cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mc...@apache.org
Subject [11/50] [abbrv] iam/plugin: Rename Acl to IAM everywhere
Date Thu, 13 Mar 2014 23:55:04 GMT
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
index c20989c..02da7c3 100644
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java
@@ -25,17 +25,17 @@ import javax.inject.Inject;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.PermissionScope;
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.api.AclPolicyPermission;
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
+import org.apache.cloudstack.iam.api.IAMGroup;
+import org.apache.cloudstack.iam.api.IAMPolicy;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission;
+import org.apache.cloudstack.iam.api.IAMPolicyPermission.Permission;
 import org.apache.cloudstack.iam.api.IAMService;
-import org.apache.cloudstack.iam.server.dao.AclAccountPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupAccountMapDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupDao;
-import org.apache.cloudstack.iam.server.dao.AclGroupPolicyMapDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyDao;
-import org.apache.cloudstack.iam.server.dao.AclPolicyPermissionDao;
+import org.apache.cloudstack.iam.server.dao.IAMAccountPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupAccountMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupDao;
+import org.apache.cloudstack.iam.server.dao.IAMGroupPolicyMapDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyDao;
+import org.apache.cloudstack.iam.server.dao.IAMPolicyPermissionDao;
 
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.utils.Pair;
@@ -62,37 +62,37 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     private String _name;
 
     @Inject
-    AclPolicyDao _aclPolicyDao;
+    IAMPolicyDao _aclPolicyDao;
 
     @Inject
-    AclGroupDao _aclGroupDao;
+    IAMGroupDao _aclGroupDao;
 
     @Inject
     EntityManager _entityMgr;
 
     @Inject
-    AclGroupPolicyMapDao _aclGroupPolicyMapDao;
+    IAMGroupPolicyMapDao _aclGroupPolicyMapDao;
 
     @Inject
-    AclAccountPolicyMapDao _aclAccountPolicyMapDao;
+    IAMAccountPolicyMapDao _aclAccountPolicyMapDao;
 
     @Inject
-    AclGroupAccountMapDao _aclGroupAccountMapDao;
+    IAMGroupAccountMapDao _aclGroupAccountMapDao;
 
     @Inject
-    AclPolicyPermissionDao _policyPermissionDao;
+    IAMPolicyPermissionDao _policyPermissionDao;
 
     @DB
     @Override
-    public AclGroup createAclGroup(String aclGroupName, String description, String path) {
+    public IAMGroup createAclGroup(String aclGroupName, String description, String path) {
         // check if the group is already existing
-        AclGroup grp = _aclGroupDao.findByName(path, aclGroupName);
+        IAMGroup grp = _aclGroupDao.findByName(path, aclGroupName);
         if (grp != null) {
             throw new InvalidParameterValueException(
                     "Unable to create acl group with name " + aclGroupName
                     + " already exisits for path " + path);
         }
-        AclGroupVO rvo = new AclGroupVO(aclGroupName, description);
+        IAMGroupVO rvo = new IAMGroupVO(aclGroupName, description);
         rvo.setPath(path);
 
         return _aclGroupDao.persist(rvo);
@@ -102,7 +102,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public boolean deleteAclGroup(final Long aclGroupId) {
         // get the Acl Group entity
-        final AclGroup grp = _aclGroupDao.findById(aclGroupId);
+        final IAMGroup grp = _aclGroupDao.findById(aclGroupId);
         if (grp == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + aclGroupId
                     + "; failed to delete acl group.");
@@ -112,17 +112,17 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove this group related entry in acl_group_role_map
-                List<AclGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByGroupId(grp.getId());
+                List<IAMGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByGroupId(grp.getId());
                 if (groupPolicyMap != null) {
-                    for (AclGroupPolicyMapVO gr : groupPolicyMap) {
+                    for (IAMGroupPolicyMapVO gr : groupPolicyMap) {
                         _aclGroupPolicyMapDao.remove(gr.getId());
                     }
                 }
 
                 // remove this group related entry in acl_group_account table
-                List<AclGroupAccountMapVO> groupAcctMap = _aclGroupAccountMapDao.listByGroupId(grp.getId());
+                List<IAMGroupAccountMapVO> groupAcctMap = _aclGroupAccountMapDao.listByGroupId(grp.getId());
                 if (groupAcctMap != null) {
-                    for (AclGroupAccountMapVO grpAcct : groupAcctMap) {
+                    for (IAMGroupAccountMapVO grpAcct : groupAcctMap) {
                         _aclGroupAccountMapDao.remove(grpAcct.getId());
                     }
                 }
@@ -137,9 +137,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclGroup> listAclGroups(long accountId) {
+    public List<IAMGroup> listAclGroups(long accountId) {
 
-        GenericSearchBuilder<AclGroupAccountMapVO, Long> groupSB = _aclGroupAccountMapDao.createSearchBuilder(Long.class);
+        GenericSearchBuilder<IAMGroupAccountMapVO, Long> groupSB = _aclGroupAccountMapDao.createSearchBuilder(Long.class);
         groupSB.selectFields(groupSB.entity().getAclGroupId());
         groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
         SearchCriteria<Long> groupSc = groupSB.create();
@@ -147,9 +147,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         List<Long> groupIds = _aclGroupAccountMapDao.customSearch(groupSc, null);
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
         sc.setParameters("ids", groupIds.toArray(new Object[groupIds.size()]));
         @SuppressWarnings("rawtypes")
         List groups = _aclGroupDao.search(sc, null);
@@ -158,9 +158,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
+    public IAMGroup addAccountsToGroup(final List<Long> acctIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to add accounts to acl group.");
@@ -172,10 +172,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
                 // add entries in acl_group_account_map table
                 for (Long acctId : acctIds) {
                     // check account permissions
-                    AclGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
+                    IAMGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
                     if (grMap == null) {
                         // not there already
-                        grMap = new AclGroupAccountMapVO(groupId, acctId);
+                        grMap = new IAMGroupAccountMapVO(groupId, acctId);
                         _aclGroupAccountMapDao.persist(grMap);
                     }
                 }
@@ -186,9 +186,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
+    public IAMGroup removeAccountsFromGroup(final List<Long> acctIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to remove accounts from acl group.");
@@ -199,7 +199,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove entries from acl_group_account_map table
                 for (Long acctId : acctIds) {
-                    AclGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
+                    IAMGroupAccountMapVO grMap = _aclGroupAccountMapDao.findByGroupAndAccount(groupId, acctId);
                     if (grMap != null) {
                         // not removed yet
                         _aclGroupAccountMapDao.remove(grMap.getId());
@@ -212,35 +212,35 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public List<Long> listAccountsByGroup(long groupId) {
-        List<AclGroupAccountMapVO> grpAcctMap = _aclGroupAccountMapDao.listByGroupId(groupId);
+        List<IAMGroupAccountMapVO> grpAcctMap = _aclGroupAccountMapDao.listByGroupId(groupId);
         if (grpAcctMap == null || grpAcctMap.size() == 0) {
             return new ArrayList<Long>();
         }
 
         List<Long> accts = new ArrayList<Long>();
-        for (AclGroupAccountMapVO grpAcct : grpAcctMap) {
+        for (IAMGroupAccountMapVO grpAcct : grpAcctMap) {
             accts.add(grpAcct.getAccountId());
         }
         return accts;
     }
 
     @Override
-    public Pair<List<AclGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize) {
+    public Pair<List<IAMGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize) {
         if (aclGroupId != null) {
-            AclGroup group = _aclGroupDao.findById(aclGroupId);
+            IAMGroup group = _aclGroupDao.findById(aclGroupId);
             if (group == null) {
                 throw new InvalidParameterValueException("Unable to find acl group by id " + aclGroupId);
             }
         }
 
-        Filter searchFilter = new Filter(AclGroupVO.class, "id", true, startIndex, pageSize);
+        Filter searchFilter = new Filter(IAMGroupVO.class, "id", true, startIndex, pageSize);
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
         sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
         sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
 
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
 
         if (aclGroupName != null) {
             sc.setParameters("name", aclGroupName);
@@ -252,13 +252,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         sc.setParameters("path", path + "%");
 
-        Pair<List<AclGroupVO>, Integer> groups = _aclGroupDao.searchAndCount(sc, searchFilter);
-        return new Pair<List<AclGroup>, Integer>(new ArrayList<AclGroup>(groups.first()), groups.second());
+        Pair<List<IAMGroupVO>, Integer> groups = _aclGroupDao.searchAndCount(sc, searchFilter);
+        return new Pair<List<IAMGroup>, Integer>(new ArrayList<IAMGroup>(groups.first()), groups.second());
     }
 
     @Override
-    public List<AclGroup> listParentAclGroups(long groupId) {
-        AclGroup group = _aclGroupDao.findById(groupId);
+    public List<IAMGroup> listParentAclGroups(long groupId) {
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group by id " + groupId);
         }
@@ -277,45 +277,45 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         }
 
         if (pathList.isEmpty()) {
-            return new ArrayList<AclGroup>();
+            return new ArrayList<IAMGroup>();
         }
 
-        SearchBuilder<AclGroupVO> sb = _aclGroupDao.createSearchBuilder();
+        SearchBuilder<IAMGroupVO> sb = _aclGroupDao.createSearchBuilder();
         sb.and("paths", sb.entity().getPath(), SearchCriteria.Op.IN);
 
-        SearchCriteria<AclGroupVO> sc = sb.create();
+        SearchCriteria<IAMGroupVO> sc = sb.create();
         sc.setParameters("paths", pathList.toArray());
 
-        List<AclGroupVO> groups = _aclGroupDao.search(sc, null);
+        List<IAMGroupVO> groups = _aclGroupDao.search(sc, null);
 
-        return new ArrayList<AclGroup>(groups);
+        return new ArrayList<IAMGroup>(groups);
 
     }
 
     @DB
     @Override
-    public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
+    public IAMPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) {
 
         // check if the policy is already existing
-        AclPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
+        IAMPolicy ro = _aclPolicyDao.findByName(aclPolicyName);
         if (ro != null) {
             throw new InvalidParameterValueException(
                     "Unable to create acl policy with name " + aclPolicyName
                     + " already exisits");
         }
 
-        AclPolicy role = Transaction.execute(new TransactionCallback<AclPolicy>() {
+        IAMPolicy role = Transaction.execute(new TransactionCallback<IAMPolicy>() {
             @Override
-            public AclPolicy doInTransaction(TransactionStatus status) {
-                AclPolicyVO rvo = new AclPolicyVO(aclPolicyName, description);
+            public IAMPolicy doInTransaction(TransactionStatus status) {
+                IAMPolicyVO rvo = new IAMPolicyVO(aclPolicyName, description);
                 rvo.setPath(path);
 
-                AclPolicy role = _aclPolicyDao.persist(rvo);
+                IAMPolicy role = _aclPolicyDao.persist(rvo);
                 if (parentPolicyId != null) {
                     // copy parent role permissions
-                    List<AclPolicyPermissionVO> perms = _policyPermissionDao.listByPolicy(parentPolicyId);
+                    List<IAMPolicyPermissionVO> perms = _policyPermissionDao.listByPolicy(parentPolicyId);
                     if (perms != null) {
-                        for (AclPolicyPermissionVO perm : perms) {
+                        for (IAMPolicyPermissionVO perm : perms) {
                             perm.setAclPolicyId(role.getId());
                             _policyPermissionDao.persist(perm);
                         }
@@ -333,7 +333,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public boolean deleteAclPolicy(final long aclPolicyId) {
         // get the Acl Policy entity
-        final AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        final IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to delete acl policy.");
@@ -343,25 +343,25 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove this role related entry in acl_group_role_map
-                List<AclGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByPolicyId(policy.getId());
+                List<IAMGroupPolicyMapVO> groupPolicyMap = _aclGroupPolicyMapDao.listByPolicyId(policy.getId());
                 if (groupPolicyMap != null) {
-                    for (AclGroupPolicyMapVO gr : groupPolicyMap) {
+                    for (IAMGroupPolicyMapVO gr : groupPolicyMap) {
                         _aclGroupPolicyMapDao.remove(gr.getId());
                     }
                 }
 
                 // remove this policy related entry in acl_account_policy_map table
-                List<AclAccountPolicyMapVO> policyAcctMap = _aclAccountPolicyMapDao.listByPolicyId(policy.getId());
+                List<IAMAccountPolicyMapVO> policyAcctMap = _aclAccountPolicyMapDao.listByPolicyId(policy.getId());
                 if (policyAcctMap != null) {
-                    for (AclAccountPolicyMapVO policyAcct : policyAcctMap) {
+                    for (IAMAccountPolicyMapVO policyAcct : policyAcctMap) {
                         _aclAccountPolicyMapDao.remove(policyAcct.getId());
                     }
                 }
 
                 // remove this policy related entry in acl_policy_permission table
-                List<AclPolicyPermissionVO> policyPermMap = _policyPermissionDao.listByPolicy(policy.getId());
+                List<IAMPolicyPermissionVO> policyPermMap = _policyPermissionDao.listByPolicy(policy.getId());
                 if (policyPermMap != null) {
-                    for (AclPolicyPermissionVO policyPerm : policyPermMap) {
+                    for (IAMPolicyPermissionVO policyPerm : policyPermMap) {
                         _policyPermissionDao.remove(policyPerm.getId());
                     }
                 }
@@ -377,13 +377,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listAclPolicies(long accountId) {
+    public List<IAMPolicy> listAclPolicies(long accountId) {
 
         // static policies of the account
-        SearchBuilder<AclGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
+        SearchBuilder<IAMGroupAccountMapVO> groupSB = _aclGroupAccountMapDao.createSearchBuilder();
         groupSB.and("account", groupSB.entity().getAccountId(), Op.EQ);
 
-        GenericSearchBuilder<AclGroupPolicyMapVO, Long> policySB = _aclGroupPolicyMapDao.createSearchBuilder(Long.class);
+        GenericSearchBuilder<IAMGroupPolicyMapVO, Long> policySB = _aclGroupPolicyMapDao.createSearchBuilder(Long.class);
         policySB.selectFields(policySB.entity().getAclPolicyId());
         policySB.join("accountgroupjoin", groupSB, groupSB.entity().getAclGroupId(), policySB.entity().getAclGroupId(),
                 JoinType.INNER);
@@ -393,16 +393,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         List<Long> policyIds = _aclGroupPolicyMapDao.customSearch(policySc, null);
         // add policies directly attached to the account
-        List<AclAccountPolicyMapVO> acctPolicies = _aclAccountPolicyMapDao.listByAccountId(accountId);
-        for (AclAccountPolicyMapVO p : acctPolicies) {
+        List<IAMAccountPolicyMapVO> acctPolicies = _aclAccountPolicyMapDao.listByAccountId(accountId);
+        for (IAMAccountPolicyMapVO p : acctPolicies) {
             policyIds.add(p.getAclPolicyId());
         }
         if (policyIds.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         @SuppressWarnings("rawtypes")
         List policies = _aclPolicyDao.customSearch(sc, null);
@@ -413,20 +413,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listAclPoliciesByGroup(long groupId) {
-        List<AclGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
+    public List<IAMPolicy> listAclPoliciesByGroup(long groupId) {
+        List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclGroupPolicyMapVO pg : policyGrpMap) {
+        for (IAMGroupPolicyMapVO pg : policyGrpMap) {
             policyIds.add(pg.getAclPolicyId());
         }
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         @SuppressWarnings("rawtypes")
         List policies = _aclPolicyDao.customSearch(sc, null);
@@ -436,26 +436,26 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicy> listRecursiveAclPoliciesByGroup(long groupId) {
-        List<AclGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
+    public List<IAMPolicy> listRecursiveAclPoliciesByGroup(long groupId) {
+        List<IAMGroupPolicyMapVO> policyGrpMap = _aclGroupPolicyMapDao.listByGroupId(groupId);
         if (policyGrpMap == null || policyGrpMap.size() == 0) {
-            return new ArrayList<AclPolicy>();
+            return new ArrayList<IAMPolicy>();
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclGroupPolicyMapVO pg : policyGrpMap) {
+        for (IAMGroupPolicyMapVO pg : policyGrpMap) {
             policyIds.add(pg.getAclPolicyId());
         }
 
-        SearchBuilder<AclPolicyPermissionVO> permSb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> permSb = _policyPermissionDao.createSearchBuilder();
         permSb.and("isRecursive", permSb.entity().isRecursive(), Op.EQ);
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("ids", sb.entity().getId(), Op.IN);
         sb.join("recursivePerm", permSb, sb.entity().getId(), permSb.entity().getAclPolicyId(),
                 JoinBuilder.JoinType.INNER);
 
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
         sc.setParameters("ids", policyIds.toArray(new Object[policyIds.size()]));
         sc.setJoinParameters("recursivePerm", "isRecursive", true);
 
