apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Refactor account type (#6048)

Browse Source 
* Refactor account type

* Added license.

* Address reviews

* Address review.

Co-authored-by: João Paraquetti <joao@scclouds.com.br>
Co-authored-by: Joao <JoaoJandre@gitlab.com>
This commit is contained in:
JoaoJandre 2022-03-09 11:14:19 -03:00 committed by GitHub
parent d258da5524
commit 5f07ddaca9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
139 changed files with 671 additions and 531 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
api/src/main/java/com/cloud/user/Account.java
View File

@ -16,35 +16,65 @@
// under the License.
package com.cloud.user;
import java.util.Date;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public interface Account extends ControlledEntity, InternalIdentity, Identity {
/**
* Account states.
* */
enum State {
DISABLED, ENABLED, LOCKED;
/**
* The toString method was overridden to maintain consistency in the DB, as the GenericDaoBase uses toString in the enum value to make the sql statements
* and previously the enum was in lowercase.
* */
@Override
public String toString(){
return super.toString().toLowerCase();
}
/**
* This method was created to maintain backwards compatibility to the DB schema. Unfortunately we can't override the valueOf method.
* */
public static State getValueOf(String name){
return State.valueOf(name.toUpperCase());
}
public enum State {
disabled, enabled, locked
}
public static final short ACCOUNT_TYPE_NORMAL = 0;
public static final short ACCOUNT_TYPE_ADMIN = 1;
public static final short ACCOUNT_TYPE_DOMAIN_ADMIN = 2;
public static final short ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN = 3;
public static final short ACCOUNT_TYPE_READ_ONLY_ADMIN = 4;
public static final short ACCOUNT_TYPE_PROJECT = 5;
/**
* Account types.
* */
enum Type {
NORMAL, ADMIN, DOMAIN_ADMIN, RESOURCE_DOMAIN_ADMIN, READ_ONLY_ADMIN, PROJECT, UNKNOWN;
public static final String ACCOUNT_STATE_DISABLED = "disabled";
public static final String ACCOUNT_STATE_ENABLED = "enabled";
public static final String ACCOUNT_STATE_LOCKED = "locked";
private static Map<Integer,Type> ACCOUNT_TYPE_MAP = new HashMap<>();
static {
for (Type t: Type.values()) {
ACCOUNT_TYPE_MAP.put(t.ordinal(),t);
}
ACCOUNT_TYPE_MAP.remove(6);
}
public static Type getFromValue(Integer type){
return ACCOUNT_TYPE_MAP.get(type);
}
}
public static final long ACCOUNT_ID_SYSTEM = 1;
public String getAccountName();
public short getType();
public Type getType();
public Long getRoleId();

7
api/src/main/java/com/cloud/user/AccountService.java
View File

@ -42,8 +42,8 @@ public interface AccountService {
*/
UserAccount createUserAccount(CreateAccountCmd accountCmd);
UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId, Long domainId,
String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType,
Long roleId, Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source);
/**
* Locks a user by userId. A locked user cannot access the API, but will still have running VMs/IP addresses
@ -57,7 +57,8 @@ public interface AccountService {
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID);
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID, User.Source source);
User createUser(String userName, String password, String firstName, String lastName, String email, String timeZone, String accountName, Long domainId, String userUUID,
User.Source source);
boolean isAdmin(Long accountId);

3
api/src/main/java/com/cloud/vm/InstanceGroup.java
View File

@ -18,6 +18,7 @@ package com.cloud.vm;
import java.util.Date;
import com.cloud.user.Account;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
@ -28,6 +29,6 @@ public interface InstanceGroup extends ControlledEntity, Identity, InternalIdent
Date getCreated();
Short getAccountType();
Account.Type getAccountType();
}

63
api/src/main/java/org/apache/cloudstack/acl/RoleType.java
View File

@ -20,20 +20,33 @@ import org.apache.commons.lang3.StringUtils;
import com.cloud.user.Account;
import com.google.common.base.Enums;
import org.apache.log4j.Logger;
import java.util.HashMap;
import java.util.Map;
// Enum for default roles in CloudStack
public enum RoleType {
Admin(1L, Account.ACCOUNT_TYPE_ADMIN, 1),
ResourceAdmin(2L, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN, 2),
DomainAdmin(3L, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, 4),
User(4L, Account.ACCOUNT_TYPE_NORMAL, 8),
Unknown(-1L, (short) -1, 0);
Admin(1L, Account.Type.ADMIN, 1),
ResourceAdmin(2L, Account.Type.RESOURCE_DOMAIN_ADMIN, 2),
DomainAdmin(3L, Account.Type.DOMAIN_ADMIN, 4),
User(4L, Account.Type.NORMAL, 8),
Unknown(-1L, Account.Type.UNKNOWN, 0);
private long id;
private short accountType;
private Account.Type accountType;
private int mask;
RoleType(final long id, final short accountType, final int mask) {
private static Logger logger = Logger.getLogger(RoleType.class.getName());
private static Map<Account.Type, RoleType> ACCOUNT_TYPE_MAP = new HashMap<>();
static {
for (RoleType t: RoleType.values()) {
ACCOUNT_TYPE_MAP.put(t.getAccountType(),t);
}
}
RoleType(final long id, final Account.Type accountType, final int mask) {
this.id = id;
this.accountType = accountType;
this.mask = mask;
@ -43,7 +56,7 @@ public enum RoleType {
return id;
}
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}
@ -68,26 +81,15 @@ public enum RoleType {
return Unknown;
}
public static RoleType getByAccountType(final short accountType) {
RoleType roleType = RoleType.Unknown;
switch (accountType) {
case Account.ACCOUNT_TYPE_ADMIN:
roleType = RoleType.Admin;
break;
case Account.ACCOUNT_TYPE_DOMAIN_ADMIN:
roleType = RoleType.DomainAdmin;
break;
case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN:
roleType = RoleType.ResourceAdmin;
break;
case Account.ACCOUNT_TYPE_NORMAL:
roleType = RoleType.User;
break;
public static RoleType getByAccountType(final Account.Type accountType) {
RoleType t = ACCOUNT_TYPE_MAP.get(accountType);
if (t == null) {
return RoleType.Unknown;
}
return roleType;
return t;
}
public static Long getRoleByAccountType(final Long roleId, final Short accountType) {
public static Long getRoleByAccountType(final Long roleId, final Account.Type accountType) {
if (roleId == null && accountType != null) {
RoleType defaultRoleType = RoleType.getByAccountType(accountType);
if (defaultRoleType != null && defaultRoleType != RoleType.Unknown) {
@ -97,10 +99,15 @@ public enum RoleType {
return roleId;
}
public static Short getAccountTypeByRole(final Role role, final Short accountType) {
if (role != null && role.getId() > 0L) {
/**
* This method returns the role account type if the role isn't null, else it returns the default account type.
* */
public static Account.Type getAccountTypeByRole(final Role role, final Account.Type defautAccountType) {
if (role != null) {
logger.debug(String.format("Role [%s] is not null; therefore, we use its account type [%s].", role, defautAccountType));
return role.getRoleType().getAccountType();
}
return accountType;
logger.debug(String.format("Role is null; therefore, we use the default account type [%s] value.", defautAccountType));
return defautAccountType;
}
}

10
api/src/main/java/org/apache/cloudstack/api/command/admin/account/CreateAccountCmd.java
View File

@ -56,9 +56,9 @@ public class CreateAccountCmd extends BaseCmd {
private String accountName;
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
type = CommandType.SHORT,
type = CommandType.INTEGER,
description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Short accountType;
private Integer accountType;
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
private Long roleId;
@ -109,12 +109,12 @@ public class CreateAccountCmd extends BaseCmd {
return accountName;
}
public Short getAccountType() {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
public Account.Type getAccountType() {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType));
}
public Long getRoleId() {
return RoleType.getRoleByAccountType(roleId, accountType);
return RoleType.getRoleByAccountType(roleId, getAccountType());
}
public Long getDomainId() {

2
api/src/main/java/org/apache/cloudstack/api/command/admin/ca/ListCaCertificateCmd.java
View File

@ -85,6 +85,6 @@ public class ListCaCertificateCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
}

9
api/src/main/java/org/apache/cloudstack/api/command/admin/user/ListUsersCmd.java
View File

@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.admin.user;
import com.cloud.server.ResourceIcon;
import com.cloud.server.ResourceTag;
import com.cloud.user.Account;
import org.apache.cloudstack.api.response.ResourceIconResponse;
import org.apache.log4j.Logger;
@ -42,9 +43,9 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
type = CommandType.LONG,
type = CommandType.INTEGER,
description = "List users by account type. Valid types include admin, domain-admin, read-only-admin, or user.")
private Long accountType;
private Integer accountType;
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = UserResponse.class, description = "List user by ID.")
private Long id;
@ -63,8 +64,8 @@ public class ListUsersCmd extends BaseListAccountResourcesCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getAccountType() {
return accountType;
public Account.Type getAccountType() {
return Account.Type.getFromValue(accountType);
}
public Long getId() {

8
api/src/main/java/org/apache/cloudstack/api/command/user/account/ListAccountsCmd.java
View File

@ -49,9 +49,9 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.ACCOUNT_TYPE,
type = CommandType.LONG,
type = CommandType.INTEGER,
description = "list accounts by account type. Valid account types are 1 (admin), 2 (domain-admin), and 0 (user).")
private Long accountType;
private Integer accountType;
@Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = AccountResponse.class, description = "list account by account ID")
private Long id;
@ -79,8 +79,8 @@ public class ListAccountsCmd extends BaseListDomainResourcesCmd implements UserC
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getAccountType() {
return accountType;
public Account.Type getAccountType() {
return Account.Type.getFromValue(accountType);
}
public Long getId() {

4
api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotCmd.java
View File

@ -172,13 +172,13 @@ public class CreateSnapshotCmd extends BaseAsyncCreateCmd {
Account account = _accountService.getAccount(volume.getAccountId());
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() +
" as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
} else if (account.getState() == Account.State.DISABLED) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}

4
api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotFromVMSnapshotCmd.java
View File

@ -129,7 +129,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
Account account = _accountService.getAccount(vmsnapshot.getAccountId());
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
Project project = _projectService.findByProjectAccountId(vmsnapshot.getAccountId());
if (project == null) {
throw new InvalidParameterValueException("Unable to find project by account id=" + account.getUuid());
@ -137,7 +137,7 @@ public class CreateSnapshotFromVMSnapshotCmd extends BaseAsyncCreateCmd {
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getUuid() + " in state=" + project.getState() + " as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
} else if (account.getState() == Account.State.DISABLED) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}

4
api/src/main/java/org/apache/cloudstack/api/command/user/snapshot/CreateSnapshotPolicyCmd.java
View File

@ -125,7 +125,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
Account account = _accountService.getAccount(volume.getAccountId());
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
if (project.getState() != Project.State.Active) {
PermissionDeniedException ex =
@ -133,7 +133,7 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
ex.addProxyObject(project.getUuid(), "projectId");
throw ex;
}
} else if (account.getState() == Account.State.disabled) {
} else if (account.getState() == Account.State.DISABLED) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}

4
api/src/main/java/org/apache/cloudstack/api/command/user/volume/ResizeVolumeCmd.java
View File

@ -151,13 +151,13 @@ public class ResizeVolumeCmd extends BaseAsyncCmd implements UserCmd {
Account account = _accountService.getAccount(volume.getAccountId());
//Can resize volumes for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to project id=" + project.getId() + " in state=" + project.getState() +
" as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
} else if (account.getState() == Account.State.DISABLED) {
throw new PermissionDeniedException("The owner of volume " + id + " is disabled: " + account);
}

4
api/src/main/java/org/apache/cloudstack/api/response/AccountResponse.java
View File

@ -41,7 +41,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
@SerializedName(ApiConstants.ACCOUNT_TYPE)
@Param(description = "account type (admin, domain-admin, user)")
private Short accountType;
private Integer accountType;
@SerializedName(ApiConstants.ROLE_ID)
@Param(description = "the ID of the role")
@ -280,7 +280,7 @@ public class AccountResponse extends BaseResponse implements ResourceLimitAndCou
this.name = name;
}
public void setAccountType(Short accountType) {
public void setAccountType(Integer accountType) {
this.accountType = accountType;
}

4
api/src/main/java/org/apache/cloudstack/api/response/ProjectAccountResponse.java
View File

@ -51,7 +51,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
@SerializedName(ApiConstants.ACCOUNT_TYPE)
@Param(description = "account type (admin, domain-admin, user)")
private Short accountType;
private Integer accountType;
@SerializedName(ApiConstants.USER_ID)
@Param(description = "Id of the user")
@ -96,7 +96,7 @@ public class ProjectAccountResponse extends BaseResponse implements ControlledVi
this.accountName = accountName;
}
public void setAccountType(Short accountType) {
public void setAccountType(Integer accountType) {
this.accountType = accountType;
}

9
api/src/main/java/org/apache/cloudstack/api/response/UserResponse.java
View File

@ -18,6 +18,7 @@ package org.apache.cloudstack.api.response;
import java.util.Date;
import com.cloud.user.Account;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.acl.RoleType;
@ -64,7 +65,7 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
@SerializedName("accounttype")
@Param(description = "the account type of the user")
private Short accountType;
private Integer accountType;
@SerializedName("usersource")
@Param(description = "the source type of the user in lowercase, such as native, ldap, saml2")
@ -188,12 +189,12 @@ public class UserResponse extends BaseResponse implements SetResourceIconRespons
this.accountName = accountName;
}
public Short getAccountType() {
public Integer getAccountType() {
return accountType;
}
public void setAccountType(Short accountType) {
this.accountType = accountType;
public void setAccountType(Account.Type accountType) {
this.accountType = accountType.ordinal();
}
public void setRoleId(String roleId) {

55
api/src/test/java/com/cloud/user/AccountTypeTest.java Normal file
View File

@ -0,0 +1,55 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.user;
import org.junit.Assert;
import org.junit.Test;
public class AccountTypeTest {
@Test
public void ordinalTestIfInCorrectOrder(){
Assert.assertEquals(0, Account.Type.NORMAL.ordinal());
Assert.assertEquals(1, Account.Type.ADMIN.ordinal());
Assert.assertEquals(2, Account.Type.DOMAIN_ADMIN.ordinal());
Assert.assertEquals(3, Account.Type.RESOURCE_DOMAIN_ADMIN.ordinal());
Assert.assertEquals(4, Account.Type.READ_ONLY_ADMIN.ordinal());
Assert.assertEquals(5, Account.Type.PROJECT.ordinal());
Assert.assertEquals(6, Account.Type.UNKNOWN.ordinal());
}
@Test
public void getFromValueTestIfAllValuesAreReturned(){
for (Account.Type accountType: Account.Type.values()) {
if( accountType != Account.Type.UNKNOWN) {
Assert.assertEquals(Account.Type.getFromValue(accountType.ordinal()), accountType);
}
}
}
@Test
public void getFromValueTestInvalidValue(){
Assert.assertEquals(Account.Type.getFromValue(null),null);
}
@Test
public void stateToStringTestAllValues(){
Assert.assertEquals(Account.State.ENABLED.toString(), "enabled");
Assert.assertEquals(Account.State.DISABLED.toString(), "disabled");
Assert.assertEquals(Account.State.LOCKED.toString(), "locked");
}
}

38
api/src/test/java/org/apache/cloudstack/acl/RoleTypeTest.java
View File

@ -55,37 +55,37 @@ public class RoleTypeTest {
@Test
public void testGetByAccountType() {
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_NORMAL), RoleType.User);
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_ADMIN), RoleType.Admin);
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), RoleType.DomainAdmin);
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
Assert.assertEquals(RoleType.getByAccountType(Account.ACCOUNT_TYPE_PROJECT), RoleType.Unknown);
Assert.assertEquals(RoleType.getByAccountType(Account.Type.NORMAL), RoleType.User);
Assert.assertEquals(RoleType.getByAccountType(Account.Type.ADMIN), RoleType.Admin);
Assert.assertEquals(RoleType.getByAccountType(Account.Type.DOMAIN_ADMIN), RoleType.DomainAdmin);
Assert.assertEquals(RoleType.getByAccountType(Account.Type.RESOURCE_DOMAIN_ADMIN), RoleType.ResourceAdmin);
Assert.assertEquals(RoleType.getByAccountType(Account.Type.PROJECT), RoleType.Unknown);
}
@Test
public void testGetRoleByAccountTypeWhenRoleIdIsProvided() {
Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.ACCOUNT_TYPE_ADMIN), Long.valueOf(123L));
Assert.assertEquals(RoleType.getRoleByAccountType(123L, Account.Type.ADMIN), Long.valueOf(123L));
Assert.assertEquals(RoleType.getRoleByAccountType(1234L, null), Long.valueOf(1234L));
}
@Test
public void testGetRoleByAccountTypeForDefaultAccountTypes() {
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_ADMIN), (Long) RoleType.Admin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_NORMAL), (Long) RoleType.User.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.ACCOUNT_TYPE_PROJECT), null);
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.ADMIN), (Long) RoleType.Admin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.NORMAL), (Long) RoleType.User.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.DOMAIN_ADMIN), (Long) RoleType.DomainAdmin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.RESOURCE_DOMAIN_ADMIN), (Long) RoleType.ResourceAdmin.getId());
Assert.assertEquals(RoleType.getRoleByAccountType(null, Account.Type.PROJECT), null);
}
@Test
public void testGetAccountTypeByRoleWhenRoleIsNull() {
for (Short accountType: Arrays.asList(
Account.ACCOUNT_TYPE_NORMAL,
Account.ACCOUNT_TYPE_ADMIN,
Account.ACCOUNT_TYPE_DOMAIN_ADMIN,
Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN,
Account.ACCOUNT_TYPE_PROJECT,
(short) 12345)) {
for (Account.Type accountType: Arrays.asList(
Account.Type.NORMAL,
Account.Type.ADMIN,
Account.Type.DOMAIN_ADMIN,
Account.Type.RESOURCE_DOMAIN_ADMIN,
Account.Type.PROJECT,
null)) {
Assert.assertEquals(RoleType.getAccountTypeByRole(null, accountType), accountType);
}
}
@ -95,6 +95,6 @@ public class RoleTypeTest {
Role role = Mockito.mock(Role.class);
Mockito.when(role.getRoleType()).thenReturn(RoleType.Admin);
Mockito.when(role.getId()).thenReturn(100L);
Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), (Short) RoleType.Admin.getAccountType());
Assert.assertEquals(RoleType.getAccountTypeByRole(role, null), RoleType.Admin.getAccountType());
}
}

2
api/src/test/java/org/apache/cloudstack/api/command/admin/account/CreateAccountCmdTest.java
View File

@ -49,7 +49,7 @@ public class CreateAccountCmdTest {
private CreateAccountCmd createAccountCmd = new CreateAccountCmd();
private long roleId = 1L;
private short accountType = 1;
private Integer accountType = 1;
private Long domainId = 1L;
@Before

5
engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade481to490.java
View File

@ -25,6 +25,7 @@ import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import com.cloud.user.Account;
import org.apache.cloudstack.acl.RoleType;
import org.apache.log4j.Logger;
@ -70,8 +71,8 @@ public class Upgrade481to490 implements DbUpgrade {
final ResultSet selectResultSet = selectStatement.executeQuery()) {
while (selectResultSet.next()) {
final Long accountId = selectResultSet.getLong(1);
final Short accountType = selectResultSet.getShort(2);
final Long roleId = RoleType.getByAccountType(accountType).getId();
final Integer accountType = selectResultSet.getInt(2);
final Long roleId = RoleType.getByAccountType(Account.Type.getFromValue(accountType)).getId();
if (roleId < 1L || roleId > 4L) {
s_logger.warn("Skipping role ID migration due to invalid role_id resolved for account id=" + accountId);
continue;

2
engine/schema/src/main/java/com/cloud/usage/dao/UsageDaoImpl.java
View File

@ -113,7 +113,7 @@ public class UsageDaoImpl extends GenericDaoBase<UsageVO, Long> implements Usage
for (AccountVO acct : accounts) {
pstmt.setLong(1, acct.getId());
pstmt.setString(2, acct.getAccountName());
pstmt.setShort(3, acct.getType());
pstmt.setInt(3, acct.getType().ordinal());
//prevent autoboxing NPE by defaulting to User role
if(acct.getRoleId() == null){

13
engine/schema/src/main/java/com/cloud/user/AccountVO.java
View File

@ -42,7 +42,8 @@ public class AccountVO implements Account {
private String accountName = null;
@Column(name = "type")
private short type = ACCOUNT_TYPE_NORMAL;
@Enumerated(value = EnumType.ORDINAL)
private Type type;
@Column(name = "role_id")
private Long roleId;
@ -84,17 +85,17 @@ public class AccountVO implements Account {
uuid = UUID.randomUUID().toString();
}
public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final String uuid) {
public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final String uuid) {
this.accountName = accountName;
this.domainId = domainId;
this.networkDomain = networkDomain;
this.type = type;
this.state = State.enabled;
this.state = State.ENABLED;
this.uuid = uuid;
this.roleId = RoleType.getRoleByAccountType(null, type);
}
public AccountVO(final String accountName, final long domainId, final String networkDomain, final short type, final Long roleId, final String uuid) {
public AccountVO(final String accountName, final long domainId, final String networkDomain, final Type type, final Long roleId, final String uuid) {
this(accountName, domainId, networkDomain, type, uuid);
if (roleId != null) {
this.roleId = roleId;
@ -128,11 +129,11 @@ public class AccountVO implements Account {
}
@Override
public short getType() {
public Account.Type getType() {
return type;
}
public void setType(short type) {
public void setType(Type type) {
this.type = type;
}

2
engine/schema/src/main/java/com/cloud/user/UserVO.java
View File

@ -122,7 +122,7 @@ public class UserVO implements User, Identity, InternalIdentity {
this.lastname = lastName;
this.email = email;
this.timezone = timezone;
this.state = State.enabled;
this.state = State.ENABLED;
this.uuid = uuid;
this.source = source;
}

18
engine/schema/src/main/java/com/cloud/user/dao/AccountDaoImpl.java
View File

@ -119,7 +119,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
public List<AccountVO> findCleanupsForDisabledAccounts() {
SearchCriteria<AccountVO> sc = CleanupForDisabledAccountsSearch.create();
sc.setParameters("cleanup", true);
sc.setParameters("state", State.disabled);
sc.setParameters("state", State.DISABLED);
return listBy(sc);
}
@ -140,14 +140,14 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
u.setUsername(rs.getString(2));
u.setAccountId(rs.getLong(3));
u.setSecretKey(DBEncryptionUtil.decrypt(rs.getString(4)));
u.setState(State.valueOf(rs.getString(5)));
u.setState(State.getValueOf(rs.getString(5)));
AccountVO a = new AccountVO(rs.getLong(6));
a.setAccountName(rs.getString(7));
a.setType(rs.getShort(8));
a.setType(Account.Type.getFromValue(rs.getInt(8)));
a.setRoleId(rs.getLong(9));
a.setDomainId(rs.getLong(10));
a.setState(State.valueOf(rs.getString(11)));
a.setState(State.getValueOf(rs.getString(11)));
userAcctPair = new Pair<User, Account>(u, a);
}
@ -175,7 +175,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
public Account findEnabledAccount(String accountName, Long domainId) {
SearchCriteria<AccountVO> sc = AllFieldsSearch.create("accountName", accountName);
sc.setParameters("domainId", domainId);
sc.setParameters("state", State.enabled);
sc.setParameters("state", State.ENABLED);
return findOneBy(sc);
}
@ -183,8 +183,8 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
public Account findEnabledNonProjectAccount(String accountName, Long domainId) {
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
sc.setParameters("domainId", domainId);
sc.setParameters("state", State.enabled);
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("state", State.ENABLED);
sc.setParameters("type", Account.Type.PROJECT);
return findOneBy(sc);
}
@ -206,7 +206,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
public Account findActiveNonProjectAccount(String accountName, Long domainId) {
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
sc.setParameters("domainId", domainId);
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("type", Account.Type.PROJECT);
return findOneBy(sc);
}
@ -221,7 +221,7 @@ public class AccountDaoImpl extends GenericDaoBase<AccountVO, Long> implements A
public Account findNonProjectAccountIncludingRemoved(String accountName, Long domainId) {
SearchCriteria<AccountVO> sc = NonProjectAccountSearch.create("accountName", accountName);
sc.setParameters("domainId", domainId);
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("type", Account.Type.PROJECT);
return findOneIncludingRemovedBy(sc);
}

8
engine/schema/src/main/java/com/cloud/vm/InstanceGroupVO.java
View File

@ -21,6 +21,8 @@ import java.util.UUID;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
@ -28,6 +30,7 @@ import javax.persistence.PrimaryKeyJoinColumn;
import javax.persistence.SecondaryTable;
import javax.persistence.Table;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
@Entity
@ -58,7 +61,8 @@ public class InstanceGroupVO implements InstanceGroup {
private String uuid;
@Column(name = "type", table = "account", insertable = false, updatable = false)
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
public InstanceGroupVO(String name, long accountId) {
this.name = name;
@ -113,7 +117,7 @@ public class InstanceGroupVO implements InstanceGroup {
}
@Override
public Short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

2
engine/schema/src/main/java/com/cloud/vm/dao/UserVmDaoImpl.java
View File

@ -641,7 +641,7 @@ public class UserVmDaoImpl extends GenericDaoBase<UserVmVO, Long> implements Use
nicResponse.setMacAddress(rs.getString("nics.mac_address"));
int account_type = rs.getInt("account.type");
if (account_type == Account.ACCOUNT_TYPE_ADMIN) {
if (account_type == Account.Type.ADMIN.ordinal()) {
nicResponse.setBroadcastUri(rs.getString("nics.broadcast_uri"));
nicResponse.setIsolationUri(rs.getString("nics.isolation_uri"));
}

6
framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaAlertManagerImpl.java
View File

@ -248,11 +248,11 @@ public class QuotaAlertManagerImpl extends ManagerBase implements QuotaAlertMana
try (TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB)) {
Account account = _accountDao.findById(accountId);
if (account != null) {
if (account.getState() == State.locked) {
if (account.getState() == State.LOCKED) {
return true; // already locked, no-op
} else if (account.getState() == State.enabled) {
} else if (account.getState() == State.ENABLED) {
AccountVO acctForUpdate = _accountDao.createForUpdate();
acctForUpdate.setState(State.locked);
acctForUpdate.setState(State.LOCKED);
success = _accountDao.update(Long.valueOf(accountId), acctForUpdate);
} else {
if (s_logger.isInfoEnabled()) {

3
framework/quota/src/main/java/org/apache/cloudstack/quota/QuotaManagerImpl.java
View File

@ -27,6 +27,7 @@ import java.util.TimeZone;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
import com.cloud.user.Account;
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
import org.apache.cloudstack.quota.constant.QuotaTypes;
import org.apache.cloudstack.quota.dao.QuotaAccountDao;
@ -467,7 +468,7 @@ public class QuotaManagerImpl extends ManagerBase implements QuotaManager {
@Override
public boolean isLockable(AccountVO account) {
return (account.getType() == AccountVO.ACCOUNT_TYPE_NORMAL || account.getType() == AccountVO.ACCOUNT_TYPE_DOMAIN_ADMIN);
return (account.getType() == Account.Type.NORMAL || account.getType() == Account.Type.DOMAIN_ADMIN);
}
}

8
framework/quota/src/test/java/org/apache/cloudstack/quota/QuotaAlertManagerImplTest.java
View File

@ -85,7 +85,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
AccountVO accountVO = new AccountVO();
accountVO.setId(2L);
accountVO.setDomainId(1L);
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setType(Account.Type.NORMAL);
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
QuotaAccountVO acc = new QuotaAccountVO(2L);
@ -123,7 +123,7 @@ public class QuotaAlertManagerImplTest extends TestCase {
AccountVO account = new AccountVO();
account.setId(2L);
account.setDomainId(1L);
account.setType(Account.ACCOUNT_TYPE_NORMAL);
account.setType(Account.Type.NORMAL);
account.setAccountName("admin");
account.setUuid("uuid");
@ -182,8 +182,8 @@ public class QuotaAlertManagerImplTest extends TestCase {
AccountVO accountVO = new AccountVO();
accountVO.setId(2L);
accountVO.setDomainId(1L);
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setState(Account.State.enabled);
accountVO.setType(Account.Type.NORMAL);
accountVO.setState(Account.State.ENABLED);
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(accountVO);
Mockito.when(accountDao.createForUpdate()).thenReturn(accountVO);
Mockito.when(accountDao.update(Mockito.eq(accountVO.getId()), Mockito.eq(accountVO))).thenReturn(true);

18
framework/quota/src/test/java/org/apache/cloudstack/quota/QuotaManagerImplTest.java
View File

@ -113,7 +113,7 @@ public class QuotaManagerImplTest extends TestCase {
AccountVO accountVO = new AccountVO();
accountVO.setId(2L);
accountVO.setDomainId(1L);
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setType(Account.Type.NORMAL);
List<AccountVO> accountVOList = new ArrayList<>();
accountVOList.add(accountVO);
Mockito.when(accountDao.listAll()).thenReturn(accountVOList);
@ -140,7 +140,7 @@ public class QuotaManagerImplTest extends TestCase {
AccountVO accountVO = new AccountVO();
accountVO.setId(2L);
accountVO.setDomainId(1L);
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setType(Account.Type.NORMAL);
UsageVO usageVO = new UsageVO();
usageVO.setQuotaCalculated(0);
@ -189,7 +189,7 @@ public class QuotaManagerImplTest extends TestCase {
AccountVO accountVO = new AccountVO();
accountVO.setId(2L);
accountVO.setDomainId(1L);
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setType(Account.Type.NORMAL);
QuotaUsageVO quotaUsageVO = new QuotaUsageVO();
quotaUsageVO.setAccountId(2L);
@ -206,37 +206,37 @@ public class QuotaManagerImplTest extends TestCase {
@Test
public void testAdminLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_ADMIN);
accountVO.setType(Account.Type.ADMIN);
assertFalse(quotaManager.isLockable(accountVO));
}
@Test
public void testNormalLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_NORMAL);
accountVO.setType(Account.Type.NORMAL);
assertTrue(quotaManager.isLockable(accountVO));
}
@Test
public void tesDomainAdmingLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
accountVO.setType(Account.Type.DOMAIN_ADMIN);
assertTrue(quotaManager.isLockable(accountVO));
}
@Test
public void testReadOnlyAdminLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_READ_ONLY_ADMIN);
accountVO.setType(Account.Type.READ_ONLY_ADMIN);
assertFalse(quotaManager.isLockable(accountVO));
}
@Test
public void testResourceDomainAdminLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN);
accountVO.setType(Account.Type.RESOURCE_DOMAIN_ADMIN);
assertFalse(quotaManager.isLockable(accountVO));
}
@Test
public void testProjectLockableAccount() {
accountVO.setType(Account.ACCOUNT_TYPE_PROJECT);
accountVO.setType(Account.Type.PROJECT);
assertFalse(quotaManager.isLockable(accountVO));
}

4
plugins/acl/dynamic-role-based/src/test/java/org/apache/cloudstack/acl/DynamicRoleBasedAPIAccessCheckerTest.java
View File

@ -53,7 +53,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
}
private Account getTestAccount() {
return new AccountVO("some name", 1L, "network-domain", (short)0, "some-uuid");
return new AccountVO("some name", 1L, "network-domain", Account.Type.NORMAL, "some-uuid");
}
private Role getTestRole() {
@ -103,7 +103,7 @@ public class DynamicRoleBasedAPIAccessCheckerTest extends TestCase {
@Test
public void testDefaultRootAdminAccess() {
Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, (short)1, "some-uuid"));
Mockito.when(accountService.getAccount(Mockito.anyLong())).thenReturn(new AccountVO("root admin", 1L, null, Account.Type.ADMIN, "some-uuid"));
Mockito.when(roleService.findRole(Mockito.anyLong())).thenReturn(new RoleVO(1L, "SomeRole", RoleType.Admin, "default root admin role"));
assertTrue(apiAccessChecker.checkAccess(getTestUser(), "anyApi"));
}

2
plugins/api/rate-limit/src/test/java/org/apache/cloudstack/ratelimit/ApiRateLimitTest.java
View File

@ -67,7 +67,7 @@ public static void setUp() throws ConfigurationException {
// Standard responses
AccountVO acct = new AccountVO(s_acctIdSeq);
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
acct.setType(Account.Type.NORMAL);
acct.setAccountName("demo");
s_testAccount = acct;

3
plugins/database/quota/src/main/java/org/apache/cloudstack/api/command/QuotaSummaryCmd.java
View File

@ -23,7 +23,6 @@ import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.BaseCmd.CommandType;
import org.apache.cloudstack.api.response.DomainResponse;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.QuotaResponseBuilder;
@ -60,7 +59,7 @@ public class QuotaSummaryCmd extends BaseListCmd {
public void execute() {
Account caller = CallContext.current().getCallingAccount();
Pair<List<QuotaSummaryResponse>, Integer> responses;
if (caller.getType() == Account.ACCOUNT_TYPE_ADMIN) { //admin account
if (caller.getType() == Account.Type.ADMIN) {
if (getAccountName() != null && getDomainId() != null)
responses = _responseBuilder.createQuotaSummaryResponse(getAccountName(), getDomainId());
else

4
plugins/database/quota/src/main/java/org/apache/cloudstack/api/response/QuotaResponseBuilderImpl.java
View File

@ -434,12 +434,12 @@ public class QuotaResponseBuilderImpl implements QuotaResponseBuilder {
_quotaService.saveQuotaAccount(account, currentAccountBalance, despositedOn);
if (lockAccountEnforcement) {
if (currentAccountBalance.compareTo(new BigDecimal(0)) >= 0) {
if (account.getState() == Account.State.locked) {
if (account.getState() == Account.State.LOCKED) {
s_logger.info("UnLocking account " + account.getAccountName() + " , due to positive balance " + currentAccountBalance);
_accountMgr.enableAccount(account.getAccountName(), domainId, accountId);
}
} else { // currentAccountBalance < 0 then lock the account
if (_quotaManager.isLockable(account) && account.getState() == Account.State.enabled && enforce) {
if (_quotaManager.isLockable(account) && account.getState() == Account.State.ENABLED && enforce) {
s_logger.info("Locking account " + account.getAccountName() + " , due to negative balance " + currentAccountBalance);
_accountMgr.lockAccount(account.getAccountName(), domainId, accountId);
}

2
plugins/database/quota/src/test/java/org/apache/cloudstack/api/response/QuotaResponseBuilderImplTest.java
View File

@ -152,7 +152,7 @@ public class QuotaResponseBuilderImplTest extends TestCase {
Mockito.when(quotaService.computeAdjustedTime(Mockito.any(Date.class))).thenReturn(new Date());
AccountVO account = new AccountVO();
account.setState(Account.State.locked);
account.setState(Account.State.LOCKED);
Mockito.when(accountDao.findById(Mockito.anyLong())).thenReturn(account);
QuotaCreditsResponse resp = quotaResponseBuilder.addQuotaCredits(accountId, domainId, amount, updatedBy, true);

2
plugins/dedicated-resources/src/test/java/org/apache/cloudstack/dedicated/manager/DedicatedApiUnitTest.java
View File

@ -115,7 +115,7 @@ public class DedicatedApiUnitTest {
@Before
public void setUp() {
ComponentContext.initComponentsLifeCycle();
AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.ACCOUNT_TYPE_NORMAL, "uuid");
AccountVO account = new AccountVO(accountName, domainId, "networkDomain", Account.Type.NORMAL, "uuid");
DomainVO domain = new DomainVO("rootDomain", 5L, 5L, "networkDomain");
UserVO user = new UserVO(1, "testuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);

2
plugins/deployment-planners/implicit-dedication/src/test/java/org/apache/cloudstack/implicitplanner/ImplicitPlannerTest.java
View File

@ -164,7 +164,7 @@ public class ImplicitPlannerTest {
public void setUp() {
ComponentContext.initComponentsLifeCycle();
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
acct.setType(Account.Type.NORMAL);
acct.setAccountName("user1");
acct.setDomainId(domainId);
acct.setId(accountId);

42
plugins/hypervisors/baremetal/src/main/java/com/cloud/baremetal/manager/BaremetalVlanManagerImpl.java
View File

@ -37,13 +37,13 @@ import com.cloud.user.dao.UserDao;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.QueryBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.vm.VirtualMachineProfile;
import com.google.gson.Gson;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.AddBaremetalRctCmd;
import org.apache.cloudstack.api.DeleteBaremetalRctCmd;
import org.apache.cloudstack.api.ListBaremetalRctCmd;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.vm.VirtualMachineProfile;
import com.google.gson.Gson;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.AddBaremetalRctCmd;
import org.apache.cloudstack.api.DeleteBaremetalRctCmd;
import org.apache.cloudstack.api.ListBaremetalRctCmd;
import org.apache.cloudstack.utils.baremetal.BaremetalUtils;
import org.springframework.web.client.RestTemplate;
@ -237,28 +237,28 @@ public class BaremetalVlanManagerImpl extends ManagerBase implements BaremetalVl
@Override
public boolean start() {
QueryBuilder<AccountVO> acntq = QueryBuilder.create(AccountVO.class);
acntq.and(acntq.entity().getAccountName(), SearchCriteria.Op.EQ, BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
acntq.and(acntq.entity().getAccountName(), SearchCriteria.Op.EQ, BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
AccountVO acnt = acntq.find();
if (acnt != null) {
return true;
}
acnt = new AccountVO();
acnt.setAccountName(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
acnt.setUuid(UUID.randomUUID().toString());
acnt.setState(Account.State.enabled);
acnt.setDomainId(1);
acnt.setType(RoleType.User.getAccountType());
acnt.setRoleId(RoleType.User.getId());
acnt = acntDao.persist(acnt);
UserVO user = new UserVO();
user.setState(Account.State.enabled);
acnt.setAccountName(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
acnt.setUuid(UUID.randomUUID().toString());
acnt.setState(Account.State.ENABLED);
acnt.setDomainId(1);
acnt.setType(RoleType.User.getAccountType());
acnt.setRoleId(RoleType.User.getId());
acnt = acntDao.persist(acnt);
UserVO user = new UserVO();
user.setState(Account.State.ENABLED);
user.setUuid(UUID.randomUUID().toString());
user.setAccountId(acnt.getAccountId());
user.setUsername(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setFirstname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setLastname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setUsername(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setFirstname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setLastname(BaremetalUtils.BAREMETAL_SYSTEM_ACCOUNT_NAME);
user.setPassword(UUID.randomUUID().toString());
user.setSource(User.Source.UNKNOWN);
user = userDao.persist(user);

2
plugins/hypervisors/vmware/src/test/java/com/cloud/hypervisor/vmware/VmwareDatacenterApiUnitTest.java
View File

@ -181,7 +181,7 @@ public class VmwareDatacenterApiUnitTest {
podId = 1L;
AccountVO acct = new AccountVO(200L);
acct.setType(Account.ACCOUNT_TYPE_ADMIN);
acct.setType(Account.Type.ADMIN);
acct.setAccountName("admin");
acct.setDomainId(domainId);

2
plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java
View File

@ -529,7 +529,7 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
response.setKubernetesVersionName(version.getName());
}
Account account = ApiDBUtils.findAccountById(kubernetesCluster.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
response.setProjectId(project.getUuid());
response.setProjectName(project.getName());

18
plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/version/KubernetesVersionServiceTest.java
View File

@ -149,7 +149,7 @@ public class KubernetesVersionServiceTest {
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
when(cmd.getSemanticVersion()).thenReturn("1.1.1");
@ -161,7 +161,7 @@ public class KubernetesVersionServiceTest {
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU-1);
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
CallContext.register(user, account);
@ -173,7 +173,7 @@ public class KubernetesVersionServiceTest {
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE-10);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
CallContext.register(user, account);
@ -185,7 +185,7 @@ public class KubernetesVersionServiceTest {
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
CallContext.register(user, account);
@ -196,7 +196,7 @@ public class KubernetesVersionServiceTest {
@Test
public void addKubernetesSupportedVersionIsoUrlTest() throws ResourceAllocationException, NoSuchFieldException {
AddKubernetesSupportedVersionCmd cmd = Mockito.mock(AddKubernetesSupportedVersionCmd.class);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
when(cmd.getSemanticVersion()).thenReturn(KubernetesVersionService.MIN_KUBERNETES_VERSION);
@ -204,7 +204,7 @@ public class KubernetesVersionServiceTest {
when(cmd.getChecksum()).thenReturn(null);
when(cmd.getMinimumCpu()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_CPU);
when(cmd.getMinimumRamSize()).thenReturn(KubernetesClusterService.MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE);
Account systemAccount = new AccountVO("system", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
Account systemAccount = new AccountVO("system", 1L, "", Account.Type.ADMIN, "uuid");
when(accountManager.getSystemAccount()).thenReturn(systemAccount);
PowerMockito.mockStatic(ComponentContext.class);
when(ComponentContext.inject(Mockito.any(RegisterIsoCmd.class))).thenReturn(new RegisterIsoCmd());
@ -218,7 +218,7 @@ public class KubernetesVersionServiceTest {
@Test(expected = CloudRuntimeException.class)
public void deleteKubernetesSupportedVersionExistingClustersTest() {
DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
@ -231,7 +231,7 @@ public class KubernetesVersionServiceTest {
@Test
public void deleteKubernetesSupportedVersionTest() {
DeleteKubernetesSupportedVersionCmd cmd = Mockito.mock(DeleteKubernetesSupportedVersionCmd.class);
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));
@ -249,7 +249,7 @@ public class KubernetesVersionServiceTest {
public void updateKubernetesSupportedVersionTest() {
UpdateKubernetesSupportedVersionCmd cmd = Mockito.mock(UpdateKubernetesSupportedVersionCmd.class);
when(cmd.getState()).thenReturn(KubernetesSupportedVersion.State.Disabled.toString());
AccountVO account = new AccountVO("admin", 1L, "", Account.ACCOUNT_TYPE_ADMIN, "uuid");
AccountVO account = new AccountVO("admin", 1L, "", Account.Type.ADMIN, "uuid");
UserVO user = new UserVO(1, "adminuser", "password", "firstname", "lastName", "email", "timezone", UUID.randomUUID().toString(), User.Source.UNKNOWN);
CallContext.register(user, account);
when(kubernetesSupportedVersionDao.findById(Mockito.anyLong())).thenReturn(Mockito.mock(KubernetesSupportedVersionVO.class));

2
plugins/network-elements/globodns/src/test/java/com/globo/globodns/cloudstack/element/GloboDnsElementTest.java
View File

@ -111,7 +111,7 @@ public class GloboDnsElementTest {
ComponentContext.initComponentsLifeCycle();
acct = new AccountVO(200L);
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
acct.setType(Account.Type.NORMAL);
acct.setAccountName("user");
acct.setDomainId(domainId);

4
plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/ContrailManagerImpl.java
View File

@ -438,7 +438,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
@Override
public String getProjectName(long accountId) {
Account account = _accountDao.findById(accountId);
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
ProjectVO project = _projectDao.findByProjectAccountId(account.getId());
if (project != null) {
return project.getName();
@ -455,7 +455,7 @@ public class ContrailManagerImpl extends ManagerBase implements ContrailManager
private ProjectVO getProject(long accountId) {
Account account = _accountDao.findById(accountId);
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
return _projectDao.findByProjectAccountId(account.getId());
}
return null;

2
plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/ServiceManagerImpl.java
View File

@ -239,7 +239,7 @@ public class ServiceManagerImpl implements ServiceManager {
response.setId(vm.getUuid());
Account owner = _accountService.getAccount(vm.getAccountId());
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (owner.getType() == Account.Type.PROJECT) {
Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(owner.getAccountId());
response.setProjectId(project.getUuid());
response.setProjectName(project.getName());

4
plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java
View File

@ -150,7 +150,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
}
@Override
public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, short accountType, Long roleId,
public UserAccount createUserAccount(String userName, String password, String firstName, String lastName, String email, String timezone, String accountName, Account.Type accountType, Long roleId,
Long domainId, String networkDomain, Map<String, String> details, String accountUUID, String userUUID, User.Source source) {
// TODO Auto-generated method stub
return null;
@ -404,7 +404,7 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
}
@Override
public Account createAccount(String accountName, short accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
public Account createAccount(String accountName, Account.Type accountType, Long roleId, Long domainId, String networkDomain, Map<String, String> details, String uuid) {
final AccountVO account = new AccountVO(accountName, domainId, networkDomain, accountType, roleId, uuid);
Transaction.execute(new TransactionCallbackNoReturn() {
@Override

13
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapCreateAccountCmd.java
View File

@ -56,8 +56,8 @@ public class LdapCreateAccountCmd extends BaseCmd {
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "Creates the user under the specified account. If no account is specified, the username will be used as the account name.")
private String accountName;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Short accountType;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Integer accountType;
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
private Long roleId;
@ -105,12 +105,15 @@ public class LdapCreateAccountCmd extends BaseCmd {
}
}
public Short getAccountType() {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
public Account.Type getAccountType() {
if (accountType == null) {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
}
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
}
public Long getRoleId() {
return RoleType.getRoleByAccountType(roleId, accountType);
return RoleType.getRoleByAccountType(roleId, getAccountType());
}
private String getAccountName() {

13
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapImportUsersCmd.java
View File

@ -68,8 +68,8 @@ public class LdapImportUsersCmd extends BaseListCmd {
@Parameter(name = ApiConstants.TIMEZONE, type = CommandType.STRING, description = "Specifies a timezone for this command. For more information on the timezone parameter, see Time Zone Format.")
private String timezone;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Short accountType;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, description = "Type of the account. Specify 0 for user, 1 for root admin, and 2 for domain admin")
private Integer accountType;
@Parameter(name = ApiConstants.ROLE_ID, type = CommandType.UUID, entityType = RoleResponse.class, description = "Creates the account under the specified role.")
private Long roleId;
@ -167,12 +167,15 @@ public class LdapImportUsersCmd extends BaseListCmd {
setResponseObject(response);
}
public Short getAccountType() {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), accountType);
public Account.Type getAccountType() {
if (accountType == null) {
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), null);
}
return RoleType.getAccountTypeByRole(roleService.findRole(roleId), Account.Type.getFromValue(accountType.intValue()));
}
public Long getRoleId() {
return RoleType.getRoleByAccountType(roleId, accountType);
return RoleType.getRoleByAccountType(roleId, getAccountType());
}
private String getAccountName(LdapUser user) {

10
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmd.java
View File

@ -61,9 +61,9 @@ public class LinkAccountToLdapCmd extends BaseCmd {
@Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
private String admin;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for "
+ "domain admin")
private short accountType;
private int accountType;
@Inject
private LdapManager _ldapManager;
@ -84,7 +84,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
if (account == null) {
try {
UserAccount userAccount = _accountService
.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null, admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(),
UUID.randomUUID().toString(), User.Source.LDAP);
response.setAdminId(String.valueOf(userAccount.getAccountId()));
LOGGER.info("created an account with name " + admin + " in the given domain " + domainId);
@ -136,7 +136,7 @@ public class LinkAccountToLdapCmd extends BaseCmd {
return admin;
}
public short getAccountType() {
return accountType;
public Account.Type getAccountType() {
return Account.Type.getFromValue(accountType);
}
}

10
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LinkDomainToLdapCmd.java
View File

@ -64,9 +64,9 @@ public class LinkDomainToLdapCmd extends BaseCmd {
@Parameter(name = ApiConstants.ADMIN, type = CommandType.STRING, required = false, description = "domain admin username in LDAP ")
private String admin;
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.SHORT, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
@Parameter(name = ApiConstants.ACCOUNT_TYPE, type = CommandType.INTEGER, required = true, description = "Type of the account to auto import. Specify 0 for user and 2 for " +
"domain admin")
private short accountType;
private int accountType;
@Inject
private LdapManager _ldapManager;
@ -87,8 +87,8 @@ public class LinkDomainToLdapCmd extends BaseCmd {
return admin;
}
public short getAccountType() {
return accountType;
public Account.Type getAccountType() {
return Account.Type.getFromValue(accountType);
}
@ -108,7 +108,7 @@ public class LinkDomainToLdapCmd extends BaseCmd {
if (account == null) {
try {
UserAccount userAccount = _accountService.createUserAccount(admin, "", ldapUser.getFirstname(), ldapUser.getLastname(), ldapUser.getEmail(), null,
admin, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
admin, Account.Type.DOMAIN_ADMIN, RoleType.DomainAdmin.getId(), domainId, null, null, UUID.randomUUID().toString(), UUID.randomUUID().toString(), User.Source.LDAP);
response.setAdminId(String.valueOf(userAccount.getAccountId()));
s_logger.info("created an account with name " + admin + " in the given domain " + domainId);
} catch (Exception e) {

6
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/response/LinkAccountToLdapResponse.java
View File

@ -39,7 +39,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
@SerializedName(ApiConstants.ACCOUNT_TYPE)
@Param(description = "Type of the account to auto import")
private short accountType;
private int accountType;
@SerializedName(ApiConstants.ACCOUNT_ID)
@Param(description = "Domain Admin accountId that is created")
@ -50,7 +50,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
private String accountName;
public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, short accountType, String adminId, String accountName) {
public LinkAccountToLdapResponse(String domainId, String type, String ldapDomain, int accountType, String adminId, String accountName) {
this.domainId = domainId;
this.type = type;
this.ldapDomain = ldapDomain;
@ -71,7 +71,7 @@ public class LinkAccountToLdapResponse extends BaseResponse {
return type;
}
public short getAccountType() {
public Integer getAccountType() {
return accountType;
}

6
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/response/LinkDomainToLdapResponse.java
View File

@ -44,13 +44,13 @@ public class LinkDomainToLdapResponse extends BaseResponse {
@SerializedName(ApiConstants.ACCOUNT_TYPE)
@Param(description = "Type of the account to auto import")
private short accountType;
private int accountType;
@SerializedName(ApiConstants.ACCOUNT_ID)
@Param(description = "Domain Admin accountId that is created")
private String adminId;
public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, short accountType) {
public LinkDomainToLdapResponse(String domainId, String type, String ldapDomain, int accountType) {
this.domainId = domainId;
this.name = ldapDomain;
this.ldapDomain = ldapDomain;
@ -70,7 +70,7 @@ public class LinkDomainToLdapResponse extends BaseResponse {
return type;
}
public short getAccountType() {
public int getAccountType() {
return accountType;
}

8
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java
View File

@ -227,7 +227,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
Pair<Boolean, ActionOnFailedAuthentication> rc = new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
try {
LdapUser ldapUser = _ldapManager.getUser(username, ldapTrustMapVO.getType().toString(), ldapTrustMapVO.getName(), domainId);
final short accountType = ldapTrustMapVO.getAccountType();
final Account.Type accountType = ldapTrustMapVO.getAccountType();
processLdapUser(password, domainId, user, rc, ldapUser, accountType);
} catch (NoLdapUserMatchingQueryException e) {
LOGGER.debug(e.getMessage());
@ -237,7 +237,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
return rc;
}
private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, short accountType) {
private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, Account.Type accountType) {
if(!ldapUser.isDisabled()) {
rc.first(_ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId));
if(rc.first()) {
@ -289,12 +289,12 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
}
private void enableUserInCloudStack(UserAccount user) {
if(user != null && (user.getState().equalsIgnoreCase(Account.State.disabled.toString()))) {
if(user != null && (user.getState().equalsIgnoreCase(Account.State.DISABLED.toString()))) {
_accountManager.enableUser(user.getId());
}
}
private void createCloudStackUserAccount(LdapUser user, long domainId, short accountType) {
private void createCloudStackUserAccount(LdapUser user, long domainId, Account.Type accountType) {
String username = user.getUsername();
_accountManager.createUserAccount(username, "", user.getFirstname(), user.getLastname(), user.getEmail(), null, username,
accountType, RoleType.getByAccountType(accountType).getId(), domainId, null, null,

8
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
View File

@ -378,12 +378,12 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
return linkDomainToLdap(cmd.getDomainId(),cmd.getType(), ldapDomain,cmd.getAccountType());
}
private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, short accountType) {
private LinkDomainToLdapResponse linkDomainToLdap(Long domainId, String type, String name, Account.Type accountType) {
Validate.notNull(type, "type cannot be null. It should either be GROUP or OU");
Validate.notNull(domainId, "domainId cannot be null.");
Validate.notEmpty(name, "GROUP or OU name cannot be empty");
//Account type should be 0 or 2. check the constants in com.cloud.user.Account
Validate.isTrue(accountType==0 || accountType==2, "accountype should be either 0(normal user) or 2(domain admin)");
Validate.isTrue(accountType== Account.Type.NORMAL || accountType== Account.Type.DOMAIN_ADMIN, "accountype should be either 0(normal user) or 2(domain admin)");
LinkType linkType = LdapManager.LinkType.valueOf(type.toUpperCase());
LdapTrustMapVO vo = _ldapTrustMapDao.persist(new LdapTrustMapVO(domainId, linkType, name, accountType, 0));
DomainVO domain = domainDao.findById(vo.getDomainId());
@ -393,7 +393,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
} else {
domainUuid = domain.getUuid();
}
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType());
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal());
return response;
}
@ -443,7 +443,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
domainUuid = domain.getUuid();
}
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType(), account.getUuid(), cmd.getAccountName());
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(domainUuid, vo.getType().toString(), vo.getName(), vo.getAccountType().ordinal(), account.getUuid(), cmd.getAccountName());
return response;
}

16
plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapTrustMapVO.java
View File

@ -18,15 +18,18 @@
*/
package org.apache.cloudstack.ldap;
import com.cloud.user.Account;
import org.apache.cloudstack.api.InternalIdentity;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import org.apache.cloudstack.api.InternalIdentity;
@Entity
@Table(name = "ldap_trust_map")
public class LdapTrustMapVO implements InternalIdentity {
@ -49,13 +52,14 @@ public class LdapTrustMapVO implements InternalIdentity {
private long accountId;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
public LdapTrustMapVO() {
}
public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, short accountType, long accountId) {
public LdapTrustMapVO(long domainId, LdapManager.LinkType type, String name, Account.Type accountType, long accountId) {
this.domainId = domainId;
this.type = type;
this.name = name;
@ -80,7 +84,7 @@ public class LdapTrustMapVO implements InternalIdentity {
return domainId;
}
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}
@ -121,7 +125,7 @@ public class LdapTrustMapVO implements InternalIdentity {
result = 31 * result + name.hashCode();
result = 31 * result + (int) (domainId ^ (domainId >>> 32));
result = 31 * result + (int) (accountId ^ (accountId >>> 32));
result = 31 * result + (int) accountType;
result = 31 * result + accountType.ordinal();
return result;
}
}

2
plugins/user-authenticators/ldap/src/test/groovy/org/apache/cloudstack/ldap/LdapAuthenticatorSpec.groovy
View File

@ -204,7 +204,7 @@ class LdapAuthenticatorSpec extends spock.lang.Specification {
UserAccount userAccount = Mock(UserAccount)
userAccountDao.getUserAccount(username, domainId) >> userAccount
userAccount.getId() >> 1
userAccount.getState() >> Account.State.disabled.toString()
userAccount.getState() >> Account.State.DISABLED.toString()
ldapManager.getDomainLinkedToLdap(domainId) >> new LdapTrustMapVO(domainId, type, name, (short)2)
ldapManager.getUser(username, type.toString(), name) >> new LdapUser(username, "email", "firstname", "lastname", "principal", "domain", false, null)
ldapManager.canAuthenticate(_, _, _) >> true

4
plugins/user-authenticators/ldap/src/test/groovy/org/apache/cloudstack/ldap/LinkDomainToLdapCmdSpec.groovy
View File

@ -143,7 +143,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
_accountService.getActiveAccountByName(username, domainId) >> null
UserAccount userAccount = Mock(UserAccount)
userAccount.getAccountId() >> 24
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
username, null, _, _, User.Source.LDAP) >> userAccount
linkDomainToLdapCmd.admin = username
@ -209,7 +209,7 @@ class LinkDomainToLdapCmdSpec extends Specification {
_accountService.getActiveAccountByName(username, domainId) >> null
UserAccount userAccount = Mock(UserAccount)
userAccount.getAccountId() >> 24
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.ACCOUNT_TYPE_DOMAIN_ADMIN, domainId,
_accountService.createUserAccount(username, "", "Admin", "Admin", "admin@ccp.citrix.com", null, username, Account.Type.DOMAIN_ADMIN, domainId,
username, null, _, _, User.Source.LDAP) >> { throw new RuntimeException("created failed from mock") }
linkDomainToLdapCmd.admin = username

2
plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LdapCreateAccountCmdTest.java
View File

@ -50,7 +50,7 @@ public class LdapCreateAccountCmdTest implements LdapConfigurationChanger {
public void setUp() throws NoSuchFieldException, IllegalAccessException {
ldapCreateAccountCmd = spy(new LdapCreateAccountCmd(ldapManager, accountService));
ldapCreateAccountCmd.roleService = roleService;
setHiddenField(ldapCreateAccountCmd,"accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
setHiddenField(ldapCreateAccountCmd,"accountType", Account.Type.DOMAIN_ADMIN.ordinal());
}
@Test(expected = ServerApiException.class)

2
plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LdapImportUsersCmdTest.java
View File

@ -60,7 +60,7 @@ public class LdapImportUsersCmdTest implements LdapConfigurationChanger {
public void setUp() throws NoSuchFieldException, IllegalAccessException {
ldapImportUsersCmd = spy(new LdapImportUsersCmd(ldapManager, domainService, accountService));
ldapImportUsersCmd.roleService = roleService;
setHiddenField(ldapImportUsersCmd, "accountType", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
setHiddenField(ldapImportUsersCmd, "accountType", Account.Type.DOMAIN_ADMIN.ordinal());
}
@Test

8
plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LinkAccountToLdapCmdTest.java
View File

@ -60,7 +60,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
long domainId = 1;
String type = "GROUP";
String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
Account.Type accountType = Account.Type.DOMAIN_ADMIN;
String username = "admin";
long accountId = 24;
String accountName = "test";
@ -69,11 +69,11 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
setHiddenField(linkAccountToLdapCmd, "admin", username);
setHiddenField(linkAccountToLdapCmd, "type", type);
setHiddenField(linkAccountToLdapCmd, "domainId", domainId);
setHiddenField(linkAccountToLdapCmd, "accountType", accountType);
setHiddenField(linkAccountToLdapCmd, "accountType", accountType.ordinal());
setHiddenField(linkAccountToLdapCmd, "accountName", accountName);
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, (short)accountType, username, accountName);
LinkAccountToLdapResponse response = new LinkAccountToLdapResponse(String.valueOf(domainId), type, ldapDomain, accountType.ordinal(), username, accountName);
when(ldapManager.linkAccountToLdap(linkAccountToLdapCmd)).thenReturn(response);
when(ldapManager.getUser(username, type, ldapDomain, 1L))
.thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
@ -82,7 +82,7 @@ public class LinkAccountToLdapCmdTest implements LdapConfigurationChanger {
UserAccountVO userAccount = new UserAccountVO();
userAccount.setAccountId(24);
when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
(java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);
linkAccountToLdapCmd.execute();

8
plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/api/command/LinkDomainToLdapCmdTest.java
View File

@ -64,16 +64,16 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
Long domainId = 1L;
String type = "GROUP";
String ldapDomain = "CN=test,DC=ccp,DC=Citrix,DC=com";
short accountType = Account.ACCOUNT_TYPE_DOMAIN_ADMIN;
Account.Type accountType = Account.Type.DOMAIN_ADMIN;
String username = "admin";
long accountId = 24;
setHiddenField(linkDomainToLdapCmd, "ldapDomain", ldapDomain);
setHiddenField(linkDomainToLdapCmd, "admin", username);
setHiddenField(linkDomainToLdapCmd, "type", type);
setHiddenField(linkDomainToLdapCmd, "domainId", domainId);
setHiddenField(linkDomainToLdapCmd, "accountType", accountType);
setHiddenField(linkDomainToLdapCmd, "accountType", accountType.ordinal());
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, (short)accountType);
LinkDomainToLdapResponse response = new LinkDomainToLdapResponse(domainId.toString(), type, ldapDomain, accountType.ordinal());
when(ldapManager.linkDomainToLdap(linkDomainToLdapCmd)).thenReturn(response);
when(ldapManager.getUser(username, type, ldapDomain, 1L)).thenReturn(new LdapUser(username, "admin@ccp.citrix.com", "Admin", "Admin", ldapDomain, "ccp", false, null));
@ -81,7 +81,7 @@ public class LinkDomainToLdapCmdTest implements LdapConfigurationChanger
UserAccountVO userAccount = new UserAccountVO();
userAccount.setAccountId(24);
when(accountService.createUserAccount(eq(username), eq(""), eq("Admin"), eq("Admin"), eq("admin@ccp.citrix.com"), isNull(String.class),
eq(username), eq(Account.ACCOUNT_TYPE_DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
eq(username), eq(Account.Type.DOMAIN_ADMIN), eq(RoleType.DomainAdmin.getId()), eq(domainId), isNull(String.class),
(java.util.Map<String,String>)isNull(), anyString(), anyString(), eq(User.Source.LDAP))).thenReturn(userAccount);

5
plugins/user-authenticators/ldap/src/test/java/org/apache/cloudstack/ldap/LdapAuthenticatorTest.java
View File

@ -20,6 +20,7 @@ package org.apache.cloudstack.ldap;
import com.cloud.server.auth.UserAuthenticator;
import com.cloud.user.AccountManager;
import com.cloud.user.AccountVO;
import com.cloud.user.Account;
import com.cloud.user.User;
import com.cloud.user.UserAccount;
import com.cloud.user.UserAccountVO;
@ -109,9 +110,9 @@ public class LdapAuthenticatorTest {
LdapAuthenticator auth = spy(ldapAuthenticator);
when(auth.getMappedGroups(maps)).thenReturn(mappedGroups);
LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", (short)2, 1l);
LdapTrustMapVO trustMap = new LdapTrustMapVO(domainId, LdapManager.LinkType.GROUP, "cn=name", Account.Type.DOMAIN_ADMIN, 1l);
AccountVO account = new AccountVO("accountName" , domainId, "domain.net", (short)2, "final String uuid");
AccountVO account = new AccountVO("accountName" , domainId, "domain.net", Account.Type.DOMAIN_ADMIN, "final String uuid");
when(accountManager.getAccount(anyLong())).thenReturn(account);
when(ldapManager.getUser(username, domainId)).thenReturn(userSpy);
when(ldapManager.getLinkedLdapGroup(domainId, "g1")).thenReturn(trustMap);

2
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
View File

@ -112,7 +112,7 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override

4
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmd.java
View File

@ -134,13 +134,13 @@ public class ListAndSwitchSAMLAccountCmd extends BaseCmd implements APIAuthentic
final User user = _userDao.findByUuid(userUuid);
final Domain domain = _domainDao.findByUuid(domainUuid);
final UserAccount nextUserAccount = _accountService.getUserAccountById(user.getId());
if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
if (nextUserAccount != null && !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
throw new ServerApiException(ApiErrorCode.ACCOUNT_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
"The requested user account is locked and cannot be switched to, please contact your administrator.",
params, responseType));
}
if (nextUserAccount == null
|| !nextUserAccount.getAccountState().equals(Account.State.enabled.toString())
|| !nextUserAccount.getAccountState().equals(Account.State.ENABLED.toString())
|| !nextUserAccount.getUsername().equals(currentUserAccount.getUsername())
|| !nextUserAccount.getExternalEntity().equals(currentUserAccount.getExternalEntity())
|| (nextUserAccount.getDomainId() != domain.getId())

2
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListIdpsCmd.java
View File

@ -62,7 +62,7 @@ public class ListIdpsCmd extends BaseCmd implements APIAuthenticator {
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override

2
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/ListSamlAuthorizationCmd.java
View File

@ -77,7 +77,7 @@ public class ListSamlAuthorizationCmd extends BaseListCmd {
_accountService.checkAccess(CallContext.current().getCallingAccount(), SecurityChecker.AccessType.ListEntry, true, account);
users.add(user);
}
} else if (CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
} else if (CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
users = _userDao.listAll();
}

4
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
View File

@ -122,7 +122,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override
@ -303,7 +303,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
// Log into the first enabled user account
// Users can switch to other allowed accounts later
for (UserAccountVO possibleUserAccount : possibleUserAccounts) {
if (possibleUserAccount.getAccountState().equals(Account.State.enabled.toString())) {
if (possibleUserAccount.getAccountState().equals(Account.State.ENABLED.toString())) {
userAccount = possibleUserAccount;
break;
}

2
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
View File

@ -73,7 +73,7 @@ public class SAML2LogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuthen
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override

2
plugins/user-authenticators/saml2/src/test/java/org/apache/cloudstack/api/command/ListAndSwitchSAMLAccountCmdTest.java
View File

@ -159,7 +159,7 @@ public class ListAndSwitchSAMLAccountCmdTest extends TestCase {
// valid sessionkey, invalid useraccount type (non-saml) value test
UserAccountVO mockedUserAccount = new UserAccountVO();
mockedUserAccount.setId(2L);
mockedUserAccount.setAccountState(Account.State.enabled.toString());
mockedUserAccount.setAccountState(Account.State.ENABLED.toString());
mockedUserAccount.setUsername("someUsername");
mockedUserAccount.setExternalEntity("some IDP ID");
mockedUserAccount.setDomainId(0L);

32
server/src/main/java/com/cloud/acl/DomainChecker.java
View File

@ -104,7 +104,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
@Override
public boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException {
if (caller.getState() != Account.State.enabled) {
if (caller.getState() != Account.State.ENABLED) {
throw new PermissionDeniedException("Account " + caller.getAccountName() + " is disabled.");
}
@ -147,7 +147,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
return true;
}
//special handling for the project case
if (owner.getType() == Account.ACCOUNT_TYPE_PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
if (owner.getType() == Account.Type.PROJECT && _projectMgr.canAccessProjectAccount(caller, owner.getId())) {
return true;
}
@ -163,7 +163,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
if (accessType != null && accessType == AccessType.OperateEntry) {
if (!_accountService.isRootAdmin(caller.getId()) && owner.getId() != caller.getId()) {
// For projects check if the caller account can access the project account
if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
if (owner.getType() != Account.Type.PROJECT || !(_projectMgr.canAccessProjectAccount(caller, owner.getId()))) {
throw new PermissionDeniedException("Domain Admin and regular users can modify only their own Public templates");
}
}
@ -179,7 +179,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
if (_accountService.isNormalUser(caller.getId())) {
Account account = _accountDao.findById(entity.getAccountId());
String errorMessage = String.format("%s does not have permission to operate with resource", caller);
if (account != null && account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account != null && account.getType() == Account.Type.PROJECT) {
//only project owner can delete/modify the project
if (accessType != null && accessType == AccessType.ModifyProject) {
if (!_projectMgr.canModifyProjectAccount(caller, account.getId())) {
@ -272,9 +272,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
//if account is normal user or domain admin
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
else if (_accountService.isNormalUser(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|| _accountService.isDomainAdmin(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|| account.getType() == Account.Type.PROJECT) {
final List<Long> doDomainIds = diskOfferingDetailsDao.findDomainIds(dof.getId());
if (doDomainIds.isEmpty()) {
hasAccess = true;
@ -310,9 +310,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
//if account is normal user or domain admin
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for service offering)
else if (_accountService.isNormalUser(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|| _accountService.isDomainAdmin(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|| account.getType() == Account.Type.PROJECT) {
final List<Long> soDomainIds = serviceOfferingDetailsDao.findDomainIds(so.getId());
if (soDomainIds.isEmpty()) {
hasAccess = true;
@ -348,9 +348,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
//if account is normal user or domain admin
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
else if (_accountService.isNormalUser(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|| _accountService.isDomainAdmin(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|| account.getType() == Account.Type.PROJECT) {
final List<Long> noDomainIds = networkOfferingDetailsDao.findDomainIds(nof.getId());
if (noDomainIds.isEmpty()) {
hasAccess = true;
@ -386,9 +386,9 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
//if account is normal user or domain admin
//check if account's domain is a child of offering's domain (Note: This is made consistent with the list command for disk offering)
else if (_accountService.isNormalUser(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
|| account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|| _accountService.isDomainAdmin(account.getId())
|| account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
|| account.getType() == Account.Type.PROJECT) {
final List<Long> voDomainIds = vpcOfferingDetailsDao.findDomainIds(vof.getId());
if (voDomainIds.isEmpty()) {
hasAccess = true;
@ -421,7 +421,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
}
//if account is normal user
//check if account's domain is a child of zone's domain
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
else if (_accountService.isNormalUser(account.getId()) || account.getType() == Account.Type.PROJECT) {
// if zone is dedicated to an account check that the accountId
// matches.
DedicatedResourceVO dedicatedZone = _dedicatedDao.findByZoneId(zone.getId());
@ -496,19 +496,19 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
throws PermissionDeniedException {
if (action != null && ("SystemCapability".equals(action))) {
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
if (caller != null && caller.getType() == Account.Type.ADMIN) {
return true;
} else {
return false;
}
} else if (action != null && ("DomainCapability".equals(action))) {
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (caller != null && caller.getType() == Account.Type.DOMAIN_ADMIN) {
return true;
} else {
return false;
}
} else if (action != null && ("DomainResourceCapability".equals(action))) {
if (caller != null && caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
if (caller != null && caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
return true;
} else {
return false;

12
server/src/main/java/com/cloud/api/ApiResponseHelper.java
View File

@ -1948,7 +1948,7 @@ public class ApiResponseHelper implements ResponseGenerator {
continue;
}
if (account.getType() != Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() != Account.Type.PROJECT) {
regularAccounts.add(accountName);
} else {
// convert account to projectIds
@ -2017,7 +2017,7 @@ public class ApiResponseHelper implements ResponseGenerator {
Account account = securiytGroupAccounts.get(securityGroup.getAccountId());
if (securityGroup.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
if (securityGroup.getAccountType() == Account.Type.PROJECT) {
response.setProjectId(securityGroup.getProjectUuid());
response.setProjectName(securityGroup.getProjectName());
} else {
@ -2626,7 +2626,7 @@ public class ApiResponseHelper implements ResponseGenerator {
private void populateOwner(ControlledEntityResponse response, ControlledEntity object) {
Account account = ApiDBUtils.findAccountById(object.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
// find the project
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
response.setProjectId(project.getUuid());
@ -2642,7 +2642,7 @@ public class ApiResponseHelper implements ResponseGenerator {
public static void populateOwner(ControlledViewEntityResponse response, ControlledViewEntity object) {
if (object.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
if (object.getAccountType() == Account.Type.PROJECT) {
response.setProjectId(object.getProjectUuid());
response.setProjectName(object.getProjectName());
} else {
@ -2657,7 +2657,7 @@ public class ApiResponseHelper implements ResponseGenerator {
Account account = ApiDBUtils.findAccountById(accountId);
if (account == null) {
s_logger.debug("Unable to find account with id: " + accountId);
} else if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
} else if (account.getType() == Account.Type.PROJECT) {
// find the project
Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
if (project != null) {
@ -3519,7 +3519,7 @@ public class ApiResponseHelper implements ResponseGenerator {
public UsageRecordResponse createUsageResponse(Usage usageRecord, Map<String, Set<ResourceTagResponse>> resourceTagResponseMap, boolean oldFormat) {
UsageRecordResponse usageRecResponse = new UsageRecordResponse();
Account account = ApiDBUtils.findAccountById(usageRecord.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
//find the project
Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
if (project != null) {

8
server/src/main/java/com/cloud/api/ApiServer.java
View File

@ -949,7 +949,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
user = userAcctPair.first();
final Account account = userAcctPair.second();
if (user.getState() != Account.State.enabled || !account.getState().equals(Account.State.enabled)) {
if (user.getState() != Account.State.ENABLED || !account.getState().equals(Account.State.ENABLED)) {
s_logger.info("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() +
"; accountState: " + account.getState());
return false;
@ -1123,7 +1123,7 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
session.setAttribute("domain_UUID", domain.getUuid());
}
session.setAttribute("type", Short.valueOf(account.getType()).toString());
session.setAttribute("type", account.getType().ordinal());
session.setAttribute("registrationtoken", userAcct.getRegistrationToken());
session.setAttribute("registered", Boolean.toString(userAcct.isRegistered()));
@ -1159,8 +1159,8 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
account = accountMgr.getAccount(user.getAccountId());
}
if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) ||
!account.getState().equals(Account.State.enabled)) {
if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.ENABLED) || (account == null) ||
!account.getState().equals(Account.State.ENABLED)) {
s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API");
return false;
}

2
server/src/main/java/com/cloud/api/auth/DefaultLoginAPIAuthenticatorCmd.java
View File

@ -98,7 +98,7 @@ public class DefaultLoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthe
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override

2
server/src/main/java/com/cloud/api/auth/DefaultLogoutAPIAuthenticatorCmd.java
View File

@ -52,7 +52,7 @@ public class DefaultLogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuth
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_TYPE_NORMAL;
return Account.Type.NORMAL.ordinal();
}
@Override

48
server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
View File

@ -524,7 +524,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
boolean listAll = true;
Long id = null;
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (caller.getType() == Account.Type.NORMAL) {
long currentId = CallContext.current().getCallingUser().getId();
if (id != null && currentId != id.longValue()) {
throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
@ -553,7 +553,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
boolean listAll = cmd.listAll();
Long id = cmd.getId();
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (caller.getType() == Account.Type.NORMAL) {
long currentId = CallContext.current().getCallingUser().getId();
if (id != null && currentId != id.longValue()) {
throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
@ -2223,7 +2223,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
}
_accountMgr.checkAccess(caller, domain);
} else {
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (caller.getType() != Account.Type.ADMIN) {
domainId = caller.getDomainId();
}
if (listAll) {
@ -2372,14 +2372,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
SearchCriteria<AccountJoinVO> sc = sb.create();
// don't return account of type project to the end user
sc.setParameters("typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("typeNEQ", Account.Type.PROJECT);
// don't return system account...
sc.setParameters("idNEQ", Account.ACCOUNT_ID_SYSTEM);
// do not return account of type domain admin to the end user
if (!callerIsAdmin) {
sc.setParameters("type2NEQ", Account.ACCOUNT_TYPE_DOMAIN_ADMIN);
sc.setParameters("type2NEQ", Account.Type.DOMAIN_ADMIN);
}
if (keyword != null) {
@ -2474,7 +2474,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
SearchCriteria<AsyncJobJoinVO> sc = sb.create();
if (listProjectResourcesCriteria != null) {
sc.setParameters("type", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("type", Account.Type.PROJECT);
}
if (!permittedAccounts.isEmpty()) {
@ -2927,9 +2927,9 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
// For non-root users, only return all offerings for the user's domain,
// and everything above till root
if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
if ((_accountMgr.isNormalUser(account.getId()) || _accountMgr.isDomainAdmin(account.getId())) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
if (isRecursive) { // domain + all sub-domains
if (account.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (account.getType() == Account.Type.NORMAL) {
throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list disk offerings with isrecursive=true");
}
}
@ -2985,7 +2985,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
// Filter offerings that are not associated with caller's domain
// Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
Account caller = CallContext.current().getCallingAccount();
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (caller.getType() != Account.Type.ADMIN) {
Domain callerDomain = _domainDao.findById(caller.getDomainId());
List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
@ -3151,13 +3151,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
}
// boolean includePublicOfferings = false;
if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
if ((_accountMgr.isNormalUser(caller.getId()) || _accountMgr.isDomainAdmin(caller.getId())) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
// For non-root users.
if (isSystem) {
throw new InvalidParameterValueException("Only root admins can access system's offering");
}
if (isRecursive) { // domain + all sub-domains
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (caller.getType() == Account.Type.NORMAL) {
throw new InvalidParameterValueException("Only ROOT admins and Domain admins can list service offerings with isrecursive=true");
}
}
@ -3242,7 +3242,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
// Filter offerings that are not associated with caller's domain
// Fetch the offering ids from the details table since theres no smart way to filter them in the join ... yet!
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (caller.getType() != Account.Type.ADMIN) {
Domain callerDomain = _domainDao.findById(caller.getDomainId());
List<Long> domainIds = findRelatedDomainIds(callerDomain, isRecursive);
@ -3303,7 +3303,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
ListResponse<ZoneResponse> response = new ListResponse<ZoneResponse>();
ResponseView respView = ResponseView.Restricted;
if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.ACCOUNT_TYPE_ADMIN) {
if (cmd instanceof ListZonesCmdByAdmin || CallContext.current().getCallingAccount().getType() == Account.Type.ADMIN) {
respView = ResponseView.Full;
}
@ -3418,7 +3418,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
}
} else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
} else if (_accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
// it was decided to return all zones for the domain admin, and
// everything above till root, as well as zones till the domain
// leaf
@ -3558,7 +3558,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
boolean listAll = false;
if (templateFilter != null && templateFilter == TemplateFilter.all) {
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (caller.getType() == Account.Type.NORMAL) {
throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
}
listAll = true;
@ -3627,14 +3627,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
ex.addProxyObject(template.getUuid(), "templateId");
throw ex;
}
if (!template.isPublicTemplate() && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (!template.isPublicTemplate() && caller.getType() == Account.Type.DOMAIN_ADMIN) {
Account template_acc = _accountMgr.getAccount(template.getAccountId());
DomainVO domain = _domainDao.findById(template_acc.getDomainId());
_accountMgr.checkAccess(caller, domain);
}
// if template is not public, perform permission check here
else if (!template.isPublicTemplate() && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
else if (!template.isPublicTemplate() && caller.getType() != Account.Type.ADMIN) {
_accountMgr.checkAccess(caller, null, false, template);
}
@ -3654,14 +3654,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
// add criteria for project or not
if (listProjectResourcesCriteria == ListProjectResourcesCriteria.SkipProjectResources) {
sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.ACCOUNT_TYPE_PROJECT);
sc.addAnd("accountType", SearchCriteria.Op.NEQ, Account.Type.PROJECT);
} else if (listProjectResourcesCriteria == ListProjectResourcesCriteria.ListProjectResourcesOnly) {
sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.ACCOUNT_TYPE_PROJECT);
sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.Type.PROJECT);
}
// add criteria for domain path in case of domain admin
if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable)
&& (caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
&& (caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%");
}
@ -3725,7 +3725,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
scc.addOr("accountId", SearchCriteria.Op.IN, permittedAccountIds.toArray());
}
sc.addAnd("publicTemplate", SearchCriteria.Op.SC, scc);
} else if (templateFilter == TemplateFilter.all && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (templateFilter == TemplateFilter.all && caller.getType() != Account.Type.ADMIN) {
SearchCriteria<TemplateJoinVO> scc = _templateJoinDao.createSearchCriteria();
scc.addOr("publicTemplate", SearchCriteria.Op.EQ, true);
@ -3900,7 +3900,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
boolean listAll = false;
if (isoFilter != null && isoFilter == TemplateFilter.all) {
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
if (caller.getType() == Account.Type.NORMAL) {
throw new InvalidParameterValueException("Filter " + TemplateFilter.all + " can be specified by admin only");
}
listAll = true;
@ -3941,7 +3941,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
default:
throw new CloudRuntimeException("Resource type not supported.");
}
if (CallContext.current().getCallingAccount().getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (CallContext.current().getCallingAccount().getType() != Account.Type.ADMIN) {
final List<String> userDenyListedSettings = Stream.of(QueryService.UserVMDeniedDetails.value().split(","))
.map(item -> (item).trim())
.collect(Collectors.toList());
@ -4111,7 +4111,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
ListProjectResourcesCriteria listProjectResourcesCriteria) {
if (listProjectResourcesCriteria != null) {
sc.setParameters("accountType", Account.ACCOUNT_TYPE_PROJECT);
sc.setParameters("accountType", Account.Type.PROJECT);
}
if (!permittedAccounts.isEmpty()) {

2
server/src/main/java/com/cloud/api/query/dao/AccountJoinDaoImpl.java
View File

@ -63,7 +63,7 @@ public class AccountJoinDaoImpl extends GenericDaoBase<AccountJoinVO, Long> impl
AccountResponse accountResponse = new AccountResponse();
accountResponse.setId(account.getUuid());
accountResponse.setName(account.getAccountName());
accountResponse.setAccountType(account.getType());
accountResponse.setAccountType(account.getType().ordinal());
accountResponse.setDomainId(account.getDomainUuid());
accountResponse.setDomainName(account.getDomainName());
StringBuilder domainPath = new StringBuilder("ROOT");

2
server/src/main/java/com/cloud/api/query/dao/DomainRouterJoinDaoImpl.java
View File

@ -105,7 +105,7 @@ public class DomainRouterJoinDaoImpl extends GenericDaoBase<DomainRouterJoinVO,
routerResponse.setHasAnnotation(annotationDao.hasAnnotations(router.getUuid(), AnnotationService.EntityType.VR.name(),
_accountMgr.isRootAdmin(CallContext.current().getCallingAccount().getId())));
if (caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN
if (caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN
|| _accountMgr.isRootAdmin(caller.getId())) {
if (router.getHostId() != null) {
routerResponse.setHostId(router.getHostUuid());

2
server/src/main/java/com/cloud/api/query/dao/ProjectAccountJoinDaoImpl.java
View File

@ -57,7 +57,7 @@ public class ProjectAccountJoinDaoImpl extends GenericDaoBase<ProjectAccountJoin
projectAccountResponse.setAccountName(proj.getAccountName());
projectAccountResponse.setUserId(proj.getUserUuid());
projectAccountResponse.setUsername(proj.getUsername());
projectAccountResponse.setAccountType(proj.getAccountType());
projectAccountResponse.setAccountType(proj.getAccountType().ordinal());
projectAccountResponse.setRole(proj.getAccountRole().toString());
projectAccountResponse.setDomainId(proj.getDomainUuid());
projectAccountResponse.setDomainName(proj.getDomainName());

2
server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
View File

@ -220,7 +220,7 @@ public class TemplateJoinDaoImpl extends GenericDaoBaseWithTagInformation<Templa
// If the user is an 'Admin' or 'the owner of template' or template belongs to a project, add the template download status
if (view == ResponseView.Full ||
template.getAccountId() == CallContext.current().getCallingAccount().getId() ||
template.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
template.getAccountType() == Account.Type.PROJECT) {
String templateStatus = getTemplateStatus(template);
if (templateStatus != null) {
templateResponse.setStatus(templateStatus);

10
server/src/main/java/com/cloud/api/query/dao/UserVmJoinDaoImpl.java
View File

@ -133,7 +133,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
userVmResponse.setDisplayName(userVm.getName());
}
if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
if (userVm.getAccountType() == Account.Type.PROJECT) {
userVmResponse.setProjectId(userVm.getProjectUuid());
userVmResponse.setProjectName(userVm.getProjectName());
} else {
@ -255,7 +255,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
resp.setName(userVm.getSecurityGroupName());
resp.setDescription(userVm.getSecurityGroupDescription());
resp.setObjectName("securitygroup");
if (userVm.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
if (userVm.getAccountType() == Account.Type.PROJECT) {
resp.setProjectId(userVm.getProjectUuid());
resp.setProjectName(userVm.getProjectName());
} else {
@ -364,14 +364,14 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
}
// Remove deny listed settings if user is not admin
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (caller.getType() != Account.Type.ADMIN) {
String[] userVmSettingsToHide = QueryService.UserVMDeniedDetails.value().split(",");
for (String key : userVmSettingsToHide) {
resourceDetails.remove(key.trim());
}
}
userVmResponse.setDetails(resourceDetails);
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (caller.getType() != Account.Type.ADMIN) {
userVmResponse.setReadOnlyDetails(QueryService.UserVMReadOnlyDetails.value());
}
}
@ -416,7 +416,7 @@ public class UserVmJoinDaoImpl extends GenericDaoBaseWithTagInformation<UserVmJo
resp.setName(uvo.getSecurityGroupName());
resp.setDescription(uvo.getSecurityGroupDescription());
resp.setObjectName("securitygroup");
if (uvo.getAccountType() == Account.ACCOUNT_TYPE_PROJECT) {
if (uvo.getAccountType() == Account.Type.PROJECT) {
resp.setProjectId(uvo.getProjectUuid());
resp.setProjectName(uvo.getProjectName());
} else {

6
server/src/main/java/com/cloud/api/query/vo/AccountJoinVO.java
View File

@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.user.Account;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
@ -46,7 +47,8 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
private String accountName = null;
@Column(name = "type")
private short type;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type type;
@Column(name = "role_id")
private Long roleId;
@ -204,7 +206,7 @@ public class AccountJoinVO extends BaseViewVO implements InternalIdentity, Ident
return accountName;
}
public short getType() {
public Account.Type getType() {
return type;
}

6
server/src/main/java/com/cloud/api/query/vo/AffinityGroupJoinVO.java
View File

@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.user.Account;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.affinity.AffinityGroup;
@ -58,7 +59,8 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -138,7 +140,7 @@ public class AffinityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/AsyncJobJoinVO.java
View File

@ -25,6 +25,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.user.Account;
import org.apache.cloudstack.api.ApiCommandJobType;
import org.apache.cloudstack.framework.jobs.AsyncJob;
@ -50,7 +51,8 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -130,7 +132,7 @@ public class AsyncJobJoinVO extends BaseViewVO implements ControlledViewEntity {
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

3
server/src/main/java/com/cloud/api/query/vo/ControlledViewEntity.java
View File

@ -16,6 +16,7 @@
// under the License.
package com.cloud.api.query.vo;
import com.cloud.user.Account;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
@ -29,7 +30,7 @@ public interface ControlledViewEntity extends ControlledEntity, InternalIdentity
public String getDomainPath();
public short getAccountType();
public Account.Type getAccountType();
public String getAccountUuid();

6
server/src/main/java/com/cloud/api/query/vo/DomainRouterJoinVO.java
View File

@ -31,6 +31,7 @@ import com.cloud.network.Network.GuestType;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.router.VirtualRouter;
import com.cloud.network.router.VirtualRouter.RedundantState;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
import com.cloud.vm.VirtualMachine;
import com.cloud.vm.VirtualMachine.State;
@ -56,7 +57,8 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -282,7 +284,7 @@ public class DomainRouterJoinVO extends BaseViewVO implements ControlledViewEnti
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/EventJoinVO.java
View File

@ -27,6 +27,7 @@ import javax.persistence.Table;
import com.cloud.event.Event;
import com.cloud.event.Event.State;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
@Entity
@ -81,7 +82,8 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -139,7 +141,7 @@ public class EventJoinVO extends BaseViewVO implements ControlledViewEntity {
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

8
server/src/main/java/com/cloud/api/query/vo/InstanceGroupJoinVO.java
View File

@ -20,9 +20,12 @@ import java.util.Date;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
import com.cloud.vm.InstanceGroup;
@ -56,7 +59,8 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -108,7 +112,7 @@ public class InstanceGroupJoinVO extends BaseViewVO implements ControlledViewEnt
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/ProjectAccountJoinVO.java
View File

@ -23,6 +23,7 @@ import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.user.Account;
import org.apache.cloudstack.api.InternalIdentity;
import com.cloud.projects.ProjectAccount.Role;
@ -45,7 +46,8 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
private String accountName;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "account_role")
@Enumerated(value = EnumType.STRING)
@ -123,7 +125,7 @@ public class ProjectAccountJoinVO extends BaseViewVO implements InternalIdentity
return accountName;
}
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/ProjectInvitationJoinVO.java
View File

@ -27,6 +27,7 @@ import javax.persistence.Table;
import com.cloud.projects.ProjectInvitation;
import com.cloud.projects.ProjectInvitation.State;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
@Entity
@ -60,7 +61,8 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
private String accountName;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -156,7 +158,7 @@ public class ProjectInvitationJoinVO extends BaseViewVO implements ControlledVie
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/ResourceTagJoinVO.java
View File

@ -25,6 +25,7 @@ import javax.persistence.Table;
import com.cloud.server.ResourceTag;
import com.cloud.server.ResourceTag.ResourceObjectType;
import com.cloud.user.Account;
@Entity
@Table(name = "resource_tag_view")
@ -66,7 +67,8 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -118,7 +120,7 @@ public class ResourceTagJoinVO extends BaseViewVO implements ControlledViewEntit
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/SecurityGroupJoinVO.java
View File

@ -26,6 +26,7 @@ import javax.persistence.Table;
import com.cloud.network.security.SecurityGroup;
import com.cloud.network.security.SecurityRule.SecurityRuleType;
import com.cloud.server.ResourceTag.ResourceObjectType;
import com.cloud.user.Account;
@Entity
@Table(name = "security_group_view")
@ -54,7 +55,8 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -174,7 +176,7 @@ public class SecurityGroupJoinVO extends BaseViewVO implements ControlledViewEnt
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/TemplateJoinVO.java
View File

@ -26,6 +26,7 @@ import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import com.cloud.user.Account;
import org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
@ -144,7 +145,8 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -270,7 +272,7 @@ public class TemplateJoinVO extends BaseViewWithTagInformationVO implements Cont
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/UserAccountJoinVO.java
View File

@ -16,6 +16,7 @@
// under the License.
package com.cloud.api.query.vo;
import com.cloud.user.Account;
import com.cloud.user.User;
import com.cloud.user.UserAccount;
import com.cloud.utils.db.Encrypt;
@ -95,7 +96,8 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "account_role_id")
private Long accountRoleId;
@ -153,7 +155,7 @@ public class UserAccountJoinVO extends BaseViewVO implements InternalIdentity, I
return accountName;
}
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/UserVmJoinVO.java
View File

@ -34,6 +34,7 @@ import com.cloud.network.Network.GuestType;
import com.cloud.network.Networks.TrafficType;
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
import com.cloud.vm.VirtualMachine;
import com.cloud.vm.VirtualMachine.State;
@ -66,7 +67,8 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -445,7 +447,7 @@ public class UserVmJoinVO extends BaseViewWithTagInformationVO implements Contro
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

6
server/src/main/java/com/cloud/api/query/vo/VolumeJoinVO.java
View File

@ -30,6 +30,7 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.storage.Storage;
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
import com.cloud.vm.VirtualMachine;
@ -87,7 +88,8 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
private String accountName = null;
@Column(name = "account_type")
private short accountType;
@Enumerated(value = EnumType.ORDINAL)
private Account.Type accountType;
@Column(name = "domain_id")
private long domainId;
@ -342,7 +344,7 @@ public class VolumeJoinVO extends BaseViewWithTagInformationVO implements Contro
}
@Override
public short getAccountType() {
public Account.Type getAccountType() {
return accountType;
}

28
server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
View File

@ -2912,7 +2912,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
}
final Account account = _accountDao.findById(user.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
if (filteredDomainIds.isEmpty()) {
throw new InvalidParameterValueException(String.format("Unable to create public service offering by admin: %s because it is domain-admin", user.getUuid()));
}
@ -2924,7 +2924,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException(String.format("Unable to create service offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
}
}
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to create service offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
}
@ -3208,7 +3208,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
}
Collections.sort(filteredZoneIds);
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
throw new InvalidParameterValueException(String.format("Unable to update zone(s) for service offering: %s by admin: %s as it is domain-admin", offeringHandle.getUuid(), user.getUuid()));
}
@ -3235,7 +3235,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
}
}
filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to update service offering: %s by id user: %s because it is not root-admin or domain-admin", offeringHandle.getUuid(), user.getUuid()));
}
@ -3375,7 +3375,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
}
final Account account = _accountDao.findById(user.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
if (filteredDomainIds.isEmpty()) {
throw new InvalidParameterValueException(String.format("Unable to create public disk offering by admin: %s because it is domain-admin", user.getUuid()));
}
@ -3387,7 +3387,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException(String.format("Unable to create disk offering by another domain-admin: %s for domain: %s", user.getUuid(), _entityMgr.findById(Domain.class, domainId).getUuid()));
}
}
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to create disk offering by user: %s because it is not root-admin or domain-admin", user.getUuid()));
}
@ -3663,7 +3663,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
}
Collections.sort(filteredZoneIds);
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
if (!filteredZoneIds.equals(existingZoneIds)) { // Domain-admins cannot update zone(s) for offerings
throw new InvalidParameterValueException(String.format("Unable to update zone(s) for disk offering: %s by admin: %s as it is domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
}
@ -3690,7 +3690,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
}
}
filteredDomainIds.addAll(nonChildDomains); // Final list must include domains which were not child domain for domain-admin but specified for this offering prior to update
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to update disk offering: %s by id user: %s because it is not root-admin or domain-admin", diskOfferingHandle.getUuid(), user.getUuid()));
}
@ -3867,7 +3867,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
}
final Account account = _accountDao.findById(user.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
List<Long> existingDomainIds = diskOfferingDetailsDao.findDomainIds(diskOfferingId);
if (existingDomainIds.isEmpty()) {
throw new InvalidParameterValueException(String.format("Unable to delete public disk offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
@ -3877,7 +3877,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
}
}
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to delete disk offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
}
@ -3941,7 +3941,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException("Unable to find active user by id " + userId);
}
final Account account = _accountDao.findById(user.getAccountId());
if (account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) {
if (account.getType() == Account.Type.DOMAIN_ADMIN) {
List<Long> existingDomainIds = _serviceOfferingDetailsDao.findDomainIds(offeringId);
if (existingDomainIds.isEmpty()) {
throw new InvalidParameterValueException(String.format("Unable to delete public service offering: %s by admin: %s because it is domain-admin", offering.getUuid(), user.getUuid()));
@ -3951,7 +3951,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s as it has linked domain(s) which are not child domain for domain-admin: %s", offering.getUuid(), user.getUuid()));
}
}
} else if (account.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (account.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException(String.format("Unable to delete service offering: %s by user: %s because it is not root-admin or domain-admin", offering.getUuid(), user.getUuid()));
}
@ -6466,7 +6466,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
final List<NetworkOfferingJoinVO> offerings = networkOfferingJoinDao.search(sc, searchFilter);
// Remove offerings that are not associated with caller's domain or domainId passed
if ((caller.getType() != Account.ACCOUNT_TYPE_ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
if ((caller.getType() != Account.Type.ADMIN || domainId != null) && CollectionUtils.isNotEmpty(offerings)) {
ListIterator<NetworkOfferingJoinVO> it = offerings.listIterator();
while (it.hasNext()) {
NetworkOfferingJoinVO offering = it.next();
@ -6475,7 +6475,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
String[] domainIdsArray = offering.getDomainId().split(",");
for (String domainIdString : domainIdsArray) {
Long dId = Long.valueOf(domainIdString.trim());
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN &&
if (caller.getType() != Account.Type.ADMIN &&
!_domainDao.isChildDomain(dId, caller.getDomainId())) {
toRemove = true;
break;

2
server/src/main/java/com/cloud/network/NetworkModelImpl.java
View File

@ -1664,7 +1664,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi
if (networkOwner == null)
throw new PermissionDeniedException("Unable to use network with id= " + ((NetworkVO)network).getUuid() +
", network does not have an owner");
if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (owner.getType() != Account.Type.PROJECT && networkOwner.getType() == Account.Type.PROJECT) {
User user = CallContext.current().getCallingUser();
Project project = projectDao.findByProjectAccountId(network.getAccountId());
if (project == null) {

10
server/src/main/java/com/cloud/network/NetworkServiceImpl.java
View File

@ -1864,9 +1864,9 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
}
if (skipProjectNetworks) {
sc.setJoinParameters("accountSearch", "typeNEQ", Account.ACCOUNT_TYPE_PROJECT);
sc.setJoinParameters("accountSearch", "typeNEQ", Account.Type.PROJECT);
} else {
sc.setJoinParameters("accountSearch", "typeEQ", Account.ACCOUNT_TYPE_PROJECT);
sc.setJoinParameters("accountSearch", "typeEQ", Account.Type.PROJECT);
}
if (restartRequired != null) {
@ -4659,7 +4659,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
Long networkId = cmd.getNetworkId();
UserVmVO userVm = _userVmDao.findById(vmId);
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
}
@ -4675,7 +4675,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
String keyword = cmd.getKeyword();
UserVmVO userVm = _userVmDao.findById(vmId);
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.ACCOUNT_TYPE_NORMAL)) {
if (userVm == null || (!userVm.isDisplayVm() && caller.getType() == Account.Type.NORMAL)) {
throwInvalidIdException("Virtual machine id does not exist", Long.valueOf(vmId).toString(), "vmId");
}
@ -4704,7 +4704,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
// verify permissions
if (ipVO.getAllocatedToAccountId() != null) {
_accountMgr.checkAccess(caller, null, true, ipVO);
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (caller.getType() != Account.Type.ADMIN) {
throw new PermissionDeniedException("Only Root admin can update non-allocated ip addresses");
}

2
server/src/main/java/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -802,7 +802,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
throw new InvalidParameterValueException("Unable to find " + ruleId + " having purpose " + Purpose.Firewall);
}
if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (rule.getType() == FirewallRuleType.System && caller.getType() != Account.Type.ADMIN) {
throw new InvalidParameterValueException("Only root admin can update the system wide firewall rule");
}

2
server/src/main/java/com/cloud/network/vpc/VpcManagerImpl.java
View File

@ -708,7 +708,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
// Remove offerings that are not associated with caller's domain
// TODO: Better approach
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && CollectionUtils.isNotEmpty(offerings)) {
if (caller.getType() != Account.Type.ADMIN && CollectionUtils.isNotEmpty(offerings)) {
ListIterator<VpcOfferingJoinVO> it = offerings.listIterator();
while (it.hasNext()) {
VpcOfferingJoinVO offering = it.next();

2
server/src/main/java/com/cloud/projects/ProjectManagerImpl.java
View File

@ -267,7 +267,7 @@ public class ProjectManagerImpl extends ManagerBase implements ProjectManager, C
StringBuilder acctNm = new StringBuilder("PrjAcct-");
acctNm.append(name).append("-").append(ownerFinal.getDomainId());
Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.ACCOUNT_TYPE_PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
Account projectAccount = _accountMgr.createAccount(acctNm.toString(), Account.Type.PROJECT, null, domainId, null, null, UUID.randomUUID().toString());
Project project = _projectDao.persist(new ProjectVO(name, displayText, ownerFinal.getDomainId(), projectAccount.getId()));

12
server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
View File

@ -308,7 +308,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
} else {
// If the account has an no limit set, then return global default account limits
Long value = null;
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
value = projectResourceLimitMap.get(type);
} else {
value = accountResourceLimitMap.get(type);
@ -349,7 +349,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
} else {
// If the account has an no limit set, then return global default account limits
Long value = null;
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
value = projectResourceLimitMap.get(type);
} else {
value = accountResourceLimitMap.get(type);
@ -516,7 +516,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
return;
}
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
project = _projectDao.findByProjectAccountId(account.getId());
}
@ -713,12 +713,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
throw new InvalidParameterValueException("Only " + Resource.RESOURCE_UNLIMITED + " limit is supported for Root Admin accounts");
}
if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN)) {
if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
// If the admin is trying to update their own account, disallow.
throw new PermissionDeniedException("Unable to update resource limit for their own account " + accountId + ", permission denied");
}
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
if (account.getType() == Account.Type.PROJECT) {
_accountMgr.checkAccess(caller, AccessType.ModifyProject, true, account);
} else {
_accountMgr.checkAccess(caller, null, true, account);
@ -736,7 +736,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
throw new PermissionDeniedException("Cannot update resource limit for ROOT domain " + domainId + ", permission denied");
}
if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) {
if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
// if the admin is trying to update their own domain, disallow...
throw new PermissionDeniedException("Unable to update resource limit for domain " + domainId + ", permission denied");
}

Some files were not shown because too many files have changed in this diff Show More