Examples with IAMGroup org.apache.cloudstack.iam.api.IAMGroup used on opensource projects

Search in sources :

Example 11 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class RemoveAccountFromIAMGroupCmd method execute.

@Override
public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException {
    CallContext.current().setEventDetails("IAM group Id: " + getId());
    IAMGroup result = _iamApiSrv.removeAccountsFromGroup(accountIdList, id);
    if (result != null) {
        IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
        response.setResponseName(getCommandName());
        setResponseObject(response);
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove accounts from iam group");
    }
}
Also used : IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) ServerApiException(org.apache.cloudstack.api.ServerApiException) IAMGroupResponse(org.apache.cloudstack.api.response.iam.IAMGroupResponse)

Example 12 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class CreateIAMGroupCmd method create.

@Override
public void create() throws ResourceAllocationException {
    Account account = CallContext.current().getCallingAccount();
    IAMGroup result = _iamApiSrv.createIAMGroup(account, name, description);
    if (result != null) {
        setEntityId(result.getId());
        setEntityUuid(result.getUuid());
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create iam group entity" + name);
    }
}
Also used : Account(com.cloud.user.Account) IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) ServerApiException(org.apache.cloudstack.api.ServerApiException)

Example 13 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMApiServiceImpl method removeAccountFromIAMGroups.

private void removeAccountFromIAMGroups(long accountId) {
    List<IAMGroup> groups = listIAMGroups(accountId);
    List<Long> accts = new ArrayList<Long>();
    accts.add(accountId);
    if (groups != null) {
        for (IAMGroup grp : groups) {
            removeAccountsFromGroup(accts, grp.getId());
        }
    }
}
Also used : IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) ArrayList(java.util.ArrayList)

Example 14 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMApiServiceImpl method configure.

@Override
public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException {
    _messageBus.subscribe(AccountManager.MESSAGE_ADD_ACCOUNT_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            HashMap<Long, Long> acctGroupMap = (HashMap<Long, Long>) obj;
            for (Long accountId : acctGroupMap.keySet()) {
                Long groupId = acctGroupMap.get(accountId);
                s_logger.debug("MessageBus message: new Account Added: " + accountId + ", adding it to groupId :" + groupId);
                addAccountToIAMGroup(accountId, groupId);
                // add it to domain group too
                AccountVO account = _accountDao.findById(accountId);
                Domain domain = _domainDao.findById(account.getDomainId());
                if (domain != null) {
                    List<IAMGroup> domainGroups = listDomainGroup(domain);
                    if (domainGroups != null) {
                        for (IAMGroup group : domainGroups) {
                            addAccountToIAMGroup(accountId, new Long(group.getId()));
                        }
                    }
                }
            }
        }
    });
    _messageBus.subscribe(AccountManager.MESSAGE_REMOVE_ACCOUNT_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Long accountId = ((Long) obj);
            if (accountId != null) {
                s_logger.debug("MessageBus message: Account removed: " + accountId + ", releasing the group associations");
                removeAccountFromIAMGroups(accountId);
            }
        }
    });
    _messageBus.subscribe(DomainManager.MESSAGE_ADD_DOMAIN_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Long domainId = ((Long) obj);
            if (domainId != null) {
                s_logger.debug("MessageBus message: new Domain created: " + domainId + ", creating a new group");
                Domain domain = _domainDao.findById(domainId);
                _iamSrv.createIAMGroup("DomainGrp-" + domain.getUuid(), "Domain group", domain.getPath());
            }
        }
    });
    _messageBus.subscribe(DomainManager.MESSAGE_REMOVE_DOMAIN_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Long domainId = ((Long) obj);
            if (domainId != null) {
                s_logger.debug("MessageBus message: Domain removed: " + domainId + ", removing the domain group");
                Domain domain = _domainDao.findById(domainId);
                List<IAMGroup> groups = listDomainGroup(domain);
                for (IAMGroup group : groups) {
                    _iamSrv.deleteIAMGroup(group.getId());
                }
            }
        }
    });
    _messageBus.subscribe(TemplateManager.MESSAGE_REGISTER_PUBLIC_TEMPLATE_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Long templateId = (Long) obj;
            if (templateId != null) {
                s_logger.debug("MessageBus message: new public template registered: " + templateId + ", grant permission to default root admin, domain admin and normal user policies");
                _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_ADMIN + 1), VirtualMachineTemplate.class.getSimpleName(), PermissionScope.RESOURCE.toString(), templateId, "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
                _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_DOMAIN_ADMIN + 1), VirtualMachineTemplate.class.getSimpleName(), PermissionScope.RESOURCE.toString(), templateId, "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
                _iamSrv.addIAMPermissionToIAMPolicy(new Long(Account.ACCOUNT_TYPE_NORMAL + 1), VirtualMachineTemplate.class.getSimpleName(), PermissionScope.RESOURCE.toString(), templateId, "listTemplates", AccessType.UseEntry.toString(), Permission.Allow, false);
            }
        }
    });
    _messageBus.subscribe(TemplateManager.MESSAGE_RESET_TEMPLATE_PERMISSION_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Long templateId = (Long) obj;
            if (templateId != null) {
                s_logger.debug("MessageBus message: reset template permission: " + templateId);
                resetTemplatePermission(templateId);
            }
        }
    });
    _messageBus.subscribe(EntityManager.MESSAGE_REMOVE_ENTITY_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Pair<Class<?>, Long> entity = (Pair<Class<?>, Long>) obj;
            if (entity != null) {
                String entityType = entity.first().getSimpleName();
                Long entityId = entity.second();
                s_logger.debug("MessageBus message: delete an entity: (" + entityType + "," + entityId + "), remove its related permission");
                _iamSrv.removeIAMPermissionForEntity(entityType, entityId);
            }
        }
    });
    _messageBus.subscribe(EntityManager.MESSAGE_GRANT_ENTITY_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Map<String, Object> permit = (Map<String, Object>) obj;
            if (permit != null) {
                Class<?> entityType = (Class<?>) permit.get(ApiConstants.ENTITY_TYPE);
                Long entityId = (Long) permit.get(ApiConstants.ENTITY_ID);
                AccessType accessType = (AccessType) permit.get(ApiConstants.ACCESS_TYPE);
                String action = (String) permit.get(ApiConstants.IAM_ACTION);
                List<Long> acctIds = (List<Long>) permit.get(ApiConstants.ACCOUNTS);
                s_logger.debug("MessageBus message: grant accounts permission to an entity: (" + entityType + "," + entityId + ")");
                grantEntityPermissioinToAccounts(entityType.getSimpleName(), entityId, accessType, action, acctIds);
            }
        }
    });
    _messageBus.subscribe(EntityManager.MESSAGE_REVOKE_ENTITY_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Map<String, Object> permit = (Map<String, Object>) obj;
            if (permit != null) {
                Class<?> entityType = (Class<?>) permit.get(ApiConstants.ENTITY_TYPE);
                Long entityId = (Long) permit.get(ApiConstants.ENTITY_ID);
                AccessType accessType = (AccessType) permit.get(ApiConstants.ACCESS_TYPE);
                String action = (String) permit.get(ApiConstants.IAM_ACTION);
                List<Long> acctIds = (List<Long>) permit.get(ApiConstants.ACCOUNTS);
                s_logger.debug("MessageBus message: revoke from accounts permission to an entity: (" + entityType + "," + entityId + ")");
                revokeEntityPermissioinFromAccounts(entityType.getSimpleName(), entityId, accessType, action, acctIds);
            }
        }
    });
    _messageBus.subscribe(EntityManager.MESSAGE_ADD_DOMAIN_WIDE_ENTITY_EVENT, new MessageSubscriber() {