@@ -468,23 +468,23 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public Pair<List<AclPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize) {
+    public Pair<List<IAMPolicy>, Integer> listAclPolicies(Long aclPolicyId, String aclPolicyName, String path, Long startIndex, Long pageSize) {
 
         if (aclPolicyId != null) {
-            AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+            IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
             if (policy == null) {
                 throw new InvalidParameterValueException("Unable to find acl policy by id " + aclPolicyId);
             }
         }
 
-        Filter searchFilter = new Filter(AclPolicyVO.class, "id", true, startIndex, pageSize);
+        Filter searchFilter = new Filter(IAMPolicyVO.class, "id", true, startIndex, pageSize);
 
-        SearchBuilder<AclPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyVO> sb = _aclPolicyDao.createSearchBuilder();
         sb.and("name", sb.entity().getName(), SearchCriteria.Op.EQ);
         sb.and("path", sb.entity().getPath(), SearchCriteria.Op.LIKE);
         sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
 
-        SearchCriteria<AclPolicyVO> sc = sb.create();
+        SearchCriteria<IAMPolicyVO> sc = sb.create();
 
         if (aclPolicyName != null) {
             sc.setParameters("name", aclPolicyName);
@@ -496,17 +496,17 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
         sc.setParameters("path", path + "%");
 
-        Pair<List<AclPolicyVO>, Integer> policies = _aclPolicyDao.searchAndCount(sc, searchFilter);
+        Pair<List<IAMPolicyVO>, Integer> policies = _aclPolicyDao.searchAndCount(sc, searchFilter);
         @SuppressWarnings("rawtypes")
         List policyList = policies.first();
-        return new Pair<List<AclPolicy>, Integer>(policyList, policies.second());
+        return new Pair<List<IAMPolicy>, Integer>(policyList, policies.second());
     }
 
     @DB
     @Override
-    public AclGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup attachAclPoliciesToGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to add roles to acl group.");
@@ -517,16 +517,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long policyId : policyIds) {
-                    AclPolicy policy = _aclPolicyDao.findById(policyId);
+                    IAMPolicy policy = _aclPolicyDao.findById(policyId);
                     if (policy == null) {
                         throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                                 + "; failed to add policies to acl group.");
                     }
 
-                    AclGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
+                    IAMGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
                     if (grMap == null) {
                         // not there already
-                        grMap = new AclGroupPolicyMapVO(groupId, policyId);
+                        grMap = new IAMGroupPolicyMapVO(groupId, policyId);
                         _aclGroupPolicyMapDao.persist(grMap);
                     }
                 }
@@ -538,9 +538,9 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
+    public IAMGroup removeAclPoliciesFromGroup(final List<Long> policyIds, final Long groupId) {
         // get the Acl Group entity
-        AclGroup group = _aclGroupDao.findById(groupId);
+        IAMGroup group = _aclGroupDao.findById(groupId);
         if (group == null) {
             throw new InvalidParameterValueException("Unable to find acl group: " + groupId
                     + "; failed to remove roles from acl group.");
@@ -551,13 +551,13 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_role_map table
                 for (Long policyId : policyIds) {
-                    AclPolicy policy = _aclPolicyDao.findById(policyId);
+                    IAMPolicy policy = _aclPolicyDao.findById(policyId);
                     if (policy == null) {
                         throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                                 + "; failed to add policies to acl group.");
                     }
 
-                    AclGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
+                    IAMGroupPolicyMapVO grMap = _aclGroupPolicyMapDao.findByGroupAndPolicy(groupId, policyId);
                     if (grMap != null) {
                         // not removed yet
                         _aclGroupPolicyMapDao.remove(grMap.getId());
@@ -571,7 +571,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public void attachAclPolicyToAccounts(final Long policyId, final List<Long> acctIds) {
-        AclPolicy policy = _aclPolicyDao.findById(policyId);
+        IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                     + "; failed to add policy to account.");
@@ -582,10 +582,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long acctId : acctIds) {
-                    AclAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
+                    IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                     if (acctMap == null) {
                         // not there already
-                        acctMap = new AclAccountPolicyMapVO(acctId, policyId);
+                        acctMap = new IAMAccountPolicyMapVO(acctId, policyId);
                         _aclAccountPolicyMapDao.persist(acctMap);
                     }
                 }
@@ -595,7 +595,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     public void removeAclPolicyFromAccounts(final Long policyId, final List<Long> acctIds) {
-        AclPolicy policy = _aclPolicyDao.findById(policyId);
+        IAMPolicy policy = _aclPolicyDao.findById(policyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + policyId
                     + "; failed to add policy to account.");
@@ -606,10 +606,10 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // add entries in acl_group_policy_map table
                 for (Long acctId : acctIds) {
-                    AclAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
+                    IAMAccountPolicyMapVO acctMap = _aclAccountPolicyMapDao.findByAccountAndPolicy(acctId, policyId);
                     if (acctMap == null) {
                         // not there already
-                        acctMap = new AclAccountPolicyMapVO(acctId, policyId);
+                        acctMap = new IAMAccountPolicyMapVO(acctId, policyId);
                         _aclAccountPolicyMapDao.remove(acctMap.getId());
                     }
                 }
@@ -619,20 +619,20 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy addAclPermissionToAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action, String accessType, Permission perm, Boolean recursive) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to add permission to policy.");
         }
 
