mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
Refactor account type (#6048)
* Refactor account type * Added license. * Address reviews * Address review. Co-authored-by: João Paraquetti <joao@scclouds.com.br> Co-authored-by: Joao <JoaoJandre@gitlab.com>
This commit is contained in:
JoaoJandre
GitHub
parent
d258da5524
commit
5f07ddaca9
@ -16,35 +16,65 @@
|
||||
// under the License.
|
||||
package com.cloud.user;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.api.Identity;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public interface Account extends ControlledEntity, InternalIdentity, Identity {
|
||||
|
||||
/**
|
||||
* Account states.
|
||||
* */
|
||||
enum State {
|
||||
DISABLED, ENABLED, LOCKED;
|
||||
|
||||
public enum State {
|
||||
disabled, enabled, locked
|
||||
/**
|
||||
* The toString method was overridden to maintain consistency in the DB, as the GenericDaoBase uses toString in the enum value to make the sql statements
|
||||
* and previously the enum was in lowercase.
|
||||
* */
|
||||
@Override
|
||||
public String toString(){
|
||||
return super.toString().toLowerCase();
|
||||
}
|
||||
|
||||
public static final short ACCOUNT_TYPE_NORMAL = 0;
|
||||
public static final short ACCOUNT_TYPE_ADMIN = 1;
|
||||
public static final short ACCOUNT_TYPE_DOMAIN_ADMIN = 2;
|
||||
public static final short ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN = 3;
|
||||
public static final short ACCOUNT_TYPE_READ_ONLY_ADMIN = 4;
|
||||
public static final short ACCOUNT_TYPE_PROJECT = 5;
|
||||
/**
|
||||
* This method was created to maintain backwards compatibility to the DB schema. Unfortunately we can't override the valueOf method.
|
||||
* */
|
||||
public static State getValueOf(String name){
|
||||
return State.valueOf(name.toUpperCase());
|
||||
}
|
||||
|
||||
public static final String ACCOUNT_STATE_DISABLED = "disabled";
|
||||
public static final String ACCOUNT_STATE_ENABLED = "enabled";
|
||||
public static final String ACCOUNT_STATE_LOCKED = "locked";
|
||||
}
|
||||
|
||||
/**
|
||||
* Account types.
|
||||
* */
|
||||
enum Type {
|
||||
NORMAL, ADMIN, DOMAIN_ADMIN, RESOURCE_DOMAIN_ADMIN, READ_ONLY_ADMIN, PROJECT, UNKNOWN;
|
||||
|
||||
private static Map<Integer,Type> ACCOUNT_TYPE_MAP = new HashMap<>();
|
||||
|
||||
static {
|
||||
for (Type t: Type.values()) {
|
||||
ACCOUNT_TYPE_MAP.put(t.ordinal(),t);
|
||||
}
|
||||
ACCOUNT_TYPE_MAP.remove(6);
|
||||
}
|
||||
|
||||
public static Type getFromValue(Integer type){
|
||||
return ACCOUNT_TYPE_MAP.get(type);
|
||||
}
|
||||
}
|
||||
|
||||
public static final long ACCOUNT_ID_SYSTEM = 1;
|
||||
|
||||
public String getAccountName();
|
||||
|
||||
public short getType();
|
||||
public Type getType();
|
||||
|
||||
public Long getRoleId();
|
||||
|
||||
|
||||
@ -42,8 +42,8 @@ public interface AccountService {
|
||||
*/
|
||||
UserAccount createUserAccount(CreateAccountCmd accountCmd);
|
||||
|
||||
UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId, Long domainId,
|
||||
String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
|
||||
UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType,
|
||||
Long roleId, Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
|
||||
|
||||
/**
|
||||
* Locks a user by userId. A locked user cannot access the API, but will still have running VMs/IP addresses
|
||||
@ -57,7 +57,8 @@ public interface AccountService {
|
||||
|
||||
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID);
|
||||
|
||||
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID, User.Source source);
|
||||
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID,
|
||||
User.Source source);
|
||||
|
||||
boolean isAdmin(Long accountId);
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@ package com.cloud.vm;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.api.Identity;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
@ -28,6 +29,6 @@ public interface InstanceGroup extends ControlledEntity, Identity, InternalIdent
|
||||
|
||||
Date getCreated();
|
||||
|
||||
Short getAccountType();
|
||||
Account.Type getAccountType();
|
||||
|
||||
}
|
||||
|
||||
@ -20,20 +20,33 @@ import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import com.google.common.base.Enums;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
// Enum for default roles in CloudStack
|
||||
public enum RoleType {
|
||||
Admin(1L, Account.ACCOUNT_TYPE_ADMIN, 1),
|
||||
ResourceAdmin(2L, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN, 2),
|
||||
DomainAdmin(3L, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, 4),
|
||||
User(4L, Account.ACCOUNT_TYPE_NORMAL, 8),
|
||||
Unknown(-1L, (short) -1, 0);
|
||||
Admin(1L, Account.Type.ADMIN, 1),
|
||||
ResourceAdmin(2L, Account.Type.RESOURCE_DOMAIN_ADMIN, 2),
|
||||
DomainAdmin(3L, Account.Type.DOMAIN_ADMIN, 4),
|
||||
User(4L, Account.Type.NORMAL, 8),
|
||||
Unknown(-1L, Account.Type.UNKNOWN, 0);
|
||||
|
||||
private long id;
|
||||
private short accountType;
|
||||
private Account.Type accountType;
|
||||
private int mask;
|
||||
|
||||
RoleType(final long id, final short accountType, final int mask) {
|
||||
private static Logger logger = Logger.getLogger(RoleType.class.getName());
|
||||
private static Map<Account.Type, RoleType> ACCOUNT_TYPE_MAP = new HashMap<>();
|
||||
|
||||
static {
|
||||
for (RoleType t: RoleType.values()) {
|
||||
ACCOUNT_TYPE_MAP.put(t.getAccountType(),t);
|
||||
}
|
||||
}
|
||||
|
||||
RoleType(final long id, final Account.Type accountType, final int mask) {
|
||||
this.id = id;
|
||||
this.accountType = accountType;
|
||||
this.mask = mask;
|
||||
@ -43,7 +56,7 @@ public enum RoleType {
|
||||
return id;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
@ -68,26 +81,15 @@ public enum RoleType {
|
||||
return Unknown;
|
||||
}
|
||||
|
||||
public static RoleType getByAccountType(final short accountType) {
|
||||
RoleType roleType = RoleType.Unknown;
|
||||
switch (accountType) {
|
||||
case Account.ACCOUNT_TYPE_ADMIN:
|
||||
roleType = RoleType.Admin;
|
||||
break;
|
||||
case Account.ACCOUNT_TYPE_DOMAIN_ADMIN:
|
||||
roleType = RoleType.DomainAdmin;
|
||||
break;
|
||||
case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN:
|
||||
roleType = RoleType.ResourceAdmin;
|
||||
break;
|
||||
case Account.ACCOUNT_TYPE_NORMAL:
|
||||
roleType = RoleType.User;
|
||||
break;
|
||||
public static RoleType getByAccountType(final Account.Type accountType) {
|
||||
RoleType t = ACCOUNT_TYPE_MAP.get(accountType);
|
||||
if (t == null) {
|
||||
return RoleType.Unknown;
|
||||
}
|
||||
return roleType;
|
||||
return t;
|
||||
}
|
||||
|
||||
public static Long getRoleByAccountType(final Long roleId, final Short accountType) {
|
||||
public static Long getRoleByAccountType(final Long roleId, final Account.Type accountType) {
|
||||
if (roleId == null && accountType != null) {
|
||||
RoleType defaultRoleType = RoleType.getByAccountType(accountType);
|
||||
if (defaultRoleType != null && defaultRoleType != RoleType.Unknown) {
|
||||
@ -97,10 +99,15 @@ public enum RoleType {
|
||||
return roleId;
|
||||
}
|
||||
|
||||
public static Short getAccountTypeByRole(final Role role, final Short accountType) {
|
||||
if (role != null && role.getId() > 0L) {
|
||||
/**
|
||||
* This method returns the role account type if the role isn't null, else it returns the default account type.
|
||||
* */
|
||||
public static Account.Type getAccountTypeByRole(final Role role, final Account.Type defautAccountType) {
|
||||
if (role != null) {
|
||||
logger.debug(String.format("Role [%s] is not null; therefore, we use its account type [%s].", role, defautAccountType));
|
||||
return role.getRoleType().getAccountType();
|
||||
}
|
||||
return accountType;
|
||||
logger.debug(String.format("Role is null; therefore, we use the default account type [%s] value.", defautAccountType));
|
||||
return defautAccountType;
|
||||
}
|
||||
}
|
||||
|
||||
@ -56,9 +56,9 @@ public class CreateAccountCmd extends BaseCmd {
|
||||
private String accountName;
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
|
||||
type = CommandType.SHORT,
|
||||
type = CommandType.INTEGER,
|
||||
description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
|
||||
private Short accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
|
||||
private Long roleId;
|
||||
@ -109,12 +109,12 @@ public class CreateAccountCmd extends BaseCmd {
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public Short getAccountType() {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
|
||||
public Account.Type getAccountType() {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType));
|
||||
}
|
||||
|
||||
public Long getRoleId() {
|
||||
return RoleType.getRoleByAccountType(roleId, accountType);
|
||||
return RoleType.getRoleByAccountType(roleId, getAccountType());
|
||||
}
|
||||
|
||||
public Long getDomainId() {
|
||||
|
||||
@ -85,6 +85,6 @@ public class ListCaCertificateCmd extends BaseCmd {
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
}
|
||||
|
||||
@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.user;
|
||||
|
||||
import com.cloud.server.ResourceIcon;
|
||||
import com.cloud.server.ResourceTag;
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.api.response.ResourceIconResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -42,9 +43,9 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
|
||||
type = CommandType.LONG,
|
||||
type = CommandType.INTEGER,
|
||||
description = "List users by account type. Valid types include admin, domain-admin, read-only-admin, or user.")
|
||||
private Long accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = UserResponse.class, description = "List user by ID.")
|
||||
private Long id;
|
||||
@ -63,8 +64,8 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public Long getAccountType() {
|
||||
return accountType;
|
||||
public Account.Type getAccountType() {
|
||||
return Account.Type.getFromValue(accountType);
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -49,9 +49,9 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
|
||||
type = CommandType.LONG,
|
||||
type = CommandType.INTEGER,
|
||||
description = "list accounts by account type. Valid account types are 1 (admin), 2 (domain-admin), and 0 (user).")
