Example 56 with Permission
use of org.ovirt.engine.core.common.businessentities.Permission in project ovirt-engine by oVirt.
the class AddQuotaCommand method copyQuotaPermissions.
private void copyQuotaPermissions() {
UniquePermissionsSet permissionsToAdd = new UniquePermissionsSet();
List<Permission> vmPermissions = permissionDao.getAllForEntity(getParameters().getQuotaId(), getEngineSessionSeqId(), false);
for (Permission vmPermission : vmPermissions) {
permissionsToAdd.addPermission(vmPermission.getAdElementId(), vmPermission.getRoleId(), getQuotaId(), vmPermission.getObjectType());
}
if (!permissionsToAdd.isEmpty()) {
List<Permission> permissionsList = permissionsToAdd.asPermissionList();
multiLevelAdministrationHandler.addPermission(permissionsList.toArray(new Permission[permissionsList.size()]));
}
}
Also used :
Permission(org.ovirt.engine.core.common.businessentities.Permission)
Example 57 with Permission
use of org.ovirt.engine.core.common.businessentities.Permission in project ovirt-engine by oVirt.
the class AddPermissionCommand method validate.
@Override
protected boolean validate() {
Permission perm = getParameters().getPermission();
if (perm == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_PERMISSION_NOT_SENT);
return false;
}
// Try to find the requested role, first by id and then by name:
Role role = null;
Guid roleId = perm.getRoleId();
String roleName = perm.getRoleName();
if (!Guid.isNullOrEmpty(roleId)) {
role = roleDao.get(roleId);
if (role != null) {
roleName = role.getName();
perm.setRoleName(roleName);
}
} else if (roleName != null) {
role = roleDao.getByName(roleName);
if (role != null) {
roleId = role.getId();
perm.setRoleId(roleId);
}
}
if (role == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_INVALID_ROLE_ID);
return false;
}
Guid adElementId = perm.getAdElementId();
if (perm.getObjectType() == null || getVdcObjectName() == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_INVALID_OBJECT_ID);
return false;
}
// give permission
if (getParameters().getUser() == null && getParameters().getGroup() == null && dbUserDao.get(adElementId) == null && dbGroupDao.get(adElementId) == null) {
return failValidation(EngineMessage.USER_MUST_EXIST_IN_DB);
}
// only system super user can give permissions with admin roles
if (!isSystemSuperUser() && role.getType() == RoleType.ADMIN) {
return failValidation(EngineMessage.PERMISSION_ADD_FAILED_ONLY_SYSTEM_SUPER_USER_CAN_GIVE_ADMIN_ROLES);
}
// don't allow adding permissions to vms from pool externally
if (!isInternalExecution() && perm.getObjectType() == VdcObjectType.VM) {
VM vm = vmDao.get(perm.getObjectId());
if (vm != null && vm.getVmPoolId() != null) {
return failValidation(EngineMessage.PERMISSION_ADD_FAILED_VM_IN_POOL);
}
}
return true;
}
Also used :
Role(org.ovirt.engine.core.common.businessentities.Role)
VM(org.ovirt.engine.core.common.businessentities.VM)
Permission(org.ovirt.engine.core.common.businessentities.Permission)
Guid(org.ovirt.engine.core.compat.Guid)
Example 58 with Permission
use of org.ovirt.engine.core.common.businessentities.Permission in project ovirt-engine by oVirt.
the class AddPermissionCommand method executeCommand.