         // add entry in acl_policy_permission table
-        AclPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, perm);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, perm);
         if (permit == null) {
             // not there already
-            permit = new AclPolicyPermissionVO(aclPolicyId, action, entityType, accessType, scope, scopeId, perm,
+            permit = new IAMPolicyPermissionVO(aclPolicyId, action, entityType, accessType, scope, scopeId, perm,
                     recursive);
             _policyPermissionDao.persist(permit);
         }
@@ -642,16 +642,16 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
+    public IAMPolicy removeAclPermissionFromAclPolicy(long aclPolicyId, String entityType, String scope, Long scopeId,
             String action) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to revoke permission from policy.");
         }
         // remove entry from acl_entity_permission table
-        AclPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, Permission.Allow);
+        IAMPolicyPermissionVO permit = _policyPermissionDao.findByPolicyAndEntity(aclPolicyId, entityType, scope, scopeId, action, Permission.Allow);
         if (permit != null) {
             // not removed yet
             _policyPermissionDao.remove(permit.getId());
@@ -666,8 +666,8 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
             @Override
             public void doInTransactionWithoutResult(TransactionStatus status) {
                 // remove entry from acl_entity_permission table
-                List<AclPolicyPermissionVO> permitList = _policyPermissionDao.listByEntity(entityType, entityId);
-                for (AclPolicyPermissionVO permit : permitList) {
+                List<IAMPolicyPermissionVO> permitList = _policyPermissionDao.listByEntity(entityType, entityId);
+                for (IAMPolicyPermissionVO permit : permitList) {
                     long policyId = permit.getAclPolicyId();
                     _policyPermissionDao.remove(permit.getId());
 
@@ -682,19 +682,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @DB
     @Override
-    public AclPolicy resetAclPolicy(long aclPolicyId) {
+    public IAMPolicy resetAclPolicy(long aclPolicyId) {
         // get the Acl Policy entity
-        AclPolicy policy = _aclPolicyDao.findById(aclPolicyId);
+        IAMPolicy policy = _aclPolicyDao.findById(aclPolicyId);
         if (policy == null) {
             throw new InvalidParameterValueException("Unable to find acl policy: " + aclPolicyId
                     + "; failed to reset the policy.");
         }
 
-        SearchBuilder<AclPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
         sb.and("policyId", sb.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
         sb.and("scope", sb.entity().getScope(), SearchCriteria.Op.EQ);
         sb.done();
-        SearchCriteria<AclPolicyPermissionVO> permissionSC = sb.create();
+        SearchCriteria<IAMPolicyPermissionVO> permissionSC = sb.create();
         permissionSC.setParameters("policyId", aclPolicyId);
         _policyPermissionDao.expunge(permissionSC);
 
@@ -702,7 +702,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public boolean isActionAllowedForPolicies(String action, List<AclPolicy> policies) {
+    public boolean isActionAllowedForPolicies(String action, List<IAMPolicy> policies) {
 
         boolean allowed = false;
 
@@ -711,19 +711,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
         }
 
         List<Long> policyIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
+        for (IAMPolicy policy : policies) {
             policyIds.add(policy.getId());
         }
 
-        SearchBuilder<AclPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
+        SearchBuilder<IAMPolicyPermissionVO> sb = _policyPermissionDao.createSearchBuilder();
         sb.and("action", sb.entity().getAction(), Op.EQ);
         sb.and("policyId", sb.entity().getAclPolicyId(), Op.IN);
 
-        SearchCriteria<AclPolicyPermissionVO> sc = sb.create();
+        SearchCriteria<IAMPolicyPermissionVO> sc = sb.create();
         sc.setParameters("policyId", policyIds.toArray(new Object[policyIds.size()]));
         sc.setParameters("action", action);
 
-        List<AclPolicyPermissionVO> permissions = _policyPermissionDao.customSearch(sc, null);
+        List<IAMPolicyPermissionVO> permissions = _policyPermissionDao.customSearch(sc, null);
 
         if (permissions != null && !permissions.isEmpty()) {
             allowed = true;
@@ -736,14 +736,14 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     @Override
     public List<Long> getGrantedEntities(long accountId, String action, String scope) {
         // Get the static Policies of the Caller
-        List<AclPolicy> policies = listAclPolicies(accountId);
+        List<IAMPolicy> policies = listAclPolicies(accountId);
         // for each policy, find granted permission within the given scope
         List<Long> entityIds = new ArrayList<Long>();
-        for (AclPolicy policy : policies) {
-            List<AclPolicyPermissionVO> pp = _policyPermissionDao.listGrantedByActionAndScope(policy.getId(), action,
+        for (IAMPolicy policy : policies) {
+            List<IAMPolicyPermissionVO> pp = _policyPermissionDao.listGrantedByActionAndScope(policy.getId(), action,
                     scope);
             if (pp != null) {
-                for (AclPolicyPermissionVO p : pp) {
+                for (IAMPolicyPermissionVO p : pp) {
                     if (p.getScopeId() != null) {
                         entityIds.add(p.getScopeId());
                     }
@@ -755,7 +755,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @Override
     @SuppressWarnings("unchecked")
-    public List<AclPolicyPermission> listPolicyPermissions(long policyId) {
+    public List<IAMPolicyPermission> listPolicyPermissions(long policyId) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicy(policyId);
         return pp;
@@ -763,7 +763,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope) {
+    public List<IAMPolicyPermission> listPolicyPermissionsByScope(long policyId, String action, String scope) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listGrantedByActionAndScope(policyId, action, scope);
         return pp;
@@ -771,7 +771,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action,
+    public List<IAMPolicyPermission> listPolicyPermissionByActionAndEntity(long policyId, String action,
             String entityType) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicyActionAndEntity(policyId, action, entityType);
@@ -780,7 +780,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
 
     @SuppressWarnings("unchecked")
     @Override
-    public List<AclPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
+    public List<IAMPolicyPermission> listPolicyPermissionByAccessAndEntity(long policyId, String accessType,
             String entityType) {
         @SuppressWarnings("rawtypes")
         List pp = _policyPermissionDao.listByPolicyAccessAndEntity(policyId, accessType, entityType);
@@ -788,19 +788,19 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager {
     }
 
     @Override
-    public AclPolicy getResourceOwnerPolicy() {
+    public IAMPolicy getResourceOwnerPolicy() {
         return _aclPolicyDao.findByName("RESOURCE_OWNER");
     }
 
     // search for policy with only one resource grant permission
     @Override
-    public AclPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action) {
-        List<AclPolicyVO> policyList = _aclPolicyDao.listAll();
-        for (AclPolicyVO policy : policyList){
-            List<AclPolicyPermission> pp = listPolicyPermissions(policy.getId());
+    public IAMPolicy getResourceGrantPolicy(String entityType, Long entityId, String accessType, String action) {
+        List<IAMPolicyVO> policyList = _aclPolicyDao.listAll();
+        for (IAMPolicyVO policy : policyList){
+            List<IAMPolicyPermission> pp = listPolicyPermissions(policy.getId());
             if ( pp != null && pp.size() == 1){
                 // resource grant policy should only have one ACL permission assigned
-                AclPolicyPermission permit = pp.get(0);
+                IAMPolicyPermission permit = pp.get(0);
                 if ( permit.getEntityType().equals(entityType) && permit.getScope().equals(PermissionScope.RESOURCE.toString()) && permit.getScopeId().longValue() == entityId.longValue()){
                     if (accessType != null && permit.getAccessType().equals(accessType)){
                         return policy;

