cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From weiz...@apache.org
Subject [1/3] git commit: updated refs/heads/4.2 to 4b8d636
Date Wed, 30 Oct 2013 14:25:33 GMT
Updated Branches:
  refs/heads/4.2 d5cca46ae -> 4b8d636ce


CLOUDSTACK-4830: allow create account and user by domain admin


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/0d12e3eb
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/0d12e3eb
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/0d12e3eb

Branch: refs/heads/4.2
Commit: 0d12e3eb9d4fb0166fc553da7366f4da786daa14
Parents: d5cca46
Author: Wei Zhou <w.zhou@leaseweb.com>
Authored: Wed Oct 30 15:11:59 2013 +0100
Committer: Wei Zhou <w.zhou@leaseweb.com>
Committed: Wed Oct 30 15:11:59 2013 +0100

----------------------------------------------------------------------
 client/tomcatconf/commands.properties.in        | 10 ++++-----
 server/src/com/cloud/api/ApiDBUtils.java        | 10 ++++++++-
 .../com/cloud/api/query/QueryManagerImpl.java   |  4 ++--
 .../com/cloud/api/query/ViewResponseHelper.java |  6 +++++-
 ui/scripts/accounts.js                          | 22 ++++++++++++++++++--
 ui/scripts/sharedFunctions.js                   |  2 +-
 6 files changed, 42 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/client/tomcatconf/commands.properties.in
----------------------------------------------------------------------
diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in
index 66223f5..a490680 100644
--- a/client/tomcatconf/commands.properties.in
+++ b/client/tomcatconf/commands.properties.in
@@ -19,9 +19,9 @@
 ### Please standardize naming conventions to camel-case (even for acronyms).
 
 ### Account commands
-createAccount=3
-deleteAccount=3
-updateAccount=3
+createAccount=7
+deleteAccount=7
+updateAccount=7
 disableAccount=7
 enableAccount=7
 lockAccount=7
@@ -29,8 +29,8 @@ listAccounts=15
 markDefaultZoneForAccount=1
 
 #### User commands
-createUser=3
-deleteUser=3
+createUser=7
+deleteUser=7
 updateUser=15
 listUsers=7
 lockUser=7

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/server/src/com/cloud/api/ApiDBUtils.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiDBUtils.java b/server/src/com/cloud/api/ApiDBUtils.java
index 2263c4d..70fa744 100755
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@ -1473,7 +1473,15 @@ public class ApiDBUtils {
     }
 
     public static UserResponse newUserResponse(UserAccountJoinVO usr) {
-        return _userAccountJoinDao.newUserResponse(usr);
+        return newUserResponse(usr, null);
+    }
+    public static UserResponse newUserResponse(UserAccountJoinVO usr, Long domainId) {
+        UserResponse response = _userAccountJoinDao.newUserResponse(usr);
+        if (domainId != null && usr.getDomainId() != domainId)
+            response.setIsCallerChildDomain(true);
+        else
+            response.setIsCallerChildDomain(false);
+        return response;
     }
 
     public static UserAccountJoinVO newUserView(User usr){

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/server/src/com/cloud/api/query/QueryManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index 305c065..66104b6 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -336,8 +336,8 @@ public class QueryManagerImpl extends ManagerBase implements QueryService
{
     public ListResponse<UserResponse> searchForUsers(ListUsersCmd cmd) throws PermissionDeniedException
{
         Pair<List<UserAccountJoinVO>, Integer> result = searchForUsersInternal(cmd);
         ListResponse<UserResponse> response = new ListResponse<UserResponse>();
-        List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(result.first().toArray(
-                new UserAccountJoinVO[result.first().size()]));
+        List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(UserContext.current().getCaller().getDomainId(),