@Override
protected void executeCommand() {
// Get the parameters:
T parameters = getParameters();
// The user or group given in the parameters may haven't been added to the database yet, if this is the case
// then they need to be added to the database now, before the permission:
DbUser user = parameters.getUser();
if (user != null) {
Guid id = user.getId();
String directory = user.getDomain();
String externalId = user.getExternalId();
DbUser existing = dbUserDao.getByIdOrExternalId(id, directory, externalId);
if (existing != null) {
user = existing;
} else {
user = addUser(user);
if (user == null) {
setSucceeded(false);
return;
}
}
}
DbGroup group = parameters.getGroup();
if (group != null) {
Guid id = group.getId();
String directory = group.getDomain();
String externalId = group.getExternalId();
DbGroup existing = dbGroupDao.getByIdOrExternalId(id, directory, externalId);
if (existing != null) {
group = existing;
} else {
group = addGroup(group);
if (group == null) {
setSucceeded(false);
return;
}
}
}
// The identifier of the principal of the permission can come from the parameters directly or from the
// user/group objects:
Guid principalId;
if (user != null) {
principalId = user.getId();
} else if (group != null) {
principalId = group.getId();
} else {
principalId = parameters.getPermission().getAdElementId();
}
final Permission paramPermission = parameters.getPermission();
Permission permission = permissionDao.getForRoleAndAdElementAndObject(paramPermission.getRoleId(), principalId, paramPermission.getObjectId());
if (permission == null) {
paramPermission.setAdElementId(principalId);
TransactionSupport.executeInNewTransaction(() -> {
permissionDao.save(paramPermission);
getCompensationContext().snapshotNewEntity(paramPermission);
getCompensationContext().stateChanged();
return null;
});
permission = paramPermission;
}
getReturnValue().setActionReturnValue(permission.getId());
if (user != null) {
updateAdminStatus(permission);
}
vmStaticDao.incrementDbGeneration(paramPermission.getObjectId());
setSucceeded(true);
}
Also used :
DbGroup(org.ovirt.engine.core.common.businessentities.aaa.DbGroup)
Permission(org.ovirt.engine.core.common.businessentities.Permission)
Guid(org.ovirt.engine.core.compat.Guid)
DbUser(org.ovirt.engine.core.common.businessentities.aaa.DbUser)
Example 59 with Permission
use of org.ovirt.engine.core.common.businessentities.Permission in project ovirt-engine by oVirt.
the class SubTabQuotaPermissionView method initTable.
private void initTable() {
// $NON-NLS-1$
getTable().addColumn(new PermissionTypeColumn(), constants.empty(), "30px");
AbstractTextColumn<Permission> userColumn = new AbstractTextColumn<Permission>() {
@Override
public String getValue(Permission object) {
return object.getOwnerName();
}
};
userColumn.makeSortable();
getTable().addColumn(userColumn, constants.userPermission());
AbstractTextColumn<Permission> roleColumn = new AbstractTextColumn<Permission>() {
@Override
public String getValue(Permission object) {
return object.getRoleName();
}
};
roleColumn.makeSortable();
getTable().addColumn(roleColumn, constants.rolePermission());
AbstractTextColumn<Permission> permissionColumn = new AbstractObjectNameColumn<Permission>() {
@Override
protected Object[] getRawValue(Permission object) {
return new Object[] { object.getObjectType(), object.getObjectName(), getDetailModel().getEntity(), object.getObjectId() };
}
};
permissionColumn.makeSortable();
getTable().addColumn(permissionColumn, constants.inheretedFromPermission());
}
Also used :
Permission(org.ovirt.engine.core.common.businessentities.Permission)
AbstractTextColumn(org.ovirt.engine.ui.common.widget.table.column.AbstractTextColumn)
PermissionTypeColumn(org.ovirt.engine.ui.common.widget.table.column.PermissionTypeColumn)
AbstractObjectNameColumn(org.ovirt.engine.ui.common.widget.table.column.AbstractObjectNameColumn)
Aggregations
Permission (org.ovirt.engine.core.common.businessentities.Permission)59
Test (org.junit.Test)14
ArrayList (java.util.ArrayList)12
Guid (org.ovirt.engine.core.compat.Guid)12
PermissionsOperationsParameters (org.ovirt.engine.core.common.action.PermissionsOperationsParameters)9
DbUser (org.ovirt.engine.core.common.businessentities.aaa.DbUser)8
ActionParametersBase (org.ovirt.engine.core.common.action.ActionParametersBase)6
DbGroup (org.ovirt.engine.core.common.businessentities.aaa.DbGroup)6
EntityModel (org.ovirt.engine.ui.uicommonweb.models.EntityModel)5
AdElementListModel (org.ovirt.engine.ui.uicommonweb.models.users.AdElementListModel)5
Role (org.ovirt.engine.core.common.businessentities.Role)4
QueryReturnValue (org.ovirt.engine.core.common.queries.QueryReturnValue)3
QueryType (org.ovirt.engine.core.common.queries.QueryType)3
AbstractTextColumn (org.ovirt.engine.ui.common.widget.table.column.AbstractTextColumn)3
PermissionTypeColumn (org.ovirt.engine.ui.common.widget.table.column.PermissionTypeColumn)3
Frontend (org.ovirt.engine.ui.frontend.Frontend)3
UICommand (org.ovirt.engine.ui.uicommonweb.UICommand)3
HelpTag (org.ovirt.engine.ui.uicommonweb.help.HelpTag)3
ConfirmationModel (org.ovirt.engine.ui.uicommonweb.models.ConfirmationModel)3
Inject (com.google.inject.Inject)2