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
deleted file mode 100644
index 83b8147..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDao.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.iam.server.AclAccountPolicyMapVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclAccountPolicyMapDao extends GenericDao<AclAccountPolicyMapVO, Long> {
-
-    List<AclAccountPolicyMapVO> listByAccountId(long acctId);
-
-    List<AclAccountPolicyMapVO> listByPolicyId(long policyId);
-
-    AclAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId);
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java
deleted file mode 100644
index 51091a6..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclAccountPolicyMapDaoImpl.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.server.AclAccountPolicyMapVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-public class AclAccountPolicyMapDaoImpl extends GenericDaoBase<AclAccountPolicyMapVO, Long> implements AclAccountPolicyMapDao {
-
-    private SearchBuilder<AclAccountPolicyMapVO> ListByAccountId;
-    private SearchBuilder<AclAccountPolicyMapVO> ListByPolicyId;
-    private SearchBuilder<AclAccountPolicyMapVO> findByPolicyAccountId;
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        ListByAccountId = createSearchBuilder();
-        ListByAccountId.and("accountId", ListByAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
-        ListByAccountId.done();
-
-        ListByPolicyId = createSearchBuilder();
-        ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        ListByPolicyId.done();
-
-        findByPolicyAccountId = createSearchBuilder();
-        findByPolicyAccountId.and("policyId", findByPolicyAccountId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        findByPolicyAccountId.and("accountId", findByPolicyAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
-        findByPolicyAccountId.done();
-
-        return true;
-    }
-
-    @Override
-    public List<AclAccountPolicyMapVO> listByAccountId(long acctId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = ListByAccountId.create();
-        sc.setParameters("accountId", acctId);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclAccountPolicyMapVO> listByPolicyId(long policyId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = ListByPolicyId.create();
-        sc.setParameters("policyId", policyId);
-        return listBy(sc);
-    }
-
-    @Override
-    public AclAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId) {
-        SearchCriteria<AclAccountPolicyMapVO> sc = findByPolicyAccountId.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("accountId", acctId);
-        return findOneBy(sc);
-    }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java
deleted file mode 100644
index 58f69c3..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDao.java
+++ /dev/null
@@ -1,40 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.iam.server.AclGroupAccountMapVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclGroupAccountMapDao extends GenericDao<AclGroupAccountMapVO, Long> {
-
-    List<AclGroupAccountMapVO> listByGroupId(long groupId);
-
-    List<AclGroupAccountMapVO> listByAccountId(long accountId);
-
-    AclGroupAccountMapVO findAccountInAdminGroup(long accountId);
-
-    AclGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId);
-
-    void removeAccountFromGroups(long accountId);
-
-    AclGroupAccountMapVO findAccountInDomainAdminGroup(long accountId);
-
-    AclGroupAccountMapVO findAccountInUserGroup(long accountId);
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java
deleted file mode 100644
index 32ce64a..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupAccountMapDaoImpl.java
+++ /dev/null
@@ -1,119 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.server.AclGroupAccountMapVO;
-import org.apache.log4j.Logger;
-import org.springframework.stereotype.Component;
-
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclGroupAccountMapDaoImpl extends GenericDaoBase<AclGroupAccountMapVO, Long> implements AclGroupAccountMapDao {
-    private SearchBuilder<AclGroupAccountMapVO> ListByGroupId;
-    private SearchBuilder<AclGroupAccountMapVO> ListByAccountId;
-    private SearchBuilder<AclGroupAccountMapVO> _findByAccountAndGroupId;
-
-    public static final Logger s_logger = Logger.getLogger(AclGroupAccountMapDaoImpl.class.getName());
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        ListByGroupId = createSearchBuilder();
-        ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
-        ListByGroupId.done();
-
-        ListByAccountId = createSearchBuilder();
-        ListByAccountId.and("accountId", ListByAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
-        ListByAccountId.done();
-
-        _findByAccountAndGroupId = createSearchBuilder();
-        _findByAccountAndGroupId
-                .and("groupId", _findByAccountAndGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
-        _findByAccountAndGroupId.and("accountId", _findByAccountAndGroupId.entity().getAccountId(),
-                SearchCriteria.Op.EQ);
-        _findByAccountAndGroupId.done();
-
-        return true;
-    }
-
-    @Override
-    public List<AclGroupAccountMapVO> listByGroupId(long groupId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByGroupId.create();
-        sc.setParameters("groupId", groupId);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclGroupAccountMapVO> listByAccountId(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByAccountId.create();
-        sc.setParameters("accountId", accountId);
-        return listBy(sc);
-    }
-
-    @Override
-    public AclGroupAccountMapVO findAccountInAdminGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
-        sc.setParameters("accountId", accountId);
-        sc.setParameters("groupId", 2);
-        return findOneBy(sc);
-    }
-
-    @Override
-    public AclGroupAccountMapVO findAccountInDomainAdminGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
-        sc.setParameters("accountId", accountId);
-        sc.setParameters("groupId", 3);
-        return findOneBy(sc);
-    }
-
-    @Override
-    public AclGroupAccountMapVO findAccountInUserGroup(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
-        sc.setParameters("accountId", accountId);
-        sc.setParameters("groupId", 1);
-        return findOneBy(sc);
-    }
-
-    @Override
-    public AclGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
-        sc.setParameters("accountId", acctId);
-        sc.setParameters("groupId", groupId);
-        return findOneBy(sc);
-    }
-
-    @Override
-    public void removeAccountFromGroups(long accountId) {
-        SearchCriteria<AclGroupAccountMapVO> sc = ListByAccountId.create();
-        sc.setParameters("accountId", accountId);
-
-        int rowsRemoved = remove(sc);
-        if (rowsRemoved > 0) {
-            s_logger.debug("Removed account id=" + accountId + " from " + rowsRemoved + " groups");
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java
deleted file mode 100644
index aa62a0b..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDao.java
+++ /dev/null
@@ -1,28 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.server.AclGroupVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclGroupDao extends GenericDao<AclGroupVO, Long> {
-
-    AclGroup findByName(String path, String groupName);
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java
deleted file mode 100644
index e091574..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupDaoImpl.java
+++ /dev/null
@@ -1,59 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.api.AclGroup;
-import org.apache.cloudstack.iam.server.AclGroupVO;
-import org.springframework.stereotype.Component;
-
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclGroupDaoImpl extends GenericDaoBase<AclGroupVO, Long> implements AclGroupDao {
-    private SearchBuilder<AclGroupVO> nameSearch;
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        nameSearch = createSearchBuilder();
-        nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
-        nameSearch.and("path", nameSearch.entity().getPath(), SearchCriteria.Op.EQ);
-        nameSearch.done();
-
-
-        return true;
-    }
-
-    @Override
-    public AclGroup findByName(String path, String name) {
-        SearchCriteria<AclGroupVO> sc = nameSearch.create();
-        sc.setParameters("name", name);
-        if (path != null) {
-            sc.setParameters("path", path);
-        }
-        return findOneBy(sc);
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
deleted file mode 100644
index a016fc5..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDao.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-
-import org.apache.cloudstack.iam.server.AclGroupPolicyMapVO;
-import com.cloud.utils.db.GenericDao;
-
-public interface AclGroupPolicyMapDao extends GenericDao<AclGroupPolicyMapVO, Long> {
-
-    List<AclGroupPolicyMapVO> listByGroupId(long groupId);
-
-    List<AclGroupPolicyMapVO> listByPolicyId(long policyId);
-
-    AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId);
