plugin: ACL Static Role Based api access checker

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>

client/pom.xml

@@ -25,6 +25,11 @@
       <artifactId>cloud-server</artifactId>
       <version>${project.version}</version>
     </dependency>
+    <dependency>
+      <groupId>org.apache.cloudstack</groupId>
+      <artifactId>cloud-plugin-acl-static-role-based</artifactId>
+      <version>${project.version}</version>
+    </dependency>
     <dependency>
       <groupId>org.apache.cloudstack</groupId>
       <artifactId>cloud-plugin-user-authenticator-ldap</artifactId>

client/tomcatconf/components.xml.in

@@ -54,7 +54,7 @@ under the License.
              <param name="premium">true</param>
         </dao>
         <adapters key="com.cloud.acl.APIAccessChecker">
-            <adapter name="StaticRoleBasedAPIAccessChecker" class="com.cloud.acl.StaticRoleBasedAPIAccessChecker"/>
+            <adapter name="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
         </adapters>
         <adapters key="com.cloud.agent.manager.allocator.HostAllocator">
             <adapter name="FirstFitRouting" class="com.cloud.agent.manager.allocator.impl.FirstFitRoutingAllocator"/>

plugins/acl/static-role-based/pom.xml

@@ -0,0 +1,32 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+  http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>cloud-plugin-acl-static-role-based</artifactId>
+  <name>Apache CloudStack Plugin - ACL Static Role Based</name>
+  <parent>
+    <groupId>org.apache.cloudstack</groupId>
+    <artifactId>cloudstack-plugins</artifactId>
+    <version>4.1.0-SNAPSHOT</version>
+    <relativePath>../../pom.xml</relativePath>
+  </parent>
+</project>

plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java

@@ -14,7 +14,7 @@
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
-package com.cloud.acl;
+package org.apache.cloudstack.acl;
 
 import java.io.File;
 import java.io.FileInputStream;
@@ -26,6 +26,7 @@ import java.util.*;
 import javax.ejb.Local;
 import javax.naming.ConfigurationException;
 
+import com.cloud.acl.APIAccessChecker;
 import org.apache.log4j.Logger;
 
 import com.cloud.exception.PermissionDeniedException;
@@ -129,11 +130,11 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
     }
 
     private void processConfigFiles(List<String> configFiles) {
-        try {
         if (_apiCommands == null)
             _apiCommands = new Properties();
 
         Properties preProcessedCommands = new Properties();
+
         for (String configFile : configFiles) {
             File commandsFile = PropertiesUtil.findConfigFile(configFile);
             if (commandsFile != null) {
@@ -143,13 +144,20 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
                     // in case of a file within a jar in classpath, try to open stream using url
                     InputStream stream = PropertiesUtil.openStreamFromURL(configFile);
                     if (stream != null) {
+                        try {
                             preProcessedCommands.load(stream);
+                        } catch (IOException e) {
+                            s_logger.error("IO Exception, unable to find properties file:", fnfex);
+                        }
                     } else {
                         s_logger.error("Unable to find properites file", fnfex);
                     }
+                } catch (IOException ioe) {
+                    s_logger.error("IO Exception loading properties file", ioe);
                 }
             }
         }
+
         for (Object key : preProcessedCommands.keySet()) {
             String preProcessedCommand = preProcessedCommands.getProperty((String) key);
             String[] commandParts = preProcessedCommand.split(";");
@@ -179,10 +187,6 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIA
                 }
             }
         }
-        } catch (FileNotFoundException fnfex) {
-            s_logger.error("Unable to find properties file", fnfex);
-        } catch (IOException ioex) {
-            s_logger.error("IO Exception loading properties file", ioex);
-        }
     }
+
 }

plugins/pom.xml

@@ -32,6 +32,7 @@
     <testSourceDirectory>test</testSourceDirectory>
   </build>
   <modules>
+    <module>acl/static-role-based</module>
     <module>deployment-planners/user-concentrated-pod</module>
     <module>deployment-planners/user-dispersing</module>
     <module>host-allocators/random</module>