Examples with IAMPolicyResponse org.apache.cloudstack.api.response.iam.IAMPolicyResponse used on opensource projects

Example 1 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class IAMApiServiceTest method createIAMPolicyTest.

@Test
public void createIAMPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
    when(_iamSrv.createIAMPolicy("policy1", "tester policy1", null, callerDomainPath)).thenReturn(policy);
    when(_iamSrv.listIAMPolicies(null, null, callerDomainPath, 0L, 20L)).thenReturn(policyList);
    IAMPolicy createdPolicy = _aclSrv.createIAMPolicy(caller, "policy1", "tester policy1", null);
    assertNotNull("IAM policy 'policy1' failed to create ", createdPolicy);
    ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, null, callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    IAMPolicyResponse resp = policyResp.getResponses().get(0);
    assertEquals("Error in created group name", "policy1", resp.getName());
}

Example 2 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class IAMApiServiceImpl method listIAMPolicies.

@Override
public ListResponse<IAMPolicyResponse> listIAMPolicies(Long iamPolicyId, String iamPolicyName, Long domainId, Long startIndex, Long pageSize) {
    // acl check
    Account caller = CallContext.current().getCallingAccount();
    Domain domain = null;
    if (domainId != null) {
        domain = _domainDao.findById(domainId);
        if (domain == null) {
            throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
        }
        _accountMgr.checkAccess(caller, domain);
    } else {
        domain = _domainDao.findById(caller.getDomainId());
    }
    String domainPath = domain.getPath();
    // search for policies
    Pair<List<IAMPolicy>, Integer> result = _iamSrv.listIAMPolicies(iamPolicyId, iamPolicyName, domainPath, startIndex, pageSize);
    // generate policy response
    ListResponse<IAMPolicyResponse> response = new ListResponse<IAMPolicyResponse>();
    List<IAMPolicyResponse> policyResponses = new ArrayList<IAMPolicyResponse>();
    for (IAMPolicy policy : result.first()) {
        IAMPolicyResponse resp = createIAMPolicyResponse(policy);
        policyResponses.add(resp);
    }
    response.setResponses(policyResponses, result.second());
    return response;
}

Example 3 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class CreateIAMPolicyCmd method execute.

@Override
public void execute() {
    IAMPolicy policy = _entityMgr.findById(IAMPolicy.class, getEntityId());
    if (policy != null) {
        IAMPolicyResponse response = _iamApiSrv.createIAMPolicyResponse(policy);
        response.setResponseName(getCommandName());
        setResponseObject(response);
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam policy:" + name);
    }
}

Example 4 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class IAMApiServiceTest method addRemovePermissionToPolicyTest.

@Test
public void addRemovePermissionToPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    Long policyId = policy.getId();
    Long resId = 200L;
    Class clz = ListVMsCmd.class;
    when(_apiServer.getCmdClass("listVirtualMachines")).thenReturn(clz);
    when(_iamSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE.toString(), resId, "listVirtualMachines", AccessType.UseEntry.toString(), Permission.Allow, false)).thenReturn(policy);
    _aclSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines", Permission.Allow, false, false);
    Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
    List<IAMPolicyPermission> policyPerms = new ArrayList<IAMPolicyPermission>();
    IAMPolicyPermission perm = new IAMPolicyPermissionVO(policyId, "listVirtualMachines", VirtualMachine.class.getSimpleName(), AccessType.UseEntry.toString(), PermissionScope.RESOURCE.toString(), resId, Permission.Allow, false);
    policyPerms.add(perm);
    when(_iamSrv.listIAMPolicies(null, "policy1", callerDomainPath, 0L, 20L)).thenReturn(policyList);
    when(_iamSrv.listPolicyPermissions(policyId)).thenReturn(policyPerms);
    ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    IAMPolicyResponse resp = policyResp.getResponses().get(0);
    Set<IAMPermissionResponse> permList = resp.getPermissionList();
    assertTrue("Permission list should not be empty", permList != null && permList.size() > 0);
    IAMPermissionResponse permResp = permList.iterator().next();
    assertEquals("There should be one permission for listVirtualMachines", "listVirtualMachines", permResp.getAction());
    //remove permission from policy
    policyPerms.remove(perm);
    _aclSrv.removeIAMPermissionFromIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines");
    policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    resp = policyResp.getResponses().get(0);
    permList = resp.getPermissionList();
    assertTrue("Permission list should be empty", permList != null && permList.size() == 0);
}

Example 5 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class IAMApiServiceImpl method createIAMPolicyResponse.

@Override
public IAMPolicyResponse createIAMPolicyResponse(IAMPolicy policy) {
    IAMPolicyResponse response = new IAMPolicyResponse();
    response.setId(policy.getUuid());
    response.setName(policy.getName());
    response.setDescription(policy.getDescription());
    String domainPath = policy.getPath();
    if (domainPath != null) {
        DomainVO domain = _domainDao.findDomainByPath(domainPath);
        if (domain != null) {
            response.setDomainId(domain.getUuid());
            response.setDomainName(domain.getName());
        }
    }
    long accountId = policy.getAccountId();
    AccountVO owner = _accountDao.findById(accountId);
    if (owner != null) {
        response.setAccountName(owner.getAccountName());
    }
    // find permissions associated with this policy
    List<IAMPolicyPermission> permissions = _iamSrv.listPolicyPermissions(policy.getId());
    if (permissions != null && permissions.size() > 0) {
        for (IAMPolicyPermission permission : permissions) {
            IAMPermissionResponse perm = new IAMPermissionResponse();
            perm.setAction(permission.getAction());
            if (permission.getEntityType() != null) {
                perm.setEntityType(permission.getEntityType());
            }
            if (permission.getScope() != null) {
                perm.setScope(PermissionScope.valueOf(permission.getScope()));
            }
            perm.setScopeId(permission.getScopeId());
            perm.setPermission(permission.getPermission());
            response.addPermission(perm);
        }
    }
    response.setObjectName("aclpolicy");
    return response;
}