diff --git a/api/src/main/java/com/cloud/user/AccountService.java b/api/src/main/java/com/cloud/user/AccountService.java index e2c3bed0c29..c0ebcf09f59 100644 --- a/api/src/main/java/com/cloud/user/AccountService.java +++ b/api/src/main/java/com/cloud/user/AccountService.java @@ -87,6 +87,8 @@ public interface AccountService { boolean isDomainAdmin(Long accountId); + boolean isResourceDomainAdmin(Long accountId); + boolean isNormalUser(long accountId); User getActiveUserByRegistrationToken(String registrationToken); diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java index 362913a1138..90ec9d1ff07 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java @@ -128,19 +128,19 @@ public class ListClustersCmd extends BaseListCmd { protected Pair, Integer> getClusterResponses() { Pair, Integer> result = _mgr.searchForClusters(this); - List clusterResponses = new ArrayList(); + List clusterResponses = new ArrayList<>(); for (Cluster cluster : result.first()) { ClusterResponse clusterResponse = _responseGenerator.createClusterResponse(cluster, showCapacities); clusterResponse.setObjectName("cluster"); clusterResponses.add(clusterResponse); } - return new Pair, Integer>(clusterResponses, result.second()); + return new Pair<>(clusterResponses, result.second()); } @Override public void execute() { Pair, Integer> clusterResponses = getClusterResponses(); - ListResponse response = new ListResponse(); + ListResponse response = new ListResponse<>(); response.setResponses(clusterResponses.first(), clusterResponses.second()); response.setResponseName(getCommandName()); this.setResponseObject(response); diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java index 5ad0b457ced..10370b4c78a 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java @@ -86,8 +86,8 @@ public class ListPodsByCmd extends BaseListCmd { @Override public void execute() { Pair, Integer> result = _mgr.searchForPods(this); - ListResponse response = new ListResponse(); - List podResponses = new ArrayList(); + ListResponse response = new ListResponse<>(); + List podResponses = new ArrayList<>(); for (Pod pod : result.first()) { PodResponse podResponse = _responseGenerator.createPodResponse(pod, showCapacities); podResponse.setObjectName("pod"); diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java index d926257437e..8d371bb6761 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java @@ -34,8 +34,6 @@ import org.apache.cloudstack.api.response.ZoneResponse; requestHasSensitiveInfo = false, responseHasSensitiveInfo = false) public class ListZonesCmd extends BaseListCmd implements UserCmd { - private static final String s_name = "listzonesresponse"; - ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// @@ -113,11 +111,6 @@ public class ListZonesCmd extends BaseListCmd implements UserCmd { /////////////// API Implementation/////////////////// ///////////////////////////////////////////////////// - @Override - public String getCommandName() { - return s_name; - } - @Override public void execute() { ListResponse response = _queryService.listDataCenters(this); diff --git a/api/src/main/java/org/apache/cloudstack/query/QueryService.java b/api/src/main/java/org/apache/cloudstack/query/QueryService.java index 0a5721abdc1..0f658e5d20d 100644 --- a/api/src/main/java/org/apache/cloudstack/query/QueryService.java +++ b/api/src/main/java/org/apache/cloudstack/query/QueryService.java @@ -112,11 +112,11 @@ public interface QueryService { ConfigKey AllowUserViewDestroyedVM = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.destroyed.vm", "false", "Determines whether users can view their destroyed or expunging vm ", true, ConfigKey.Scope.Account); - static final ConfigKey UserVMDeniedDetails = new ConfigKey<>(String.class, + ConfigKey UserVMDeniedDetails = new ConfigKey<>(String.class, "user.vm.denied.details", "Advanced", "rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag", "Determines whether users can view certain VM settings. When set to empty, default value used is: rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag.", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null); - static final ConfigKey UserVMReadOnlyDetails = new ConfigKey<>(String.class, + ConfigKey UserVMReadOnlyDetails = new ConfigKey<>(String.class, "user.vm.readonly.details", "Advanced", "dataDiskController, rootDiskController", "List of read-only VM settings/details as comma separated string", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null); @@ -125,16 +125,20 @@ public interface QueryService { "network offering, zones), we use the flag to determine if the entities should be sorted ascending (when flag is true) " + "or descending (when flag is false). Within the scope of the config all users see the same result.", true, ConfigKey.Scope.Global); - public static final ConfigKey AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class, + ConfigKey AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.all.domain.accounts", "false", "Determines whether users can view all user accounts within the same domain", true, ConfigKey.Scope.Domain); - static final ConfigKey SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true", + ConfigKey AllowUserViewAllDataCenters = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.all.zones", "true", + "Determines whether for instance a Resource Admin can view zones that are not dedicated to them.", true, ConfigKey.Scope.Domain); + + ConfigKey SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true", "If false, templates of this domain will not show up in the list templates of other domains.", true, ConfigKey.Scope.Domain); ConfigKey ReturnVmStatsOnVmList = new ConfigKey<>("Advanced", Boolean.class, "list.vm.default.details.stats", "true", "Determines whether VM stats should be returned when details are not explicitly specified in listVirtualMachines API request. When false, details default to [group, nics, secgrp, tmpl, servoff, diskoff, backoff, iso, volume, min, affgrp]. When true, all details are returned including 'stats'.", true, ConfigKey.Scope.Global); + ListResponse searchForUsers(ResponseObject.ResponseView responseView, ListUsersCmd cmd) throws PermissionDeniedException; ListResponse searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException; diff --git a/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java b/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java index d30d7b2f74d..bc9dbfa7b43 100644 --- a/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java +++ b/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java @@ -236,6 +236,12 @@ public class MockAccountManager extends ManagerBase implements AccountManager { return false; } + @Override + public boolean isResourceDomainAdmin(Long accountId) { + // TODO Auto-generated method stub + return false; + } + @Override public boolean isNormalUser(long accountId) { // TODO Auto-generated method stub diff --git a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java index a2edc05a492..7c8c9ae28c8 100644 --- a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java +++ b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java @@ -160,7 +160,6 @@ import org.apache.cloudstack.storage.datastore.db.SnapshotDataStoreVO; import org.apache.cloudstack.storage.datastore.db.StoragePoolDetailVO; import