apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-04 00:02:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-8537 refactor registerSSHKeyPair() for legibility and testability reasons

Browse Source 
Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>
This commit is contained in:
Daan Hoogland 2015-06-09 23:57:00 +02:00
parent 9f02531212
commit 968e71ad0e
1 changed files with 81 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -947,7 +947,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean archiveEvents(ArchiveEventsCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@ -974,7 +974,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteEvents(DeleteEventsCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
List<Long> ids = cmd.getIds();
boolean result = true;
List<Long> permittedAccountIds = new ArrayList<Long>();
@ -1098,8 +1098,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Ternary<Pair<List<? extends Host>, Integer>, List<? extends Host>, Map<Host, Boolean>> listHostsForMigrationOfVM(Long vmId, Long startIndex, Long pageSize) {
// access check - only root admin can migrate VM
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the VM");
@ -1276,8 +1275,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public Pair<List<? extends StoragePool>, List<? extends StoragePool>> listStoragePoolsForMigrationOfVolume(Long volumeId) {
// Access check - only root administrator can migrate volumes.
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
if (!_accountMgr.isRootAdmin(caller.getId())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Caller is not a root admin, permission denied to migrate the volume");
@ -1766,7 +1764,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
List<Long> permittedAccounts = new ArrayList<Long>();
ListProjectResourcesCriteria listProjectResourcesCriteria = null;
if (isAllocated) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
cmd.getDomainId(), cmd.isRecursive(), null);
@ -2259,8 +2257,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
throw new InvalidParameterValueException("ROOT domain can not be edited with a new name");
}
// check permissions
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
_accountMgr.checkAccess(caller, domain);
// domain name is unique under the parent domain
@ -3311,7 +3308,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public ArrayList<String> getCloudIdentifierResponse(long userId) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
// verify that user exists
User user = _accountMgr.getUserIncludingRemoved(userId);
@ -3351,7 +3348,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
public Map<String, Object> listCapabilities(ListCapabilitiesCmd cmd) {
Map<String, Object> capabilities = new HashMap<String, Object>();
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
boolean securityGroupsEnabled = false;
boolean elasticLoadBalancerEnabled = false;
boolean KVMSnapshotEnabled = false;
@ -3417,7 +3414,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public InstanceGroupVO updateVmGroup(UpdateVMGroupCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
Long groupId = cmd.getId();
String groupName = cmd.getGroupName();
@ -3535,7 +3532,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@ -3559,7 +3556,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public boolean deleteSSHKeyPair(DeleteSSHKeyPairCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Long projectId = cmd.getProjectId();
@ -3587,7 +3584,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
String name = cmd.getName();
String fingerPrint = cmd.getFingerprint();
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
List<Long> permittedAccounts = new ArrayList<Long>();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
@ -3619,35 +3616,87 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
@ActionEvent(eventType = EventTypes.EVENT_REGISTER_SSH_KEYPAIR, eventDescription = "registering ssh keypair", async = true)
public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
}
existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
}
Account owner = getOwner(cmd);
checkForKeyByName(cmd, owner);
checkForKeyByPublicKey(cmd, owner);
String name = cmd.getName();
String key = cmd.getPublicKey();
try {
key = URLDecoder.decode(key, "UTF-8");
} catch (UnsupportedEncodingException e) {
s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
}
String publicKey = getPublicKeyFromKeyKeyMaterial(key);
String fingerprint = getFingerprint(publicKey);
return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
}
/**
* @param cmd
* @param owner
* @throws InvalidParameterValueException
*/
private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
SSHKeyPairVO existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(), cmd.getPublicKey());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey() + "' already exists for this account.");
}
}
/**
* @param cmd
* @param owner
* @throws InvalidParameterValueException
*/
private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException {
SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(), cmd.getName());
if (existingPair != null) {
throw new InvalidParameterValueException("A key pair with name '" + cmd.getName() + "' already exists for this account.");
}
}
/**
* @param publicKey
* @return
*/
private String getFingerprint(String publicKey) {
String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
return fingerprint;
}
/**
* @param key
* @return
* @throws InvalidParameterValueException
*/
private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParameterValueException {
String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(key);
if (publicKey == null) {
throw new InvalidParameterValueException("Public key is invalid");
}
return publicKey;
}
String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
/**
* @param cmd
* @return
*/
private Account getOwner(RegisterSSHKeyPairCmd cmd) {
Account caller = getCaller();
return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(), cmd.getProjectId());
return owner;
}
/**
* @return
*/
private Account getCaller() {
Account caller = CallContext.current().getCallingAccount();
return caller;
}
private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, String publicKey, String privateKey, Account owner) {
@ -3667,7 +3716,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public String getVMPassword(GetVMPasswordCmd cmd) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
UserVmVO vm = _userVmDao.findById(cmd.getId());
if (vm == null) {
@ -3843,7 +3892,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
}
private VirtualMachine upgradeStoppedSystemVm(Long systemVmId, Long serviceOfferingId, Map<String, String> customparameters) {
Account caller = CallContext.current().getCallingAccount();
Account caller = getCaller();
VMInstanceVO systemVm = _vmInstanceDao.findByIdTypes(systemVmId, VirtualMachine.Type.ConsoleProxy, VirtualMachine.Type.SecondaryStorageVm);
if (systemVm == null) {