mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
Move ACL APIs from server to plugin. Server can have its own APIs for
standalone use (compared to integration with CloudStack), which can be done at later phase.
This commit is contained in:
Min Chen
parent
c950651fe2
commit
01e6f47d41
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.acl.api;
|
||||
package org.apache.cloudstack.acl;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -24,7 +24,8 @@ import javax.inject.Inject;
|
||||
import org.apache.cloudstack.acl.APIChecker;
|
||||
import org.apache.cloudstack.acl.AclPolicy;
|
||||
import org.apache.cloudstack.acl.AclRole;
|
||||
import org.apache.cloudstack.acl.AclService;
|
||||
import org.apache.cloudstack.acl.api.AclApiService;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.cloud.exception.PermissionDeniedException;
|
||||
@ -41,7 +42,7 @@ public class RoleBasedAPIAccessChecker extends AdapterBase implements APIChecker
|
||||
protected static final Logger s_logger = Logger.getLogger(RoleBasedAPIAccessChecker.class);
|
||||
|
||||
@Inject AccountService _accountService;
|
||||
@Inject AclService _aclService;
|
||||
@Inject AclApiService _aclService;
|
||||
|
||||
protected RoleBasedAPIAccessChecker() {
|
||||
super();
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.acl.entity;
|
||||
package org.apache.cloudstack.acl;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
@ -24,11 +24,11 @@ import javax.inject.Inject;
|
||||
|
||||
import org.apache.cloudstack.acl.AclPolicy;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermissionVO;
|
||||
import org.apache.cloudstack.acl.AclService;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.acl.AclEntityType;
|
||||
import org.apache.cloudstack.acl.PermissionScope;
|
||||
import org.apache.cloudstack.acl.SecurityChecker;
|
||||
import org.apache.cloudstack.acl.api.AclApiService;
|
||||
import org.apache.cloudstack.acl.dao.AclGroupAccountMapDao;
|
||||
import org.apache.cloudstack.acl.dao.AclPolicyPermissionDao;
|
||||
import org.apache.log4j.Logger;
|
||||
@ -47,7 +47,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
|
||||
@Inject
|
||||
AccountService _accountService;
|
||||
@Inject
|
||||
AclService _aclService;
|
||||
AclApiService _aclService;
|
||||
|
||||
@Inject DomainDao _domainDao;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.acl.entity;
|
||||
package org.apache.cloudstack.acl;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
@ -14,15 +14,20 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.acl;
|
||||
package org.apache.cloudstack.acl.api;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.apache.cloudstack.acl.AclGroup;
|
||||
import org.apache.cloudstack.acl.AclPolicy;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermission;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.acl.PermissionScope;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermission.Permission;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
|
||||
public interface AclService {
|
||||
public interface AclApiService {
|
||||
|
||||
/* ACL group related interfaces */
|
||||
AclGroup createAclGroup(Account caller, String aclGroupName, String description);
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.acl;
|
||||
package org.apache.cloudstack.acl.api;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
@ -25,6 +25,17 @@ import javax.inject.Inject;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import org.apache.cloudstack.acl.AclGroup;
|
||||
import org.apache.cloudstack.acl.AclGroupAccountMapVO;
|
||||
import org.apache.cloudstack.acl.AclGroupPolicyMapVO;
|
||||
import org.apache.cloudstack.acl.AclGroupVO;
|
||||
import org.apache.cloudstack.acl.AclPolicy;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermission;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermissionVO;
|
||||
import org.apache.cloudstack.acl.AclPolicyVO;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.acl.PermissionScope;
|
||||
import org.apache.cloudstack.acl.SecurityChecker;
|
||||
import org.apache.cloudstack.acl.AclPolicyPermission.Permission;
|
||||
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
|
||||
import org.apache.cloudstack.acl.dao.AclGroupAccountMapDao;
|
||||
@ -62,10 +73,10 @@ import com.cloud.utils.db.TransactionCallback;
|
||||
import com.cloud.utils.db.TransactionCallbackNoReturn;
|
||||
import com.cloud.utils.db.TransactionStatus;
|
||||
|
||||
@Local(value = {AclService.class})
|
||||
public class AclServiceImpl extends ManagerBase implements AclService, Manager {
|
||||
@Local(value = {AclApiService.class})
|
||||
public class AclApiServiceImpl extends ManagerBase implements AclApiService, Manager {
|
||||
|
||||
public static final Logger s_logger = Logger.getLogger(AclServiceImpl.class);
|
||||
public static final Logger s_logger = Logger.getLogger(AclApiServiceImpl.class);
|
||||
private String _name;
|
||||
|
||||
@Inject
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package org.apache.cloudstack.iam.api.command;
|
||||
package org.apache.cloudstack.acl.api.command;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user