Examples with IAMPolicy org.apache.cloudstack.iam.api.IAMPolicy used on opensource projects

Search in sources :

Example 31 with IAMPolicy

use of org.apache.cloudstack.iam.api.IAMPolicy in project cloudstack by apache.

the class IAMServiceImpl method attachIAMPolicyToAccounts.

@Override
public void attachIAMPolicyToAccounts(final Long policyId, final List<Long> acctIds) {
    IAMPolicy policy = _aclPolicyDao.findById(policyId);
    if (policy == null) {
        throw new InvalidParameterValueException("Unable to find acl policy: " + policyId + "; failed to add policy to account.");
    }
    Transaction.execute(new TransactionCallbackNoReturn() {

        @Override
        public void doInTransactionWithoutResult(TransactionStatus status) {
            // add entries in acl_group_policy_map table
            for (Long acctId : acctIds) {
                IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                if (acctMap == null) {
                    // not there already
                    acctMap = new IAMAccountPolicyMapVO(acctId, policyId);
                    _aclAccountPolicyMapDao.persist(acctMap);
                }
            }
        }
    });
    invalidateIAMCache();
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) TransactionStatus(com.cloud.utils.db.TransactionStatus) TransactionCallbackNoReturn(com.cloud.utils.db.TransactionCallbackNoReturn)

Example 32 with IAMPolicy

use of org.apache.cloudstack.iam.api.IAMPolicy in project cloudstack by apache.

the class IAMServiceUnitTest method createAclPolicyTest.

@Test(expected = InvalidParameterValueException.class)
public void createAclPolicyTest() {
    IAMPolicy policy = _iamService.createIAMPolicy("policy1", "my first policy", null, "/root/mydomain");
    assertNotNull("Acl policy 'policy1' failed to create ", policy);
    IAMPolicyVO rvo = new IAMPolicyVO("policy2", "second policy");
    when(_aclPolicyDao.findByName(eq("policy2"))).thenReturn(rvo);
    _iamService.createIAMPolicy("policy2", "second policy", null, "/root/mydomain");
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) IAMPolicyVO(org.apache.cloudstack.iam.server.IAMPolicyVO) Test(org.junit.Test)

Example 33 with IAMPolicy

use of org.apache.cloudstack.iam.api.IAMPolicy in project cloudstack by apache.

the class RoleBasedEntityQuerySelector method isGrantedAll.

@Override
public boolean isGrantedAll(Account caller, String action, AccessType accessType) {
    long accountId = caller.getAccountId();
    if (accessType == null) {
        // default always show resources authorized to use
        accessType = AccessType.UseEntry;
    }
    // Get the static Policies of the Caller
    List<IAMPolicy> policies = _iamService.listIAMPolicies(accountId);
    // for each policy, find granted permission with ALL scope
    for (IAMPolicy policy : policies) {
        List<IAMPolicyPermission> pp = new ArrayList<IAMPolicyPermission>();
        pp.addAll(_iamService.listPolicyPermissionsByScope(policy.getId(), action, PermissionScope.ALL.toString(), accessType.toString()));
        if (pp != null && pp.size() > 0) {
            return true;
        }
    }
    return false;
}
Also used : IAMPolicyPermission(org.apache.cloudstack.iam.api.IAMPolicyPermission) IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) ArrayList(java.util.ArrayList)

Example 34 with IAMPolicy

use of org.apache.cloudstack.iam.api.IAMPolicy in project cloudstack by apache.

the class IAMServiceImpl method removeIAMPermissionFromIAMPolicy.

@DB
@Override
public IAMPolicy removeIAMPermissionFromIAMPolicy(long iamPolicyId, String entityType, String scope, Long scopeId, String action) {
    // get the Acl Policy entity
    IAMPolicy policy = _aclPolicyDao.findById(iamPolicyId);
    if (policy == null) {
        throw new InvalidParameterValueException("Unable to find acl policy: " + iamPolicyId + "; failed to revoke permission from policy.");
    }
    // remove entry from acl_entity_permission table
    IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(iamPolicyId, entityType, scope, scopeId, action, Permission.Allow, null);
    if (permit != null) {
        // not removed yet
        _policyPermissionDao.remove(permit.getId());
    }
    invalidateIAMCache();
    return policy;
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) DB(com.cloud.utils.db.DB)

Example 35 with IAMPolicy

use of org.apache.cloudstack.iam.api.IAMPolicy in project cloudstack by apache.

the class IAMServiceImpl method removeIAMPolicyFromAccounts.

@Override
public void removeIAMPolicyFromAccounts(final Long policyId, final List<Long> acctIds) {
    IAMPolicy policy = _aclPolicyDao.findById(policyId);
    if (policy == null) {
        throw new InvalidParameterValueException("Unable to find acl policy: " + policyId + "; failed to add policy to account.");
    }
    Transaction.execute(new TransactionCallbackNoReturn() {

        @Override
        public void doInTransactionWithoutResult(TransactionStatus status) {
            // add entries in acl_group_policy_map table
            for (Long acctId : acctIds) {
                IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                if (acctMap != null) {
                    // exists
                    _aclAccountPolicyMapDao.remove(acctMap.getId());
                }
            }
        }
    });
    invalidateIAMCache();
}
Also used : IAMPolicy(org.apache.cloudstack.iam.api.IAMPolicy) InvalidParameterValueException(com.cloud.exception.InvalidParameterValueException) TransactionStatus(com.cloud.utils.db.TransactionStatus) TransactionCallbackNoReturn(com.cloud.utils.db.TransactionCallbackNoReturn)

Aggregations

IAMPolicy (org.apache.cloudstack.iam.api.IAMPolicy)35 ArrayList (java.util.ArrayList)16 InvalidParameterValueException (com.cloud.exception.InvalidParameterValueException)12 DB (com.cloud.utils.db.DB)7 List (java.util.List)7 IAMPolicyPermission (org.apache.cloudstack.iam.api.IAMPolicyPermission)7 TransactionStatus (com.cloud.utils.db.TransactionStatus)6 IAMPolicyResponse (org.apache.cloudstack.api.response.iam.IAMPolicyResponse)6 IAMGroup (org.apache.cloudstack.iam.api.IAMGroup)6 Account (com.cloud.user.Account)5 TransactionCallbackNoReturn (com.cloud.utils.db.TransactionCallbackNoReturn)5 IAMPolicyVO (org.apache.cloudstack.iam.server.IAMPolicyVO)5 Test (org.junit.Test)5 Pair (com.cloud.utils.Pair)4 ServerApiException (org.apache.cloudstack.api.ServerApiException)4 Domain (com.cloud.domain.Domain)2 DomainVO (com.cloud.domain.DomainVO)2 PermissionDeniedException (com.cloud.exception.PermissionDeniedException)2 IAMGroupResponse (org.apache.cloudstack.api.response.iam.IAMGroupResponse)2 VirtualMachineTemplate (com.cloud.template.VirtualMachineTemplate)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial