cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From prachida...@apache.org
Subject [2/2] git commit: updated refs/heads/rbac to 1d98ef9
Date Sat, 25 Jan 2014 01:13:01 GMT
@ACL and EntityType for FirewallRule commands


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1d98ef98
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1d98ef98
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1d98ef98

Branch: refs/heads/rbac
Commit: 1d98ef9821bc90ab8314e68d0e8559ccd4ebfc98
Parents: 695de1e
Author: Prachi Damle <prachi@cloud.com>
Authored: Fri Jan 24 17:05:05 2014 -0800
Committer: Prachi Damle <prachi@cloud.com>
Committed: Fri Jan 24 17:06:11 2014 -0800

----------------------------------------------------------------------
 api/src/org/apache/cloudstack/acl/AclEntityType.java          | 1 +
 .../command/user/firewall/CreateEgressFirewallRuleCmd.java    | 2 +-
 .../api/command/user/firewall/CreateFirewallRuleCmd.java      | 2 +-
 .../command/user/firewall/CreatePortForwardingRuleCmd.java    | 2 +-
 .../command/user/firewall/DeleteEgressFirewallRuleCmd.java    | 6 +++++-
 .../api/command/user/firewall/DeleteFirewallRuleCmd.java      | 7 +++++--
 .../command/user/firewall/DeletePortForwardingRuleCmd.java    | 6 +++++-
 .../api/command/user/firewall/ListEgressFirewallRulesCmd.java | 3 ++-
 .../api/command/user/firewall/ListFirewallRulesCmd.java       | 3 ++-
 .../api/command/user/firewall/ListPortForwardingRulesCmd.java | 3 ++-
 .../command/user/firewall/UpdatePortForwardingRuleCmd.java    | 3 ++-
 11 files changed, 27 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/acl/AclEntityType.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/acl/AclEntityType.java b/api/src/org/apache/cloudstack/acl/AclEntityType.java
index 5c60ede..d96f62c 100644
--- a/api/src/org/apache/cloudstack/acl/AclEntityType.java
+++ b/api/src/org/apache/cloudstack/acl/AclEntityType.java
@@ -34,6 +34,7 @@ public enum AclEntityType {
     InstanceGroup,
     GlobalLoadBalancerRule,
     FirewallRule,
+ PortForwardingRule,
     Event,
     AsyncJob,
     AclPolicy,

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
index e0bee6b..0a7b0ab 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateEgressFirewallRuleCmd.java
@@ -44,7 +44,7 @@ import com.cloud.network.rules.FirewallRule;
 import com.cloud.user.Account;
 import com.cloud.utils.net.NetUtils;
 
-@APICommand(name = "createEgressFirewallRule", description = "Creates a egress firewall rule
for a given network ", responseObject = FirewallResponse.class)
+@APICommand(name = "createEgressFirewallRule", description = "Creates a egress firewall rule
for a given network ", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule
})
 public class CreateEgressFirewallRuleCmd extends BaseAsyncCreateCmd implements FirewallRule
{
     public static final Logger s_logger = Logger.getLogger(CreateEgressFirewallRuleCmd.class.getName());
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
index c522709..a5137a3 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreateFirewallRuleCmd.java
@@ -43,7 +43,7 @@ import com.cloud.network.rules.FirewallRule;
 import com.cloud.user.Account;
 import com.cloud.utils.net.NetUtils;
 
-@APICommand(name = "createFirewallRule", description = "Creates a firewall rule for a given
ip address", responseObject = FirewallResponse.class)
+@APICommand(name = "createFirewallRule", description = "Creates a firewall rule for a given
ip address", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule
})
 public class CreateFirewallRuleCmd extends BaseAsyncCreateCmd implements FirewallRule {
     public static final Logger s_logger = Logger.getLogger(CreateFirewallRuleCmd.class.getName());
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
index 14324df..deb618e 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/CreatePortForwardingRuleCmd.java
@@ -44,7 +44,7 @@ import com.cloud.network.rules.PortForwardingRule;
 import com.cloud.user.Account;
 import com.cloud.utils.net.Ip;
 
