apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-18 19:44:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug 9458: do searchIncludingRemoved when decrement resource count as corresponding domain might be removed already

Browse Source 
status 9458: resolved fixed

Conflicts:

	server/src/com/cloud/user/AccountManagerImpl.java
This commit is contained in:
alena 2011-04-14 15:39:51 -07:00
parent 86f32e4735
commit 52fe53f497
3 changed files with 604 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
server/src/com/cloud/user/AccountManagerImpl.java
View File

@ -120,35 +120,62 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
public static final Logger s_logger = Logger.getLogger(AccountManagerImpl.class);
private String _name;
@Inject private AccountDao _accountDao;
@Inject ConfigurationDao _configDao;
@Inject private DomainDao _domainDao;
@Inject private ResourceLimitDao _resourceLimitDao;
@Inject private ResourceCountDao _resourceCountDao;
@Inject private UserDao _userDao;
@Inject private InstanceGroupDao _vmGroupDao;
@Inject private UserAccountDao _userAccountDao;
@Inject private VolumeDao _volumeDao;
@Inject private UserVmDao _userVmDao;
@Inject private VMTemplateDao _templateDao;
@Inject private NetworkDao _networkDao;
@Inject private SecurityGroupDao _securityGroupDao;
@Inject private VMInstanceDao _vmDao;
@Inject
private AccountDao _accountDao;
@Inject
ConfigurationDao _configDao;
@Inject
private DomainDao _domainDao;
@Inject
private ResourceLimitDao _resourceLimitDao;
@Inject
private ResourceCountDao _resourceCountDao;
@Inject
private UserDao _userDao;
@Inject
private InstanceGroupDao _vmGroupDao;
@Inject
private UserAccountDao _userAccountDao;
@Inject
private VolumeDao _volumeDao;
@Inject
private UserVmDao _userVmDao;
@Inject
private VMTemplateDao _templateDao;
@Inject
private NetworkDao _networkDao;
@Inject
private SecurityGroupDao _securityGroupDao;
@Inject
private VMInstanceDao _vmDao;
@Inject
private SecurityGroupManager _networkGroupMgr;
@Inject
private NetworkManager _networkMgr;
@Inject
private SnapshotManager _snapMgr;
@Inject
private UserVmManager _vmMgr;
@Inject
private StorageManager _storageMgr;
@Inject
private TemplateManager _tmpltMgr;
@Inject
private ConfigurationManager _configMgr;
@Inject
private VirtualMachineManager _itMgr;
@Inject
private UsageEventDao _usageEventDao;
@Inject
private RemoteAccessVpnDao _remoteAccessVpnDao;
@Inject
private RemoteAccessVpnService _remoteAccessVpnMgr;
@Inject
private VpnUserDao _vpnUser;
@Inject
private DataCenterDao _dcDao;
@Inject private SecurityGroupManager _networkGroupMgr;
@Inject private NetworkManager _networkMgr;
@Inject private SnapshotManager _snapMgr;
@Inject private UserVmManager _vmMgr;
@Inject private StorageManager _storageMgr;
@Inject private TemplateManager _tmpltMgr;
@Inject private ConfigurationManager _configMgr;
@Inject private VirtualMachineManager _itMgr;
@Inject private UsageEventDao _usageEventDao;
@Inject private RemoteAccessVpnDao _remoteAccessVpnDao;
@Inject private RemoteAccessVpnService _remoteAccessVpnMgr;
@Inject private VpnUserDao _vpnUser;
@Inject private DataCenterDao _dcDao;
private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("AccountChecker"));
private final GlobalLock m_resourceCountLock = GlobalLock.getInternLock("resource.count");
@ -238,12 +265,14 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
// on a per-domain basis, decrement the count
// FIXME: can this decrement be done on the database side in a custom update statement?
Account account = _accountDao.findByIdIncludingRemoved(accountId); // find all accounts, even removed accounts if this happens to be for an account that's being deleted
Account account = _accountDao.findByIdIncludingRemoved(accountId); // find all accounts, even removed accounts
// if this happens to be for an account
// that's being deleted
Long domainId = account.getDomainId();
while (domainId != null) {
assert ((_resourceCountDao.getDomainCount(domainId, type) - numToDecrement) >= 0) : "Resource counts can not be negative. Check where we skipped increment.";
_resourceCountDao.updateDomainCount(domainId, type, false, numToDecrement);
DomainVO domain = _domainDao.findById(domainId);
DomainVO domain = _domainDao.findByIdIncludingRemoved(domainId);
domainId = domain.getParent();
}
} finally {
@ -485,7 +514,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
if (userAccount == null) {
throw new InvalidParameterValueException("Unable to find account " + accountName + " in domain " + domainId);
