Examples with IAMPolicyResponse org.apache.cloudstack.api.response.iam.IAMPolicyResponse used on opensource projects

Example 6 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class RemoveIAMPermissionFromIAMPolicyCmd method execute.

@Override
public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException {
    CallContext.current().setEventDetails("IAM policy Id: " + getId());
    IAMPolicy result = _iamApiSrv.removeIAMPermissionFromIAMPolicy(id, entityType, PermissionScope.valueOf(scope), getScopeId(), action);
    if (result != null) {
        IAMPolicyResponse response = _iamApiSrv.createIAMPolicyResponse(result);
        response.setResponseName(getCommandName());
        setResponseObject(response);
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove permission from iam policy " + getId());
    }
}

Example 7 with IAMPolicyResponse

use of org.apache.cloudstack.api.response.iam.IAMPolicyResponse in project cloudstack by apache.

the class IAMApiServiceTest method addRemovePermissionToPolicyTest.

@Test
public void addRemovePermissionToPolicyTest() {
    IAMPolicy policy = new IAMPolicyVO("policy1", "tester policy1");
    List<IAMPolicy> policies = new ArrayList<IAMPolicy>();
    policies.add(policy);
    Long policyId = policy.getId();
    Long resId = 200L;
    Class clz = ListVMsCmd.class;
    when(_apiServer.getCmdClass("listVirtualMachines")).thenReturn(clz);
    when(_iamSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE.toString(), resId, "listVirtualMachines", AccessType.UseEntry.toString(), Permission.Allow, false)).thenReturn(policy);
    _aclSrv.addIAMPermissionToIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines", Permission.Allow, false, false);
    Pair<List<IAMPolicy>, Integer> policyList = new Pair<List<IAMPolicy>, Integer>(policies, 1);
    List<IAMPolicyPermission> policyPerms = new ArrayList<IAMPolicyPermission>();
    IAMPolicyPermission perm = new IAMPolicyPermissionVO(policyId, "listVirtualMachines", VirtualMachine.class.getSimpleName(), AccessType.UseEntry.toString(), PermissionScope.RESOURCE.toString(), resId, Permission.Allow, false);
    policyPerms.add(perm);
    when(_iamSrv.listIAMPolicies(null, "policy1", callerDomainPath, 0L, 20L)).thenReturn(policyList);
    when(_iamSrv.listPolicyPermissions(policyId)).thenReturn(policyPerms);
    ListResponse<IAMPolicyResponse> policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    IAMPolicyResponse resp = policyResp.getResponses().get(0);
    Set<IAMPermissionResponse> permList = resp.getPermissionList();
    assertTrue("Permission list should not be empty", permList != null && permList.size() > 0);
    IAMPermissionResponse permResp = permList.iterator().next();
    assertEquals("There should be one permission for listVirtualMachines", "listVirtualMachines", permResp.getAction());
    //remove permission from policy
    policyPerms.remove(perm);
    _aclSrv.removeIAMPermissionFromIAMPolicy(policyId, VirtualMachine.class.getSimpleName(), PermissionScope.RESOURCE, resId, "listVirtualMachines");
    policyResp = _aclSrv.listIAMPolicies(null, "policy1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", policyResp.getCount() == 1);
    resp = policyResp.getResponses().get(0);
    permList = resp.getPermissionList();
    assertTrue("Permission list should be empty", permList != null && permList.size() == 0);
}