-@APICommand(name = "createPortForwardingRule", description = "Creates a port forwarding rule",
responseObject = FirewallRuleResponse.class)
+@APICommand(name = "createPortForwardingRule", description = "Creates a port forwarding rule",
responseObject = FirewallRuleResponse.class, entityType = { AclEntityType.PortForwardingRule
})
 public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements PortForwardingRule
{
     public static final Logger s_logger = Logger.getLogger(CreatePortForwardingRuleCmd.class.getName());
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
index 8e7b679..82c33be 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteEgressFirewallRuleCmd.java
@@ -19,6 +19,9 @@ package org.apache.cloudstack.api.command.user.firewall;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
@@ -36,7 +39,7 @@ import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.network.rules.FirewallRule;
 
-@APICommand(name = "deleteEgressFirewallRule", description = "Deletes an ggress firewall
rule", responseObject = SuccessResponse.class)
+@APICommand(name = "deleteEgressFirewallRule", description = "Deletes an ggress firewall
rule", responseObject = SuccessResponse.class, entityType = { AclEntityType.FirewallRule })
 public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd {
     public static final Logger s_logger = Logger.getLogger(DeleteEgressFirewallRuleCmd.class.getName());
     private static final String s_name = "deleteegressfirewallruleresponse";
@@ -45,6 +48,7 @@ public class DeleteEgressFirewallRuleCmd extends BaseAsyncCmd {
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
+    @ACL(accessType = AccessType.OperateEntry)
     @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = FirewallRuleResponse.class,
required = true, description = "the ID of the firewall rule")
     private Long id;
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
index c3029b8..704c913 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeleteFirewallRuleCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.firewall;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
@@ -35,7 +38,7 @@ import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.ResourceUnavailableException;
 import com.cloud.network.rules.FirewallRule;
 
-@APICommand(name = "deleteFirewallRule", description = "Deletes a firewall rule", responseObject
= SuccessResponse.class)
+@APICommand(name = "deleteFirewallRule", description = "Deletes a firewall rule", responseObject
= SuccessResponse.class, entityType = { AclEntityType.FirewallRule })
 public class DeleteFirewallRuleCmd extends BaseAsyncCmd {
     public static final Logger s_logger = Logger.getLogger(DeleteFirewallRuleCmd.class.getName());
     private static final String s_name = "deletefirewallruleresponse";
@@ -43,7 +46,7 @@ public class DeleteFirewallRuleCmd extends BaseAsyncCmd {
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
-
+    @ACL(accessType = AccessType.OperateEntry)
     @Parameter(name = ApiConstants.ID, type = CommandType.UUID, entityType = FirewallRuleResponse.class,
required = true, description = "the ID of the firewall rule")
     private Long id;
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
index c493dd0..eb88201 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/DeletePortForwardingRuleCmd.java
@@ -18,6 +18,9 @@ package org.apache.cloudstack.api.command.user.firewall;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
+import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.api.ACL;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandJobType;
 import org.apache.cloudstack.api.ApiConstants;
@@ -34,7 +37,7 @@ import com.cloud.event.EventTypes;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.network.rules.PortForwardingRule;
 
-@APICommand(name = "deletePortForwardingRule", description = "Deletes a port forwarding rule",
responseObject = SuccessResponse.class)
+@APICommand(name = "deletePortForwardingRule", description = "Deletes a port forwarding rule",
responseObject = SuccessResponse.class, entityType = { AclEntityType.PortForwardingRule })
 public class DeletePortForwardingRuleCmd extends BaseAsyncCmd {
     public static final Logger s_logger = Logger.getLogger(DeletePortForwardingRuleCmd.class.getName());
     private static final String s_name = "deleteportforwardingruleresponse";
@@ -43,6 +46,7 @@ public class DeletePortForwardingRuleCmd extends BaseAsyncCmd {
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
+    @ACL(accessType = AccessType.OperateEntry)
     @Parameter(name = ApiConstants.ID,
                type = CommandType.UUID,
                entityType = FirewallRuleResponse.class,