} else if (account != null && (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || account.getType() == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN || account.getType() == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN)) {
} else if (account != null
&& (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || account.getType() == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN || account.getType() == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN)) {
// If this is a non-root admin, make sure that the admin and the user account belong in the same domain or
// that the user account's domain is a child domain of the parent
if (account.getDomainId() != userAccount.getDomainId() && !_domainDao.isChildDomain(account.getDomainId(), userAccount.getDomainId())) {
@ -556,7 +586,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
throw new InvalidParameterValueException("Please specify a valid resource type.");
}
// Either a domainId or an accountId must be passed in, but not both.
if ((domainId == null) && (accountName == null)) {
throw new InvalidParameterValueException("Either a domainId or domainId/account must be passed in.");
@ -565,7 +594,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
if (account != null) {
if (domainId != null) {
if (!_domainDao.isChildDomain(account.getDomainId(), domainId)) {
throw new PermissionDeniedException("Unable to update resource limit for " + ((account.getAccountName() == null) ? "" : "account " + account.getAccountName() + " in ") + "domain " + domainId + ", permission denied");
throw new PermissionDeniedException("Unable to update resource limit for " + ((account.getAccountName() == null) ? "" : "account " + account.getAccountName() + " in ") + "domain "
+ domainId + ", permission denied");
}
} else if (account.getType() == Account.ACCOUNT_TYPE_ADMIN) {
domainId = DomainVO.ROOT_DOMAIN; // for root admin, default to root domain if domain is not specified
@ -592,7 +622,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
if (accountName != null) {
if (domainId == null) {
throw new InvalidParameterValueException("domainId parameter is required if account is specified");
@ -608,8 +637,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
domainId = null;
}
// Check if the domain or account exists and is valid
if (accountId != null) {
AccountVO accountHandle = _accountDao.findById(accountId);
@ -624,8 +651,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
DomainVO domain = _domainDao.findById(accountHandle.getDomainId());
long parentMaximum = findCorrectResourceLimit(domain, resourceType);
if ((parentMaximum >= 0) && ((max.longValue() == -1) || (max.longValue() > parentMaximum))) {
throw new InvalidParameterValueException("Account " + account.getAccountName() + "(id: " + accountId + ") has maximum allowed resource limit " + parentMaximum +
" for " + type + ", please specify a value less that or equal to " + parentMaximum);
throw new InvalidParameterValueException("Account " + account.getAccountName() + "(id: " + accountId + ") has maximum allowed resource limit " + parentMaximum + " for " + type
+ ", please specify a value less that or equal to " + parentMaximum);
}
} else if (domainId != null) {
DomainVO domain = _domainDao.findById(domainId);
@ -640,8 +667,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
DomainVO parentDomain = _domainDao.findById(parentDomainId);
long parentMaximum = findCorrectResourceLimit(parentDomain, resourceType);
if ((parentMaximum >= 0) && (max.longValue() > parentMaximum)) {
throw new InvalidParameterValueException("Domain " + domain.getName() + "(id: " + domainId + ") has maximum allowed resource limit " + parentMaximum +
" for " + type + ", please specify a value less that or equal to " + parentMaximum);
throw new InvalidParameterValueException("Domain " + domain.getName() + "(id: " + domainId + ") has maximum allowed resource limit " + parentMaximum + " for " + type
+ ", please specify a value less that or equal to " + parentMaximum);
}
}
}
@ -672,7 +699,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
ResourceLimitVO limit = limits.get(0);
// if limit is set to -1, remove the record
if (max != null && max.longValue() == -1L) {
//this parameter is needed by API as it expects the object to be returned and updates the UI with the object's new "max" parameter
// this parameter is needed by API as it expects the object to be returned and updates the UI with the object's
// new "max" parameter
ResourceLimitVO limitToReturn = limit;
limitToReturn.setMax(-1L);
_resourceLimitDao.remove(limit.getId());
@ -698,10 +726,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
@Override
