String/String[]
String paramValue = ((String[]) requestParameters.get(paramName))[0];
if ("signature".equalsIgnoreCase(paramName)) {
signature = paramValue;
} else {
if ("apikey".equalsIgnoreCase(paramName)) {
apiKey = paramValue;
}
if (unsignedRequest == null) {
unsignedRequest = paramName + "=" + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20");
} else {
unsignedRequest = unsignedRequest + "&" + paramName + "=" + URLEncoder.encode(paramValue, "UTF-8").replaceAll("\\+", "%20");
}
}
}
// if api/secret key are passed to the parameters
if ((signature == null) || (apiKey == null)) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("expired session, missing signature, or missing apiKey -- ignoring request...sig: " + signature + ", apiKey: " + apiKey);
}
// no signature, bad request
return false;
}
TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB);
txn.close();
User user = null;
// verify there is a user with this api key
Pair<User, Account> userAcctPair = _accountMgr.findUserByApiKey(apiKey);
if (userAcctPair == null) {
s_logger.debug("apiKey does not map to a valid user -- ignoring request, apiKey: " + apiKey);
return false;
}
user = userAcctPair.first();
Account account = userAcctPair.second();
if (!user.getState().equals(Account.State.enabled) || !account.getState().equals(Account.State.enabled)) {
s_logger.debug("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() + "; accountState: " + account.getState());
return false;
}
// verify secret key exists
secretKey = user.getSecretKey();
if (secretKey == null) {
s_logger.debug("User does not have a secret key associated with the account -- ignoring request, username: " + user.getUsername());
return false;
}
unsignedRequest = unsignedRequest.toLowerCase();
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec keySpec = new SecretKeySpec(secretKey.getBytes(), "HmacSHA1");
mac.init(keySpec);
mac.update(unsignedRequest.getBytes());
byte[] encryptedBytes = mac.doFinal();
String computedSignature = Base64.encodeBase64String(encryptedBytes);
boolean equalSig = ConstantTimeComparator.compareStrings(signature, computedSignature);
if (!equalSig) {
s_logger.debug("User signature: " + signature + " is not equaled to computed signature: " + computedSignature);
}
if (equalSig) {
requestParameters.put("userid", new Object[] { String.valueOf(user.getId()) });
requestParameters.put("account", new Object[] { account.getAccountName() });
requestParameters.put("accountobj", new Object[] { account });
}
return equalSig;
} catch (Exception ex) {
s_logger.error("unable to verifty request signature", ex);
}
return false;
}
Also used :
Account(com.cloud.user.Account)
User(com.cloud.user.User)
ArrayList(java.util.ArrayList)
Mac(javax.crypto.Mac)
ServletException(javax.servlet.ServletException)
PermissionDeniedException(com.cloud.exception.PermissionDeniedException)
IOException(java.io.IOException)
TransactionLegacy(com.cloud.utils.db.TransactionLegacy)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
Aggregations
TransactionLegacy (com.cloud.utils.db.TransactionLegacy)368
PreparedStatement (java.sql.PreparedStatement)174
CloudRuntimeException (com.cloud.utils.exception.CloudRuntimeException)149
SQLException (java.sql.SQLException)133
ResultSet (java.sql.ResultSet)102
ArrayList (java.util.ArrayList)98
DB (com.cloud.utils.db.DB)95
ConfigurationException (javax.naming.ConfigurationException)54
InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)35
Date (java.util.Date)34
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)31
HashMap (java.util.HashMap)29
URISyntaxException (java.net.URISyntaxException)28
AccountVO (com.cloud.user.AccountVO)21
CloudException (com.cloud.exception.CloudException)20
Account (com.cloud.user.Account)20
Field (java.lang.reflect.Field)19
MockVolumeVO (com.cloud.simulator.MockVolumeVO)18
AgentManager (com.cloud.agent.AgentManager)13
IPAddressDao (com.cloud.network.dao.IPAddressDao)13