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
index 4ac94df..6b2a78c 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListEgressFirewallRulesCmd.java
@@ -22,6 +22,7 @@ import java.util.List;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.Parameter;
@@ -33,7 +34,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
 import com.cloud.network.rules.FirewallRule;
 import com.cloud.utils.Pair;
 
-@APICommand(name = "listEgressFirewallRules", description = "Lists all egress firewall rules
for network id.", responseObject = FirewallResponse.class)
+@APICommand(name = "listEgressFirewallRules", description = "Lists all egress firewall rules
for network id.", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule
})
 public class ListEgressFirewallRulesCmd extends ListFirewallRulesCmd {
     public static final Logger s_logger = Logger.getLogger(ListEgressFirewallRulesCmd.class.getName());
     private static final String s_name = "listegressfirewallrulesresponse";

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
index 44d26e4..ec60b00 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListFirewallRulesCmd.java
@@ -21,6 +21,7 @@ import java.util.List;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
@@ -34,7 +35,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
 import com.cloud.network.rules.FirewallRule;
 import com.cloud.utils.Pair;
 
-@APICommand(name = "listFirewallRules", description = "Lists all firewall rules for an IP
address.", responseObject = FirewallResponse.class)
+@APICommand(name = "listFirewallRules", description = "Lists all firewall rules for an IP
address.", responseObject = FirewallResponse.class, entityType = { AclEntityType.FirewallRule
})
 public class ListFirewallRulesCmd extends BaseListTaggedResourcesCmd {
     public static final Logger s_logger = Logger.getLogger(ListFirewallRulesCmd.class.getName());
     private static final String s_name = "listfirewallrulesresponse";

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
index bd8a7a1..c0c1f3f 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/ListPortForwardingRulesCmd.java
@@ -21,6 +21,7 @@ import java.util.List;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
@@ -33,7 +34,7 @@ import org.apache.cloudstack.api.response.NetworkResponse;
 import com.cloud.network.rules.PortForwardingRule;
 import com.cloud.utils.Pair;
 
-@APICommand(name = "listPortForwardingRules", description = "Lists all port forwarding rules
for an IP address.", responseObject = FirewallRuleResponse.class)
+@APICommand(name = "listPortForwardingRules", description = "Lists all port forwarding rules
for an IP address.", responseObject = FirewallRuleResponse.class, entityType = { AclEntityType.PortForwardingRule
})
 public class ListPortForwardingRulesCmd extends BaseListTaggedResourcesCmd {
     public static final Logger s_logger = Logger.getLogger(ListPortForwardingRulesCmd.class.getName());
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1d98ef98/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
index d7e380f..6c860fe 100644
--- a/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/firewall/UpdatePortForwardingRuleCmd.java
@@ -18,6 +18,7 @@ package org.apache.cloudstack.api.command.user.firewall;
 
 import org.apache.log4j.Logger;
 
+import org.apache.cloudstack.acl.AclEntityType;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseAsyncCmd;
@@ -33,7 +34,7 @@ import com.cloud.user.Account;
 
 @APICommand(name = "updatePortForwardingRule",
             responseObject = FirewallRuleResponse.class,
-            description = "Updates a port forwarding rule.  Only the private port and the
virtual machine can be updated.")
+ description = "Updates a port forwarding rule.  Only the private port and the virtual machine
can be updated.", entityType = { AclEntityType.PortForwardingRule })
 public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
     public static final Logger s_logger = Logger.getLogger(UpdatePortForwardingRuleCmd.class.getName());
     private static final String s_name = "updateportforwardingruleresponse";


Mime
View raw message