|
||||
private Long accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AccountResponse.class, description = "list account by account ID")
|
||||
private Long id;
|
||||
@ -79,8 +79,8 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
|
||||
/////////////////// Accessors ///////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
|
||||
public Long getAccountType() {
|
||||
return accountType;
|
||||
public Account.Type getAccountType() {
|
||||
return Account.Type.getFromValue(accountType);
|
||||
}
|
||||
|
||||
public Long getId() {
|
||||
|
||||
@ -172,13 +172,13 @@ public class CreateSnapshotCmd extends BaseAsyncCreateCmd {
|
||||
|
||||
Account account = _accountService.getAccount(volume.getAccountId());
|
||||
//Can create templates for enabled projects/accounts only
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
|
||||
if (project.getState() != Project.State.Active) {
|
||||
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() +
|
||||
" as it's no longer active");
|
||||
}
|
||||
} else if (account.getState() == Account.State.disabled) {
|
||||
} else if (account.getState() == Account.State.DISABLED) {
|
||||
throw new PermissionDeniedException("The owner of template is disabled: " + account);
|
||||
}
|
||||
|
||||
|
||||
@ -129,7 +129,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
|
||||
|
||||
Account account = _accountService.getAccount(vmsnapshot.getAccountId());
|
||||
//Can create templates for enabled projects/accounts only
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
Project project = _projectService.findByProjectAccountId(vmsnapshot.getAccountId());
|
||||
if (project == null) {
|
||||
throw new InvalidParameterValueException("Unable to find project by account id=" + account.getUuid());
|
||||
@ -137,7 +137,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
|
||||
if (project.getState() != Project.State.Active) {
|
||||
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getUuid() + " in state=" + project.getState() + " as it's no longer active");
|
||||
}
|
||||
} else if (account.getState() == Account.State.disabled) {
|
||||
} else if (account.getState() == Account.State.DISABLED) {
|
||||
throw new PermissionDeniedException("The owner of template is disabled: " + account);
|
||||
}
|
||||
|
||||
|
||||
@ -125,7 +125,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
|
||||
|
||||
Account account = _accountService.getAccount(volume.getAccountId());
|
||||
//Can create templates for enabled projects/accounts only
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
|
||||
if (project.getState() != Project.State.Active) {
|
||||
PermissionDeniedException ex =
|
||||
@ -133,7 +133,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
|
||||
ex.addProxyObject(project.getUuid(), "projectId");
|
||||
throw ex;
|
||||
}
|
||||
} else if (account.getState() == Account.State.disabled) {
|
||||
} else if (account.getState() == Account.State.DISABLED) {
|
||||
throw new PermissionDeniedException("The owner of template is disabled: " + account);
|
||||
}
|
||||
|
||||
|
||||
@ -151,13 +151,13 @@ public class ResizeVolumeCmd extends BaseAsyncCmd implements UserCmd {
|
||||
|
||||
Account account = _accountService.getAccount(volume.getAccountId());
|
||||
//Can resize volumes for enabled projects/accounts only
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
|
||||
if (project.getState() != Project.State.Active) {
|
||||
throw new PermissionDeniedException("Can't add resources to project id=" + project.getId() + " in state=" + project.getState() +
|
||||
" as it's no longer active");
|
||||
}
|
||||
} else if (account.getState() == Account.State.disabled) {
|
||||
} else if (account.getState() == Account.State.DISABLED) {
|
||||
throw new PermissionDeniedException("The owner of volume " + id + " is disabled: " + account);
|
||||
}
|
||||
|
||||
|
||||
@ -41,7 +41,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_TYPE)
|
||||
@Param(description = "account type (admin, domain-admin, user)")
|
||||
private Short accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@SerializedName(ApiConstants.ROLE_ID)
|
||||
@Param(description = "the ID of the role")
|
||||
@ -280,7 +280,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
public void setAccountType(Short accountType) {
|
||||
public void setAccountType(Integer accountType) {
|
||||
this.accountType = accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -51,7 +51,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_TYPE)
|
||||
@Param(description = "account type (admin, domain-admin, user)")
|
||||
private Short accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@SerializedName(ApiConstants.USER_ID)
|
||||
@Param(description = "Id of the user")
|
||||
@ -96,7 +96,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
|
||||
this.accountName = accountName;
|
||||
}
|
||||
|
||||
public void setAccountType(Short accountType) {
|
||||
public void setAccountType(Integer accountType) {
|
||||
this.accountType = accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -18,6 +18,7 @@ package org.apache.cloudstack.api.response;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import com.google.gson.annotations.SerializedName;
|
||||
|
||||
import org.apache.cloudstack.acl.RoleType;
|
||||
@ -64,7 +65,7 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
|
||||
|
||||
@SerializedName("accounttype")
|
||||
@Param(description = "the account type of the user")
|
||||
private Short accountType;
|
||||
private Integer accountType;
|
||||
|
||||
@SerializedName("usersource")
|
||||
@Param(description = "the source type of the user in lowercase, such as native, ldap, saml2")
|
||||
@ -188,12 +189,12 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
|
||||
this.accountName = accountName;
|
||||
}
|
||||
|
||||
public Short getAccountType() {
|
||||
public Integer getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
public void setAccountType(Short accountType) {
|
||||
this.accountType = accountType;
|
||||
public void setAccountType(Account.Type accountType) {
|
||||
this.accountType = accountType.ordinal();
|
||||
}
|
||||
|
||||
public void setRoleId(String roleId) {
|
||||
|
||||
55
api/src/test/java/com/cloud/user/AccountTypeTest.java
Normal file
55
api/src/test/java/com/cloud/user/AccountTypeTest.java
Normal file
@ -0,0 +1,55 @@
|
||||
// Licensed to the Apache Software Foundation (ASF) under one
|
||||
// or more contributor license agreements. See the NOTICE file
|
||||
// distributed with this work for additional information
|
||||
// regarding copyright ownership. The ASF licenses this file
|
||||
// to you under the Apache License, Version 2.0 (the
|
||||
// "License"); you may not use this file except in compliance
|
||||
// the License. You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing,
|
||||
// software distributed under the License is distributed on an
|
||||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package com.cloud.user;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
public class AccountTypeTest {
|
||||
|
||||
@Test
|
||||
public void ordinalTestIfInCorrectOrder(){
|
||||
Assert.assertEquals(0, Account.Type.NORMAL.ordinal());
|
||||
Assert.assertEquals(1, Account.Type.ADMIN.ordinal());
|
||||
Assert.assertEquals(2, Account.Type.DOMAIN_ADMIN.ordinal());
|
||||
Assert.assertEquals(3, Account.Type.RESOURCE_DOMAIN_ADMIN.ordinal());
|
||||
Assert.assertEquals(4, Account.Type.READ_ONLY_ADMIN.ordinal());
|
||||
Assert.assertEquals(5, Account.Type.PROJECT.ordinal());
|
||||
Assert.assertEquals(6, Account.Type.UNKNOWN.ordinal());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getFromValueTestIfAllValuesAreReturned(){
|
||||
for (Account.Type accountType: Account.Type.values()) {
|
||||
if( accountType != Account.Type.UNKNOWN) {
|
||||
Assert.assertEquals(Account.Type.getFromValue(accountType.ordinal()), accountType);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getFromValueTestInvalidValue(){
|
||||
Assert.assertEquals(Account.Type.getFromValue(null),null);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void stateToStringTestAllValues(){
|
||||
Assert.assertEquals(Account.State.ENABLED.toString(), "enabled");
|
||||
Assert.assertEquals(Account.State.DISABLED.toString(), "disabled");
|
||||
Assert.assertEquals(Account.State.LOCKED.toString(), "locked");
|
||||
}
|
||||
}
|
||||
@ -55,37 +55,37 @@ public class RoleTypeTest {
|
||||
|
||||
@Test
|
||||
public void testGetByAccountType() {
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_NORMAL), RoleType.User);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_ADMIN), RoleType.Admin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), RoleType.DomainAdmin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_PROJECT), RoleType.Unknown);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.Type.NORMAL), RoleType.User);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.Type.ADMIN), RoleType.Admin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.Type.DOMAIN_ADMIN), RoleType.DomainAdmin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.Type.RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
|
||||
Assert.assertEquals(RoleType.getByAccountType(Account.Type.PROJECT), RoleType.Unknown);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetRoleByAccountTypeWhenRoleIdIsProvided() {
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.ACCOUNT_TYPE_ADMIN), Long.valueOf(123L));
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.Type.ADMIN), Long.valueOf(123L));
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(1234L, null), Long.valueOf(1234L));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetRoleByAccountTypeForDefaultAccountTypes() {
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_ADMIN), (Long) RoleType.Admin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_NORMAL), (Long) RoleType.User.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_PROJECT), null);
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.ADMIN), (Long) RoleType.Admin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.NORMAL), (Long) RoleType.User.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
|
||||
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.PROJECT), null);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetAccountTypeByRoleWhenRoleIsNull() {
|
||||
for (Short accountType: Arrays.asList(
|
||||
Account.ACCOUNT_TYPE_NORMAL,
|
||||
Account.ACCOUNT_TYPE_ADMIN,
|
||||
Account.ACCOUNT_TYPE_DOMAIN_ADMIN,
|
||||
Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN,
|
||||
Account.ACCOUNT_TYPE_PROJECT,
|
||||
(short) 12345)) {
|
||||
for (Account.Type accountType: Arrays.asList(
|
||||
Account.Type.NORMAL,
|
||||
Account.Type.ADMIN,
|
||||
Account.Type.DOMAIN_ADMIN,
|
||||
Account.Type.RESOURCE_DOMAIN_ADMIN,
|
||||
Account.Type.PROJECT,
|
||||
null)) {
|
||||
Assert.assertEquals(RoleType.getAccountTypeByRole(null, accountType), accountType);
|
||||
}
|
||||
}
|
||||
@ -95,6 +95,6 @@ public class RoleTypeTest {
|
||||
Role role = Mockito.mock(Role.class);
|
||||
Mockito.when(role.getRoleType()).thenReturn(RoleType.Admin);
|
||||
Mockito.when(role.getId()).thenReturn(100L);
|
||||
Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), (Short) RoleType.Admin.getAccountType());
|
||||
Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), RoleType.Admin.getAccountType());
|
||||
}
|
||||
}
|
||||
@ -49,7 +49,7 @@ public class CreateAccountCmdTest {
|
||||
private CreateAccountCmd createAccountCmd = new CreateAccountCmd();
|
||||
|
||||
private long roleId = 1L;
|
||||
private short accountType = 1;
|
||||
private Integer accountType = 1;
|
||||
private Long domainId = 1L;
|
||||
|
||||
@Before
|
||||
|
||||
@ -25,6 +25,7 @@ import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.acl.RoleType;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
@ -70,8 +71,8 @@ public class Upgrade481to490 implements DbUpgrade {
|
||||
final ResultSet selectResultSet = selectStatement.executeQuery()) {
|
||||
while (selectResultSet.next()) {
|
||||
final Long accountId = selectResultSet.getLong(1);
|
||||
final Short accountType = selectResultSet.getShort(2);
|
||||
final Long roleId = RoleType.getByAccountType(accountType).getId();
|
||||
final Integer accountType = selectResultSet.getInt(2);
|
||||
final Long roleId = RoleType.getByAccountType(Account.Type.getFromValue(accountType)).getId();
|
||||
if (roleId < 1L || roleId > 4L) {
|
||||
s_logger.warn("Skipping role ID migration due to invalid role_id resolved for account id=" + accountId);
|
||||
continue;
|
||||
|
||||
@ -113,7 +113,7 @@ public class UsageDaoImpl extends GenericDaoBase<UsageVO, Long> implements Usage
|
||||
for (AccountVO acct : accounts) {
|
||||
pstmt.setLong(1, acct.getId());
|
||||
pstmt.setString(2, acct.getAccountName());
|
||||
pstmt.setShort(3, acct.getType());
|
||||
pstmt.setInt(3, acct.getType().ordinal());
|
||||
|
||||
//prevent autoboxing NPE by defaulting to User role
|
||||
if(acct.getRoleId() == null){
|
||||
|
||||
@ -42,7 +42,8 @@ public class AccountVO implements Account {
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "type")
|
||||
private short type = ACCOUNT_TYPE_NORMAL;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Type type;
|
||||
|
||||
@Column(name = "role_id")
|
||||
private Long roleId;
|
||||
@ -84,17 +85,17 @@ public class AccountVO implements Account {
|
||||
uuid = UUID.randomUUID().toString();
|
||||
}
|
||||
|
||||
public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final String uuid) {
|
||||
public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final String uuid) {
|
||||
this.accountName = accountName;
|
||||
this.domainId = domainId;
|
||||
this.networkDomain = networkDomain;
|
||||
this.type = type;
|
||||
this.state = State.enabled;
|
||||
this.state = State.ENABLED;
|
||||
this.uuid = uuid;
|
||||
this.roleId = RoleType.getRoleByAccountType(null, type);
|
||||
}
|
||||
|
||||
public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final Long roleId, final String uuid) {
|
||||
public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final Long roleId, final String uuid) {
|
||||