org.apache.cloudstack.storage.datastore.db.StoragePoolDetailsDao; import org.apache.cloudstack.storage.datastore.db.StoragePoolVO; -import org.apache.cloudstack.storage.datastore.db.TemplateDataStoreDao; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.collections.MapUtils; import org.apache.commons.lang3.EnumUtils; @@ -193,6 +192,7 @@ import com.cloud.api.query.dao.VolumeJoinDao; import com.cloud.api.query.vo.AccountJoinVO; import com.cloud.api.query.vo.AffinityGroupJoinVO; import com.cloud.api.query.vo.AsyncJobJoinVO; +import com.cloud.api.query.vo.BaseViewWithTagInformationVO; import com.cloud.api.query.vo.DataCenterJoinVO; import com.cloud.api.query.vo.DiskOfferingJoinVO; import com.cloud.api.query.vo.DomainJoinVO; @@ -246,7 +246,6 @@ import com.cloud.network.RouterHealthCheckResult; import com.cloud.network.VNF; import com.cloud.network.VpcVirtualNetworkApplianceService; import com.cloud.network.as.AutoScaleVmGroupVmMapVO; -import com.cloud.network.as.dao.AutoScaleVmGroupDao; import com.cloud.network.as.dao.AutoScaleVmGroupVmMapDao; import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.IPAddressVO; @@ -289,7 +288,6 @@ import com.cloud.storage.SnapshotVO; import com.cloud.storage.Storage; import com.cloud.storage.Storage.ImageFormat; import com.cloud.storage.Storage.TemplateType; -import com.cloud.storage.StorageManager; import com.cloud.storage.StoragePool; import com.cloud.storage.StoragePoolHostVO; import com.cloud.storage.StoragePoolStatus; @@ -524,9 +522,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Inject ProjectInvitationDao projectInvitationDao; - @Inject - TemplateDataStoreDao templateDataStoreDao; - @Inject VMTemplatePoolDao templatePoolDao; @@ -544,8 +539,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Inject ResourceIconDao resourceIconDao; - @Inject - StorageManager storageManager; @Inject ManagementServerHostDao msHostDao; @@ -583,9 +576,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Inject BackupOfferingDao backupOfferingDao; - @Inject - AutoScaleVmGroupDao autoScaleVmGroupDao; - @Inject AutoScaleVmGroupVmMapDao autoScaleVmGroupVmMapDao; @@ -613,46 +603,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Inject ManagementServerHostPeerJoinDao mshostPeerJoinDao; - - private SearchCriteria getMinimumCpuServiceOfferingJoinSearchCriteria(int cpu) { - SearchCriteria sc = _srvOfferingJoinDao.createSearchCriteria(); - SearchCriteria sc1 = _srvOfferingJoinDao.createSearchCriteria(); - sc1.addAnd("cpu", Op.GTEQ, cpu); - sc.addOr("cpu", Op.SC, sc1); - SearchCriteria sc2 = _srvOfferingJoinDao.createSearchCriteria(); - sc2.addAnd("cpu", Op.NULL); - sc2.addAnd("maxCpu", Op.NULL); - sc.addOr("cpu", Op.SC, sc2); - SearchCriteria sc3 = _srvOfferingJoinDao.createSearchCriteria(); - sc3.addAnd("cpu", Op.NULL); - sc3.addAnd("maxCpu", Op.GTEQ, cpu); - sc.addOr("cpu", Op.SC, sc3); - return sc; - } - - private SearchCriteria getMinimumMemoryServiceOfferingJoinSearchCriteria(int memory) { - SearchCriteria sc = _srvOfferingJoinDao.createSearchCriteria(); - SearchCriteria sc1 = _srvOfferingJoinDao.createSearchCriteria(); - sc1.addAnd("ramSize", Op.GTEQ, memory); - sc.addOr("ramSize", Op.SC, sc1); - SearchCriteria sc2 = _srvOfferingJoinDao.createSearchCriteria(); - sc2.addAnd("ramSize", Op.NULL); - sc2.addAnd("maxMemory", Op.NULL); - sc.addOr("ramSize", Op.SC, sc2); - SearchCriteria sc3 = _srvOfferingJoinDao.createSearchCriteria(); - sc3.addAnd("ramSize", Op.NULL); - sc3.addAnd("maxMemory", Op.GTEQ, memory); - sc.addOr("ramSize", Op.SC, sc3); - return sc; - } - - private SearchCriteria getMinimumCpuSpeedServiceOfferingJoinSearchCriteria(int speed) { - SearchCriteria sc = _srvOfferingJoinDao.createSearchCriteria(); - sc.addOr("speed", Op.GTEQ, speed); - sc.addOr("speed", Op.NULL); - return sc; - } - /* * (non-Javadoc) * @@ -668,7 +618,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q responseView = ResponseView.Full; } List userResponses = ViewResponseHelper.createUserResponse(responseView, CallContext.current().getCallingAccount().getDomainId(), - result.first().toArray(new UserAccountJoinVO[result.first().size()])); + result.first().toArray(new UserAccountJoinVO[0])); response.setResponses(userResponses, result.second()); return response; } @@ -676,17 +626,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException { Account caller = CallContext.current().getCallingAccount(); - List permittedAccounts = new ArrayList(); + List permittedAccounts = new ArrayList<>(); boolean listAll = true; Long id = null; if (caller.getType() == Account.Type.NORMAL) { - long currentId = CallContext.current().getCallingUser().getId(); - if (id != null && currentId != id.longValue()) { - throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id"); - } - id = currentId; + id = CallContext.current().getCallingUser().getId(); } Object username = null; Object type = null; @@ -696,9 +642,9 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = getUserListInternal(caller, permittedAccounts, listAll, id, username, type, accountName, state, keyword, null, domainId, recursive, null); - ListResponse response = new ListResponse(); + ListResponse response = new ListResponse<>(); List userResponses = ViewResponseHelper.createUserResponse(ResponseView.Restricted, CallContext.current().getCallingAccount().getDomainId(), - result.first().toArray(new UserAccountJoinVO[result.first().size()])); + result.first().toArray(new UserAccountJoinVO[0])); response.setResponses(userResponses, result.second()); return response; } @@ -706,13 +652,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private Pair, Integer> searchForUsersInternal(ListUsersCmd cmd) throws PermissionDeniedException { Account caller = CallContext.current().getCallingAccount(); - List permittedAccounts = new ArrayList(); + List permittedAccounts = new ArrayList<>(); boolean listAll = cmd.listAll(); Long id = cmd.getId(); if (caller.getType() == Account.Type.NORMAL) { long currentId = CallContext.current().getCallingUser().getId(); - if (id != null && currentId != id.longValue()) { + if (id != null && currentId != id) { throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id"); } id = currentId; @@ -736,7 +682,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private Pair, Integer> getUserListInternal(Account caller, List permittedAccounts, boolean listAll, Long id, Object username, Object type, String accountName, Object state, String keyword, String apiKeyAccess, Long domainId, boolean recursive, Filter searchFilter) { - Ternary domainIdRecursiveListProject = new Ternary(domainId, recursive, null); + Ternary domainIdRecursiveListProject = new Ternary<>(domainId, recursive, null); accountMgr.buildACLSearchParameters(caller, id, accountName, null, permittedAccounts, domainIdRecursiveListProject, listAll, false); domainId = domainIdRecursiveListProject.first(); Boolean isRecursive = domainIdRecursiveListProject.second(); @@ -747,8 +693,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q sb.and("username", sb.entity().getUsername(), Op.LIKE); if (id != null && id == 1) { // system user should NOT be searchable - List emptyList = new ArrayList(); - return new Pair, Integer>(emptyList, 0); + List emptyList = new ArrayList<>(); + return new Pair<>(emptyList, 0); } else if (id != null) { sb.and("id", sb.entity().getId(), Op.EQ); } else { @@ -834,7 +780,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse searchForEvents(ListEventsCmd cmd) { Pair, Integer> result = searchForEventsInternal(cmd); ListResponse response = new ListResponse<>(); - List eventResponses = ViewResponseHelper.createEventResponse(result.first().toArray(new EventJoinVO[result.first().size()])); + List eventResponses = ViewResponseHelper.createEventResponse(result.first().toArray(new EventJoinVO[0])); response.setResponses(eventResponses, result.second()); return response; } @@ -1034,7 +980,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse listTags(ListTagsCmd cmd) { Pair, Integer> tags = listTagsInternal(cmd); ListResponse response = new ListResponse<>(); - List tagResponses = ViewResponseHelper.createResourceTagResponse(false, tags.first().toArray(new ResourceTagJoinVO[tags.first().size()])); + List tagResponses = ViewResponseHelper.createResourceTagResponse(false, tags.first().toArray(new ResourceTagJoinVO[0])); response.setResponses(tagResponses, tags.second()); return response; } @@ -1120,7 +1066,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse searchForVmGroups(ListVMGroupsCmd cmd) { Pair, Integer> groups = searchForVmGroupsInternal(cmd); ListResponse response = new ListResponse<>(); - List grpResponses = ViewResponseHelper.createInstanceGroupResponse(groups.first().toArray(new InstanceGroupJoinVO[groups.first().size()])); + List grpResponses = ViewResponseHelper.createInstanceGroupResponse(groups.first().toArray(new InstanceGroupJoinVO[0])); response.setResponses(grpResponses, groups.second()); return response; } @@ -1183,7 +1129,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } List vmResponses = ViewResponseHelper.createUserVmResponse(respView, "virtualmachine", cmd.getDetails(), cmd.getAccumulate(), cmd.getShowUserData(), - result.first().toArray(new UserVmJoinVO[result.first().size()])); + result.first().toArray(new UserVmJoinVO[0])); response.setResponses(vmResponses, result.second()); return response; @@ -1462,11 +1408,11 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q resourceTagSearch.and().op(); for (int count = 0; count < tags.size(); count++) { if (count == 0) { - resourceTagSearch.op("tagKey" + String.valueOf(count), resourceTagSearch.entity().getKey(), Op.EQ); + resourceTagSearch.op("tagKey" + count, resourceTagSearch.entity().getKey(), Op.EQ); } else { - resourceTagSearch.or().op("tagKey" + String.valueOf(count), resourceTagSearch.entity().getKey(), Op.EQ); + resourceTagSearch.or().op("tagKey" + count, resourceTagSearch.entity().getKey(), Op.EQ); } - resourceTagSearch.and("tagValue" + String.valueOf(count), resourceTagSearch.entity().getValue(), Op.EQ); + resourceTagSearch.and("tagValue" + count, resourceTagSearch.entity().getValue(), Op.EQ); resourceTagSearch.cp(); } resourceTagSearch.cp(); @@ -1621,8 +1567,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q int count = 0; userVmSearchCriteria.setJoinParameters("tags","resourceType", ResourceObjectType.UserVm); for (Map.Entry entry : tags.entrySet()) { - userVmSearchCriteria.setJoinParameters("tags", "tagKey" + String.valueOf(count), entry.getKey()); - userVmSearchCriteria.setJoinParameters("tags", "tagValue" + String.valueOf(count), entry.getValue()); + userVmSearchCriteria.setJoinParameters("tags", "tagKey" + count, entry.getKey()); + userVmSearchCriteria.setJoinParameters("tags", "tagValue" + count, entry.getValue()); count++; } } @@ -1685,11 +1631,10 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q userVmSearchCriteria.setParameters("hostId", hostId); } - if (storageId != null && pool != null) { + if (storageId != null) { if (pool.getPoolType().equals(Storage.StoragePoolType.DatastoreCluster)) { List childDatastores = storagePoolDao.listChildStoragePoolsInDatastoreCluster(storageId); - List childDatastoreIds = childDatastores.stream().map(mo -> mo.getId()).collect(Collectors.toList()); - userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", childDatastoreIds.toArray()); + userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", childDatastores.stream().map(StoragePoolVO::getId).toArray()); } else { userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", storageId); } @@ -1729,7 +1674,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q throw new InvalidParameterValueException("Unable to list network groups for virtual machine instance " + instanceId + "; instance not found."); } accountMgr.checkAccess(caller, null, true, userVM); - return listSecurityGroupRulesByVM(instanceId.longValue(), cmd.getStartIndex(), cmd.getPageSizeVal()); + return listSecurityGroupRulesByVM(instanceId, cmd.getStartIndex(), cmd.getPageSizeVal()); } Ternary domainIdRecursiveListProject = new Ternary<>(cmd.getDomainId(), cmd.isRecursive(), null); @@ -1779,7 +1724,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search security group together with rules Pair, Integer> uniqueSgPair = _securityGroupJoinDao.searchAndCount(sc, searchFilter); Integer count = uniqueSgPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // handle empty result cases return uniqueSgPair; } @@ -1798,7 +1743,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Filter sf = new Filter(SecurityGroupVMMapVO.class, null, true, pageInd, pageSize); Pair, Integer> sgVmMappingPair = securityGroupVMMapDao.listByInstanceId(vmId, sf); Integer count = sgVmMappingPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // handle empty result cases return new Pair<>(new ArrayList<>(), count); } @@ -1817,7 +1762,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForRoutersInternal(cmd, cmd.getId(), cmd.getRouterName(), cmd.getState(), cmd.getZoneId(), cmd.getPodId(), cmd.getClusterId(), cmd.getHostId(), cmd.getKeyword(), cmd.getNetworkId(), cmd.getVpcId(), cmd.getForVpc(), cmd.getRole(), cmd.getVersion(), cmd.isHealthCheckFailed()); ListResponse response = new ListResponse<>(); - List routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[result.first().size()])); + List routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[0])); if (VirtualNetworkApplianceManager.RouterHealthChecksEnabled.value()) { for (DomainRouterResponse res : routerResponses) { DomainRouterVO resRouter = _routerDao.findByUuid(res.getId()); @@ -1837,7 +1782,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForRoutersInternal(cmd, cmd.getId(), cmd.getRouterName(), cmd.getState(), cmd.getZoneId(), cmd.getPodId(), null, cmd.getHostId(), cmd.getKeyword(), cmd.getNetworkId(), cmd.getVpcId(), cmd.getForVpc(), cmd.getRole(), null, null); ListResponse response = new ListResponse<>(); - List routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[result.first().size()])); + List routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[0])); if (VirtualNetworkApplianceManager.RouterHealthChecksEnabled.value()) { for (DomainRouterResponse res : routerResponses) { DomainRouterVO resRouter = _routerDao.findByUuid(res.getId()); @@ -1978,13 +1923,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q } if (routersWithFailures != null && ! routersWithFailures.isEmpty()) { - sc.setParameters("routerId", routersWithFailures.toArray(new Object[routersWithFailures.size()])); + sc.setParameters("routerId", routersWithFailures.toArray(new Object[0])); } // search VR details by ids