public boolean isAdmin(short accountType) {
return ((accountType == Account.ACCOUNT_TYPE_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) ||
(accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
return ((accountType == Account.ACCOUNT_TYPE_ADMIN) || (accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || (accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
}
@Override
@ -908,8 +933,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
s_logger.error("Unable to destroy vm: " + vm.getId());
accountCleanupNeeded = true;
}
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_VM_DESTROY, vm.getAccountId(), vm.getDataCenterId(), vm.getId(), vm.getName(),
vm.getServiceOfferingId(), vm.getTemplateId(), vm.getHypervisorType().toString());
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_VM_DESTROY, vm.getAccountId(), vm.getDataCenterId(), vm.getId(), vm.getName(), vm.getServiceOfferingId(),
vm.getTemplateId(), vm.getHypervisorType().toString());
_usageEventDao.persist(usageEvent);
}
@ -920,8 +945,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
try {
_storageMgr.destroyVolume(volume);
if (volume.getPoolId() != null) {
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_VOLUME_DELETE, volume.getAccountId(), volume.getDataCenterId(), volume.getId(),
volume.getName());
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_VOLUME_DELETE, volume.getAccountId(), volume.getDataCenterId(), volume.getId(), volume.getName());
_usageEventDao.persist(usageEvent);
}
} catch (ConcurrentOperationException ex) {
@ -948,7 +972,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
accountCleanupNeeded = true;
}
// Cleanup security groups
int numRemoved = _securityGroupDao.removeByAccountId(accountId);
s_logger.info("deleteAccount: Deleted " + numRemoved + " network groups for account " + accountId);
@ -972,7 +995,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
//delete account specific Virtual vlans (belong to system Public Network) - only when networks are cleaned up successfully
// delete account specific Virtual vlans (belong to system Public Network) - only when networks are cleaned up
// successfully
if (networksDeleted) {
if (!_configMgr.deleteAccountSpecificVirtualRanges(accountId)) {
accountCleanupNeeded = true;
@ -1037,8 +1061,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
// ////////////// API commands /////////////////////
// ///////////////////////////////////////////////////
@Override @ActionEvent (eventType=EventTypes.EVENT_ACCOUNT_CREATE, eventDescription="creating Account")
@Override
@ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_CREATE, eventDescription = "creating Account")
public UserAccount createAccount(CreateAccountCmd cmd) {
Long accountId = null;
String username = cmd.getUsername();
@ -1052,7 +1076,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
short userType = cmd.getAccountType().shortValue();
DomainVO domain = _domainDao.findById(domainId);
checkAccess(UserContext.current().getCaller(), domain);
try {
if (accountName == null) {
accountName = username;
@ -1144,7 +1167,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent (eventType=EventTypes.EVENT_USER_CREATE, eventDescription="creating User")
@Override
@ActionEvent(eventType = EventTypes.EVENT_USER_CREATE, eventDescription = "creating User")
public UserVO createUser(CreateUserCmd cmd) {
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
@ -1204,7 +1228,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
return dbUser;
}
@Override @ActionEvent (eventType=EventTypes.EVENT_USER_UPDATE, eventDescription="updating User")
@Override
@ActionEvent(eventType = EventTypes.EVENT_USER_UPDATE, eventDescription = "updating User")
public UserAccount updateUser(UpdateUserCmd cmd) throws InvalidParameterValueException {
Long id = cmd.getId();
String apiKey = cmd.getApiKey();
@ -1216,7 +1241,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
String timeZone = cmd.getTimezone();
String userName = cmd.getUsername();
// Input validation
UserVO user = _userDao.getUser(id);
@ -1234,6 +1258,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
if (account != null && (account.getId() == Account.ACCOUNT_ID_SYSTEM)) {
throw new PermissionDeniedException("user id : " + id + " is system account, update is not allowed");
}
checkAccess(UserContext.current().getCaller(), account);
if (firstName == null) {
@ -1289,7 +1314,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
return _userAccountDao.findById(id);
}
@Override @ActionEvent (eventType=EventTypes.EVENT_USER_DISABLE, eventDescription="disabling User", async=true)
@Override