this(accountName, domainId, networkDomain, type, uuid);
|
||||
if (roleId != null) {
|
||||
this.roleId = roleId;
|
||||
@ -128,11 +129,11 @@ public class AccountVO implements Account {
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getType() {
|
||||
public Account.Type getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public void setType(short type) {
|
||||
public void setType(Type type) {
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
|
||||
@ -122,7 +122,7 @@ public class UserVO implements User, Identity, InternalIdentity {
|
||||
this.lastname = lastName;
|
||||
this.email = email;
|
||||
this.timezone = timezone;
|
||||
this.state = State.enabled;
|
||||
this.state = State.ENABLED;
|
||||
this.uuid = uuid;
|
||||
this.source = source;
|
||||
}
|
||||
|
||||
@ -119,7 +119,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
public List<AccountVO> findCleanupsForDisabledAccounts() {
|
||||
SearchCriteria<AccountVO> sc = CleanupForDisabledAccountsSearch.create();
|
||||
sc.setParameters("cleanup", true);
|
||||
sc.setParameters("state", State.disabled);
|
||||
sc.setParameters("state", State.DISABLED);
|
||||
|
||||
return listBy(sc);
|
||||
}
|
||||
@ -140,14 +140,14 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
u.setUsername(rs.getString(2));
|
||||
u.setAccountId(rs.getLong(3));
|
||||
u.setSecretKey(DBEncryptionUtil.decrypt(rs.getString(4)));
|
||||
u.setState(State.valueOf(rs.getString(5)));
|
||||
u.setState(State.getValueOf(rs.getString(5)));
|
||||
|
||||
AccountVO a = new AccountVO(rs.getLong(6));
|
||||
a.setAccountName(rs.getString(7));
|
||||
a.setType(rs.getShort(8));
|
||||
a.setType(Account.Type.getFromValue(rs.getInt(8)));
|
||||
a.setRoleId(rs.getLong(9));
|
||||
a.setDomainId(rs.getLong(10));
|
||||
a.setState(State.valueOf(rs.getString(11)));
|
||||
a.setState(State.getValueOf(rs.getString(11)));
|
||||
|
||||
userAcctPair = new Pair<User, Account>(u, a);
|
||||
}
|
||||
@ -175,7 +175,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
public Account findEnabledAccount(String accountName, Long domainId) {
|
||||
SearchCriteria<AccountVO> sc = AllFieldsSearch.create("accountName", accountName);
|
||||
sc.setParameters("domainId", domainId);
|
||||
sc.setParameters("state", State.enabled);
|
||||
sc.setParameters("state", State.ENABLED);
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
@ -183,8 +183,8 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
public Account findEnabledNonProjectAccount(String accountName, Long domainId) {
|
||||
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
|
||||
sc.setParameters("domainId", domainId);
|
||||
sc.setParameters("state", State.enabled);
|
||||
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("state", State.ENABLED);
|
||||
sc.setParameters("type", Account.Type.PROJECT);
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
@ -206,7 +206,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
public Account findActiveNonProjectAccount(String accountName, Long domainId) {
|
||||
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
|
||||
sc.setParameters("domainId", domainId);
|
||||
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("type", Account.Type.PROJECT);
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
@ -221,7 +221,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
|
||||
public Account findNonProjectAccountIncludingRemoved(String accountName, Long domainId) {
|
||||
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
|
||||
sc.setParameters("domainId", domainId);
|
||||
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("type", Account.Type.PROJECT);
|
||||
return findOneIncludingRemovedBy(sc);
|
||||
}
|
||||
|
||||
|
||||
@ -21,6 +21,8 @@ import java.util.UUID;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.EnumType;
|
||||
import javax.persistence.Enumerated;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.GenerationType;
|
||||
import javax.persistence.Id;
|
||||
@ -28,6 +30,7 @@ import javax.persistence.PrimaryKeyJoinColumn;
|
||||
import javax.persistence.SecondaryTable;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
|
||||
@Entity
|
||||
@ -58,7 +61,8 @@ public class InstanceGroupVO implements InstanceGroup {
|
||||
private String uuid;
|
||||
|
||||
@Column(name = "type", table = "account", insertable = false, updatable = false)
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
public InstanceGroupVO(String name, long accountId) {
|
||||
this.name = name;
|
||||
@ -113,7 +117,7 @@ public class InstanceGroupVO implements InstanceGroup {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -641,7 +641,7 @@ public class UserVmDaoImpl extends GenericDaoBase<UserVmVO, Long> implements Use
|
||||
nicResponse.setMacAddress(rs.getString("nics.mac_address"));
|
||||
|
||||
int account_type = rs.getInt("account.type");
|
||||
if (account_type == Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (account_type == Account.Type.ADMIN.ordinal()) {
|
||||
nicResponse.setBroadcastUri(rs.getString("nics.broadcast_uri"));
|
||||
nicResponse.setIsolationUri(rs.getString("nics.isolation_uri"));
|
||||
}
|
||||
|
||||
@ -248,11 +248,11 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
|
||||
try (TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB)) {
|
||||
Account account = _accountDao.findById(accountId);
|
||||
if (account != null) {
|
||||
if (account.getState() == State.locked) {
|
||||
if (account.getState() == State.LOCKED) {
|
||||
return true; // already locked, no-op
|
||||
} else if (account.getState() == State.enabled) {
|
||||
} else if (account.getState() == State.ENABLED) {
|
||||
AccountVO acctForUpdate = _accountDao.createForUpdate();
|
||||
acctForUpdate.setState(State.locked);
|
||||
acctForUpdate.setState(State.LOCKED);
|
||||
success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
|
||||
} else {
|
||||
if (s_logger.isInfoEnabled()) {
|
||||
|
||||
@ -27,6 +27,7 @@ import java.util.TimeZone;
|
||||
import javax.inject.Inject;
|
||||
import javax.naming.ConfigurationException;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
|
||||
import org.apache.cloudstack.quota.constant.QuotaTypes;
|
||||
import org.apache.cloudstack.quota.dao.QuotaAccountDao;
|
||||
@ -467,7 +468,7 @@ public class QuotaManagerImpl extends ManagerBase implements QuotaManager {
|
||||
|
||||
@Override
|
||||
public boolean isLockable(AccountVO account) {
|
||||
return (account.getType() == AccountVO.ACCOUNT_TYPE_NORMAL || account.getType() == AccountVO.ACCOUNT_TYPE_DOMAIN_ADMIN);
|
||||
return (account.getType() == Account.Type.NORMAL || account.getType() == Account.Type.DOMAIN_ADMIN);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -85,7 +85,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
|
||||
AccountVO accountVO = new AccountVO();
|
||||
accountVO.setId(2L);
|
||||
accountVO.setDomainId(1L);
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
|
||||
|
||||
QuotaAccountVO acc = new QuotaAccountVO(2L);
|
||||
@ -123,7 +123,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
|
||||
AccountVO account = new AccountVO();
|
||||
account.setId(2L);
|
||||
account.setDomainId(1L);
|
||||
account.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
account.setType(Account.Type.NORMAL);
|
||||
account.setAccountName("admin");
|
||||
account.setUuid("uuid");
|
||||
|
||||
@ -182,8 +182,8 @@ public class QuotaAlertManagerImplTest extends TestCase {
|
||||
AccountVO accountVO = new AccountVO();
|
||||
accountVO.setId(2L);
|
||||
accountVO.setDomainId(1L);
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setState(Account.State.enabled);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
accountVO.setState(Account.State.ENABLED);
|
||||
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
|
||||
Mockito.when(accountDao.createForUpdate()).thenReturn(accountVO);
|
||||
Mockito.when(accountDao.update(Mockito.eq(accountVO.getId()), Mockito.eq(accountVO))).thenReturn(true);
|
||||
|
||||
@ -113,7 +113,7 @@ public class QuotaManagerImplTest extends TestCase {
|
||||
AccountVO accountVO = new AccountVO();
|
||||
accountVO.setId(2L);
|
||||
accountVO.setDomainId(1L);
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
List<AccountVO> accountVOList = new ArrayList<>();
|
||||
accountVOList.add(accountVO);
|
||||
Mockito.when(accountDao.listAll()).thenReturn(accountVOList);
|
||||
@ -140,7 +140,7 @@ public class QuotaManagerImplTest extends TestCase {
|
||||
AccountVO accountVO = new AccountVO();
|
||||
accountVO.setId(2L);
|
||||
accountVO.setDomainId(1L);
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
|
||||
UsageVO usageVO = new UsageVO();
|
||||
usageVO.setQuotaCalculated(0);
|
||||
@ -189,7 +189,7 @@ public class QuotaManagerImplTest extends TestCase {
|
||||
AccountVO accountVO = new AccountVO();
|
||||
accountVO.setId(2L);
|
||||
accountVO.setDomainId(1L);
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
|
||||
QuotaUsageVO quotaUsageVO = new QuotaUsageVO();
|
||||
quotaUsageVO.setAccountId(2L);
|
||||
@ -206,37 +206,37 @@ public class QuotaManagerImplTest extends TestCase {
|
||||
|
||||
@Test
|
||||
public void testAdminLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_ADMIN);
|
||||
accountVO.setType(Account.Type.ADMIN);
|
||||
assertFalse(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNormalLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
accountVO.setType(Account.Type.NORMAL);
|
||||
assertTrue(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void tesDomainAdmingLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
|
||||
accountVO.setType(Account.Type.DOMAIN_ADMIN);
|
||||
assertTrue(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testReadOnlyAdminLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_READ_ONLY_ADMIN);
|
||||
accountVO.setType(Account.Type.READ_ONLY_ADMIN);
|
||||
assertFalse(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testResourceDomainAdminLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN);
|
||||
accountVO.setType(Account.Type.RESOURCE_DOMAIN_ADMIN);
|
||||
assertFalse(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testProjectLockableAccount() {
|
||||
accountVO.setType(Account.ACCOUNT_TYPE_PROJECT);
|
||||
accountVO.setType(Account.Type.PROJECT);
|
||||
assertFalse(quotaManager.isLockable(accountVO));
|
||||
}
|
||||
|
||||
|
||||
@ -53,7 +53,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
|
||||
}
|
||||
|
||||
private Account getTestAccount() {
|
||||
return new AccountVO("some name", 1L, "network-domain", (short)0, "some-uuid");
|
||||
return new AccountVO("some name", 1L, "network-domain", Account.Type.NORMAL, "some-uuid");
|
||||
}
|
||||
|
||||
private Role getTestRole() {
|
||||
@ -103,7 +103,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
|
||||
|
||||
@Test
|
||||
public void testDefaultRootAdminAccess() {
|
||||
Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, (short)1, "some-uuid"));
|
||||
Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, Account.Type.ADMIN, "some-uuid"));
|
||||
Mockito.when(roleService.findRole(Mockito.anyLong())).thenReturn(new RoleVO(1L, "SomeRole", RoleType.Admin, "default root admin role"));
|
||||
assertTrue(apiAccessChecker.checkAccess(getTestUser(), "anyApi"));
|
||||
}
|
||||
|
||||
@ -67,7 +67,7 @@ public static void setUp() throws ConfigurationException {
|
||||
|
||||
// Standard responses
|
||||
AccountVO acct = new AccountVO(s_acctIdSeq);
|
||||
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
acct.setType(Account.Type.NORMAL);
|
||||
acct.setAccountName("demo");
|
||||
s_testAccount = acct;
|
||||
|
||||
|
||||
@ -23,7 +23,6 @@ import org.apache.cloudstack.api.APICommand;
|
||||
import org.apache.cloudstack.api.ApiConstants;
|
||||
import org.apache.cloudstack.api.BaseListCmd;
|
||||
import org.apache.cloudstack.api.Parameter;
|
||||
import org.apache.cloudstack.api.BaseCmd.CommandType;
|
||||
import org.apache.cloudstack.api.response.DomainResponse;
|
||||
import org.apache.cloudstack.api.response.ListResponse;
|
||||
import org.apache.cloudstack.api.response.QuotaResponseBuilder;
|
||||
@ -60,7 +59,7 @@ public class QuotaSummaryCmd extends BaseListCmd {
|
||||
public void execute() {
|
||||
Account caller = CallContext.current().getCallingAccount();
|
||||
Pair<List<QuotaSummaryResponse>, Integer> responses;
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN) { //admin account
|
||||
if (caller.getType() == Account.Type.ADMIN) {
|
||||
if (getAccountName() != null && getDomainId() != null)
|
||||
responses = _responseBuilder.createQuotaSummaryResponse(getAccountName(), getDomainId());
|
||||
else
|
||||
|
||||
@ -434,12 +434,12 @@ public class QuotaResponseBuilderImpl implements QuotaResponseBuilder {
|
||||
_quotaService.saveQuotaAccount(account, currentAccountBalance, despositedOn);
|
||||
if (lockAccountEnforcement) {
|
||||
if (currentAccountBalance.compareTo(new BigDecimal(0)) >= 0) {
|
||||
if (account.getState() == Account.State.locked) {
|
||||
if (account.getState() == Account.State.LOCKED) {
|
||||
s_logger.info("UnLocking account " + account.getAccountName() + " , due to positive balance " + currentAccountBalance);
|
||||
_accountMgr.enableAccount(account.getAccountName(), domainId, accountId);
|
||||
}
|
||||
} else { // currentAccountBalance < 0 then lock the account
|
||||
if (_quotaManager.isLockable(account) && account.getState() == Account.State.enabled && enforce) {
|
||||
if (_quotaManager.isLockable(account) && account.getState() == Account.State.ENABLED && enforce) {
|
||||
s_logger.info("Locking account " + account.getAccountName() + " , due to negative balance " + currentAccountBalance);
|
||||
_accountMgr.lockAccount(account.getAccountName(), domainId, accountId);
|
||||
}
|
||||
|
||||
@ -152,7 +152,7 @@ public class QuotaResponseBuilderImplTest extends TestCase {
|
||||
Mockito.when(quotaService.computeAdjustedTime(Mockito.any(Date.class))).thenReturn(new Date());
|
||||
|
||||
AccountVO account = new AccountVO();
|
||||
account.setState(Account.State.locked);
|
||||
account.setState(Account.State.LOCKED);
|
||||
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(account);
|
||||
|
||||
QuotaCreditsResponse resp = quotaResponseBuilder.addQuotaCredits(accountId, domainId, amount, updatedBy, true);
|
||||
|
||||
@ -115,7 +115,7 @@ public class DedicatedApiUnitTest {
|
||||
@Before
|
||||
public void setUp() {
|
||||
ComponentContext.initComponentsLifeCycle();
|
||||
AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.ACCOUNT_TYPE_NORMAL, "uuid");
|
||||
AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.Type.NORMAL, "uuid");
|
||||
DomainVO domain = new DomainVO("rootDomain", 5L, 5L, "networkDomain");
|
||||
|
||||
UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
|
||||
@ -164,7 +164,7 @@ public class ImplicitPlannerTest {
|
||||
public void setUp() {
|
||||
ComponentContext.initComponentsLifeCycle();
|
||||
|
||||
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
acct.setType(Account.Type.NORMAL);
|
||||
acct.setAccountName("user1");
|
||||
acct.setDomainId(domainId);
|
||||
acct.setId(accountId);
|
||||
|
||||
@ -246,14 +246,14 @@ public class BaremetalVlanManagerImpl extends ManagerBase implements BaremetalVl
|
||||
acnt = new AccountVO();
|
||||
acnt.setAccountName(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
|
||||
acnt.setUuid(UUID.randomUUID().toString());
|
||||
acnt.setState(Account.State.enabled);
|
||||
acnt.setState(Account.State.ENABLED);
|
||||
acnt.setDomainId(1);
|
||||
acnt.setType(RoleType.User.getAccountType());
|
||||
acnt.setRoleId(RoleType.User.getId());
|
||||
acnt = acntDao.persist(acnt);
|
||||
|
||||
UserVO user = new UserVO();
|
||||
user.setState(Account.State.enabled);
|
||||
user.setState(Account.State.ENABLED);
|
||||
user.setUuid(UUID.randomUUID().toString());
|
||||
user.setAccountId(acnt.getAccountId());
|
||||
user.setUsername(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
|
||||
|
||||
@ -181,7 +181,7 @@ public class VmwareDatacenterApiUnitTest {
|
||||
podId = 1L;
|
||||
|
||||
AccountVO acct = new AccountVO(200L);
|
||||
acct.setType(Account.ACCOUNT_TYPE_ADMIN);
|
||||
acct.setType(Account.Type.ADMIN);
|
||||
acct.setAccountName("admin");
|
||||
acct.setDomainId(domainId);
|
||||
|
||||
|
||||
@ -529,7 +529,7 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
|
||||
response.setKubernetesVersionName(version.getName());
|
||||
}
|
||||
Account account = ApiDBUtils.findAccountById(kubernetesCluster.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
|
||||
response.setProjectId(project.getUuid());
|
||||
response.setProjectName(project.getName());
|
||||
|
||||
@ -149,7 +149,7 @@ public class KubernetesVersionServiceTest {
|
||||
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
|
||||
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
|
||||
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
CallContext.register(user, account);
|
||||
when(cmd.getSemanticVersion()).thenReturn("1.1.1");
|
||||
@ -161,7 +161,7 @@ public class KubernetesVersionServiceTest {
|
||||
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
|
||||
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU-1);
|
||||
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
|
||||
CallContext.register(user, account);
|
||||
@ -173,7 +173,7 @@ public class KubernetesVersionServiceTest {
|
||||
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
|
||||
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
|
||||
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE-10);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
|
||||
CallContext.register(user, account);
|
||||
@ -185,7 +185,7 @@ public class KubernetesVersionServiceTest {
|
||||
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
|
||||
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
|
||||
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
|
||||
CallContext.register(user, account);
|
||||
@ -196,7 +196,7 @@ public class KubernetesVersionServiceTest {
|
||||
@Test
|
||||
public void addKubernetesSupportedVersionIsoUrlTest() throws ResourceAllocationException, NoSuchFieldException {
|
||||
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
CallContext.register(user, account);
|
||||
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
|
||||
@ -204,7 +204,7 @@ public class KubernetesVersionServiceTest {
|
||||
when(cmd.getChecksum()).thenReturn(null);
|
||||
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
|
||||
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
|
||||
Account systemAccount = new AccountVO("system", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
Account systemAccount = new AccountVO("system", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
when(accountManager.getSystemAccount()).thenReturn(systemAccount);
|
||||
PowerMockito.mockStatic(ComponentContext.class);
|
||||
when(ComponentContext.inject(Mockito.any(RegisterIsoCmd.class))).thenReturn(new RegisterIsoCmd());
|
||||
@ -218,7 +218,7 @@ public class KubernetesVersionServiceTest {
|
||||
@Test(expected = CloudRuntimeException.class)
|
||||
public void deleteKubernetesSupportedVersionExistingClustersTest() {
|
||||
DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
CallContext.register(user, account);
|
||||
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
|
||||
@ -231,7 +231,7 @@ public class KubernetesVersionServiceTest {
|
||||
@Test
|
||||
public void deleteKubernetesSupportedVersionTest() {
|
||||
DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
CallContext.register(user, account);
|
||||
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
|
||||
@ -249,7 +249,7 @@ public class KubernetesVersionServiceTest {
|
||||
public void updateKubernetesSupportedVersionTest() {
|
||||
UpdateKubernetesSupportedVersionCmd cmd = Mockito.mock(UpdateKubernetesSupportedVersionCmd.class);
|
||||
when(cmd.getState()).thenReturn(KubernetesSupportedVersion.State.Disabled.toString());
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
|
||||
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
|
||||
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
|
||||
CallContext.register(user, account);
|
||||
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
|
||||
|
||||
@ -111,7 +111,7 @@ public class GloboDnsElementTest {
|
||||
ComponentContext.initComponentsLifeCycle();
|
||||
|
||||
acct = new AccountVO(200L);
|
||||
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
|
||||
acct.setType(Account.Type.NORMAL);
|
||||
acct.setAccountName("user");
|
||||
acct.setDomainId(domainId);
|
||||
|
||||
|
||||
@ -438,7 +438,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
||||
@Override
|
||||
public String getProjectName(long accountId) {
|
||||
Account account = _accountDao.findById(accountId);
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
ProjectVO project = _projectDao.findByProjectAccountId(account.getId());
|
||||
if (project != null) {
|
||||
return project.getName();
|
||||
@ -455,7 +455,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
|
||||
|
||||
private ProjectVO getProject(long accountId) {
|
||||
Account account = _accountDao.findById(accountId);
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
return _projectDao.findByProjectAccountId(account.getId());
|
||||
}
|
||||
return null;
|
||||
|
||||
@ -239,7 +239,7 @@ public class ServiceManagerImpl implements ServiceManager {
|
||||
response.setId(vm.getUuid());
|
||||
Account owner = _accountService.getAccount(vm.getAccountId());
|
||||
|
||||
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (owner.getType() == Account.Type.PROJECT) {
|
||||
Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(owner.getAccountId());
|
||||
response.setProjectId(project.getUuid());
|
||||
response.setProjectName(project.getName());
|
||||
|
||||
@ -150,7 +150,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId,
|
||||
public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType, Long roleId,
|
||||
Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source) {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
@ -404,7 +404,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Account createAccount(String accountName, short accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
|
||||
public Account createAccount(String accountName, Account.Type accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
|
||||
final AccountVO account = new AccountVO(accountName, domainId, networkDomain, accountType, roleId, uuid);
|
||||
Transaction.execute(new TransactionCallbackNoReturn() {
|
||||
@Override
|
||||
|
||||
@ -56,8 +56,8 @@ public class LdapCreateAccountCmd extends BaseCmd {
|
||||
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
|
||||
private String accountName;
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
|
||||
private Short accountType;
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
|
||||
private Integer accountType;
|
||||
|
||||
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
|
||||
private Long roleId;
|
||||
@ -105,12 +105,15 @@ public class LdapCreateAccountCmd extends BaseCmd {
|
||||
}
|
||||
}
|
||||
|
||||
public Short getAccountType() {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
|
||||
public Account.Type getAccountType() {
|
||||
if (accountType == null) {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
|
||||
}
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
|
||||
}
|
||||
|
||||
public Long getRoleId() {
|
||||
return RoleType.getRoleByAccountType(roleId, accountType);
|
||||
return RoleType.getRoleByAccountType(roleId, getAccountType());
|
||||
}
|
||||
|
||||
private String getAccountName() {
|
||||
|
||||
@ -68,8 +68,8 @@ public class LdapImportUsersCmd extends BaseListCmd {
|
||||
@Parameter(name = ApiConstants.TIMEZONE, type = CommandType.STRING, description = "Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
|
||||
private String timezone;
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
|
||||
private Short accountType;
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
|
||||
private Integer accountType;
|
||||
|
||||
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
|
||||
private Long roleId;
|
||||
@ -167,12 +167,15 @@ public class LdapImportUsersCmd extends BaseListCmd {
|
||||
setResponseObject(response);
|
||||
}
|
||||
|
||||
public Short getAccountType() {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
|
||||
public Account.Type getAccountType() {
|
||||
if (accountType == null) {
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
|
||||
}
|
||||
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
|
||||
}
|
||||
|
||||
public Long getRoleId() {
|
||||
return RoleType.getRoleByAccountType(roleId, accountType);
|
||||
return RoleType.getRoleByAccountType(roleId, getAccountType());
|
||||
}
|
||||
|
||||
private String getAccountName(LdapUser user) {
|
||||
|
||||
@ -61,9 +61,9 @@ public class LinkAccountToLdapCmd extends BaseCmd {
|
||||
@Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
|
||||
private String admin;
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
|
||||
+ "domain admin")
|
||||
private short accountType;
|
||||
private int accountType;
|
||||
|
||||
@Inject
|
||||
private LdapManager _ldapManager;
|
||||
@ -84,7 +84,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
|
||||
if (account == null) {
|
||||
try {
|
||||
UserAccount userAccount = _accountService
|
||||
.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
|
||||
.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
|
||||
UUID.randomUUID().toString(), User.Source.LDAP);
|
||||
response.setAdminId(String.valueOf(userAccount.getAccountId()));
|
||||
LOGGER.info("created an account with name " + admin + " in the given domain " + domainId);
|
||||
@ -136,7 +136,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
|
||||
return admin;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
return accountType;
|
||||
public Account.Type getAccountType() {
|
||||
return Account.Type.getFromValue(accountType);
|
||||
}
|
||||
}
|
||||
|
||||
@ -64,9 +64,9 @@ public class LinkDomainToLdapCmd extends BaseCmd {
|
||||
@Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
|
||||
private String admin;
|
||||
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
|
||||
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
|
||||
"domain admin")
|
||||
private short accountType;
|
||||
private int accountType;
|
||||
|
||||
@Inject
|
||||
private LdapManager _ldapManager;
|
||||
@ -87,8 +87,8 @@ public class LinkDomainToLdapCmd extends BaseCmd {
|
||||
return admin;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
return accountType;
|
||||
public Account.Type getAccountType() {
|
||||
return Account.Type.getFromValue(accountType);
|
||||
}
|
||||
|
||||
|
||||
@ -108,7 +108,7 @@ public class LinkDomainToLdapCmd extends BaseCmd {
|
||||
if (account == null) {
|
||||
try {
|
||||
UserAccount userAccount = _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
|
||||
admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
|
||||
admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
|
||||
response.setAdminId(String.valueOf(userAccount.getAccountId()));
|
||||
s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
|
||||
} catch (Exception e) {
|
||||
|
||||
@ -39,7 +39,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_TYPE)
|
||||
@Param(description = "Type of the account to auto import")
|
||||
private short accountType;
|
||||
private int accountType;
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_ID)
|
||||
@Param(description = "Domain Admin accountId that is created")
|
||||
@ -50,7 +50,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
|
||||
private String accountName;
|
||||
|
||||
|
||||
public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, short accountType, String adminId, String accountName) {
|
||||
public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, int accountType, String adminId, String accountName) {
|
||||
this.domainId = domainId;
|
||||
this.type = type;
|
||||
this.ldapDomain = ldapDomain;
|
||||
@ -71,7 +71,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
|
||||
return type;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public Integer getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -44,13 +44,13 @@ public class LinkDomainToLdapResponse extends BaseResponse {
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_TYPE)
|
||||
@Param(description = "Type of the account to auto import")
|
||||
private short accountType;
|
||||
private int accountType;
|
||||
|
||||
@SerializedName(ApiConstants.ACCOUNT_ID)
|
||||
@Param(description = "Domain Admin accountId that is created")
|
||||
private String adminId;
|
||||
|
||||
public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, short accountType) {
|
||||
public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, int accountType) {
|
||||
this.domainId = domainId;
|
||||
this.name = ldapDomain;
|
||||
this.ldapDomain = ldapDomain;
|
||||
@ -70,7 +70,7 @@ public class LinkDomainToLdapResponse extends BaseResponse {
|
||||
return type;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public int getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -227,7 +227,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
|
||||
Pair<Boolean, ActionOnFailedAuthentication> rc = new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
|
||||
try {
|
||||
LdapUser ldapUser = _ldapManager.getUser(username, ldapTrustMapVO.getType().toString(), ldapTrustMapVO.getName(), domainId);
|
||||
final short accountType = ldapTrustMapVO.getAccountType();
|
||||
final Account.Type accountType = ldapTrustMapVO.getAccountType();
|
||||
processLdapUser(password, domainId, user, rc, ldapUser, accountType);
|
||||
} catch (NoLdapUserMatchingQueryException e) {
|
||||
LOGGER.debug(e.getMessage());
|
||||
@ -237,7 +237,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
|
||||
return rc;
|
||||
}
|
||||
|
||||
private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, short accountType) {
|
||||
private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, Account.Type accountType) {
|
||||
if(!ldapUser.isDisabled()) {
|
||||
rc.first(_ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId));
|
||||
if(rc.first()) {
|
||||
@ -289,12 +289,12 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
|
||||
}
|
||||
|
||||
private void enableUserInCloudStack(UserAccount user) {
|
||||
if(user != null && (user.getState().equalsIgnoreCase(Account.State.disabled.toString()))) {
|
||||
if(user != null && (user.getState().equalsIgnoreCase(Account.State.DISABLED.toString()))) {
|
||||
_accountManager.enableUser(user.getId());
|
||||
}
|
||||
}
|
||||
|
||||
private void createCloudStackUserAccount(LdapUser user, long domainId, short accountType) {
|
||||
private void createCloudStackUserAccount(LdapUser user, long domainId, Account.Type accountType) {
|
||||
String username = user.getUsername();
|
||||
_accountManager.createUserAccount(username, "", user.getFirstname(), user.getLastname(), user.getEmail(), null, username,
|
||||
accountType, RoleType.getByAccountType(accountType).getId(), domainId, null, null,
|
||||
|
||||
@ -378,12 +378,12 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
|
||||
return linkDomainToLdap(cmd.getDomainId(),cmd.getType(), ldapDomain,cmd.getAccountType());
|
||||
}
|
||||
|
||||
private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, short accountType) {
|
||||
private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, Account.Type accountType) {
|
||||
Validate.notNull(type, "type cannot be null. It should either be GROUP or OU");
|
||||
Validate.notNull(domainId, "domainId cannot be null.");
|
||||
Validate.notEmpty(name, "GROUP or OU name cannot be empty");
|
||||
//Account type should be 0 or 2. check the constants in com.cloud.user.Account
|
||||
Validate.isTrue(accountType==0 || accountType==2, "accountype should be either 0(normal user) or 2(domain admin)");
|
||||
Validate.isTrue(accountType== Account.Type.NORMAL || accountType== Account.Type.DOMAIN_ADMIN, "accountype should be either 0(normal user) or 2(domain admin)");
|
||||
LinkType linkType = LdapManager.LinkType.valueOf(type.toUpperCase());
|
||||
LdapTrustMapVO vo = _ldapTrustMapDao.persist(new LdapTrustMapVO(domainId, linkType, name, accountType, 0));
|
||||
DomainVO domain = domainDao.findById(vo.getDomainId());
|
||||
@ -393,7 +393,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
|
||||
} else {
|
||||
domainUuid = domain.getUuid();
|
||||
}
|
||||
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType());
|
||||
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal());
|
||||
return response;
|
||||
}
|
||||
|
||||
@ -443,7 +443,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
|
||||
domainUuid = domain.getUuid();
|
||||
}
|
||||
|
||||
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType(), account.getUuid(), cmd.getAccountName());
|
||||
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal(), account.getUuid(), cmd.getAccountName());
|
||||
return response;
|
||||
}
|
||||
|
||||
|
||||
@ -18,15 +18,18 @@
|
||||
*/
|
||||
package org.apache.cloudstack.ldap;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.EnumType;
|
||||
import javax.persistence.Enumerated;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.GenerationType;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
|
||||
@Entity
|
||||
@Table(name = "ldap_trust_map")
|
||||
public class LdapTrustMapVO implements InternalIdentity {
|
||||
@ -49,13 +52,14 @@ public class LdapTrustMapVO implements InternalIdentity {
|
||||
private long accountId;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
|
||||
public LdapTrustMapVO() {
|
||||
}
|
||||
|
||||
public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, short accountType, long accountId) {
|
||||
public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, Account.Type accountType, long accountId) {
|
||||
this.domainId = domainId;
|
||||
this.type = type;
|
||||
this.name = name;
|
||||
@ -80,7 +84,7 @@ public class LdapTrustMapVO implements InternalIdentity {
|
||||
return domainId;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
@ -121,7 +125,7 @@ public class LdapTrustMapVO implements InternalIdentity {
|
||||
result = 31 * result + name.hashCode();
|
||||
result = 31 * result + (int) (domainId ^ (domainId >>> 32));
|
||||
result = 31 * result + (int) (accountId ^ (accountId >>> 32));
|
||||
result = 31 * result + (int) accountType;
|
||||
result = 31 * result + accountType.ordinal();
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
@ -204,7 +204,7 @@ class LdapAuthenticatorSpec extends spock.lang.Specification {
|
||||
UserAccount userAccount = Mock(UserAccount)
|
||||
userAccountDao.getUserAccount(username, domainId) >> userAccount
|
||||
userAccount.getId() >> 1
|
||||
userAccount.getState() >> Account.State.disabled.toString()
|
||||
userAccount.getState() >> Account.State.DISABLED.toString()
|
||||
ldapManager.getDomainLinkedToLdap(domainId) >> new LdapTrustMapVO(domainId, type, name, (short)2)
|
||||
ldapManager.getUser(username, type.toString(), name) >> new LdapUser(username, "email", "firstname", "lastname", "principal", "domain", false, null)
|
||||
ldapManager.canAuthenticate(_, _, _) >> true
|
||||
|
||||
@ -143,7 +143,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
|
||||
_accountService.getActiveAccountByName(username, domainId) >> null
|
||||
UserAccount userAccount = Mock(UserAccount)
|
||||
userAccount.getAccountId() >> 24
|
||||
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
|
||||
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
|
||||
username, null, _, _, User.Source.LDAP) >> userAccount
|
||||
|
||||
linkDomainToLdapCmd.admin = username
|
||||
@ -209,7 +209,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
|
||||
_accountService.getActiveAccountByName(username, domainId) >> null
|
||||
UserAccount userAccount = Mock(UserAccount)
|
||||
userAccount.getAccountId() >> 24
|
||||
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
|
||||
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
|
||||
username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }
|
||||
|
||||
linkDomainToLdapCmd.admin = username
|
||||
|
||||
@ -50,7 +50,7 @@ public class LdapCreateAccountCmdTest implements LdapConfigurationChanger {
|
||||
public void setUp() throws NoSuchFieldException, IllegalAccessException {
|
||||
ldapCreateAccountCmd = spy(new LdapCreateAccountCmd(ldapManager, accountService));
|
||||
ldapCreateAccountCmd.roleService = roleService;
|
||||
setHiddenField(ldapCreateAccountCmd,"accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
|
||||
setHiddenField(ldapCreateAccountCmd,"accountType", Account.Type.DOMAIN_ADMIN.ordinal());
|
||||
}
|
||||
|
||||
@Test(expected = ServerApiException.class)
|
||||
|
||||
@ -60,7 +60,7 @@ public class LdapImportUsersCmdTest implements LdapConfigurationChanger {
|
||||
public void setUp() throws NoSuchFieldException, IllegalAccessException {
|
||||
ldapImportUsersCmd = spy(new LdapImportUsersCmd(ldapManager, domainService, accountService));
|
||||
ldapImportUsersCmd.roleService = roleService;
|
||||
setHiddenField(ldapImportUsersCmd, "accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
|
||||
setHiddenField(ldapImportUsersCmd, "accountType", Account.Type.DOMAIN_ADMIN.ordinal());
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -60,7 +60,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
|
||||
long domainId = 1;
|
||||
String type = "GROUP";
|
||||
String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
|
||||
short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
|
||||
Account.Type accountType = Account.Type.DOMAIN_ADMIN;
|
||||
String username = "admin";
|
||||
long accountId = 24;
|
||||
String accountName = "test";
|
||||
@ -69,11 +69,11 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
|
||||
setHiddenField(linkAccountToLdapCmd, "admin", username);
|
||||
setHiddenField(linkAccountToLdapCmd, "type", type);
|
||||
setHiddenField(linkAccountToLdapCmd, "domainId", domainId);
|
||||
setHiddenField(linkAccountToLdapCmd, "accountType", accountType);
|
||||
setHiddenField(linkAccountToLdapCmd, "accountType", accountType.ordinal());
|
||||
setHiddenField(linkAccountToLdapCmd, "accountName", accountName);
|
||||
|
||||
|
||||
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, (short)accountType, username, accountName);
|
||||
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, accountType.ordinal(), username, accountName);
|
||||
when(ldapManager.linkAccountToLdap(linkAccountToLdapCmd)).thenReturn(response);
|
||||
when(ldapManager.getUser(username, type, ldapDomain, 1L))
|
||||
.thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
|
||||
@ -82,7 +82,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
|
||||
UserAccountVO userAccount = new UserAccountVO();
|
||||
userAccount.setAccountId(24);
|
||||
when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
|
||||
eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
|
||||
eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
|
||||
(java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);
|
||||
|
||||
linkAccountToLdapCmd.execute();
|
||||
|
||||
@ -64,16 +64,16 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
|
||||
Long domainId = 1L;
|
||||
String type = "GROUP";
|
||||
String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
|
||||
short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
|
||||
Account.Type accountType = Account.Type.DOMAIN_ADMIN;
|
||||
String username = "admin";
|
||||
long accountId = 24;
|
||||
setHiddenField(linkDomainToLdapCmd, "ldapDomain", ldapDomain);
|
||||
setHiddenField(linkDomainToLdapCmd, "admin", username);
|
||||
setHiddenField(linkDomainToLdapCmd, "type", type);
|
||||
setHiddenField(linkDomainToLdapCmd, "domainId", domainId);
|
||||
setHiddenField(linkDomainToLdapCmd, "accountType", accountType);
|
||||
setHiddenField(linkDomainToLdapCmd, "accountType", accountType.ordinal());
|
||||
|
||||
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, (short)accountType);
|
||||
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, accountType.ordinal());
|
||||
when(ldapManager.linkDomainToLdap(linkDomainToLdapCmd)).thenReturn(response);
|
||||
when(ldapManager.getUser(username, type, ldapDomain, 1L)).thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
|
||||
|
||||
@ -81,7 +81,7 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
|
||||
UserAccountVO userAccount = new UserAccountVO();
|
||||
userAccount.setAccountId(24);
|
||||
when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
|
||||
eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
|
||||
eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
|
||||
(java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);
|
||||
|
||||
|
||||
|
||||
@ -20,6 +20,7 @@ package org.apache.cloudstack.ldap;
|
||||
import com.cloud.server.auth.UserAuthenticator;
|
||||
import com.cloud.user.AccountManager;
|
||||
import com.cloud.user.AccountVO;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.User;
|
||||
import com.cloud.user.UserAccount;
|
||||
import com.cloud.user.UserAccountVO;
|
||||
@ -109,9 +110,9 @@ public class LdapAuthenticatorTest {
|
||||
LdapAuthenticator auth = spy(ldapAuthenticator);
|
||||
when(auth.getMappedGroups(maps)).thenReturn(mappedGroups);
|
||||
|
||||
LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", (short)2, 1l);
|
||||
LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", Account.Type.DOMAIN_ADMIN, 1l);
|
||||
|
||||
AccountVO account = new AccountVO("accountName" , domainId, "domain.net", (short)2, "final String uuid");
|
||||
AccountVO account = new AccountVO("accountName" , domainId, "domain.net", Account.Type.DOMAIN_ADMIN, "final String uuid");
|
||||
when(accountManager.getAccount(anyLong())).thenReturn(account);
|
||||
when(ldapManager.getUser(username, domainId)).thenReturn(userSpy);
|
||||
when(ldapManager.getLinkedLdapGroup(domainId, "g1")).thenReturn(trustMap);
|
||||
|
||||
@ -112,7 +112,7 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -134,13 +134,13 @@ public class ListAndSwitchSAMLAccountCmd extends BaseCmd implements APIAuthentic
|
||||
final User user = _userDao.findByUuid(userUuid);
|
||||
final Domain domain = _domainDao.findByUuid(domainUuid);
|
||||
final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId());
|
||||
if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
|
||||
if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
|
||||
throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
|
||||
"The requested user account is locked and cannot be switched to, please contact your administrator.",
|
||||
params, responseType));
|
||||
}
|
||||
if (nextUserAccount == null
|
||||
|| !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())
|
||||
|| !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())
|
||||
|| !nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
|
||||
|| !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
|
||||
|| (nextUserAccount.getDomainId() != domain.getId())
|
||||
|
||||
@ -62,7 +62,7 @@ public class ListIdpsCmd extends BaseCmd implements APIAuthenticator {
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -77,7 +77,7 @@ public class ListSamlAuthorizationCmd extends BaseListCmd {
|
||||
_accountService.checkAccess(CallContext.current().getCallingAccount(), SecurityChecker.AccessType.ListEntry, true, account);
|
||||
users.add(user);
|
||||
}
|
||||
} else if (CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
|
||||
users = _userDao.listAll();
|
||||
}
|
||||
|
||||
|
||||
@ -122,7 +122,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -303,7 +303,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
|
||||
// Log into the first enabled user account
|
||||
// Users can switch to other allowed accounts later
|
||||
for (UserAccountVO possibleUserAccount : possibleUserAccounts) {
|
||||
if (possibleUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
|
||||
if (possibleUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
|
||||
userAccount = possibleUserAccount;
|
||||
break;
|
||||
}
|
||||
|
||||
@ -73,7 +73,7 @@ public class SAML2LogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuthen
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -159,7 +159,7 @@ public class ListAndSwitchSAMLAccountCmdTest extends TestCase {
|
||||
// valid sessionkey, invalid useraccount type (non-saml) value test
|
||||
UserAccountVO mockedUserAccount = new UserAccountVO();
|
||||
mockedUserAccount.setId(2L);
|
||||
mockedUserAccount.setAccountState(Account.State.enabled.toString());
|
||||
mockedUserAccount.setAccountState(Account.State.ENABLED.toString());
|
||||
mockedUserAccount.setUsername("someUsername");
|
||||
mockedUserAccount.setExternalEntity("some IDP ID");
|
||||
mockedUserAccount.setDomainId(0L);
|
||||
|
||||
@ -104,7 +104,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
|
||||
@Override
|
||||
public boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException {
|
||||
if (caller.getState() != Account.State.enabled) {
|
||||
if (caller.getState() != Account.State.ENABLED) {
|
||||
throw new PermissionDeniedException("Account " + caller.getAccountName() + " is disabled.");
|
||||
}
|
||||
|
||||
@ -147,7 +147,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
return true;
|
||||
}
|
||||
//special handling for the project case
|
||||
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
|
||||
if (owner.getType() == Account.Type.PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -163,7 +163,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
if (accessType != null && accessType == AccessType.OperateEntry) {
|
||||
if (!_accountService.isRootAdmin(caller.getId()) && owner.getId() != caller.getId()) {
|
||||
// For projects check if the caller account can access the project account
|
||||
if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
|
||||
if (owner.getType() != Account.Type.PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
|
||||
throw new PermissionDeniedException("Domain Admin and regular users can modify only their own Public templates");
|
||||
}
|
||||
}
|
||||
@ -179,7 +179,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
if (_accountService.isNormalUser(caller.getId())) {
|
||||
Account account = _accountDao.findById(entity.getAccountId());
|
||||
String errorMessage = String.format("%s does not have permission to operate with resource", caller);
|
||||
if (account != null && account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account != null && account.getType() == Account.Type.PROJECT) {
|
||||
//only project owner can delete/modify the project
|
||||
if (accessType != null && accessType == AccessType.ModifyProject) {
|
||||
if (!_projectMgr.canModifyProjectAccount(caller, account.getId())) {
|
||||
@ -272,9 +272,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
//if account is normal user or domain admin
|
||||
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
|
||||
else if (_accountService.isNormalUser(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|
||||
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|
||||
|| _accountService.isDomainAdmin(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
|| account.getType() == Account.Type.PROJECT) {
|
||||
final List<Long> doDomainIds = diskOfferingDetailsDao.findDomainIds(dof.getId());
|
||||
if (doDomainIds.isEmpty()) {
|
||||
hasAccess = true;
|
||||
@ -310,9 +310,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
//if account is normal user or domain admin
|
||||
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for service offering)
|
||||
else if (_accountService.isNormalUser(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|
||||
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|
||||
|| _accountService.isDomainAdmin(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
|| account.getType() == Account.Type.PROJECT) {
|
||||
final List<Long> soDomainIds = serviceOfferingDetailsDao.findDomainIds(so.getId());
|
||||
if (soDomainIds.isEmpty()) {
|
||||
hasAccess = true;
|
||||
@ -348,9 +348,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
//if account is normal user or domain admin
|
||||
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
|
||||
else if (_accountService.isNormalUser(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|
||||
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|
||||
|| _accountService.isDomainAdmin(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
|| account.getType() == Account.Type.PROJECT) {
|
||||
final List<Long> noDomainIds = networkOfferingDetailsDao.findDomainIds(nof.getId());
|
||||
if (noDomainIds.isEmpty()) {
|
||||
hasAccess = true;
|
||||
@ -386,9 +386,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
//if account is normal user or domain admin
|
||||
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
|
||||
else if (_accountService.isNormalUser(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|
||||
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|
||||
|| _accountService.isDomainAdmin(account.getId())
|
||||
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
|| account.getType() == Account.Type.PROJECT) {
|
||||
final List<Long> voDomainIds = vpcOfferingDetailsDao.findDomainIds(vof.getId());
|
||||
if (voDomainIds.isEmpty()) {
|
||||
hasAccess = true;
|
||||
@ -421,7 +421,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
}
|
||||
//if account is normal user
|
||||
//check if account's domain is a child of zone's domain
|
||||
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.Type.PROJECT) {
|
||||
// if zone is dedicated to an account check that the accountId
|
||||
// matches.
|
||||
DedicatedResourceVO dedicatedZone = _dedicatedDao.findByZoneId(zone.getId());
|
||||
@ -496,19 +496,19 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
|
||||
throws PermissionDeniedException {
|
||||
|
||||
if (action != null && ("SystemCapability".equals(action))) {
|
||||
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller != null && caller.getType() == Account.Type.ADMIN) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
} else if (action != null && ("DomainCapability".equals(action))) {
|
||||
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (caller != null && caller.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
} else if (action != null && ("DomainResourceCapability".equals(action))) {
|
||||
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
if (caller != null && caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
|
||||
@ -1948,7 +1948,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (account.getType() != Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() != Account.Type.PROJECT) {
|
||||
regularAccounts.add(accountName);
|
||||
} else {
|
||||
// convert account to projectIds
|
||||
@ -2017,7 +2017,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
|
||||
Account account = securiytGroupAccounts.get(securityGroup.getAccountId());
|
||||
|
||||
if (securityGroup.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (securityGroup.getAccountType() == Account.Type.PROJECT) {
|
||||
response.setProjectId(securityGroup.getProjectUuid());
|
||||
response.setProjectName(securityGroup.getProjectName());
|
||||
} else {
|
||||
@ -2626,7 +2626,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
private void populateOwner(ControlledEntityResponse response, ControlledEntity object) {
|
||||
Account account = ApiDBUtils.findAccountById(object.getAccountId());
|
||||
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
// find the project
|
||||
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
|
||||
response.setProjectId(project.getUuid());
|
||||
@ -2642,7 +2642,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
|
||||
public static void populateOwner(ControlledViewEntityResponse response, ControlledViewEntity object) {
|
||||
|
||||
if (object.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (object.getAccountType() == Account.Type.PROJECT) {
|
||||
response.setProjectId(object.getProjectUuid());
|
||||
response.setProjectName(object.getProjectName());
|
||||
} else {
|
||||
@ -2657,7 +2657,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
Account account = ApiDBUtils.findAccountById(accountId);
|
||||
if (account == null) {
|
||||
s_logger.debug("Unable to find account with id: " + accountId);
|
||||
} else if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
} else if (account.getType() == Account.Type.PROJECT) {
|
||||
// find the project
|
||||
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
|
||||
if (project != null) {
|
||||
@ -3519,7 +3519,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
public UsageRecordResponse createUsageResponse(Usage usageRecord, Map<String, Set<ResourceTagResponse>> resourceTagResponseMap, boolean oldFormat) {
|
||||
UsageRecordResponse usageRecResponse = new UsageRecordResponse();
|
||||
Account account = ApiDBUtils.findAccountById(usageRecord.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
//find the project
|
||||
Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
|
||||
if (project != null) {
|
||||
|
||||
@ -949,7 +949,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
|
||||
user = userAcctPair.first();
|
||||
final Account account = userAcctPair.second();
|
||||
|
||||
if (user.getState() != Account.State.enabled || !account.getState().equals(Account.State.enabled)) {
|
||||
if (user.getState() != Account.State.ENABLED || !account.getState().equals(Account.State.ENABLED)) {
|
||||
s_logger.info("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() +
|
||||
"; accountState: " + account.getState());
|
||||
return false;
|
||||
@ -1123,7 +1123,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
|
||||
session.setAttribute("domain_UUID", domain.getUuid());
|
||||
}
|
||||
|
||||
session.setAttribute("type", Short.valueOf(account.getType()).toString());
|
||||
session.setAttribute("type", account.getType().ordinal());
|
||||
session.setAttribute("registrationtoken", userAcct.getRegistrationToken());
|
||||
session.setAttribute("registered", Boolean.toString(userAcct.isRegistered()));
|
||||
|
||||
@ -1159,8 +1159,8 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
|
||||
account = accountMgr.getAccount(user.getAccountId());
|
||||
}
|
||||
|
||||
if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) ||
|
||||
!account.getState().equals(Account.State.enabled)) {
|
||||
if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.ENABLED) || (account == null) ||
|
||||
!account.getState().equals(Account.State.ENABLED)) {
|
||||
s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API");
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -98,7 +98,7 @@ public class DefaultLoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthe
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -52,7 +52,7 @@ public class DefaultLogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuth
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
return Account.ACCOUNT_TYPE_NORMAL;
|
||||
return Account.Type.NORMAL.ordinal();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -524,7 +524,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
boolean listAll = true;
|
||||
Long id = null;
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (caller.getType() == Account.Type.NORMAL) {
|
||||
long currentId = CallContext.current().getCallingUser().getId();
|
||||
if (id != null && currentId != id.longValue()) {
|
||||
throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
|
||||
@ -553,7 +553,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
boolean listAll = cmd.listAll();
|
||||
Long id = cmd.getId();
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (caller.getType() == Account.Type.NORMAL) {
|
||||
long currentId = CallContext.current().getCallingUser().getId();
|
||||
if (id != null && currentId != id.longValue()) {
|
||||
throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
|
||||
@ -2223,7 +2223,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
}
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
} else {
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() != Account.Type.ADMIN) {
|
||||
domainId = caller.getDomainId();
|
||||
}
|
||||
if (listAll) {
|
||||
@ -2372,14 +2372,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
SearchCriteria<AccountJoinVO> sc = sb.create();
|
||||
|
||||
// don't return account of type project to the end user
|
||||
sc.setParameters("typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("typeNEQ", Account.Type.PROJECT);
|
||||
|
||||
// don't return system account...
