apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-21 04:53:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug 7949: changing security group code to use ids instead of name

Browse Source 
status 7949: resolved fixed
This commit is contained in:
abhishek 2011-01-20 14:21:03 -08:00
parent af3373c4d6
commit 31c9cce6c3
5 changed files with 54 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/src/com/cloud/api/ApiConstants.java
View File

@ -129,6 +129,7 @@ public class ApiConstants {
public static final String SECRET_KEY = "secretkey"; public static final String SECRET_KEY = "secretkey";
public static final String SECURITY_GROUP_LIST = "securitygrouplist"; public static final String SECURITY_GROUP_LIST = "securitygrouplist";
public static final String SECURITY_GROUP_NAME = "securitygroupname"; public static final String SECURITY_GROUP_NAME = "securitygroupname";
public static final String SECURITY_GROUP_ID = "securitygroupid";
public static final String SENT = "sent"; public static final String SENT = "sent";
public static final String SENT_BYTES = "sentbytes"; public static final String SENT_BYTES = "sentbytes";
public static final String SERVICE_OFFERING_ID = "serviceofferingid"; public static final String SERVICE_OFFERING_ID = "serviceofferingid";

11
api/src/com/cloud/api/commands/AuthorizeSecurityGroupIngressCmd.java
View File

@ -32,6 +32,7 @@ import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation; import com.cloud.api.Implementation;
import com.cloud.api.Parameter; import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException; import com.cloud.api.ServerApiException;
import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.IngressRuleResponse; import com.cloud.api.response.IngressRuleResponse;
import com.cloud.api.response.SecurityGroupResponse; import com.cloud.api.response.SecurityGroupResponse;
import com.cloud.event.EventTypes; import com.cloud.event.EventTypes;
@ -65,8 +66,8 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd {
@Parameter(name=ApiConstants.ICMP_CODE, type=CommandType.INTEGER, description="error code for this icmp message") @Parameter(name=ApiConstants.ICMP_CODE, type=CommandType.INTEGER, description="error code for this icmp message")
private Integer icmpCode; private Integer icmpCode;
@Parameter(name=ApiConstants.SECURITY_GROUP_NAME, type=CommandType.STRING, required=true, description="the security group name") @Parameter(name=ApiConstants.SECURITY_GROUP_ID, type=CommandType.LONG, required=true, description="The ID of the security group")
private String securityGroupName; private Long securityGroupId;
@Parameter(name=ApiConstants.CIDR_LIST, type=CommandType.LIST, collectionType=CommandType.STRING, description="the cidr list associated") @Parameter(name=ApiConstants.CIDR_LIST, type=CommandType.LIST, collectionType=CommandType.STRING, description="the cidr list associated")
private List cidrList; private List cidrList;
@ -109,8 +110,8 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd {
return icmpType; return icmpType;
} }
public String getSecurityGroupName() { public Long getSecurityGroupId() {
return securityGroupName; return securityGroupId;
} }
public String getProtocol() { public String getProtocol() {
@ -192,7 +193,7 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd {
sb.append("<error: no ingress parameters>"); sb.append("<error: no ingress parameters>");
} }
return "authorizing ingress to group: " + getSecurityGroupName() + " to " + sb.toString(); return "authorizing ingress to group: " + getSecurityGroupId() + " to " + sb.toString();
} }
@Override @Override

10
api/src/com/cloud/api/commands/DeleteSecurityGroupCmd.java
View File

@ -7,6 +7,7 @@ import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation; import com.cloud.api.Implementation;
import com.cloud.api.Parameter; import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException; import com.cloud.api.ServerApiException;
import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.SuccessResponse; import com.cloud.api.response.SuccessResponse;
import com.cloud.exception.ResourceInUseException; import com.cloud.exception.ResourceInUseException;
@ -25,8 +26,8 @@ public class DeleteSecurityGroupCmd extends BaseCmd {
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of account owning the security group") @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID of account owning the security group")
private Long domainId; private Long domainId;
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, required=true, description="the security group name") @Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="The ID of the security group")
private String securityGroupName; private Long id;
///////////////////////////////////////////////////// /////////////////////////////////////////////////////
@ -41,11 +42,12 @@ public class DeleteSecurityGroupCmd extends BaseCmd {
return domainId; return domainId;
} }
public String getSecurityGroupName() { public Long getId() {
return securityGroupName; return id;
} }
///////////////////////////////////////////////////// /////////////////////////////////////////////////////
/////////////// API Implementation/////////////////// /////////////// API Implementation///////////////////
///////////////////////////////////////////////////// /////////////////////////////////////////////////////

