Examples with IAMGroup org.apache.cloudstack.iam.api.IAMGroup used on opensource projects

Example 21 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMServiceImpl method removeIAMPoliciesFromGroup.

@DB
@Override
public IAMGroup removeIAMPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
    // get the Acl Group entity
    IAMGroup group = _aclGroupDao.findById(groupId);
    if (group == null) {
        throw new InvalidParameterValueException("Unable to find acl group: " + groupId + "; failed to remove roles from acl group.");
    }
    Transaction.execute(new TransactionCallbackNoReturn() {

        @Override
        public void doInTransactionWithoutResult(TransactionStatus status) {
            // add entries in acl_group_role_map table
            for (Long policyId : policyIds) {
                IAMPolicy policy = _aclPolicyDao.findById(policyId);
                if (policy == null) {
                    throw new InvalidParameterValueException("Unable to find acl policy: " + policyId + "; failed to add policies to acl group.");
                }
                IAMGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
                if (grMap != null) {
                    // not removed yet
                    _aclGroupPolicyMapDao.remove(grMap.getId());
                }
            }
        }
    });
    invalidateIAMCache();
    return group;
}

Example 22 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMApiServiceTest method createIAMGroupTest.

@Test
public void createIAMGroupTest() {
    IAMGroup group = new IAMGroupVO("group1", "tester group1");
    List<IAMGroup> groups = new ArrayList<IAMGroup>();
    groups.add(group);
    Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
    when(_iamSrv.createIAMGroup("group1", "tester group1", callerDomainPath)).thenReturn(group);
    when(_iamSrv.listIAMGroups(null, null, callerDomainPath, 0L, 20L)).thenReturn(grpList);
    IAMGroup createdGrp = _aclSrv.createIAMGroup(caller, "group1", "tester group1");
    assertNotNull("IAM group 'group1' failed to create ", createdGrp);
    ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, null, callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", grpResp.getCount() == 1);
    IAMGroupResponse resp = grpResp.getResponses().get(0);
    assertEquals("Error in created group name", "group1", resp.getName());
}

Example 23 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMApiServiceTest method addRemoveAccountToGroupTest.

@Test
public void addRemoveAccountToGroupTest() {
    IAMGroup group = new IAMGroupVO("group1", "tester group1");
    List<IAMGroup> groups = new ArrayList<IAMGroup>();
    groups.add(group);
    Long groupId = group.getId();
    List<Long> acctIds = new ArrayList<Long>();
    AccountVO acct1 = new AccountVO(100L);
    acct1.setAccountName("account1");
    AccountVO acct2 = new AccountVO(200L);
    acct2.setAccountName("account2");
    acctIds.add(acct1.getId());
    acctIds.add(acct2.getId());
    when(_accountDao.findById(acct1.getId())).thenReturn(acct1);
    when(_accountDao.findById(acct2.getId())).thenReturn(acct2);
    when(_iamSrv.addAccountsToGroup(acctIds, groupId)).thenReturn(group);
    when(_iamSrv.listAccountsByGroup(groupId)).thenReturn(acctIds);
    Pair<List<IAMGroup>, Integer> grpList = new Pair<List<IAMGroup>, Integer>(groups, 1);
    when(_iamSrv.listIAMGroups(null, "group1", callerDomainPath, 0L, 20L)).thenReturn(grpList);
    _aclSrv.addAccountsToGroup(acctIds, groupId);
    ListResponse<IAMGroupResponse> grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", grpResp.getCount() == 1);
    IAMGroupResponse resp = grpResp.getResponses().get(0);
    Set<String> acctNames = resp.getAccountNameList();
    assertEquals("There should be 2 accounts in the group", 2, acctNames.size());
    assertTrue("account1 should be assigned to the group", acctNames.contains("account1"));
    assertTrue("account2 should be assigned to the group", acctNames.contains("account2"));
    // remove "account2" from group1
    acctIds.remove(1);
    List<Long> rmAccts = new ArrayList<Long>();
    rmAccts.add(acct2.getId());
    when(_iamSrv.removeAccountsFromGroup(rmAccts, groupId)).thenReturn(group);
    _aclSrv.removeAccountsFromGroup(acctIds, groupId);
    grpResp = _aclSrv.listIAMGroups(null, "group1", callerDomainId, 0L, 20L);
    assertTrue("No. of response items should be one", grpResp.getCount() == 1);
    resp = grpResp.getResponses().get(0);
    acctNames = resp.getAccountNameList();
    assertEquals("There should be 1 accounts in the group", 1, acctNames.size());
    assertFalse("account2 should not belong to the group anymore", acctNames.contains("account2"));
}

Example 24 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class IAMApiServiceTest method listIAMGroupTest.

@Test
public void listIAMGroupTest() {
    IAMGroup group = new IAMGroupVO("group1", "tester group1");
    List<IAMGroup> groups = new ArrayList<IAMGroup>();
    groups.add(group);
    when(_iamSrv.listIAMGroups(callerId)).thenReturn(groups);
    List<IAMGroup> grps = _aclSrv.listIAMGroups(callerId);
    assertTrue(grps != null && grps.size() == 1);
    IAMGroup grp = grps.get(0);
    assertEquals("Error to retrieve group", "group1", grp.getName());
}

Example 25 with IAMGroup

use of org.apache.cloudstack.iam.api.IAMGroup in project cloudstack by apache.

the class RoleBasedEntityQuerySelector method listAclGroupsByAccount.

@Override
public List<String> listAclGroupsByAccount(long accountId) {
    List<IAMGroup> groups = _iamService.listIAMGroups(accountId);
    List<String> groupNames = new ArrayList<String>();
    for (IAMGroup grp : groups) {
        groupNames.add(grp.getName());
    }
    return groupNames;
}