use of org.ovirt.engine.core.common.businessentities.Role in project ovirt-engine by oVirt.
the class UserPermissionListModel method onAddRoleToUser.
private void onAddRoleToUser() {
AdElementListModel model = (AdElementListModel) getWindow();
if (model.getProgress() != null) {
return;
}
List<Role> roles = model.getRole().getSelectedItems();
// adGroup/user
DbUser user = getEntity();
List<ActionParametersBase> permissionParamsList = new ArrayList<>();
roles.forEach(role -> {
PermissionsOperationsParameters permissionParams = new PermissionsOperationsParameters();
Permission perm = new Permission(user.getId(), role.getId(), null, null);
if (user.isGroup()) {
DbGroup group = new DbGroup();
group.setId(user.getId());
group.setExternalId(user.getExternalId());
group.setName(user.getFirstName());
group.setDomain(user.getDomain());
group.setNamespace(user.getNamespace());
permissionParams.setPermission(perm);
permissionParams.setGroup(group);
} else {
permissionParams.setPermission(perm);
permissionParams.setUser(user);
}
permissionParamsList.add(permissionParams);
});
model.startProgress();
Frontend.getInstance().runMultipleAction(ActionType.AddSystemPermission, permissionParamsList, result -> {
AdElementListModel localModel = (AdElementListModel) result.getState();
localModel.stopProgress();
cancel();
}, model);
}
use of org.ovirt.engine.core.common.businessentities.Role in project ovirt-engine by oVirt.
the class UpdateRoleCommand method validate.
@Override
protected boolean validate() {
boolean returnValue = true;
Role oldRole = roleDao.get(getRole().getId());
if (oldRole == null) {
addValidationMessage(EngineMessage.ERROR_CANNOT_UPDATE_ROLE_ID);
returnValue = false;
} else {
if (checkIfRoleIsReadOnly(getReturnValue().getValidationMessages())) {
returnValue = false;
addValidationMessage(EngineMessage.VAR__ACTION__UPDATE);
} else if (!StringUtils.equals(getRole().getName(), oldRole.getName()) && roleDao.getByName(getRole().getName()) != null) {
addValidationMessage(EngineMessage.ACTION_TYPE_FAILED_NAME_ALREADY_USED);
returnValue = false;
} else // changing role type isn't allowed
if (getRole().getType() != oldRole.getType()) {
addValidationMessage(EngineMessage.ERROR_CANNOT_UPDATE_ROLE_TYPE);
returnValue = false;
}
}
if (!returnValue) {
addValidationMessage(EngineMessage.VAR__TYPE__ROLE);
addValidationMessage(EngineMessage.VAR__ACTION__UPDATE);
}
return returnValue;
}
use of org.ovirt.engine.core.common.businessentities.Role in project ovirt-engine by oVirt.
the class AddPermissionCommand method validate.
@Override
protected boolean validate() {
Permission perm = getParameters().getPermission();
if (perm == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_PERMISSION_NOT_SENT);
return false;
}
// Try to find the requested role, first by id and then by name:
Role role = null;
Guid roleId = perm.getRoleId();
String roleName = perm.getRoleName();
if (!Guid.isNullOrEmpty(roleId)) {
role = roleDao.get(roleId);
if (role != null) {
roleName = role.getName();
perm.setRoleName(roleName);
}
} else if (roleName != null) {
role = roleDao.getByName(roleName);
if (role != null) {
roleId = role.getId();
perm.setRoleId(roleId);
}
}
if (role == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_INVALID_ROLE_ID);
return false;
}
Guid adElementId = perm.getAdElementId();
if (perm.getObjectType() == null || getVdcObjectName() == null) {
addValidationMessage(EngineMessage.PERMISSION_ADD_FAILED_INVALID_OBJECT_ID);
return false;
}
// give permission
if (getParameters().getUser() == null && getParameters().getGroup() == null && dbUserDao.get(adElementId) == null && dbGroupDao.get(adElementId) == null) {
return failValidation(EngineMessage.USER_MUST_EXIST_IN_DB);
}
// only system super user can give permissions with admin roles
if (!isSystemSuperUser() && role.getType() == RoleType.ADMIN) {
return failValidation(EngineMessage.PERMISSION_ADD_FAILED_ONLY_SYSTEM_SUPER_USER_CAN_GIVE_ADMIN_ROLES);
}
// don't allow adding permissions to vms from pool externally
if (!isInternalExecution() && perm.getObjectType() == VdcObjectType.VM) {
VM vm = vmDao.get(perm.getObjectId());
if (vm != null && vm.getVmPoolId() != null) {
return failValidation(EngineMessage.PERMISSION_ADD_FAILED_VM_IN_POOL);
}
}
return true;
}
Aggregations