Pair, Integer> uniqueVrPair = _routerJoinDao.searchAndCount(sc, searchFilter); Integer count = uniqueVrPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return uniqueVrPair; } @@ -2002,7 +1947,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse listProjects(ListProjectsCmd cmd) { Pair, Integer> projects = listProjectsInternal(cmd); ListResponse response = new ListResponse<>(); - List projectResponses = ViewResponseHelper.createProjectResponse(cmd.getDetails(), projects.first().toArray(new ProjectJoinVO[projects.first().size()])); + List projectResponses = ViewResponseHelper.createProjectResponse(cmd.getDetails(), projects.first().toArray(new ProjectJoinVO[0])); response.setResponses(projectResponses, projects.second()); return response; } @@ -2158,7 +2103,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search distinct projects to get count Pair, Integer> uniquePrjPair = _projectJoinDao.searchAndCount(sc, searchFilter); Integer count = uniquePrjPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // handle empty result cases return uniquePrjPair; } @@ -2176,7 +2121,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse listProjectInvitations(ListProjectInvitationsCmd cmd) { Pair, Integer> invites = listProjectInvitationsInternal(cmd); ListResponse response = new ListResponse<>(); - List projectInvitationResponses = ViewResponseHelper.createProjectInvitationResponse(invites.first().toArray(new ProjectInvitationJoinVO[invites.first().size()])); + List projectInvitationResponses = ViewResponseHelper.createProjectInvitationResponse(invites.first().toArray(new ProjectInvitationJoinVO[0])); response.setResponses(projectInvitationResponses, invites.second()); return response; @@ -2252,7 +2197,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse listProjectAccounts(ListProjectAccountsCmd cmd) { Pair, Integer> projectAccounts = listProjectAccountsInternal(cmd); ListResponse response = new ListResponse<>(); - List projectResponses = ViewResponseHelper.createProjectAccountResponse(projectAccounts.first().toArray(new ProjectAccountJoinVO[projectAccounts.first().size()])); + List projectResponses = ViewResponseHelper.createProjectAccountResponse(projectAccounts.first().toArray(new ProjectAccountJoinVO[0])); response.setResponses(projectResponses, projectAccounts.second()); return response; } @@ -2327,7 +2272,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> hosts = searchForServersInternal(cmd); ListResponse response = new ListResponse<>(); logger.debug(">>>Generating Response>>>"); - List hostResponses = ViewResponseHelper.createHostResponse(cmd.getDetails(), hosts.first().toArray(new HostJoinVO[hosts.first().size()])); + List hostResponses = ViewResponseHelper.createHostResponse(cmd.getDetails(), hosts.first().toArray(new HostJoinVO[0])); response.setResponses(hostResponses, hosts.second()); return response; } @@ -2357,7 +2302,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Object outOfBandManagementEnabled = cmd.isOutOfBandManagementEnabled(); Object powerState = cmd.getHostOutOfBandManagementPowerState(); Object resourceState = cmd.getResourceState(); - Object haHosts = cmd.getHaHost(); + Boolean haHosts = cmd.getHaHost(); Long startIndex = cmd.getStartIndex(); Long pageSize = cmd.getPageSizeVal(); Hypervisor.HypervisorType hypervisorType = cmd.getHypervisor(); @@ -2397,7 +2342,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q String haTag = _haMgr.getHaTag(); if (haHosts != null && haTag != null && !haTag.isEmpty()) { SearchBuilder hostTagSearchBuilder = _hostTagDao.createSearchBuilder(); - if ((Boolean)haHosts) { + if (haHosts) { hostTagSearchBuilder.and("tag", hostTagSearchBuilder.entity().getTag(), SearchCriteria.Op.EQ); } else { hostTagSearchBuilder.and().op("tag", hostTagSearchBuilder.entity().getTag(), Op.NEQ); @@ -2484,7 +2429,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } - List volumeResponses = ViewResponseHelper.createVolumeResponse(respView, result.first().toArray(new VolumeJoinVO[result.first().size()])); + List volumeResponses = ViewResponseHelper.createVolumeResponse(respView, result.first().toArray(new VolumeJoinVO[0])); for (VolumeResponse vr : volumeResponses) { String poolId = vr.getStoragePoolId(); @@ -2852,7 +2797,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } - List accountResponses = ViewResponseHelper.createAccountResponse(respView, cmd.getDetails(), result.first().toArray(new AccountJoinVO[result.first().size()])); + List accountResponses = ViewResponseHelper.createAccountResponse(respView, cmd.getDetails(), result.first().toArray(new AccountJoinVO[0])); response.setResponses(accountResponses, result.second()); return response; } @@ -3032,7 +2977,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q public ListResponse searchForAsyncJobs(ListAsyncJobsCmd cmd) { Pair, Integer> result = searchForAsyncJobsInternal(cmd); ListResponse response = new ListResponse<>(); - List jobResponses = ViewResponseHelper.createAsyncJobResponse(result.first().toArray(new AsyncJobJoinVO[result.first().size()])); + List jobResponses = ViewResponseHelper.createAsyncJobResponse(result.first().toArray(new AsyncJobJoinVO[0])); response.setResponses(jobResponses, result.second()); return response; } @@ -3149,7 +3094,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private ListResponse createStoragesPoolResponse(Pair, Integer> storagePools, boolean getCustomStats) { ListResponse response = new ListResponse<>(); - List poolResponses = ViewResponseHelper.createStoragePoolResponse(getCustomStats, storagePools.first().toArray(new StoragePoolJoinVO[storagePools.first().size()])); + List poolResponses = ViewResponseHelper.createStoragePoolResponse(getCustomStats, storagePools.first().toArray(new StoragePoolJoinVO[0])); Map poolUuidToIdMap = storagePools.first().stream().collect(Collectors.toMap(StoragePoolJoinVO::getUuid, StoragePoolJoinVO::getId, (a, b) -> a)); for (StoragePoolResponse poolResponse : poolResponses) { DataStore store = dataStoreManager.getPrimaryDataStore(poolResponse.getId()); @@ -3202,16 +3147,16 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Override public ListResponse searchForStorageTags(ListStorageTagsCmd cmd) { - Pair, Integer> result = searchForStorageTagsInternal(cmd); + Pair, Integer> result = searchForStorageTagsInternal(); ListResponse response = new ListResponse<>(); - List tagResponses = ViewResponseHelper.createStorageTagResponse(result.first().toArray(new StoragePoolTagVO[result.first().size()])); + List tagResponses = ViewResponseHelper.createStorageTagResponse(result.first().toArray(new StoragePoolTagVO[0])); response.setResponses(tagResponses, result.second()); return response; } - private Pair, Integer> searchForStorageTagsInternal(ListStorageTagsCmd cmd) { + private Pair, Integer> searchForStorageTagsInternal() { Filter searchFilter = new Filter(StoragePoolTagVO.class, "id", Boolean.TRUE, null, null); SearchBuilder sb = _storageTagDao.createSearchBuilder(); @@ -3224,7 +3169,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> uniqueTagPair = _storageTagDao.searchAndCount(sc, searchFilter); Integer count = uniqueTagPair.second(); - if (count.intValue() == 0) { + if (count == 0) { return uniqueTagPair; } @@ -3243,16 +3188,16 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Override public ListResponse searchForHostTags(ListHostTagsCmd cmd) { - Pair, Integer> result = searchForHostTagsInternal(cmd); + Pair, Integer> result = searchForHostTagsInternal(); ListResponse response = new ListResponse<>(); - List tagResponses = ViewResponseHelper.createHostTagResponse(result.first().toArray(new HostTagVO[result.first().size()])); + List tagResponses = ViewResponseHelper.createHostTagResponse(result.first().toArray(new HostTagVO[0])); response.setResponses(tagResponses, result.second()); return response; } - private Pair, Integer> searchForHostTagsInternal(ListHostTagsCmd cmd) { + private Pair, Integer> searchForHostTagsInternal() { Filter searchFilter = new Filter(HostTagVO.class, "id", Boolean.TRUE, null, null); SearchBuilder sb = _hostTagDao.createSearchBuilder(); @@ -3265,7 +3210,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> uniqueTagPair = _hostTagDao.searchAndCount(sc, searchFilter); Integer count = uniqueTagPair.second(); - if (count.intValue() == 0) { + if (count == 0) { return uniqueTagPair; } @@ -3287,7 +3232,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForImageStoresInternal(cmd); ListResponse response = new ListResponse<>(); - List poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[result.first().size()])); + List poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[0])); response.setResponses(poolResponses, result.second()); return response; } @@ -3351,7 +3296,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search Store details by ids Pair, Integer> uniqueStorePair = _imageStoreJoinDao.searchAndCount(sc, searchFilter); Integer count = uniqueStorePair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return uniqueStorePair; } @@ -3371,7 +3316,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForCacheStoresInternal(cmd); ListResponse response = new ListResponse<>(); - List poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[result.first().size()])); + List poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[0])); response.setResponses(poolResponses, result.second()); return response; } @@ -3430,7 +3375,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search Store details by ids Pair, Integer> uniqueStorePair = _imageStoreJoinDao.searchAndCount(sc, searchFilter); Integer count = uniqueStorePair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return uniqueStorePair; } @@ -3497,10 +3442,10 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Object id = cmd.getId(); Object keyword = cmd.getKeyword(); Long domainId = cmd.getDomainId(); - Boolean isRootAdmin = accountMgr.isRootAdmin(account.getAccountId()); + boolean isRootAdmin = accountMgr.isRootAdmin(account.getAccountId()); Long projectId = cmd.getProjectId(); String accountName = cmd.getAccountName(); - Boolean isRecursive = cmd.isRecursive(); + boolean isRecursive = cmd.isRecursive(); Long zoneId = cmd.getZoneId(); Long volumeId = cmd.getVolumeId(); Long storagePoolId = cmd.getStoragePoolId(); @@ -3726,12 +3671,12 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q } private List findRelatedDomainIds(Domain domain, boolean isRecursive) { - List domainIds = _domainDao.getDomainParentIds(domain.getId()) - .stream().collect(Collectors.toList()); + List domainIds = new ArrayList<>(_domainDao.getDomainParentIds(domain.getId())); if (isRecursive) { List childrenIds = _domainDao.getDomainChildrenIds(domain.getPath()); - if (childrenIds != null && !childrenIds.isEmpty()) - domainIds.addAll(childrenIds); + if (childrenIds != null && !childrenIds.isEmpty()) { + domainIds.addAll(childrenIds); + } } return domainIds; } @@ -3741,7 +3686,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForServiceOfferingsInternal(cmd); result.first(); ListResponse response = new ListResponse<>(); - List offeringResponses = ViewResponseHelper.createServiceOfferingResponse(result.first().toArray(new ServiceOfferingJoinVO[result.first().size()])); + List offeringResponses = ViewResponseHelper.createServiceOfferingResponse(result.first().toArray(new ServiceOfferingJoinVO[0])); response.setResponses(offeringResponses, result.second()); return response; } @@ -3800,7 +3745,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q String vmTypeStr = cmd.getSystemVmType(); ServiceOfferingVO currentVmOffering = null; DiskOfferingVO diskOffering = null; - Boolean isRecursive = cmd.isRecursive(); + boolean isRecursive = cmd.isRecursive(); Long zoneId = cmd.getZoneId(); Integer cpuNumber = cmd.getCpuNumber(); Integer memory = cmd.getMemory(); @@ -3808,7 +3753,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Boolean encryptRoot = cmd.getEncryptRoot(); String storageType = cmd.getStorageType(); ServiceOffering.State state = cmd.getState(); - final Long templateId = cmd.getTemplateId(); final Account owner = accountMgr.finalizeOwner(caller, accountName, domainId, projectId); @@ -4274,7 +4218,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } - List dcResponses = ViewResponseHelper.createDataCenterResponse(respView, cmd.getShowCapacities(), cmd.getShowIcon(), result.first().toArray(new DataCenterJoinVO[result.first().size()])); + List dcResponses = ViewResponseHelper.createDataCenterResponse(respView, cmd.getShowCapacities(), cmd.getShowIcon(), result.first().toArray(new DataCenterJoinVO[0])); response.setResponses(dcResponses, result.second()); return response; } @@ -4282,7 +4226,11 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private Pair, Integer> listDataCentersInternal(ListZonesCmd cmd) { Account account = CallContext.current().getCallingAccount(); Long domainId = cmd.getDomainId(); - Long id = cmd.getId(); + Long zoneId = cmd.getId(); + if( ! AllowUserViewAllDataCenters.valueInDomain(account.getDomainId())) { + zoneId = accountMgr.checkAccessAndSpecifyAuthority(CallContext.current().getCallingAccount(), zoneId); + logger.debug("not allowing users to view all zones ; selected zone is = {}", zoneId); + } List ids = getIdsListFromCmd(cmd.getId(), cmd.getIds()); String keyword = cmd.getKeyword(); String name = cmd.getName(); @@ -4293,8 +4241,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q if (resourceTags != null && !resourceTags.isEmpty()) { SearchBuilder tagSearch = resourceTagDao.createSearchBuilder(); for (int count = 0; count < resourceTags.size(); count++) { - tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), SearchCriteria.Op.EQ); - tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), SearchCriteria.Op.EQ); + tagSearch.or().op("key" + count, tagSearch.entity().getKey(), SearchCriteria.Op.EQ); + tagSearch.and("value" + count, tagSearch.entity().getValue(), SearchCriteria.Op.EQ); tagSearch.cp(); } tagSearch.and("resourceType", tagSearch.entity().getResourceType(), SearchCriteria.Op.EQ); @@ -4314,8 +4262,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q sc.addAnd("id", SearchCriteria.Op.IN, ids.toArray()); } - if (id != null) { - sc.addAnd("id", SearchCriteria.Op.EQ, id); + if (zoneId != null) { + sc.addAnd("id", SearchCriteria.Op.EQ, zoneId); } else if (name != null) { sc.addAnd("name", SearchCriteria.Op.EQ, name); } else { @@ -4326,109 +4274,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q sc.addAnd("name", SearchCriteria.Op.SC, ssc); } - /* - * List all resources due to Explicit Dedication except the - * dedicated resources of other account - */ - if (domainId != null) { // - // for domainId != null // right now, we made the decision to - // only list zones associated // with this domain, private zone - sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId); - - if (accountMgr.isNormalUser(account.getId())) { - // accountId == null (zones dedicated to a domain) or - // accountId = caller - SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); - sdc.addOr("accountId", SearchCriteria.Op.EQ, account.getId()); - sdc.addOr("accountId", SearchCriteria.Op.NULL); - - sc.addAnd("accountId", SearchCriteria.Op.SC, sdc); - } - - } else if (accountMgr.isNormalUser(account.getId())) { - // it was decided to return all zones for the user's domain, and - // everything above till root - // list all zones belonging to this domain, and all of its - // parents - // check the parent, if not null, add zones for that parent to - // list - - // find all domain Id up to root domain for this account - List domainIds = new ArrayList<>(); - DomainVO domainRecord = _domainDao.findById(account.getDomainId()); - if (domainRecord == null) { - logger.error("Could not find the domainId for account: {}", account); - throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName()); - } - domainIds.add(domainRecord.getId()); - while (domainRecord.getParent() != null) { - domainRecord = _domainDao.findById(domainRecord.getParent()); - domainIds.add(domainRecord.getId()); - } - // domainId == null (public zones) or domainId IN [all domain id - // up to root domain] - SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); - sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray()); - sdc.addOr("domainId", SearchCriteria.Op.NULL); - sc.addAnd("domainId", SearchCriteria.Op.SC, sdc); - - // remove disabled zones - sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled); - - // accountId == null (zones dedicated to a domain) or - // accountId = caller - SearchCriteria sdc2 = _dcJoinDao.createSearchCriteria(); - sdc2.addOr("accountId", SearchCriteria.Op.EQ, account.getId()); - sdc2.addOr("accountId", SearchCriteria.Op.NULL); - - sc.addAnd("accountId", SearchCriteria.Op.SC, sdc2); - - // remove Dedicated zones not dedicated to this domainId or - // subdomainId - List dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds); - if (!dedicatedZoneIds.isEmpty()) { - sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()])); - } - - } else if (accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) { - // it was decided to return all zones for the domain admin, and - // everything above till root, as well as zones till the domain - // leaf - List domainIds = new ArrayList<>(); - DomainVO domainRecord = _domainDao.findById(account.getDomainId()); - if (domainRecord == null) { - logger.error("Could not find the domainId for account: {}", account); - throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName()); - } - domainIds.add(domainRecord.getId()); - // find all domain Ids till leaf - List allChildDomains = _domainDao.findAllChildren(domainRecord.getPath(), domainRecord.getId()); - for (DomainVO domain : allChildDomains) { - domainIds.add(domain.getId()); - } - // then find all domain Id up to root domain for this account - while (domainRecord.getParent() != null) { - domainRecord = _domainDao.findById(domainRecord.getParent()); - domainIds.add(domainRecord.getId()); - } - - // domainId == null (public zones) or domainId IN [all domain id - // up to root domain] - SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); - sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray()); - sdc.addOr("domainId", SearchCriteria.Op.NULL); - sc.addAnd("domainId", SearchCriteria.Op.SC, sdc); - - // remove disabled zones - sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled); - - // remove Dedicated zones not dedicated to this domainId or - // subdomainId - List dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds); - if (!dedicatedZoneIds.isEmpty()) { - sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()])); - } - } + buildSearchCriteriaForOwnedExplicitlyDedicatedResources(domainId, sc, account); // handle available=FALSE option, only return zones with at least // one VM running there @@ -4442,7 +4288,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q for (DomainRouterVO router : routers) { dcIds.add(router.getDataCenterId()); } - if (dcIds.size() == 0) { + if (dcIds.isEmpty()) { return new Pair<>(new ArrayList<>(), 0); } else { sc.addAnd("id", SearchCriteria.Op.IN, dcIds.toArray()); @@ -4452,25 +4298,147 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q } } - if (resourceTags != null && !resourceTags.isEmpty()) { - int count = 0; - sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Zone.toString()); - for (Map.Entry entry : resourceTags.entrySet()) { - sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), entry.getKey()); - sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), entry.getValue()); - count++; - } - } + buildSearchCriteriaForTags(resourceTags, sc); return _dcJoinDao.searchAndCount(sc, searchFilter); } - private List removeDedicatedZoneNotSuitabe(List domainIds) { + private static void buildSearchCriteriaForTags(Map resourceTags, SearchCriteria sc) { + if (resourceTags != null && !resourceTags.isEmpty()) { + int count = 0; + sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Zone.toString()); + for (Map.Entry entry : resourceTags.entrySet()) { + sc.setJoinParameters("tagSearch", "key" + count, entry.getKey()); + sc.setJoinParameters("tagSearch", "value" + count, entry.getValue()); + count++; + } + } + } + + /** + * List all resources due to Explicit Dedication except the + * dedicated resources of other account + */ + private void buildSearchCriteriaForOwnedExplicitlyDedicatedResources(Long domainId, SearchCriteria sc, Account account) { + if (domainId != null) { + buildSearchCriteriaForZonesBelongingToDomain(domainId, sc, account); + } else if (accountMgr.isNormalUser(account.getId())) { + buildSearchCriteriaForUserDomainAndAbove(sc, account); + } else if (accountMgr.isDomainAdmin(account.getId()) || accountMgr.isResourceDomainAdmin(account.getId())) { + buildSearchCriteriaForDomainAdmins(sc, account); + } + } + + /** + * Return all zones for the domain admin, and everything above till root, as well as zones till the domain leaf + */ + private void buildSearchCriteriaForDomainAdmins(SearchCriteria sc, Account account) { + List domainIds = new ArrayList<>(); + DomainVO domainRecord = _domainDao.findById(account.getDomainId()); + if (domainRecord == null) { + logger.error("Could not find the domainId for account: {}", account); + throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName()); + } + logger.trace("adding caller's domain {} to the list of domains to search for zones", account.getDomainId()); + domainIds.add(domainRecord.getId()); + // find all domain Ids till leaf + List allChildDomains = _domainDao.findAllChildren(domainRecord.getPath(), domainRecord.getId()); + for (DomainVO domain : allChildDomains) { + logger.trace("adding caller domain's child {} to the list of domains to search for zones", domain.getId()); + domainIds.add(domain.getId()); + } + // then find all domain Id up to root domain for this account + while (domainRecord.getParent() != null) { + domainRecord = _domainDao.findById(domainRecord.getParent()); + logger.trace("adding caller domain's ancestor {} to the list of domains to search for zones", domainRecord.getId()); + domainIds.add(domainRecord.getId()); + } + + // so search for domainId == null (public zones) or domainId this user has access to + SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); + sdc.addOr("domainId", Op.IN, domainIds.toArray()); + sdc.addOr("domainId", Op.NULL); + sc.addAnd("domainId", Op.SC, sdc); + + // remove disabled zones + sc.addAnd("allocationState", Op.NEQ, Grouping.AllocationState.Disabled); + + // remove Dedicated zones not dedicated to this domainId or + // subdomainId + List dedicatedZoneIds = removeDedicatedZoneNotSuitable(domainIds); + if (!dedicatedZoneIds.isEmpty()) { + sdc.addAnd("id", Op.NIN, dedicatedZoneIds.toArray(new Object[0])); + } + } + + /** + * Return all zones for the user's domain, and everything above till root + * list all zones belonging to this domain, and all of its parents + * check the parent, if not null, add zones for that parent to list + */ + private void buildSearchCriteriaForUserDomainAndAbove(SearchCriteria sc, Account account) { + + // find all domain Id up to root domain for this account + List domainIds = new ArrayList<>(); + DomainVO domainRecord = _domainDao.findById(account.getDomainId()); + if (domainRecord == null) { + logger.error("Could not find the domainId for account: {}", account); + throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName()); + } + domainIds.add(domainRecord.getId()); + while (domainRecord.getParent() != null) { + domainRecord = _domainDao.findById(domainRecord.getParent()); + domainIds.add(domainRecord.getId()); + } + // domainId == null (public zones) or domainId IN [all domain id + // up to root domain] + SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); + sdc.addOr("domainId", Op.IN, domainIds.toArray()); + sdc.addOr("domainId", Op.NULL); + sc.addAnd("domainId", Op.SC, sdc); + + // remove disabled zones + sc.addAnd("allocationState", Op.NEQ, Grouping.AllocationState.Disabled); + + // accountId == null (zones dedicated to a domain) or + // accountId = caller + SearchCriteria sdc2 = _dcJoinDao.createSearchCriteria(); + sdc2.addOr("accountId", Op.EQ, account.getId()); + sdc2.addOr("accountId", Op.NULL); + + sc.addAnd("accountId", Op.SC, sdc2); + + // remove Dedicated zones not dedicated to this domainId or + // subdomainId + List dedicatedZoneIds = removeDedicatedZoneNotSuitable(domainIds); + if (!dedicatedZoneIds.isEmpty()) { + sdc.addAnd("id", Op.NIN, dedicatedZoneIds.toArray(new Object[0])); + } + } + + private void buildSearchCriteriaForZonesBelongingToDomain(Long domainId, SearchCriteria sc, Account account) { + // for domainId != null // right now, we made the decision to + // only list zones associated // with this domain, private zone + sc.addAnd("domainId", Op.EQ, domainId); + + if (accountMgr.isNormalUser(account.getId())) { + // accountId == null (zones dedicated to a domain) or + // accountId = caller + SearchCriteria sdc = _dcJoinDao.createSearchCriteria(); + sdc.addOr("accountId", Op.EQ, account.getId()); + sdc.addOr("accountId", Op.NULL); + + sc.addAnd("accountId", Op.SC, sdc); + } + } + + private List removeDedicatedZoneNotSuitable(List domainIds) { // remove dedicated zone of other domain List dedicatedZoneIds = new ArrayList<>(); List dedicatedResources = _dedicatedDao.listZonesNotInDomainIds(domainIds); for (DedicatedResourceVO dr : dedicatedResources) { if (dr != null) { + logger.trace("adding zone to exclude from callers list zones result: {}.", dr.getDataCenterId()); dedicatedZoneIds.add(dr.getDataCenterId()); } } @@ -4515,7 +4483,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } - List templateResponses = ViewResponseHelper.createTemplateResponse(cmd.getDetails(), respView, result.first().toArray(new TemplateJoinVO[result.first().size()])); + List templateResponses = ViewResponseHelper.createTemplateResponse(cmd.getDetails(), respView, result.first().toArray(new TemplateJoinVO[0])); response.setResponses(templateResponses, result.second()); return response; } @@ -4943,17 +4911,17 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private Pair, Integer> findTemplatesByIdOrTempZonePair(Pair, Integer> templateDataPair, boolean showRemoved, boolean showUnique, Account caller) { Integer count = templateDataPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return templateDataPair; } List templateData = templateDataPair.first(); List templates; if (showUnique) { - Long[] templateIds = templateData.stream().map(template -> template.getId()).toArray(Long[]::new); + Long[] templateIds = templateData.stream().map(BaseViewWithTagInformationVO::getId).toArray(Long[]::new); templates = _templateJoinDao.findByDistinctIds(templateIds); } else { - String[] templateZonePairs = templateData.stream().map(template -> template.getTempZonePair()).toArray(String[]::new); + String[] templateZonePairs = templateData.stream().map(TemplateJoinVO::getTempZonePair).toArray(String[]::new); templates = _templateJoinDao.searchByTemplateZonePair(showRemoved, templateZonePairs); } @@ -4970,7 +4938,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q respView = ResponseView.Full; } - List templateResponses = ViewResponseHelper.createIsoResponse(respView, result.first().toArray(new TemplateJoinVO[result.first().size()])); + List templateResponses = ViewResponseHelper.createIsoResponse(respView, result.first().toArray(new TemplateJoinVO[0])); response.setResponses(templateResponses, result.second()); return response; } @@ -5033,7 +5001,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q } if (CallContext.current().getCallingAccount().getType() != Account.Type.ADMIN) { final List userDenyListedSettings = Stream.of(QueryService.UserVMDeniedDetails.value().split(",")) - .map(item -> (item).trim()) + .map(String::trim) .collect(Collectors.toList()); userDenyListedSettings.addAll(QueryService.RootAdminOnlyVmSettings); for (final String detail : userDenyListedSettings) { @@ -5055,7 +5023,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q private void fillVnfTemplateDetailOptions(final Map> options) { for (VNF.AccessDetail detail : VNF.AccessDetail.values()) { if (VNF.AccessDetail.ACCESS_METHODS.equals(detail)) { - options.put(detail.name().toLowerCase(), Arrays.stream(VNF.AccessMethod.values()).map(method -> method.toString()).sorted().collect(Collectors.toList())); + options.put(detail.name().toLowerCase(), Arrays.stream(VNF.AccessMethod.values()).map(VNF.AccessMethod::toString).sorted().collect(Collectors.toList())); } else { options.put(detail.name().toLowerCase(), Collections.emptyList()); } @@ -5106,7 +5074,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Override public ListResponse searchForAffinityGroups(ListAffinityGroupsCmd cmd) { Pair, Integer> result = searchForAffinityGroupsInternal(cmd); - ListResponse response = new ListResponse(); + ListResponse response = new ListResponse<>(); List agResponses = ViewResponseHelper.createAffinityGroupResponses(result.first()); response.setResponses(agResponses, result.second()); return response; @@ -5135,7 +5103,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q throw new InvalidParameterValueException("Unable to list affinity groups for virtual machine instance " + vmId + "; instance not found."); } accountMgr.checkAccess(caller, null, true, userVM); - return listAffinityGroupsByVM(vmId.longValue(), startIndex, pageSize); + return listAffinityGroupsByVM(vmId, startIndex, pageSize); } List permittedAccounts = new ArrayList<>(); @@ -5158,7 +5126,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q List affinityGroups = new ArrayList<>(); Integer count = uniqueGroupsPair.second(); - if (count.intValue() != 0) { + if (count != 0) { List uniqueGroups = uniqueGroupsPair.first(); Long[] vrIds = new Long[uniqueGroups.size()]; int i = 0; @@ -5280,7 +5248,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Filter sf = new Filter(SecurityGroupVMMapVO.class, null, true, pageInd, pageSize); Pair, Integer> agVmMappingPair = _affinityGroupVMMapDao.listByInstanceId(vmId, sf); Integer count = agVmMappingPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // handle empty result cases return new Pair<>(new ArrayList<>(), count); } @@ -5316,7 +5284,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> uniqueGroupsPair = _affinityGroupJoinDao.searchAndCount(sc, searchFilter); // search group by ids Integer count = uniqueGroupsPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return new Pair<>(new ArrayList<>(), 0); } @@ -5355,9 +5323,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q //Validation - 1.3 if (resourceIdStr != null) { resourceId = resourceManagerUtil.getResourceId(resourceIdStr, resourceType); - if (resourceId == null) { - throw new InvalidParameterValueException("Cannot find resource with resourceId " + resourceIdStr + " and of resource type " + resourceType); - } } List detailList = new ArrayList<>(); @@ -5394,7 +5359,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q resourceDetailResponse.setName(requestedDetail.getName()); resourceDetailResponse.setValue(requestedDetail.getValue()); resourceDetailResponse.setForDisplay(requestedDetail.isDisplay()); - resourceDetailResponse.setResourceType(resourceType.toString().toString()); + resourceDetailResponse.setResourceType(resourceType.toString()); resourceDetailResponse.setObjectName("resourcedetail"); return resourceDetailResponse; } @@ -5489,7 +5454,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q } List result = new ArrayList<>(routerHealthCheckResultDao.getHealthCheckResults(routerId)); - if (result == null || result.size() == 0) { + if (result.isEmpty()) { throw new CloudRuntimeException("No health check results found for the router. This could happen for " + "a newly created router. Please wait for periodic results to populate or manually call for checks to execute."); } @@ -5583,7 +5548,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q if (cmd instanceof ListSnapshotsCmdByAdmin) { respView = ResponseView.Full; } - List templateResponses = ViewResponseHelper.createSnapshotResponse(respView, cmd.isShowUnique(), result.first().toArray(new SnapshotJoinVO[result.first().size()])); + List templateResponses = ViewResponseHelper.createSnapshotResponse(respView, cmd.isShowUnique(), result.first().toArray(new SnapshotJoinVO[0])); response.setResponses(templateResponses, result.second()); return response; } @@ -5659,8 +5624,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q if (tags != null && !tags.isEmpty()) { SearchBuilder tagSearch = resourceTagDao.createSearchBuilder(); for (int count = 0; count < tags.size(); count++) { - tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), SearchCriteria.Op.EQ); - tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), SearchCriteria.Op.EQ); + tagSearch.or().op("key" + count, tagSearch.entity().getKey(), SearchCriteria.Op.EQ); + tagSearch.and("value" + count, tagSearch.entity().getValue(), SearchCriteria.Op.EQ); tagSearch.cp(); } tagSearch.and("resourceType", tagSearch.entity().getResourceType(), SearchCriteria.Op.EQ); @@ -5698,8 +5663,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q int count = 0; sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Snapshot.toString()); for (String key : tags.keySet()) { - sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), key); - sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), tags.get(key)); + sc.setJoinParameters("tagSearch", "key" + count, key); + sc.setJoinParameters("tagSearch", "value" + count, tags.get(key)); count++; } } @@ -5774,7 +5739,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Pair, Integer> result = searchForObjectStoresInternal(cmd); ListResponse response = new ListResponse<>(); - List poolResponses = ViewResponseHelper.createObjectStoreResponse(result.first().toArray(new ObjectStoreVO[result.first().size()])); + List poolResponses = ViewResponseHelper.createObjectStoreResponse(result.first().toArray(new ObjectStoreVO[0])); response.setResponses(poolResponses, result.second()); return response; } @@ -5821,7 +5786,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search Store details by ids Pair, Integer> uniqueStorePair = objectStoreDao.searchAndCount(sc, searchFilter); Integer count = uniqueStorePair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return uniqueStorePair; } @@ -5852,7 +5817,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q Long id = cmd.getId(); String name = cmd.getBucketName(); - Long storeId = cmd.getObjectStorageId(); String keyword = cmd.getKeyword(); Long startIndex = cmd.getStartIndex(); Long pageSize = cmd.getPageSizeVal(); @@ -5908,7 +5872,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q // search Volume details by ids Pair, Integer> uniqueBktPair = bucketDao.searchAndCount(sc, searchFilter); Integer count = uniqueBktPair.second(); - if (count.intValue() == 0) { + if (count == 0) { // empty result return uniqueBktPair.first(); } @@ -5930,6 +5894,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q @Override public ConfigKey[] getConfigKeys() { return new ConfigKey[] {AllowUserViewDestroyedVM, UserVMDeniedDetails, UserVMReadOnlyDetails, SortKeyAscending, - AllowUserViewAllDomainAccounts, SharePublicTemplatesWithOtherDomains, ReturnVmStatsOnVmList}; + AllowUserViewAllDomainAccounts, AllowUserViewAllDataCenters, SharePublicTemplatesWithOtherDomains, ReturnVmStatsOnVmList}; } } diff --git a/server/src/main/java/com/cloud/user/AccountManagerImpl.java b/server/src/main/java/com/cloud/user/AccountManagerImpl.java index ecd761bb7d9..04a64fbfc8c 100644 --- a/server/src/main/java/com/cloud/user/AccountManagerImpl.java +++ b/server/src/main/java/com/cloud/user/AccountManagerImpl.java @@ -650,6 +650,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M return false; } + @Override public boolean isResourceDomainAdmin(Long accountId) { if (accountId != null) { AccountVO acct = _accountDao.findById(accountId); diff --git a/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java b/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java index 8c569fb3ec8..a84f02755c7 100644 --- a/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java +++ b/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java @@ -422,6 +422,11 @@ public class MockAccountManagerImpl extends ManagerBase implements Manager, Acco return false; } + @Override + public boolean isResourceDomainAdmin(Long accountId) { + return false; + } + @Override public boolean isNormalUser(long accountId) { // TODO Auto-generated method stub