|
||||
sc.setParameters("idNEQ", Account.ACCOUNT_ID_SYSTEM);
|
||||
|
||||
// do not return account of type domain admin to the end user
|
||||
if (!callerIsAdmin) {
|
||||
sc.setParameters("type2NEQ", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
|
||||
sc.setParameters("type2NEQ", Account.Type.DOMAIN_ADMIN);
|
||||
}
|
||||
|
||||
if (keyword != null) {
|
||||
@ -2474,7 +2474,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
SearchCriteria<AsyncJobJoinVO> sc = sb.create();
|
||||
if (listProjectResourcesCriteria != null) {
|
||||
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("type", Account.Type.PROJECT);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
@ -2927,9 +2927,9 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
// For non-root users, only return all offerings for the user's domain,
|
||||
// and everything above till root
|
||||
if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
|
||||
if (isRecursive) { // domain + all sub-domains
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (account.getType() == Account.Type.NORMAL) {
|
||||
throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list disk offerings with isrecursive=true");
|
||||
}
|
||||
}
|
||||
@ -2985,7 +2985,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
// Filter offerings that are not associated with caller's domain
|
||||
// Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
|
||||
Account caller = CallContext.current().getCallingAccount();
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() != Account.Type.ADMIN) {
|
||||
Domain callerDomain = _domainDao.findById(caller.getDomainId());
|
||||
List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
|
||||
|
||||
@ -3151,13 +3151,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
}
|
||||
|
||||
// boolean includePublicOfferings = false;
|
||||
if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
|
||||
// For non-root users.
|
||||
if (isSystem) {
|
||||
throw new InvalidParameterValueException("Only root admins can access system's offering");
|
||||
}
|
||||
if (isRecursive) { // domain + all sub-domains
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (caller.getType() == Account.Type.NORMAL) {
|
||||
throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list service offerings with isrecursive=true");
|
||||
}
|
||||
}
|
||||
@ -3242,7 +3242,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
// Filter offerings that are not associated with caller's domain
|
||||
// Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() != Account.Type.ADMIN) {
|
||||
Domain callerDomain = _domainDao.findById(caller.getDomainId());
|
||||
List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
|
||||
|
||||
@ -3303,7 +3303,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
ListResponse<ZoneResponse> response = new ListResponse<ZoneResponse>();
|
||||
|
||||
ResponseView respView = ResponseView.Restricted;
|
||||
if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
|
||||
respView = ResponseView.Full;
|
||||
}
|
||||
|
||||
@ -3418,7 +3418,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
|
||||
}
|
||||
|
||||
} else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
} else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
|
||||
// it was decided to return all zones for the domain admin, and
|
||||
// everything above till root, as well as zones till the domain
|
||||
// leaf
|
||||
@ -3558,7 +3558,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
boolean listAll = false;
|
||||
if (templateFilter != null && templateFilter == TemplateFilter.all) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (caller.getType() == Account.Type.NORMAL) {
|
||||
throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
|
||||
}
|
||||
listAll = true;
|
||||
@ -3627,14 +3627,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
ex.addProxyObject(template.getUuid(), "templateId");
|
||||
throw ex;
|
||||
}
|
||||
if (!template.isPublicTemplate() && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (!template.isPublicTemplate() && caller.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
Account template_acc = _accountMgr.getAccount(template.getAccountId());
|
||||
DomainVO domain = _domainDao.findById(template_acc.getDomainId());
|
||||
_accountMgr.checkAccess(caller, domain);
|
||||
}
|
||||
|
||||
// if template is not public, perform permission check here
|
||||
else if (!template.isPublicTemplate() && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
else if (!template.isPublicTemplate() && caller.getType() != Account.Type.ADMIN) {
|
||||
_accountMgr.checkAccess(caller, null, false, template);
|
||||
}
|
||||
|
||||
@ -3654,14 +3654,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
// add criteria for project or not
|
||||
if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
|
||||
sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.Type.PROJECT);
|
||||
} else if (listProjectResourcesCriteria == ListProjectResourcesCriteria.ListProjectResourcesOnly) {
|
||||
sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.Type.PROJECT);
|
||||
}
|
||||
|
||||
// add criteria for domain path in case of domain admin
|
||||
if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable)
|
||||
&& (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
|
||||
&& (caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
|
||||
sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%");
|
||||
}
|
||||
|
||||
@ -3725,7 +3725,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
scc.addOr("accountId", SearchCriteria.Op.IN, permittedAccountIds.toArray());
|
||||
}
|
||||
sc.addAnd("publicTemplate", SearchCriteria.Op.SC, scc);
|
||||
} else if (templateFilter == TemplateFilter.all && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (templateFilter == TemplateFilter.all && caller.getType() != Account.Type.ADMIN) {
|
||||
SearchCriteria<TemplateJoinVO> scc = _templateJoinDao.createSearchCriteria();
|
||||
scc.addOr("publicTemplate", SearchCriteria.Op.EQ, true);
|
||||
|
||||
@ -3900,7 +3900,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
|
||||
boolean listAll = false;
|
||||
if (isoFilter != null && isoFilter == TemplateFilter.all) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
if (caller.getType() == Account.Type.NORMAL) {
|
||||
throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
|
||||
}
|
||||
listAll = true;
|
||||
@ -3941,7 +3941,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
default:
|
||||
throw new CloudRuntimeException("Resource type not supported.");
|
||||
}
|
||||
if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (CallContext.current().getCallingAccount().getType() != Account.Type.ADMIN) {
|
||||
final List<String> userDenyListedSettings = Stream.of(QueryService.UserVMDeniedDetails.value().split(","))
|
||||
.map(item -> (item).trim())
|
||||
.collect(Collectors.toList());
|
||||
@ -4111,7 +4111,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
|
||||
ListProjectResourcesCriteria listProjectResourcesCriteria) {
|
||||
|
||||
if (listProjectResourcesCriteria != null) {
|
||||
sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setParameters("accountType", Account.Type.PROJECT);
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty()) {
|
||||
|
||||
@ -63,7 +63,7 @@ public class AccountJoinDaoImpl extends GenericDaoBase<AccountJoinVO, Long> impl
|
||||
AccountResponse accountResponse = new AccountResponse();
|
||||
accountResponse.setId(account.getUuid());
|
||||
accountResponse.setName(account.getAccountName());
|
||||
accountResponse.setAccountType(account.getType());
|
||||
accountResponse.setAccountType(account.getType().ordinal());
|
||||
accountResponse.setDomainId(account.getDomainUuid());
|
||||
accountResponse.setDomainName(account.getDomainName());
|
||||
StringBuilder domainPath = new StringBuilder("ROOT");
|
||||
|
||||
@ -105,7 +105,7 @@ public class DomainRouterJoinDaoImpl extends GenericDaoBase<DomainRouterJoinVO,
|
||||
routerResponse.setHasAnnotation(annotationDao.hasAnnotations(router.getUuid(), AnnotationService.EntityType.VR.name(),
|
||||
_accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())));
|
||||
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|
||||
if (caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|
||||
|| _accountMgr.isRootAdmin(caller.getId())) {
|
||||
if (router.getHostId() != null) {
|
||||
routerResponse.setHostId(router.getHostUuid());
|
||||
|
||||
@ -57,7 +57,7 @@ public class ProjectAccountJoinDaoImpl extends GenericDaoBase<ProjectAccountJoin
|
||||
projectAccountResponse.setAccountName(proj.getAccountName());
|
||||
projectAccountResponse.setUserId(proj.getUserUuid());
|
||||
projectAccountResponse.setUsername(proj.getUsername());
|
||||
projectAccountResponse.setAccountType(proj.getAccountType());
|
||||
projectAccountResponse.setAccountType(proj.getAccountType().ordinal());
|
||||
projectAccountResponse.setRole(proj.getAccountRole().toString());
|
||||
projectAccountResponse.setDomainId(proj.getDomainUuid());
|
||||
projectAccountResponse.setDomainName(proj.getDomainName());
|
||||
|
||||
@ -220,7 +220,7 @@ public class TemplateJoinDaoImpl extends GenericDaoBaseWithTagInformation<Templa
|
||||
// If the user is an 'Admin' or 'the owner of template' or template belongs to a project, add the template download status
|
||||
if (view == ResponseView.Full ||
|
||||
template.getAccountId() == CallContext.current().getCallingAccount().getId() ||
|
||||
template.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
template.getAccountType() == Account.Type.PROJECT) {
|
||||
String templateStatus = getTemplateStatus(template);
|
||||
if (templateStatus != null) {
|
||||
templateResponse.setStatus(templateStatus);
|
||||
|
||||
@ -133,7 +133,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
|
||||
userVmResponse.setDisplayName(userVm.getName());
|
||||
}
|
||||
|
||||
if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (userVm.getAccountType() == Account.Type.PROJECT) {
|
||||
userVmResponse.setProjectId(userVm.getProjectUuid());
|
||||
userVmResponse.setProjectName(userVm.getProjectName());
|
||||
} else {
|
||||
@ -255,7 +255,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
|
||||
resp.setName(userVm.getSecurityGroupName());
|
||||
resp.setDescription(userVm.getSecurityGroupDescription());
|
||||
resp.setObjectName("securitygroup");
|
||||
if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (userVm.getAccountType() == Account.Type.PROJECT) {
|
||||
resp.setProjectId(userVm.getProjectUuid());
|
||||
resp.setProjectName(userVm.getProjectName());
|
||||
} else {
|
||||
@ -364,14 +364,14 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
|
||||
}
|
||||
|
||||
// Remove deny listed settings if user is not admin
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() != Account.Type.ADMIN) {
|
||||
String[] userVmSettingsToHide = QueryService.UserVMDeniedDetails.value().split(",");
|
||||
for (String key : userVmSettingsToHide) {
|
||||
resourceDetails.remove(key.trim());
|
||||
}
|
||||
}
|
||||
userVmResponse.setDetails(resourceDetails);
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() != Account.Type.ADMIN) {
|
||||
userVmResponse.setReadOnlyDetails(QueryService.UserVMReadOnlyDetails.value());
|
||||
}
|
||||
}
|
||||
@ -416,7 +416,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
|
||||
resp.setName(uvo.getSecurityGroupName());
|
||||
resp.setDescription(uvo.getSecurityGroupDescription());
|
||||
resp.setObjectName("securitygroup");
|
||||
if (uvo.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (uvo.getAccountType() == Account.Type.PROJECT) {
|
||||
resp.setProjectId(uvo.getProjectUuid());
|
||||
resp.setProjectName(uvo.getProjectName());
|
||||
} else {
|
||||
|
||||
@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.api.Identity;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
|
||||
@ -46,7 +47,8 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "type")
|
||||
private short type;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type type;
|
||||
|
||||
@Column(name = "role_id")
|
||||
private Long roleId;
|
||||
@ -204,7 +206,7 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public short getType() {
|
||||
public Account.Type getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
|
||||
@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.affinity.AffinityGroup;
|
||||
|
||||
@ -58,7 +59,8 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -138,7 +140,7 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.api.ApiCommandJobType;
|
||||
import org.apache.cloudstack.framework.jobs.AsyncJob;
|
||||
|
||||
@ -50,7 +51,8 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -130,7 +132,7 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
// under the License.