@ActionEvent(eventType = EventTypes.EVENT_USER_DISABLE, eventDescription = "disabling User", async = true)
public UserAccount disableUser(DisableUserCmd cmd) throws InvalidParameterValueException, PermissionDeniedException {
Long userId = cmd.getId();
Account adminAccount = UserContext.current().getCaller();
@ -1319,7 +1345,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent (eventType=EventTypes.EVENT_USER_ENABLE, eventDescription="enabling User")
@Override
@ActionEvent(eventType = EventTypes.EVENT_USER_ENABLE, eventDescription = "enabling User")
public UserAccount enableUser(EnableUserCmd cmd) throws InvalidParameterValueException, PermissionDeniedException {
Long userId = cmd.getId();
Account adminAccount = UserContext.current().getCaller();
@ -1411,7 +1438,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DELETE, eventDescription = "deleting account", async=true)
@Override
@ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DELETE, eventDescription = "deleting account", async = true)
// This method deletes the account
public boolean deleteUserAccount(DeleteAccountCmd cmd) {
@ -1440,8 +1468,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
return deleteAccount(account, callerUserId, caller);
}
@Override
public AccountVO enableAccount(EnableAccountCmd cmd) throws InvalidParameterValueException, PermissionDeniedException {
String accountName = cmd.getAccountName();
@ -1474,7 +1500,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DISABLE, eventDescription = "locking account", async=true)
@Override
@ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DISABLE, eventDescription = "locking account", async = true)
public AccountVO lockAccount(DisableAccountCmd cmd) {
Account adminAccount = UserContext.current().getCaller();
Long domainId = cmd.getDomainId();
@ -1501,7 +1528,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DISABLE, eventDescription = "disabling account", async=true)
@Override
@ActionEvent(eventType = EventTypes.EVENT_ACCOUNT_DISABLE, eventDescription = "disabling account", async = true)
public AccountVO disableAccount(DisableAccountCmd cmd) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException {
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
@ -1550,8 +1578,14 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
// check if the given account name is unique in this domain for updating
Account duplicateAcccount = _accountDao.findAccount(newAccountName, domainId);
if(duplicateAcccount != null && duplicateAcccount.getRemoved() == null && duplicateAcccount.getId() != account.getId()){//allow same account to update itself
throw new PermissionDeniedException("There already exists an account with the name:"+newAccountName+" in the domain:"+domainId+" with existing account id:"+duplicateAcccount.getId());
if (duplicateAcccount != null && duplicateAcccount.getRemoved() == null && duplicateAcccount.getId() != account.getId()) {// allow
// same
// account
// to
// update
// itself
throw new PermissionDeniedException("There already exists an account with the name:" + newAccountName + " in the domain:" + domainId + " with existing account id:"
+ duplicateAcccount.getId());
}
if (account.getAccountName().equals(newAccountName)) {
@ -1568,7 +1602,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override @ActionEvent (eventType=EventTypes.EVENT_USER_DELETE, eventDescription="deleting User")
@Override
@ActionEvent(eventType = EventTypes.EVENT_USER_DELETE, eventDescription = "deleting User")
public boolean deleteUser(DeleteUserCmd deleteUserCmd) {
long id = deleteUserCmd.getId();
@ -1673,7 +1708,6 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
}
}
@Override
public Account getActiveAccount(Long accountId) {
if (accountId == null) {

2
setup/db/create-schema.sql
View File

@ -959,7 +959,7 @@ CREATE TABLE `cloud`.`domain` (
`parent` bigint unsigned,
`name` varchar(255),
`owner` bigint unsigned NOT NULL,
`path` varchar(255) UNIQUE NOT NULL,
`path` varchar(255) NOT NULL,
`level` int(10) NOT NULL DEFAULT 0,
`child_count` int(10) NOT NULL DEFAULT 0,
`next_child_seq` bigint unsigned NOT NULL DEFAULT 1,

1
setup/db/db/schema-222to224.sql
View File

@ -60,6 +60,7 @@ ALTER TABLE `cloud`.`host_pod_ref` ADD INDEX `i_host_pod_ref__allocation_state`(
ALTER TABLE `cloud`.`host` ADD COLUMN `allocation_state` varchar(32) NOT NULL DEFAULT 'Enabled';
ALTER TABLE `cloud`.`host` ADD INDEX `i_host__allocation_state`(`allocation_state`);
ALTER TABLE `cloud`.`domain` DROP index `path`;
ALTER TABLE `cloud`.`domain` ADD INDEX `i_domain__path`(`path`);
CREATE TABLE `cloud`.`data_center_details` (