11
api/src/com/cloud/api/commands/RevokeSecurityGroupIngressCmd.java
View File

@ -13,6 +13,7 @@ import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation; import com.cloud.api.Implementation;
import com.cloud.api.Parameter; import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException; import com.cloud.api.ServerApiException;
import com.cloud.api.BaseCmd.CommandType;
import com.cloud.api.response.SuccessResponse; import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes; import com.cloud.event.EventTypes;
import com.cloud.user.Account; import com.cloud.user.Account;
@ -47,8 +48,8 @@ public class RevokeSecurityGroupIngressCmd extends BaseAsyncCmd {
@Parameter(name=ApiConstants.ICMP_TYPE, type=CommandType.INTEGER, description="type for this icmp message") @Parameter(name=ApiConstants.ICMP_TYPE, type=CommandType.INTEGER, description="type for this icmp message")
private Integer icmpType; private Integer icmpType;
@Parameter(name=ApiConstants.SECURITY_GROUP_NAME, type=CommandType.STRING, required=true, description="name of the security group") @Parameter(name=ApiConstants.SECURITY_GROUP_ID, type=CommandType.LONG, required=true, description="The ID of the security group")
private String securityGroupName; private Long securityGroupId;
@Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, description="protocol used") @Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, description="protocol used")
private String protocol; private String protocol;
@ -87,8 +88,8 @@ public class RevokeSecurityGroupIngressCmd extends BaseAsyncCmd {
return icmpType; return icmpType;
} }
public String getSecurityGroupName() { public Long getSecurityGroupId() {
return securityGroupName; return securityGroupId;
} }
public String getProtocol() { public String getProtocol() {
@ -165,7 +166,7 @@ public class RevokeSecurityGroupIngressCmd extends BaseAsyncCmd {
sb.append("<error: no ingress parameters>"); sb.append("<error: no ingress parameters>");
} }
return "revoking ingress from group: " + getSecurityGroupName() + " for " + sb.toString(); return "revoking ingress from group: " + getSecurityGroupId() + " for " + sb.toString();
} }
@Override @Override

70
server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
View File

@ -434,7 +434,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
@Override @DB @SuppressWarnings("rawtypes") @Override @DB @SuppressWarnings("rawtypes")
public List<IngressRuleVO> authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressCmd cmd) throws InvalidParameterValueException, PermissionDeniedException{ public List<IngressRuleVO> authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressCmd cmd) throws InvalidParameterValueException, PermissionDeniedException{
String groupName = cmd.getSecurityGroupName(); Long groupId = cmd.getSecurityGroupId();
String protocol = cmd.getProtocol(); String protocol = cmd.getProtocol();
Integer startPort = cmd.getStartPort(); Integer startPort = cmd.getStartPort();
Integer endPort = cmd.getEndPort(); Integer endPort = cmd.getEndPort();
@ -510,9 +510,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
// if it's an admin account, do a quick permission check // if it's an admin account, do a quick permission check
if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) { if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) {
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Unable to find rules for security group id = " + groupName + ", permission denied."); s_logger.debug("Unable to find rules for security group id = " + groupId + ", permission denied.");
} }
throw new PermissionDeniedException("Unable to find rules for security group id = " + groupName + ", permission denied."); throw new PermissionDeniedException("Unable to find rules for security group id = " + groupId + ", permission denied.");
} }
Account groupOwner = _accountDao.findActiveAccount(accountName, domainId); Account groupOwner = _accountDao.findActiveAccount(accountName, domainId);
@ -534,7 +534,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
} }
if (accountId == null) { if (accountId == null) {
throw new InvalidParameterValueException("Unable to find account for security group " + groupName + "; failed to authorize ingress."); throw new InvalidParameterValueException("Unable to find account for security group " + groupId + "; failed to authorize ingress.");
} }
@ -560,9 +560,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
Account authorizedAccount = _accountDao.findActiveAccount(authorizedAccountName, domainId); Account authorizedAccount = _accountDao.findActiveAccount(authorizedAccountName, domainId);
if (authorizedAccount == null) { if (authorizedAccount == null) {
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Nonexistent account: " + authorizedAccountName + ", domainid: " + domainId + " when trying to authorize ingress for " + groupName + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode); s_logger.debug("Nonexistent account: " + authorizedAccountName + ", domainid: " + domainId + " when trying to authorize ingress for " + groupId + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode);
} }
throw new InvalidParameterValueException("Nonexistent account: " + authorizedAccountName + " when trying to authorize ingress for " + groupName + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode); throw new InvalidParameterValueException("Nonexistent account: " + authorizedAccountName + " when trying to authorize ingress for " + groupId + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode);
} }
SecurityGroupVO groupVO = _securityGroupDao.findByAccountAndName(authorizedAccount.getId(), group); SecurityGroupVO groupVO = _securityGroupDao.findByAccountAndName(authorizedAccount.getId(), group);
@ -581,15 +581,15 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
authorizedGroups2.addAll(authorizedGroups); //Ensure we don't re-lock the same row authorizedGroups2.addAll(authorizedGroups); //Ensure we don't re-lock the same row
txn.start(); txn.start();
SecurityGroupVO securityGroup = _securityGroupDao.findByAccountAndName(accountId, groupName); SecurityGroupVO securityGroup = _securityGroupDao.findById(groupId);
if (securityGroup == null) { if (securityGroup == null) {
s_logger.warn("Security group not found: name= " + groupName); s_logger.warn("Security group not found: id= " + groupId);
return null; return null;
} }
//Prevents other threads/management servers from creating duplicate ingress rules //Prevents other threads/management servers from creating duplicate ingress rules
SecurityGroupVO securityGroupLock = _securityGroupDao.acquireInLockTable(securityGroup.getId()); SecurityGroupVO securityGroupLock = _securityGroupDao.acquireInLockTable(securityGroup.getId());
if (securityGroupLock == null) { if (securityGroupLock == null) {
s_logger.warn("Could not acquire lock on network security group: name= " + groupName); s_logger.warn("Could not acquire lock on network security group: name= " + securityGroup.getName());
return null; return null;
} }
List<IngressRuleVO> newRules = new ArrayList<IngressRuleVO>(); List<IngressRuleVO> newRules = new ArrayList<IngressRuleVO>();
@ -597,7 +597,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
//Don't delete the group from under us. //Don't delete the group from under us.
securityGroup = _securityGroupDao.lockRow(securityGroup.getId(), false); securityGroup = _securityGroupDao.lockRow(securityGroup.getId(), false);
if (securityGroup == null) { if (securityGroup == null) {
s_logger.warn("Could not acquire lock on network group " + groupName); s_logger.warn("Could not acquire lock on network group " + securityGroup.getName());
return null; return null;
} }
@ -632,7 +632,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
} }
} }
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Added " + newRules.size() + " rules to security group " + groupName); s_logger.debug("Added " + newRules.size() + " rules to security group " + securityGroup.getName());
} }
txn.commit(); txn.commit();
final Set<Long> affectedVms = new HashSet<Long>(); final Set<Long> affectedVms = new HashSet<Long>();
@ -663,7 +663,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
Integer icmpType = cmd.getIcmpType(); Integer icmpType = cmd.getIcmpType();
Integer icmpCode = cmd.getIcmpCode(); Integer icmpCode = cmd.getIcmpCode();
String protocol = cmd.getProtocol(); String protocol = cmd.getProtocol();
String securityGroup = cmd.getSecurityGroupName(); Long securityGroupId = cmd.getSecurityGroupId();
String cidrList = cmd.getCidrList(); String cidrList = cmd.getCidrList();
Map groupList = cmd.getUserSecurityGroupList(); Map groupList = cmd.getUserSecurityGroupList();
String [] cidrs = null; String [] cidrs = null;
@ -724,9 +724,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
// if it's an admin account, do a quick permission check // if it's an admin account, do a quick permission check
if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) { if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) {
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Unable to find rules for network security group id = " + securityGroup + ", permission denied."); s_logger.debug("Unable to find rules for security group id = " + securityGroupId + ", permission denied.");
} }
throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to find rules for network security group id = " + securityGroup + ", permission denied."); throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to find rules for security group id = " + securityGroupId + ", permission denied.");
} }
Account groupOwner = _accountDao.findActiveAccount(accountName, domainId); Account groupOwner = _accountDao.findActiveAccount(accountName, domainId);
if (groupOwner == null) { if (groupOwner == null) {
@ -747,13 +747,13 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
} }
if (accountId == null) { if (accountId == null) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account for network security group " + securityGroup + "; failed to revoke ingress."); throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find account for security group " + securityGroupId + "; failed to revoke ingress.");
} }
SecurityGroupVO sg = _securityGroupDao.findByAccountAndName(accountId, securityGroup); SecurityGroupVO sg = _securityGroupDao.findById(securityGroupId);
if (sg == null) { if (sg == null) {
s_logger.debug("Unable to find network security group with id " + securityGroup); s_logger.debug("Unable to find security group with id " + securityGroupId);
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find network security group with id " + securityGroup); throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find security group with id " + securityGroupId);
} }
if (cidrList == null && groupList == null) { if (cidrList == null && groupList == null) {
@ -790,9 +790,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
Account authorizedAccount = _accountDao.findActiveAccount(authorizedAccountName, domainId); Account authorizedAccount = _accountDao.findActiveAccount(authorizedAccountName, domainId);
if (authorizedAccount == null) { if (authorizedAccount == null) {
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Nonexistent account: " + authorizedAccountName + ", domainid: " + domainId + " when trying to revoke ingress for " + securityGroup + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode); s_logger.debug("Nonexistent account: " + authorizedAccountName + ", domainid: " + domainId + " when trying to revoke ingress for " + securityGroupId + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode);
} }
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Nonexistent account: " + authorizedAccountName + " when trying to revoke ingress for " + securityGroup + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode); throw new ServerApiException(BaseCmd.PARAM_ERROR, "Nonexistent account: " + authorizedAccountName + " when trying to revoke ingress for " + securityGroupId + ":" + protocol + ":" + startPortOrType + ":" + endPortOrCode);
} }
SecurityGroupVO groupVO = _securityGroupDao.findByAccountAndName(authorizedAccount.getId(), group); SecurityGroupVO groupVO = _securityGroupDao.findByAccountAndName(authorizedAccount.getId(), group);
@ -818,9 +818,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
final int numToDelete = cidrList.length() + authorizedGroups.size(); final int numToDelete = cidrList.length() + authorizedGroups.size();
final Transaction txn = Transaction.currentTxn(); final Transaction txn = Transaction.currentTxn();
SecurityGroupVO securityGroupHandle = _securityGroupDao.findByAccountAndName(accountId, securityGroup); SecurityGroupVO securityGroupHandle = _securityGroupDao.findById(securityGroupId);
if (securityGroupHandle == null) { if (securityGroupHandle == null) {
s_logger.warn("Network security group not found: name= " + securityGroup); s_logger.warn("Security group not found: name= " + securityGroupId);
return false; return false;
} }
try { try {
@ -828,7 +828,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
securityGroupHandle = _securityGroupDao.acquireInLockTable(securityGroupHandle.getId()); securityGroupHandle = _securityGroupDao.acquireInLockTable(securityGroupHandle.getId());
if (securityGroupHandle == null) { if (securityGroupHandle == null) {
s_logger.warn("Could not acquire lock on network security group: name= " + securityGroup); s_logger.warn("Could not acquire lock on network security group: name= " + securityGroupId);
return false; return false;
} }
for (final SecurityGroupVO ngVO: authorizedGroups) { for (final SecurityGroupVO ngVO: authorizedGroups) {
@ -837,7 +837,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
for (final String cidr: cidrs) { for (final String cidr: cidrs) {
numDeleted += _ingressRuleDao.deleteByPortProtoAndCidr(securityGroupHandle.getId(), protocol, startPort, endPort, cidr); numDeleted += _ingressRuleDao.deleteByPortProtoAndCidr(securityGroupHandle.getId(), protocol, startPort, endPort, cidr);
} }
s_logger.debug("revokeSecurityGroupIngress for group: " + securityGroup + ", numToDelete=" + numToDelete + ", numDeleted=" + numDeleted); s_logger.debug("revokeSecurityGroupIngress for group: " + securityGroupId + ", numToDelete=" + numToDelete + ", numDeleted=" + numDeleted);
final Set<Long> affectedVms = new HashSet<Long>(); final Set<Long> affectedVms = new HashSet<Long>();
affectedVms.addAll(_securityGroupVMMapDao.listVmIdsBySecurityGroup(securityGroupHandle.getId())); affectedVms.addAll(_securityGroupVMMapDao.listVmIdsBySecurityGroup(securityGroupHandle.getId()));
@ -848,7 +848,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
s_logger.warn("Exception caught when deleting ingress rules ", e); s_logger.warn("Exception caught when deleting ingress rules ", e);
throw new CloudRuntimeException("Exception caught when deleting ingress rules", e); throw new CloudRuntimeException("Exception caught when deleting ingress rules", e);
} finally { } finally {
if (securityGroup != null) { if (securityGroupId != null) {
_securityGroupDao.releaseFromLockTable(securityGroupHandle.getId()); _securityGroupDao.releaseFromLockTable(securityGroupHandle.getId());
} }
txn.commit(); txn.commit();
@ -1129,7 +1129,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
@DB @DB
@Override @Override
public boolean deleteSecurityGroup(DeleteSecurityGroupCmd cmd) throws ResourceInUseException, PermissionDeniedException, InvalidParameterValueException{ public boolean deleteSecurityGroup(DeleteSecurityGroupCmd cmd) throws ResourceInUseException, PermissionDeniedException, InvalidParameterValueException{
String name = cmd.getSecurityGroupName(); Long id = cmd.getId();
String accountName = cmd.getAccountName(); String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId(); Long domainId = cmd.getDomainId();
Account account = UserContext.current().getCaller(); Account account = UserContext.current().getCaller();
@ -1145,9 +1145,9 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
// if it's an admin account, do a quick permission check // if it's an admin account, do a quick permission check
if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) { if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), domainId)) {
if (s_logger.isDebugEnabled()) { if (s_logger.isDebugEnabled()) {
s_logger.debug("Unable to find rules network group " + name + ", permission denied."); s_logger.debug("Unable to find rules network group: " + id + ", permission denied.");
} }
throw new PermissionDeniedException("Unable to network group " + name + ", permission denied."); throw new PermissionDeniedException("Unable to network group: " + id + ", permission denied.");
} }
Account groupOwner = _accountDao.findActiveAccount(accountName, domainId); Account groupOwner = _accountDao.findActiveAccount(accountName, domainId);
@ -1169,12 +1169,12 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
} }
if (accountId == null) { if (accountId == null) {
throw new InvalidParameterValueException("Unable to find account for network group " + name + "; failed to delete group."); throw new InvalidParameterValueException("Unable to find account for network group: " + id + "; failed to delete group.");
} }
SecurityGroupVO sg = _securityGroupDao.findByAccountAndName(accountId, name); SecurityGroupVO sg = _securityGroupDao.findById(id);
if (sg == null) { if (sg == null) {
throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find network group " + name + "; failed to delete group."); throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find network group: " + id + "; failed to delete group.");
} }
Long groupId = sg.getId(); Long groupId = sg.getId();
@ -1216,7 +1216,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
String accountName = cmd.getAccountName(); String accountName = cmd.getAccountName();
Long accountId = null; Long accountId = null;
Long instanceId = cmd.getVirtualMachineId(); Long instanceId = cmd.getVirtualMachineId();
String networkGroup = cmd.getSecurityGroupName(); String securityGroup = cmd.getSecurityGroupName();
Boolean recursive = Boolean.FALSE; Boolean recursive = Boolean.FALSE;
Long id = cmd.getId(); Long id = cmd.getId();
@ -1244,7 +1244,7 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
} }
} else if (account != null) { } else if (account != null) {
// either an admin is searching for their own group, or admin is listing all groups and the search needs to be restricted to domain admin's domain // either an admin is searching for their own group, or admin is listing all groups and the search needs to be restricted to domain admin's domain
if (networkGroup != null) { if (securityGroup != null) {
accountId = account.getId(); accountId = account.getId();
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) { } else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
domainId = account.getDomainId(); domainId = account.getDomainId();
@ -1297,8 +1297,8 @@ public class SecurityGroupManagerImpl implements SecurityGroupManager, SecurityG
SearchCriteria<SecurityGroupVO> sc = sb.create(); SearchCriteria<SecurityGroupVO> sc = sb.create();
if (accountId != null) { if (accountId != null) {
sc.setParameters("accountId", accountId); sc.setParameters("accountId", accountId);
if (networkGroup != null) { if (securityGroup != null) {
sc.setParameters("name", networkGroup); sc.setParameters("name", securityGroup);
} else if (keyword != null) { } else if (keyword != null) {
SearchCriteria<SecurityGroupRulesVO> ssc = _securityGroupRulesDao.createSearchCriteria(); SearchCriteria<SecurityGroupRulesVO> ssc = _securityGroupRulesDao.createSearchCriteria();
ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%");