        @Override
        public void onPublishMessage(String senderAddress, String subject, Object obj) {
            Map<String, Object> params = (Map<String, Object>) obj;
            if (params != null) {
                addDomainWideResourceAccess(params);
            }
        }
    });
    return super.configure(name, params);
}
Also used : MessageSubscriber(org.apache.cloudstack.framework.messagebus.MessageSubscriber) IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) HashMap(java.util.HashMap) AccountVO(com.cloud.user.AccountVO) List(java.util.List) ArrayList(java.util.ArrayList) Domain(com.cloud.domain.Domain) Map(java.util.Map) HashMap(java.util.HashMap) AccessType(org.apache.cloudstack.acl.SecurityChecker.AccessType) SSHKeyPair(com.cloud.user.SSHKeyPair) Pair(com.cloud.utils.Pair)

Example 15 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class AddAccountToIAMGroupCmd method execute.

@Override
public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException {
    CallContext.current().setEventDetails("IAM group Id: " + getId());
    IAMGroup result = _iamApiSrv.addAccountsToGroup(accountIdList, id);
    if (result != null) {
        IAMGroupResponse response = _iamApiSrv.createIAMGroupResponse(result);
        response.setResponseName(getCommandName());
        setResponseObject(response);
    } else {
        throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add accounts to iam group");
    }
}
Also used : IAMGroup(org.apache.cloudstack.iam.api.IAMGroup) ServerApiException(org.apache.cloudstack.api.ServerApiException) IAMGroupResponse(org.apache.cloudstack.api.response.iam.IAMGroupResponse)

Aggregations

IAMGroup (org.apache.cloudstack.iam.api.IAMGroup)26 ArrayList (java.util.ArrayList)13 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)9 IAMGroupResponse (org.apache.cloudstack.api.response.iam.IAMGroupResponse)9 List (java.util.List)7 DB (com.cloud.utils.db.DB)6 ServerApiException (org.apache.cloudstack.api.ServerApiException)6 IAMPolicy (org.apache.cloudstack.iam.api.IAMPolicy)6 Pair (com.cloud.utils.Pair)5 TransactionCallbackNoReturn (com.cloud.utils.db.TransactionCallbackNoReturn)5 TransactionStatus (com.cloud.utils.db.TransactionStatus)5 IAMGroupVO (org.apache.cloudstack.iam.server.IAMGroupVO)5 Test (org.junit.Test)5 Domain (com.cloud.domain.Domain)3 Account (com.cloud.user.Account)2 AccountVO (com.cloud.user.AccountVO)2 SSHKeyPair (com.cloud.user.SSHKeyPair)1 Filter (com.cloud.utils.db.Filter)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial