apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-3950:Set cross-zone flag in registerTemplate/registerIso in

Browse Source 
case of region-wide secondary is enabled.
This commit is contained in:
Min Chen 2013-08-20 14:13:06 -07:00
parent fe012f29e8
commit 3bd2bbf59d
5 changed files with 259 additions and 215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
engine/schema/src/org/apache/cloudstack/storage/datastore/db/ImageStoreDao.java
View File

@ -31,6 +31,8 @@ public interface ImageStoreDao extends GenericDao<ImageStoreVO, Long> {
List<ImageStoreVO> findByScope(ZoneScope scope);
List<ImageStoreVO> findRegionImageStores();
List<ImageStoreVO> findImageCacheByScope(ZoneScope scope);
List<ImageStoreVO> listImageStores();

16
engine/storage/src/org/apache/cloudstack/storage/image/db/ImageStoreDaoImpl.java
View File

@ -38,6 +38,7 @@ import com.cloud.utils.db.SearchCriteria;
public class ImageStoreDaoImpl extends GenericDaoBase<ImageStoreVO, Long> implements ImageStoreDao {
private SearchBuilder<ImageStoreVO> nameSearch;
private SearchBuilder<ImageStoreVO> providerSearch;
private SearchBuilder<ImageStoreVO> regionSearch;
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@ -50,9 +51,14 @@ public class ImageStoreDaoImpl extends GenericDaoBase<ImageStoreVO, Long> implem
providerSearch = createSearchBuilder();
providerSearch.and("providerName", providerSearch.entity().getProviderName(), SearchCriteria.Op.EQ);
providerSearch.and("role", providerSearch.entity().getProviderName(), SearchCriteria.Op.EQ);
providerSearch.and("role", providerSearch.entity().getRole(), SearchCriteria.Op.EQ);
providerSearch.done();
regionSearch = createSearchBuilder();
regionSearch.and("scope", regionSearch.entity().getScope(), SearchCriteria.Op.EQ);
regionSearch.and("role", regionSearch.entity().getRole(), SearchCriteria.Op.EQ);
regionSearch.done();
return true;
}
@ -86,6 +92,14 @@ public class ImageStoreDaoImpl extends GenericDaoBase<ImageStoreVO, Long> implem
return listBy(sc);
}
@Override
public List<ImageStoreVO> findRegionImageStores() {
SearchCriteria<ImageStoreVO> sc = regionSearch.create();
sc.setParameters("scope", ScopeType.REGION);
sc.setParameters("role", DataStoreRole.Image);
return listBy(sc);
}
@Override
public List<ImageStoreVO> findImageCacheByScope(ZoneScope scope) {
SearchCriteria<ImageStoreVO> sc = createSearchCriteria();

14
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -431,6 +431,8 @@ import org.apache.cloudstack.engine.subsystem.api.storage.StoragePoolAllocator;
import org.apache.cloudstack.engine.subsystem.api.storage.VolumeDataFactory;
import org.apache.cloudstack.framework.config.ConfigurationVO;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
import org.apache.cloudstack.storage.datastore.db.ImageStoreDao;
import org.apache.cloudstack.storage.datastore.db.ImageStoreVO;
import org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDao;
import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
import org.apache.cloudstack.utils.identity.ManagementServerNode;
@ -675,6 +677,8 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
private List<StoragePoolAllocator> _storagePoolAllocators;
@Inject
private ResourceTagDao _resourceTagDao;
@Inject
private ImageStoreDao _imgStoreDao;
@Inject
ProjectManager _projectMgr;
@ -796,7 +800,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
for (String id : availableIds) {
_availableIdsMap.put(id, true);
}
_executeInSequence = Boolean.parseBoolean(_configDao.getValue(Config.ExecuteInSequence.key()));
return true;
@ -3256,6 +3260,13 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
Integer apiLimitInterval = Integer.valueOf(_configDao.getValue(Config.ApiLimitInterval.key()));
Integer apiLimitMax = Integer.valueOf(_configDao.getValue(Config.ApiLimitMax.key()));
// check if region-wide secondary storage is used
boolean regionSecondaryEnabled = false;
List<ImageStoreVO> imgStores = _imgStoreDao.findRegionImageStores();
if ( imgStores != null && imgStores.size() > 0){
regionSecondaryEnabled = true;
}
capabilities.put("securityGroupsEnabled", securityGroupsEnabled);
capabilities
.put("userPublicTemplateEnabled", (userPublicTemplateEnabled == null || userPublicTemplateEnabled.equals("false") ? false : true));
@ -3264,6 +3275,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
capabilities.put("projectInviteRequired", _projectMgr.projectInviteRequired());
capabilities.put("allowusercreateprojects", _projectMgr.allowUserToCreateProject());
capabilities.put("customDiskOffMaxSize", diskOffMaxSize);
capabilities.put("regionSecondaryEnabled", regionSecondaryEnabled);
if (apiLimitEnabled) {
capabilities.put("apiLimitInterval", apiLimitInterval);
capabilities.put("apiLimitMax", apiLimitMax);

428
server/src/com/cloud/template/TemplateAdapterBase.java
View File

@ -21,6 +21,8 @@ import java.util.Map;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.command.user.iso.DeleteIsoCmd;
import org.apache.cloudstack.api.command.user.iso.RegisterIsoCmd;
@ -28,13 +30,11 @@ import org.apache.cloudstack.api.command.user.template.DeleteTemplateCmd;
import org.apache.cloudstack.api.command.user.template.ExtractTemplateCmd;
import org.apache.cloudstack.api.command.user.template.RegisterTemplateCmd;
import org.apache.cloudstack.context.CallContext;
import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
import org.apache.cloudstack.engine.subsystem.api.storage.DataStoreManager;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
import org.apache.cloudstack.storage.datastore.db.ImageStoreDao;
import org.apache.cloudstack.storage.datastore.db.ImageStoreVO;
import org.apache.cloudstack.storage.datastore.db.TemplateDataStoreDao;
import org.apache.log4j.Logger;
import com.cloud.api.ApiDBUtils;
import com.cloud.configuration.Config;
import com.cloud.configuration.Resource.ResourceType;
@ -71,86 +71,86 @@ import com.cloud.vm.UserVmVO;
import com.cloud.vm.dao.UserVmDao;
public abstract class TemplateAdapterBase extends AdapterBase implements TemplateAdapter {
private final static Logger s_logger = Logger.getLogger(TemplateAdapterBase.class);
protected @Inject DomainDao _domainDao;
protected @Inject AccountDao _accountDao;
protected @Inject ConfigurationDao _configDao;
protected @Inject UserDao _userDao;
protected @Inject AccountManager _accountMgr;
protected @Inject DataCenterDao _dcDao;
protected @Inject VMTemplateDao _tmpltDao;
protected @Inject TemplateDataStoreDao _tmpltStoreDao;
protected @Inject VMTemplateZoneDao _tmpltZoneDao;
protected @Inject UsageEventDao _usageEventDao;
protected @Inject HostDao _hostDao;
protected @Inject UserVmDao _userVmDao;
protected @Inject GuestOSHypervisorDao _osHyperDao;
protected @Inject ResourceLimitService _resourceLimitMgr;
protected @Inject DataStoreManager storeMgr;
@Inject TemplateManager templateMgr;
private final static Logger s_logger = Logger.getLogger(TemplateAdapterBase.class);
protected @Inject DomainDao _domainDao;
protected @Inject AccountDao _accountDao;
protected @Inject ConfigurationDao _configDao;
protected @Inject UserDao _userDao;
protected @Inject AccountManager _accountMgr;
protected @Inject DataCenterDao _dcDao;
protected @Inject VMTemplateDao _tmpltDao;
protected @Inject TemplateDataStoreDao _tmpltStoreDao;
protected @Inject VMTemplateZoneDao _tmpltZoneDao;
protected @Inject UsageEventDao _usageEventDao;
protected @Inject HostDao _hostDao;
protected @Inject UserVmDao _userVmDao;
protected @Inject GuestOSHypervisorDao _osHyperDao;
protected @Inject ResourceLimitService _resourceLimitMgr;
protected @Inject ImageStoreDao _imgStoreDao;
@Inject TemplateManager templateMgr;
@Inject ConfigurationServer _configServer;
@Inject ProjectManager _projectMgr;
@Override
public boolean stop() {
return true;
}
private static boolean isAdmin(short accountType) {
return ((accountType == Account.ACCOUNT_TYPE_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
}
@Override
public boolean stop() {
return true;
}
@Override
private static boolean isAdmin(short accountType) {
return ((accountType == Account.ACCOUNT_TYPE_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
}
@Override
public TemplateProfile prepare(boolean isIso, Long userId, String name, String displayText, Integer bits,
Boolean passwordEnabled, Boolean requiresHVM, String url, Boolean isPublic, Boolean featured,
Boolean isExtractable, String format, Long guestOSId, Long zoneId, HypervisorType hypervisorType,
String accountName, Long domainId, String chksum, Boolean bootable, Map details) throws ResourceAllocationException {
return prepare(isIso, userId, name, displayText, bits, passwordEnabled, requiresHVM, url, isPublic, featured, isExtractable, format, guestOSId, zoneId, hypervisorType,
chksum, bootable, null, null, details, false, null, false, TemplateType.USER);
}
return prepare(isIso, userId, name, displayText, bits, passwordEnabled, requiresHVM, url, isPublic, featured, isExtractable, format, guestOSId, zoneId, hypervisorType,
chksum, bootable, null, null, details, false, null, false, TemplateType.USER);
}
@Override
@Override
public TemplateProfile prepare(boolean isIso, long userId, String name, String displayText, Integer bits,
Boolean passwordEnabled, Boolean requiresHVM, String url, Boolean isPublic, Boolean featured,
Boolean isExtractable, String format, Long guestOSId, Long zoneId, HypervisorType hypervisorType,
String chksum, Boolean bootable, String templateTag, Account templateOwner, Map details, Boolean sshkeyEnabled,
String imageStoreUuid, Boolean isDynamicallyScalable, TemplateType templateType) throws ResourceAllocationException {
//Long accountId = null;
// parameters verification
Boolean passwordEnabled, Boolean requiresHVM, String url, Boolean isPublic, Boolean featured,
Boolean isExtractable, String format, Long guestOSId, Long zoneId, HypervisorType hypervisorType,
String chksum, Boolean bootable, String templateTag, Account templateOwner, Map details, Boolean sshkeyEnabled,
String imageStoreUuid, Boolean isDynamicallyScalable, TemplateType templateType) throws ResourceAllocationException {
//Long accountId = null;
// parameters verification
if (isPublic == null) {
isPublic = Boolean.FALSE;
}
if (isPublic == null) {
isPublic = Boolean.FALSE;
}
if (zoneId.longValue() == -1) {
zoneId = null;
}
if (zoneId.longValue() == -1) {
zoneId = null;
}
if (isIso) {
if (bootable == null) {
bootable = Boolean.TRUE;
}
GuestOS noneGuestOs = ApiDBUtils.findGuestOSByDisplayName(ApiConstants.ISO_GUEST_OS_NONE);
if ((guestOSId == null || guestOSId == noneGuestOs.getId()) && bootable == true){
throw new InvalidParameterValueException("Please pass a valid GuestOS Id");
}
if (bootable == false){
guestOSId = noneGuestOs.getId(); //Guest os id of None.
}
} else {
if (bits == null) {
bits = Integer.valueOf(64);
}
if (passwordEnabled == null) {
passwordEnabled = false;
}
if (requiresHVM == null) {
requiresHVM = true;
}
}
if (isIso) {
if (bootable == null) {
bootable = Boolean.TRUE;
}
GuestOS noneGuestOs = ApiDBUtils.findGuestOSByDisplayName(ApiConstants.ISO_GUEST_OS_NONE);
if ((guestOSId == null || guestOSId == noneGuestOs.getId()) && bootable == true){
throw new InvalidParameterValueException("Please pass a valid GuestOS Id");
}
if (bootable == false){
guestOSId = noneGuestOs.getId(); //Guest os id of None.
}
} else {
if (bits == null) {
bits = Integer.valueOf(64);
}
if (passwordEnabled == null) {
passwordEnabled = false;
}
if (requiresHVM == null) {
requiresHVM = true;
}
}
if (isExtractable == null) {
isExtractable = Boolean.FALSE;
@ -159,30 +159,30 @@ public abstract class TemplateAdapterBase extends AdapterBase implements Templat
sshkeyEnabled = Boolean.FALSE;
}
boolean isAdmin = _accountDao.findById(templateOwner.getId()).getType() == Account.ACCOUNT_TYPE_ADMIN;
boolean isAdmin = _accountDao.findById(templateOwner.getId()).getType() == Account.ACCOUNT_TYPE_ADMIN;
if (!isAdmin && zoneId == null) {
throw new InvalidParameterValueException("Please specify a valid zone Id.");
}
if (!isAdmin && zoneId == null) {
throw new InvalidParameterValueException("Please specify a valid zone Id.");
}
if (url.toLowerCase().contains("file://")) {
throw new InvalidParameterValueException("File:// type urls are currently unsupported");
}
if (url.toLowerCase().contains("file://")) {
throw new InvalidParameterValueException("File:// type urls are currently unsupported");
}
// check whether owner can create public templates
boolean allowPublicUserTemplates = Boolean.parseBoolean(_configServer.getConfigValue(Config.AllowPublicUserTemplates.key(), Config.ConfigurationParameterScope.account.toString(), templateOwner.getId()));
if (!isAdmin && !allowPublicUserTemplates && isPublic) {
throw new InvalidParameterValueException("Only private templates/ISO can be created.");
}
// check whether owner can create public templates
boolean allowPublicUserTemplates = Boolean.parseBoolean(_configServer.getConfigValue(Config.AllowPublicUserTemplates.key(), Config.ConfigurationParameterScope.account.toString(), templateOwner.getId()));
if (!isAdmin && !allowPublicUserTemplates && isPublic) {
throw new InvalidParameterValueException("Only private templates/ISO can be created.");
}
if (!isAdmin || featured == null) {
featured = Boolean.FALSE;
}
if (!isAdmin || featured == null) {
featured = Boolean.FALSE;
}
ImageFormat imgfmt = ImageFormat.valueOf(format.toUpperCase());
if (imgfmt == null) {
throw new IllegalArgumentException("Image format is incorrect " + format + ". Supported formats are " + EnumUtils.listValues(ImageFormat.values()));
}
ImageFormat imgfmt = ImageFormat.valueOf(format.toUpperCase());
if (imgfmt == null) {
throw new IllegalArgumentException("Image format is incorrect " + format + ". Supported formats are " + EnumUtils.listValues(ImageFormat.values()));
}
// Check that the resource limit for templates/ISOs won't be exceeded
UserVO user = _userDao.findById(userId);
@ -193,19 +193,19 @@ public abstract class TemplateAdapterBase extends AdapterBase implements Templat
_resourceLimitMgr.checkResourceLimit(templateOwner, ResourceType.template);
if (templateOwner.getType() != Account.ACCOUNT_TYPE_ADMIN && zoneId == null) {
throw new IllegalArgumentException("Only admins can create templates in all zones");
throw new IllegalArgumentException("Only admins can create templates in all zones");
}
// If a zoneId is specified, make sure it is valid
if (zoneId != null) {
DataCenterVO zone = _dcDao.findById(zoneId);
if (zone == null) {
throw new IllegalArgumentException("Please specify a valid zone.");
}
Account caller = CallContext.current().getCallingAccount();
if(Grouping.AllocationState.Disabled == zone.getAllocationState() && !_accountMgr.isRootAdmin(caller.getType())){
throw new PermissionDeniedException("Cannot perform this operation, Zone is currently disabled: "+ zoneId );
}
DataCenterVO zone = _dcDao.findById(zoneId);
if (zone == null) {
throw new IllegalArgumentException("Please specify a valid zone.");
}
Account caller = CallContext.current().getCallingAccount();
if(Grouping.AllocationState.Disabled == zone.getAllocationState() && !_accountMgr.isRootAdmin(caller.getType())){
throw new PermissionDeniedException("Cannot perform this operation, Zone is currently disabled: "+ zoneId );
}
}
List<VMTemplateVO> systemvmTmplts = _tmpltDao.listAllSystemVMTemplates();
@ -221,146 +221,162 @@ public abstract class TemplateAdapterBase extends AdapterBase implements Templat
featured, isExtractable, imgfmt, guestOSId, zoneId, hypervisorType, templateOwner.getAccountName(), templateOwner.getDomainId(),
templateOwner.getAccountId(), chksum, bootable, templateTag, details, sshkeyEnabled, null, isDynamicallyScalable, templateType);
}
}
@Override
public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocationException {
//check if the caller can operate with the template owner
@Override
public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocationException {
//check if the caller can operate with the template owner
Account caller = CallContext.current().getCallingAccount();
Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
_accountMgr.checkAccess(caller, null, true, owner);
boolean isRouting = (cmd.isRoutingType() == null) ? false : cmd.isRoutingType();
boolean isRouting = (cmd.isRoutingType() == null) ? false : cmd.isRoutingType();
return prepare(false, CallContext.current().getCallingUserId(), cmd.getTemplateName(), cmd.getDisplayText(),
Long zoneId = cmd.getZoneId();
// ignore passed zoneId if we are using region wide image store
List<ImageStoreVO> stores = _imgStoreDao.findRegionImageStores();
if (stores != null && stores.size() > 0) {
zoneId = -1L;
}
return prepare(false, CallContext.current().getCallingUserId(), cmd.getTemplateName(), cmd.getDisplayText(),
cmd.getBits(), cmd.isPasswordEnabled(), cmd.getRequiresHvm(), cmd.getUrl(), cmd.isPublic(), cmd.isFeatured(),
cmd.isExtractable(), cmd.getFormat(), cmd.getOsTypeId(), cmd.getZoneId(), HypervisorType.getType(cmd.getHypervisor()),
cmd.isExtractable(), cmd.getFormat(), cmd.getOsTypeId(), zoneId, HypervisorType.getType(cmd.getHypervisor()),
cmd.getChecksum(), true, cmd.getTemplateTag(), owner, cmd.getDetails(), cmd.isSshKeyEnabled(), null, cmd.isDynamicallyScalable(),
isRouting ? TemplateType.ROUTING : TemplateType.USER);
}
}
@Override
@Override
public TemplateProfile prepare(RegisterIsoCmd cmd) throws ResourceAllocationException {
//check if the caller can operate with the template owner
Account caller = CallContext.current().getCallingAccount();
Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
_accountMgr.checkAccess(caller, null, true, owner);
//check if the caller can operate with the template owner
Account caller = CallContext.current().getCallingAccount();
Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
_accountMgr.checkAccess(caller, null, true, owner);
Long zoneId = cmd.getZoneId();
// ignore passed zoneId if we are using region wide image store
List<ImageStoreVO> stores = _imgStoreDao.findRegionImageStores();
if (stores != null && stores.size() > 0) {
zoneId = -1L;
}
return prepare(true, CallContext.current().getCallingUserId(), cmd.getIsoName(), cmd.getDisplayText(), 64, false,
true, cmd.getUrl(), cmd.isPublic(), cmd.isFeatured(), cmd.isExtractable(), ImageFormat.ISO.toString(), cmd.getOsTypeId(),
cmd.getZoneId(), HypervisorType.None, cmd.getChecksum(), cmd.isBootable(), null, owner, null, false, cmd.getImageStoreUuid(), cmd.isDynamicallyScalable(),
zoneId, HypervisorType.None, cmd.getChecksum(), cmd.isBootable(), null, owner, null, false, cmd.getImageStoreUuid(), cmd.isDynamicallyScalable(),
TemplateType.USER);
}
}
protected VMTemplateVO persistTemplate(TemplateProfile profile) {
Long zoneId = profile.getZoneId();
VMTemplateVO template = new VMTemplateVO(profile.getTemplateId(), profile.getName(), profile.getFormat(), profile.getIsPublic(),
profile.getFeatured(), profile.getIsExtractable(), profile.getTemplateType(), profile.getUrl(), profile.getRequiresHVM(),
profile.getBits(), profile.getAccountId(), profile.getCheckSum(), profile.getDisplayText(),
profile.getPasswordEnabled(), profile.getGuestOsId(), profile.getBootable(), profile.getHypervisorType(), profile.getTemplateTag(),
profile.getDetails(), profile.getSshKeyEnabled(), profile.IsDynamicallyScalable());
protected VMTemplateVO persistTemplate(TemplateProfile profile) {
Long zoneId = profile.getZoneId();
VMTemplateVO template = new VMTemplateVO(profile.getTemplateId(), profile.getName(), profile.getFormat(), profile.getIsPublic(),
profile.getFeatured(), profile.getIsExtractable(), profile.getTemplateType(), profile.getUrl(), profile.getRequiresHVM(),
profile.getBits(), profile.getAccountId(), profile.getCheckSum(), profile.getDisplayText(),
profile.getPasswordEnabled(), profile.getGuestOsId(), profile.getBootable(), profile.getHypervisorType(), profile.getTemplateTag(),
profile.getDetails(), profile.getSshKeyEnabled(), profile.IsDynamicallyScalable());
if (zoneId == null || zoneId.longValue() == -1) {
if (zoneId == null || zoneId.longValue() == -1) {
List<DataCenterVO> dcs = _dcDao.listAll();
if (dcs.isEmpty()) {
throw new CloudRuntimeException("No zones are present in the system, can't add template");
throw new CloudRuntimeException("No zones are present in the system, can't add template");
}
template.setCrossZones(true);
for (DataCenterVO dc: dcs) {
_tmpltDao.addTemplateToZone(template, dc.getId());
}
for (DataCenterVO dc: dcs) {
_tmpltDao.addTemplateToZone(template, dc.getId());
}
} else {
_tmpltDao.addTemplateToZone(template, zoneId);
_tmpltDao.addTemplateToZone(template, zoneId);
}
return _tmpltDao.findById(template.getId());
}
return _tmpltDao.findById(template.getId());
}
private Long accountAndUserValidation(Account account, long userId, UserVmVO vmInstanceCheck, VMTemplateVO template, String msg)
throws PermissionDeniedException {
private Long accountAndUserValidation(Account account, long userId, UserVmVO vmInstanceCheck, VMTemplateVO template, String msg)
throws PermissionDeniedException {
if (account != null) {
if (!isAdmin(account.getType())) {
if ((vmInstanceCheck != null) && (account.getId() != vmInstanceCheck.getAccountId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
if (account != null) {
if (!isAdmin(account.getType())) {
if ((vmInstanceCheck != null) && (account.getId() != vmInstanceCheck.getAccountId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
if ((template != null)
&& (!template.isPublicTemplate() && (account.getId() != template.getAccountId()) && (template.getTemplateType() != TemplateType.PERHOST))) {
//special handling for the project case
Account owner = _accountMgr.getAccount(template.getAccountId());
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (!_projectMgr.canAccessProjectAccount(account, owner.getId())) {
throw new PermissionDeniedException(msg + ". Permission denied. The caller can't access project's template");
}
} else {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
}
} else {
if ((vmInstanceCheck != null) && !_domainDao.isChildDomain(account.getDomainId(), vmInstanceCheck.getDomainId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
// FIXME: if template/ISO owner is null we probably need to
// throw some kind of exception
if ((template != null)
&& (!template.isPublicTemplate() && (account.getId() != template.getAccountId()) && (template.getTemplateType() != TemplateType.PERHOST))) {
//special handling for the project case
Account owner = _accountMgr.getAccount(template.getAccountId());
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (!_projectMgr.canAccessProjectAccount(account, owner.getId())) {
throw new PermissionDeniedException(msg + ". Permission denied. The caller can't access project's template");
}
} else {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
}
} else {
if ((vmInstanceCheck != null) && !_domainDao.isChildDomain(account.getDomainId(), vmInstanceCheck.getDomainId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
// FIXME: if template/ISO owner is null we probably need to
// throw some kind of exception
if (template != null) {
Account templateOwner = _accountDao.findById(template.getAccountId());
if ((templateOwner != null) && !_domainDao.isChildDomain(account.getDomainId(), templateOwner.getDomainId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
}
}
}
if (template != null) {
Account templateOwner = _accountDao.findById(template.getAccountId());
if ((templateOwner != null) && !_domainDao.isChildDomain(account.getDomainId(), templateOwner.getDomainId())) {
throw new PermissionDeniedException(msg + ". Permission denied.");
}
}
}
}
return userId;
}
return userId;
}
@Override
@Override
public TemplateProfile prepareDelete(DeleteTemplateCmd cmd) {
Long templateId = cmd.getId();
Long userId = CallContext.current().getCallingUserId();
Account account = CallContext.current().getCallingAccount();
Long zoneId = cmd.getZoneId();
Long templateId = cmd.getId();
Long userId = CallContext.current().getCallingUserId();
Account account = CallContext.current().getCallingAccount();
Long zoneId = cmd.getZoneId();
VMTemplateVO template = _tmpltDao.findById(templateId.longValue());
if (template == null) {
throw new InvalidParameterValueException("unable to find template with id " + templateId);
}
VMTemplateVO template = _tmpltDao.findById(templateId.longValue());
if (template == null) {
throw new InvalidParameterValueException("unable to find template with id " + templateId);
}
userId = accountAndUserValidation(account, userId, null, template, "Unable to delete template ");
userId = accountAndUserValidation(account, userId, null, template, "Unable to delete template ");
UserVO user = _userDao.findById(userId);
if (user == null) {
throw new InvalidParameterValueException("Please specify a valid user.");
}
UserVO user = _userDao.findById(userId);
if (user == null) {
throw new InvalidParameterValueException("Please specify a valid user.");
}
if (template.getFormat() == ImageFormat.ISO) {
throw new InvalidParameterValueException("Please specify a valid template.");
}
if (template.getFormat() == ImageFormat.ISO) {
throw new InvalidParameterValueException("Please specify a valid template.");
}
return new TemplateProfile(userId, template, zoneId);
}
return new TemplateProfile(userId, template, zoneId);
}
public TemplateProfile prepareExtractTemplate(ExtractTemplateCmd cmd) {
Long templateId = cmd.getId();
Long userId = CallContext.current().getCallingUserId();
Long zoneId = cmd.getZoneId();
@Override
public TemplateProfile prepareExtractTemplate(ExtractTemplateCmd cmd) {
Long templateId = cmd.getId();
Long userId = CallContext.current().getCallingUserId();
Long zoneId = cmd.getZoneId();
VMTemplateVO template = _tmpltDao.findById(templateId.longValue());
if (template == null) {
throw new InvalidParameterValueException("unable to find template with id " + templateId);
}
return new TemplateProfile(userId, template, zoneId);
}
VMTemplateVO template = _tmpltDao.findById(templateId.longValue());
if (template == null) {
throw new InvalidParameterValueException("unable to find template with id " + templateId);
}
return new TemplateProfile(userId, template, zoneId);
}
public TemplateProfile prepareDelete(DeleteIsoCmd cmd) {
Long templateId = cmd.getId();
@Override
public TemplateProfile prepareDelete(DeleteIsoCmd cmd) {
Long templateId = cmd.getId();
Long userId = CallContext.current().getCallingUserId();
Account account = CallContext.current().getCallingAccount();
Long zoneId = cmd.getZoneId();
@ -372,20 +388,20 @@ public abstract class TemplateAdapterBase extends AdapterBase implements Templat
userId = accountAndUserValidation(account, userId, null, template, "Unable to delete iso " );
UserVO user = _userDao.findById(userId);
if (user == null) {
throw new InvalidParameterValueException("Please specify a valid user.");
}
UserVO user = _userDao.findById(userId);
if (user == null) {
throw new InvalidParameterValueException("Please specify a valid user.");
}
if (template.getFormat() != ImageFormat.ISO) {
throw new InvalidParameterValueException("Please specify a valid iso.");
}
if (template.getFormat() != ImageFormat.ISO) {
throw new InvalidParameterValueException("Please specify a valid iso.");
}
return new TemplateProfile(userId, template, zoneId);
}
return new TemplateProfile(userId, template, zoneId);
}
@Override
@Override
abstract public VMTemplateVO create(TemplateProfile profile);
@Override
@Override
abstract public boolean delete(TemplateProfile profile);
}

14
server/src/com/cloud/template/TemplateManagerImpl.java
View File

@ -123,7 +123,6 @@ import com.cloud.server.ConfigurationServer;
import com.cloud.storage.DataStoreRole;
import com.cloud.storage.GuestOSVO;
import com.cloud.storage.LaunchPermissionVO;
import com.cloud.storage.ScopeType;
import com.cloud.storage.Snapshot;
import com.cloud.storage.SnapshotVO;
import com.cloud.storage.Storage;
@ -397,7 +396,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
if (template == null) {
throw new InvalidParameterValueException("unable to find template with id " + templateId);
}
return extract(caller, templateId, url, zoneId, mode, eventId, false);
}
@ -698,6 +697,11 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
throw new InvalidParameterValueException("Unable to find template with id");
}
if (template.isCrossZones()){
s_logger.debug("Template " + templateId + " is cross-zone, don't need to copy");
return template;
}
DataStore dstSecStore = getImageStore(destZoneId, templateId);
if (dstSecStore != null) {
s_logger.debug("There is template " + templateId + " in secondary storage " + dstSecStore.getName() + " in zone " + destZoneId
@ -709,10 +713,6 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
if (srcSecStore == null) {
throw new InvalidParameterValueException("There is no template " + templateId + " in zone " + sourceZoneId);
}
if (srcSecStore.getScope().getScopeType() == ScopeType.REGION) {
s_logger.debug("Template " + templateId + " is in region-wide secondary storage " + srcSecStore.getName() + " , don't need to copy");
return template;
}
_accountMgr.checkAccess(caller, AccessType.ModifyEntry, true, template);
@ -1266,7 +1266,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
}
_tmpltDao.update(template.getId(), updatedTemplate);
//when operation is add/remove, accountNames can not be null
if (("add".equalsIgnoreCase(operation) || "remove".equalsIgnoreCase(operation)) && accountNames == null) {
throw new InvalidParameterValueException("Operation " + operation + " requires accounts or projectIds to be passed in");