apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-12-17 02:53:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,316 Commits 317 Branches 325 Tags
Commit Graph

41 Commits

Author SHA1 Message Date
Prachi Damle
b7c3411be9 Fixing the issues in loading the beans 2013-12-26 15:17:10 -08:00
Prachi Damle
ce774e184e Fixing the management server startup 2013-12-18 14:14:55 -08:00
Prachi Damle
d2c74bcf14 Changes to RoleBasedEntityAccessChecker to replace Role by Policy 2013-12-12 16:30:56 -08:00
Prachi Damle
1a985227b5 Changes to SecurityChecker 2013-12-12 16:30:53 -08:00
Min Chen
a416f6c3c3 Fix API build error based on new DB schema, now only 
RoleBasedEntityAccessChecker needs to be fixed.
 2013-12-06 15:09:00 -08:00
Min Chen
f3ef86d296 Add QueryChecker adapter implementation skeleton. 2013-11-22 16:37:14 -08:00
Min Chen
168be3e1de Forgot to check in two newly added files due to Spring modularization. 2013-10-31 17:24:51 -07:00
Min Chen
2ef4d5200c Merge branch 'master' into rbac. 2013-10-31 17:16:33 -07:00
Darren Shepherd
9f7b4884a7 Make commands.properties optional for non-ACS code 
Currently any new API extension to CloudStack must edit
commands.properties to add the appropriate ACLs.  This generally works
fine for ACS as we control the contents of that file and distribute
all the code ourself.  The hang up comes when somebody develops code
outside of ACS and want to add their code to an existing ACS
installation.  The Spring work that has been done has made this much
easier, but you are still required to manually edit
commands.properties.  This change introduces the following logic.

First check commands.properties for ACL info.  If ACL info exists, use
that to authorize the command.  If no ACL information exists (ie
null), then look at the @APICommand annotation.  The defaults of
@APICommand will provide no ACL info.  If the @APICommand annotation
provides no ACL info, use that.
 2013-10-25 16:31:55 -07:00
Darren Shepherd
891b85d516 Add missing licenses 2013-10-23 15:20:08 -07:00
Prachi Damle
ec4fa61ae3 Tested ACL for StartVmCmd using the new RoleBasedEntityAccessChecker 2013-10-10 00:46:06 -07:00
Prachi Damle
7d1ba6505d RoleBasedEntityAccessChecker logic now performs checkAccess for VM entity 2013-10-10 00:43:59 -07:00
Prachi Damle
0b1aaf514f More logic to Role based checker 2013-10-10 00:43:56 -07:00
Prachi Damle
7ebb972885 SecurityChecker checking against the acl_entity_permission table 2013-10-10 00:41:11 -07:00
Prachi Damle
579806440b Add permission flag to acl_entity_permission 2013-10-07 14:30:15 -07:00
Prachi Damle
385dfc230f Schema and VO/Dao for Role Permission 2013-10-07 12:33:28 -07:00
Prachi Damle
2bbe6f5937 APIChecker helper methods implemented 2013-10-07 12:33:24 -07:00
Darren Shepherd
67186429e1 Spring Modularization 
ACS is now comprised of a hierarchy of spring application contexts.
Each plugin can contribute configuration files to add to an existing
module or create it's own module.

Additionally, for the mgmt server, ACS custom AOP is no longer used
and instead we use Spring AOP to manage interceptors.
 2013-10-02 15:41:04 -07:00
Prachi Damle
8c15e61653 Created plugin for RoleBased Checkers 2013-10-01 18:16:06 -07:00
Darren Shepherd
efbfae723e Switch to setter injection for extensibility 
Various classes are using member injection to inject extensible objects.
Really those object should come from an AdapterList that is injected in.
This patch switches the code to use setter injection that will later allow
spring to inject an AdapterList or something similar to allow
extensibility.
 2013-09-30 09:45:07 -07:00
Chip Childers
8225374138 Updating pom.xml version numbers for release 4.3.0-SNAPSHOT 
Signed-off-by: Chip Childers <chipchilders@apache.org>
 2013-08-01 10:35:00 -04:00
Rohit Yadav
80d58b6c73 CLOUDSTACK-1317: Bump CloudStack package version to 4.2.0-SNAPSHOT in all poms 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-02-20 16:42:56 +05:30
Alex Huang
10d9c019a9 All merge conflicts resolved 2013-01-18 12:14:57 -08:00
Kelven Yang
2be270de89 Separate loadable components like Gurus, Elements, Adapters to componentContext.xml 2013-01-16 16:33:59 -08:00
Rohit Yadav
3ec985f46f StaticRoleBased: commands.properties is actually cfg for this plugin 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-14 19:01:26 -08:00
Rohit Yadav
896e505da6 APIChecker: Make interface generic, pass user and not just role 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-14 15:08:45 -08:00
Rohit Yadav
38eaa04b98 Pull changes from master into javelin 
- Disables simulator plugin, breaks build, available via simulator profile
- Fixes spring injections
- Fix api,acl plugins, ApiServer, ApiDispatcher
- Fix other merge conflicts

Conflicts:
	docs/en-US/external-firewalls-and-load-balancers.xml
	plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
	server/src/com/cloud/api/ApiDispatcher.java
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
	utils/test/com/cloud/utils/log/CglibThrowableRendererTest.java

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-12 06:02:54 -08:00
Rohit Yadav
ad063ed610 StaticRoleBasedAPIAccessChecker: Throw exception on failed check 
Plugin should not be responsible for existence of checking an API, this was wrong.
Throw exception boldly when checkAccess fails.

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-11 19:24:11 -08:00
Rohit Yadav
4c80684b1f StaticRoleBasedAPIAccessChecker: Fix acl cfg processing error messages 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-11 18:44:20 -08:00
Rohit Yadav
74bb043c37 APIChecker: Rename refactor and add interface checkExistence 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-10 18:51:30 -08:00
Rohit Yadav
18bdc58ceb APIAccessChecker: Refactor and simply plugin implementation using better data structures 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-10 17:21:58 -08:00
Alex Huang
757e1a931b cleanup warnings in utils 2013-01-10 17:19:30 -08:00
Alex Huang
1294cdc701 pulled from master 2013-01-10 16:01:01 -08:00
Alex Huang
d6f44a4d6a merged from master 2013-01-10 15:55:42 -08:00
Rohit Yadav
345c179e77 plugins: Check access based on roleType, remove unnecessary properties.in file 
- Fix StaticRoleBasedAPIAccessChecker to check api access based on roletype
- Remove properties file which is not needed now for api discovery plugin

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-10 15:55:02 -08:00
Rohit Yadav
62a42723f9 APIAccessChecker: Make it check based on role type and not user 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-10 11:49:15 -08:00
Alex Huang
f40e7b7511 removed componentlocator and inject 2013-01-10 11:05:20 -08:00
Alex Huang
14bd345f1f merge compiles 2013-01-09 04:41:27 -08:00
Rohit Yadav
ed0637b8c2 api: Refactor move acl to org.apache.cloudstack 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-06 15:30:58 -08:00
Rohit Yadav
c5b51b7c39 plugin: Remove memory mapping of apiname and class name in StaticRoleBasedAPIAccessChecker 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-02 18:43:59 -08:00
Rohit Yadav
bc8e0af0a3 plugin: ACL Static Role Based api access checker 
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 2013-01-02 17:06:19 -08:00