|
||||
package com.cloud.api.query.vo;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.acl.ControlledEntity;
|
||||
import org.apache.cloudstack.api.Identity;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
@ -29,7 +30,7 @@ public interface ControlledViewEntity extends ControlledEntity, InternalIdentity
|
||||
|
||||
public String getDomainPath();
|
||||
|
||||
public short getAccountType();
|
||||
public Account.Type getAccountType();
|
||||
|
||||
public String getAccountUuid();
|
||||
|
||||
|
||||
@ -31,6 +31,7 @@ import com.cloud.network.Network.GuestType;
|
||||
import com.cloud.network.Networks.TrafficType;
|
||||
import com.cloud.network.router.VirtualRouter;
|
||||
import com.cloud.network.router.VirtualRouter.RedundantState;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
@ -56,7 +57,8 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -282,7 +284,7 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -27,6 +27,7 @@ import javax.persistence.Table;
|
||||
|
||||
import com.cloud.event.Event;
|
||||
import com.cloud.event.Event.State;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
|
||||
@Entity
|
||||
@ -81,7 +82,8 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -139,7 +141,7 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -20,9 +20,12 @@ import java.util.Date;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.EnumType;
|
||||
import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
import com.cloud.vm.InstanceGroup;
|
||||
|
||||
@ -56,7 +59,8 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -108,7 +112,7 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.api.InternalIdentity;
|
||||
|
||||
import com.cloud.projects.ProjectAccount.Role;
|
||||
@ -45,7 +46,8 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
|
||||
private String accountName;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "account_role")
|
||||
@Enumerated(value = EnumType.STRING)
|
||||
@ -123,7 +125,7 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -27,6 +27,7 @@ import javax.persistence.Table;
|
||||
|
||||
import com.cloud.projects.ProjectInvitation;
|
||||
import com.cloud.projects.ProjectInvitation.State;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
|
||||
@Entity
|
||||
@ -60,7 +61,8 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
|
||||
private String accountName;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -156,7 +158,7 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -25,6 +25,7 @@ import javax.persistence.Table;
|
||||
|
||||
import com.cloud.server.ResourceTag;
|
||||
import com.cloud.server.ResourceTag.ResourceObjectType;
|
||||
import com.cloud.user.Account;
|
||||
|
||||
@Entity
|
||||
@Table(name = "resource_tag_view")
|
||||
@ -66,7 +67,8 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -118,7 +120,7 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -26,6 +26,7 @@ import javax.persistence.Table;
|
||||
import com.cloud.network.security.SecurityGroup;
|
||||
import com.cloud.network.security.SecurityRule.SecurityRuleType;
|
||||
import com.cloud.server.ResourceTag.ResourceObjectType;
|
||||
import com.cloud.user.Account;
|
||||
|
||||
@Entity
|
||||
@Table(name = "security_group_view")
|
||||
@ -54,7 +55,8 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -174,7 +176,7 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -26,6 +26,7 @@ import javax.persistence.Table;
|
||||
import javax.persistence.Temporal;
|
||||
import javax.persistence.TemporalType;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
|
||||
|
||||
import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
@ -144,7 +145,8 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -270,7 +272,7 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -16,6 +16,7 @@
|
||||
// under the License.
|
||||
package com.cloud.api.query.vo;
|
||||
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.User;
|
||||
import com.cloud.user.UserAccount;
|
||||
import com.cloud.utils.db.Encrypt;
|
||||
@ -95,7 +96,8 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "account_role_id")
|
||||
private Long accountRoleId;
|
||||
@ -153,7 +155,7 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
|
||||
return accountName;
|
||||
}
|
||||
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -34,6 +34,7 @@ import com.cloud.network.Network.GuestType;
|
||||
import com.cloud.network.Networks.TrafficType;
|
||||
import com.cloud.storage.Storage.StoragePoolType;
|
||||
import com.cloud.storage.Volume;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
@ -66,7 +67,8 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -445,7 +447,7 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -30,6 +30,7 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
|
||||
import com.cloud.storage.Storage;
|
||||
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
|
||||
import com.cloud.storage.Volume;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
|
||||
@ -87,7 +88,8 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
|
||||
private String accountName = null;
|
||||
|
||||
@Column(name = "account_type")
|
||||
private short accountType;
|
||||
@Enumerated(value = EnumType.ORDINAL)
|
||||
private Account.Type accountType;
|
||||
|
||||
@Column(name = "domain_id")
|
||||
private long domainId;
|
||||
@ -342,7 +344,7 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
|
||||
}
|
||||
|
||||
@Override
|
||||
public short getAccountType() {
|
||||
public Account.Type getAccountType() {
|
||||
return accountType;
|
||||
}
|
||||
|
||||
|
||||
@ -2912,7 +2912,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
|
||||
}
|
||||
final Account account = _accountDao.findById(user.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
if (filteredDomainIds.isEmpty()) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to create public service offering by admin: %s because it is domain-admin", user.getUuid()));
|
||||
}
|
||||
@ -2924,7 +2924,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException(String.format("Unable to create service offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
|
||||
}
|
||||
}
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to create service offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
|
||||
}
|
||||
|
||||
@ -3208,7 +3208,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
}
|
||||
Collections.sort(filteredZoneIds);
|
||||
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
|
||||
throw new InvalidParameterValueException(String.format("Unable to update zone(s) for service offering: %s by admin: %s as it is domain-admin", offeringHandle.getUuid(), user.getUuid()));
|
||||
}
|
||||
@ -3235,7 +3235,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
}
|
||||
}
|
||||
filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to update service offering: %s by id user: %s because it is not root-admin or domain-admin", offeringHandle.getUuid(), user.getUuid()));
|
||||
}
|
||||
|
||||
@ -3375,7 +3375,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
|
||||
}
|
||||
final Account account = _accountDao.findById(user.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
if (filteredDomainIds.isEmpty()) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to create public disk offering by admin: %s because it is domain-admin", user.getUuid()));
|
||||
}
|
||||
@ -3387,7 +3387,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException(String.format("Unable to create disk offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
|
||||
}
|
||||
}
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to create disk offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
|
||||
}
|
||||
|
||||
@ -3663,7 +3663,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
}
|
||||
Collections.sort(filteredZoneIds);
|
||||
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
|
||||
throw new InvalidParameterValueException(String.format("Unable to update zone(s) for disk offering: %s by admin: %s as it is domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
|
||||
}
|
||||
@ -3690,7 +3690,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
}
|
||||
}
|
||||
filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to update disk offering: %s by id user: %s because it is not root-admin or domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
|
||||
}
|
||||
|
||||
@ -3867,7 +3867,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
|
||||
}
|
||||
final Account account = _accountDao.findById(user.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
List<Long> existingDomainIds = diskOfferingDetailsDao.findDomainIds(diskOfferingId);
|
||||
if (existingDomainIds.isEmpty()) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete public disk offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
|
||||
@ -3877,7 +3877,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
|
||||
}
|
||||
}
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
|
||||
}
|
||||
|
||||
@ -3941,7 +3941,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
|
||||
}
|
||||
final Account account = _accountDao.findById(user.getAccountId());
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
|
||||
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
|
||||
List<Long> existingDomainIds = _serviceOfferingDetailsDao.findDomainIds(offeringId);
|
||||
if (existingDomainIds.isEmpty()) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete public service offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
|
||||
@ -3951,7 +3951,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
|
||||
}
|
||||
}
|
||||
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (account.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
|
||||
}
|
||||
|
||||
@ -6466,7 +6466,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
|
||||
final List<NetworkOfferingJoinVO> offerings = networkOfferingJoinDao.search(sc, searchFilter);
|
||||
// Remove offerings that are not associated with caller's domain or domainId passed
|
||||
if ((caller.getType() != Account.ACCOUNT_TYPE_ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
|
||||
if ((caller.getType() != Account.Type.ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
|
||||
ListIterator<NetworkOfferingJoinVO> it = offerings.listIterator();
|
||||
while (it.hasNext()) {
|
||||
NetworkOfferingJoinVO offering = it.next();
|
||||
@ -6475,7 +6475,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
String[] domainIdsArray = offering.getDomainId().split(",");
|
||||
for (String domainIdString : domainIdsArray) {
|
||||
Long dId = Long.valueOf(domainIdString.trim());
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN &&
|
||||
if (caller.getType() != Account.Type.ADMIN &&
|
||||
!_domainDao.isChildDomain(dId, caller.getDomainId())) {
|
||||
toRemove = true;
|
||||
break;
|
||||
|
||||
@ -1664,7 +1664,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi
|
||||
if (networkOwner == null)
|
||||
throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO)network).getUuid() +
|
||||
", network does not have an owner");
|
||||
if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (owner.getType() != Account.Type.PROJECT && networkOwner.getType() == Account.Type.PROJECT) {
|
||||
User user = CallContext.current().getCallingUser();
|
||||
Project project = projectDao.findByProjectAccountId(network.getAccountId());
|
||||
if (project == null) {
|
||||
|
||||
@ -1864,9 +1864,9 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
|
||||
}
|
||||
|
||||
if (skipProjectNetworks) {
|
||||
sc.setJoinParameters("accountSearch", "typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setJoinParameters("accountSearch", "typeNEQ", Account.Type.PROJECT);
|
||||
} else {
|
||||
sc.setJoinParameters("accountSearch", "typeEQ", Account.ACCOUNT_TYPE_PROJECT);
|
||||
sc.setJoinParameters("accountSearch", "typeEQ", Account.Type.PROJECT);
|
||||
}
|
||||
|
||||
if (restartRequired != null) {
|
||||
@ -4659,7 +4659,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
|
||||
Long networkId = cmd.getNetworkId();
|
||||
UserVmVO userVm = _userVmDao.findById(vmId);
|
||||
|
||||
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
|
||||
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
|
||||
throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
|
||||
}
|
||||
|
||||
@ -4675,7 +4675,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
|
||||
String keyword = cmd.getKeyword();
|
||||
UserVmVO userVm = _userVmDao.findById(vmId);
|
||||
|
||||
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
|
||||
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
|
||||
throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
|
||||
}
|
||||
|
||||
@ -4704,7 +4704,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
|
||||
// verify permissions
|
||||
if (ipVO.getAllocatedToAccountId() != null) {
|
||||
_accountMgr.checkAccess(caller, null, true, ipVO);
|
||||
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if (caller.getType() != Account.Type.ADMIN) {
|
||||
throw new PermissionDeniedException("Only Root admin can update non-allocated ip addresses");
|
||||
}
|
||||
|
||||
|
||||
@ -802,7 +802,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
|
||||
throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.Firewall);
|
||||
}
|
||||
|
||||
if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.Type.ADMIN) {
|
||||
throw new InvalidParameterValueException("Only root admin can update the system wide firewall rule");
|
||||
}
|
||||
|
||||
|
||||
@ -708,7 +708,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
|
||||
|
||||
// Remove offerings that are not associated with caller's domain
|
||||
// TODO: Better approach
|
||||
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && CollectionUtils.isNotEmpty(offerings)) {
|
||||
if (caller.getType() != Account.Type.ADMIN && CollectionUtils.isNotEmpty(offerings)) {
|
||||
ListIterator<VpcOfferingJoinVO> it = offerings.listIterator();
|
||||
while (it.hasNext()) {
|
||||
VpcOfferingJoinVO offering = it.next();
|
||||
|
||||
@ -267,7 +267,7 @@ public class ProjectManagerImpl extends ManagerBase implements ProjectManager, C
|
||||
StringBuilder acctNm = new StringBuilder("PrjAcct-");
|
||||
acctNm.append(name).append("-").append(ownerFinal.getDomainId());
|
||||
|
||||
Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.ACCOUNT_TYPE_PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
|
||||
Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.Type.PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
|
||||
|
||||
Project project = _projectDao.persist(new ProjectVO(name, displayText, ownerFinal.getDomainId(), projectAccount.getId()));
|
||||
|
||||
|
||||
@ -308,7 +308,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
|
||||
} else {
|
||||
// If the account has an no limit set, then return global default account limits
|
||||
Long value = null;
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
value = projectResourceLimitMap.get(type);
|
||||
} else {
|
||||
value = accountResourceLimitMap.get(type);
|
||||
@ -349,7 +349,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
|
||||
} else {
|
||||
// If the account has an no limit set, then return global default account limits
|
||||
Long value = null;
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
value = projectResourceLimitMap.get(type);
|
||||
} else {
|
||||
value = accountResourceLimitMap.get(type);
|
||||
@ -516,7 +516,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
|
||||
return;
|
||||
}
|
||||
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
project = _projectDao.findByProjectAccountId(account.getId());
|
||||
}
|
||||
|
||||
@ -713,12 +713,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
|
||||
throw new InvalidParameterValueException("Only " + Resource.RESOURCE_UNLIMITED + " limit is supported for Root Admin accounts");
|
||||
}
|
||||
|
||||
if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
|
||||
if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
|
||||
// If the admin is trying to update their own account, disallow.
|
||||
throw new PermissionDeniedException("Unable to update resource limit for their own account " + accountId + ", permission denied");
|
||||
}
|
||||
|
||||
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|
||||
if (account.getType() == Account.Type.PROJECT) {
|
||||
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, account);
|
||||
} else {
|
||||
_accountMgr.checkAccess(caller, null, true, account);
|
||||
@ -736,7 +736,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
|
||||
throw new PermissionDeniedException("Cannot update resource limit for ROOT domain " + domainId + ", permission denied");
|
||||
}
|
||||
|
||||
if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
|
||||
if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
|
||||
// if the admin is trying to update their own domain, disallow...
|
||||
throw new PermissionDeniedException("Unable to update resource limit for domain " + domainId + ", permission denied");
|
||||
}
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user