+                result.first().toArray(new UserAccountJoinVO[result.first().size()]));
         response.setResponses(userResponses, result.second());
         return response;
     }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/server/src/com/cloud/api/query/ViewResponseHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/query/ViewResponseHelper.java b/server/src/com/cloud/api/query/ViewResponseHelper.java
index 1418795..f2901e1 100644
--- a/server/src/com/cloud/api/query/ViewResponseHelper.java
+++ b/server/src/com/cloud/api/query/ViewResponseHelper.java
@@ -81,9 +81,13 @@ public class ViewResponseHelper {
     public static final Logger s_logger = Logger.getLogger(ViewResponseHelper.class);
 
     public static List<UserResponse> createUserResponse(UserAccountJoinVO... users)
{
+        return createUserResponse(null, users);
+    }
+
+    public static List<UserResponse> createUserResponse(Long domainId, UserAccountJoinVO...
users) {
         List<UserResponse> respList = new ArrayList<UserResponse>();
         for (UserAccountJoinVO vt : users){
-            respList.add(ApiDBUtils.newUserResponse(vt));
+            respList.add(ApiDBUtils.newUserResponse(vt, domainId));
         }
         return respList;
     }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/ui/scripts/accounts.js
----------------------------------------------------------------------
diff --git a/ui/scripts/accounts.js b/ui/scripts/accounts.js
index 9ba3ebf..343557c 100644
--- a/ui/scripts/accounts.js
+++ b/ui/scripts/accounts.js
@@ -66,7 +66,7 @@
                         add: {
                             label: 'label.add.account',
                             preFilter: function(args) {
-                                if (isAdmin())
+                                if (isAdmin() || isDomainAdmin())
                                     return true;
                                 else
                                     return false;
@@ -1103,7 +1103,7 @@
                             label: 'label.add.user',
 
                             preFilter: function(args) {
-                                if (isAdmin())
+                                if (isAdmin() || isDomainAdmin())
                                     return true;
                                 else
                                     return false;
@@ -1602,6 +1602,16 @@
             }
             allowedActions.push("updateResourceCount");
         } else if (isDomainAdmin()) {
+            if (jsonObj.name != g_account) {
+                allowedActions.push("edit"); //updating networkdomain is allowed on any account,
including system-generated default admin account
+                if (jsonObj.state == "enabled") {
+                    allowedActions.push("disable");
+                    allowedActions.push("lock");
+                } else if (jsonObj.state == "disabled" || jsonObj.state == "locked") {
+                    allowedActions.push("enable");
+                }
+                allowedActions.push("remove");
+            }
             allowedActions.push("updateResourceCount");
         }
         return allowedActions;
@@ -1627,6 +1637,14 @@
             }
         } else {
             if (isSelfOrChildDomainUser(jsonObj.username, jsonObj.accounttype, jsonObj.domainid,
jsonObj.iscallerchilddomain)) {
+                if (isDomainAdmin() && jsonObj.username != g_username) {
+                    allowedActions.push("edit");
+                    if (jsonObj.state == "enabled")
+                        allowedActions.push("disable");
+                    if (jsonObj.state == "disabled")
+                        allowedActions.push("enable");
+                    allowedActions.push("remove");
+                }
                 allowedActions.push("changePassword");
                 allowedActions.push("generateKeys");
             }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0d12e3eb/ui/scripts/sharedFunctions.js
----------------------------------------------------------------------
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index 358b26a..87255cb 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -750,7 +750,7 @@ var addGuestNetworkDialog = {
     function isSelfOrChildDomainUser(username, useraccounttype, userdomainid, iscallerchilddomain)
{
         if (username == g_username) { //is self
             return true;
-        } else if (isDomainAdmin() && iscallerchilddomain && (useraccounttype
== 0)) { //domain admin to user
+        } else if (isDomainAdmin() && !iscallerchilddomain && (useraccounttype
== 0)) { //domain admin to user
             return true;
         } else if (isDomainAdmin() && iscallerchilddomain && (userdomainid
!= g_domainid)) { //domain admin to subdomain admin and user
             return true;


Mime
View raw message