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java
deleted file mode 100644
index 3ce2b8a..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclGroupPolicyMapDaoImpl.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.server.AclGroupPolicyMapVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-public class AclGroupPolicyMapDaoImpl extends GenericDaoBase<AclGroupPolicyMapVO, Long> implements AclGroupPolicyMapDao {
-
-    private SearchBuilder<AclGroupPolicyMapVO> ListByGroupId;
-    private SearchBuilder<AclGroupPolicyMapVO> ListByPolicyId;
-    private SearchBuilder<AclGroupPolicyMapVO> findByPolicyGroupId;
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        ListByGroupId = createSearchBuilder();
-        ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
-        ListByGroupId.done();
-
-        ListByPolicyId = createSearchBuilder();
-        ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        ListByPolicyId.done();
-
-        findByPolicyGroupId = createSearchBuilder();
-        findByPolicyGroupId.and("policyId", findByPolicyGroupId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        findByPolicyGroupId.and("groupId", findByPolicyGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
-        findByPolicyGroupId.done();
-
-        return true;
-    }
-
-    @Override
-    public List<AclGroupPolicyMapVO> listByGroupId(long groupId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = ListByGroupId.create();
-        sc.setParameters("groupId", groupId);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclGroupPolicyMapVO> listByPolicyId(long policyId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = ListByPolicyId.create();
-        sc.setParameters("policyId", policyId);
-        return listBy(sc);
-    }
-
-    @Override
-    public AclGroupPolicyMapVO findByGroupAndPolicy(long groupId, long policyId) {
-        SearchCriteria<AclGroupPolicyMapVO> sc = findByPolicyGroupId.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("groupId", groupId);
-        return findOneBy(sc);
-    }
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java
deleted file mode 100644
index a61c5de..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDao.java
+++ /dev/null
@@ -1,28 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclPolicyDao extends GenericDao<AclPolicyVO, Long> {
-
-    AclPolicy findByName(String policyName);
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java
deleted file mode 100644
index a1a81e6..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyDaoImpl.java
+++ /dev/null
@@ -1,57 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.api.AclPolicy;
-import org.apache.cloudstack.iam.server.AclPolicyVO;
-import org.springframework.stereotype.Component;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-@Component
-public class AclPolicyDaoImpl extends GenericDaoBase<AclPolicyVO, Long> implements AclPolicyDao {
-    private SearchBuilder<AclPolicyVO> nameSearch;
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        nameSearch = createSearchBuilder();
-        nameSearch.and("name", nameSearch.entity().getName(), SearchCriteria.Op.EQ);
-        // nameSearch.and("domainId", nameSearch.entity().getDomainId(),
-        // SearchCriteria.Op.EQ);
-        nameSearch.done();
-
-
-        return true;
-    }
-
-    @Override
-    public AclPolicy findByName(String name) {
-        SearchCriteria<AclPolicyVO> sc = nameSearch.create();
-        sc.setParameters("name", name);
-
-        return findOneBy(sc);
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java
deleted file mode 100644
index 2a49243..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDao.java
+++ /dev/null
@@ -1,39 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-import java.util.List;
-
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
-import org.apache.cloudstack.iam.server.AclPolicyPermissionVO;
-
-import com.cloud.utils.db.GenericDao;
-
-public interface AclPolicyPermissionDao extends GenericDao<AclPolicyPermissionVO, Long> {
-
-    List<AclPolicyPermissionVO> listByPolicy(long policyId);
-
-    AclPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
-            String action, Permission perm);
-
-    List<AclPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope);
-
-    List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType);
-
-    List<AclPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType, String entityType);
-
-    List<AclPolicyPermissionVO> listByEntity(String entityType, Long entityId);
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java
deleted file mode 100644
index 054c8f1..0000000
--- a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/AclPolicyPermissionDaoImpl.java
+++ /dev/null
@@ -1,129 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.iam.server.dao;
-
-import java.util.List;
-import java.util.Map;
-
-import javax.naming.ConfigurationException;
-
-import org.apache.cloudstack.iam.api.AclPolicyPermission.Permission;
-import org.apache.cloudstack.iam.server.AclPolicyPermissionVO;
-
-import com.cloud.utils.db.GenericDaoBase;
-import com.cloud.utils.db.SearchBuilder;
-import com.cloud.utils.db.SearchCriteria;
-
-public class AclPolicyPermissionDaoImpl extends GenericDaoBase<AclPolicyPermissionVO, Long> implements
-        AclPolicyPermissionDao {
-
-    private SearchBuilder<AclPolicyPermissionVO> policyIdSearch;
-    private SearchBuilder<AclPolicyPermissionVO> fullSearch;
-    private SearchBuilder<AclPolicyPermissionVO> actionScopeSearch;
-    private SearchBuilder<AclPolicyPermissionVO> entitySearch;
-
-    @Override
-    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
-        super.configure(name, params);
-
-        policyIdSearch = createSearchBuilder();
-        policyIdSearch.and("policyId", policyIdSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        policyIdSearch.done();
-
-        fullSearch = createSearchBuilder();
-        fullSearch.and("policyId", fullSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        fullSearch.and("entityType", fullSearch.entity().getEntityType(), SearchCriteria.Op.EQ);
-        fullSearch.and("scope", fullSearch.entity().getScope(), SearchCriteria.Op.EQ);
-        fullSearch.and("scopeId", fullSearch.entity().getScopeId(), SearchCriteria.Op.EQ);
-        fullSearch.and("action", fullSearch.entity().getAction(), SearchCriteria.Op.EQ);
-        fullSearch.and("permission", fullSearch.entity().getPermission(), SearchCriteria.Op.EQ);
-        fullSearch.and("accessType", fullSearch.entity().getAccessType(), SearchCriteria.Op.EQ);
-        fullSearch.done();
-
-        actionScopeSearch = createSearchBuilder();
-        actionScopeSearch.and("policyId", actionScopeSearch.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
-        actionScopeSearch.and("scope", actionScopeSearch.entity().getScope(), SearchCriteria.Op.EQ);
-        actionScopeSearch.and("action", actionScopeSearch.entity().getAction(), SearchCriteria.Op.EQ);
-        actionScopeSearch.and("permission", actionScopeSearch.entity().getPermission(), SearchCriteria.Op.EQ);
-        actionScopeSearch.done();
-
-        entitySearch = createSearchBuilder();
-        entitySearch.and("entityType", entitySearch.entity().getEntityType(), SearchCriteria.Op.EQ);
-        entitySearch.and("scopeId", entitySearch.entity().getScopeId(), SearchCriteria.Op.EQ);
-        entitySearch.done();
-
-        return true;
-    }
-
-    @Override
-    public List<AclPolicyPermissionVO> listByPolicy(long policyId) {
-        SearchCriteria<AclPolicyPermissionVO> sc = policyIdSearch.create();
-        sc.setParameters("policyId", policyId);
-        return listBy(sc);
-    }
-
-    @Override
-    public AclPolicyPermissionVO findByPolicyAndEntity(long policyId, String entityType, String scope, Long scopeId,
-            String action, Permission perm) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("entityType", entityType);
-        sc.setParameters("scope", scope);
-        sc.setParameters("scopeId", scopeId);
-        sc.setParameters("action", action);
-        sc.setParameters("permission", perm);
-        return findOneBy(sc);
-    }
-
-    @Override
-    public List<AclPolicyPermissionVO> listGrantedByActionAndScope(long policyId, String action, String scope) {
-        SearchCriteria<AclPolicyPermissionVO> sc = actionScopeSearch.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("action", action);
-        sc.setParameters("scope", scope);
-        sc.setParameters("permission", Permission.Allow);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclPolicyPermissionVO> listByPolicyActionAndEntity(long policyId, String action, String entityType) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("entityType", entityType);
-        sc.setParameters("action", action);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclPolicyPermissionVO> listByPolicyAccessAndEntity(long policyId, String accessType,
-            String entityType) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
-        sc.setParameters("policyId", policyId);
-        sc.setParameters("entityType", entityType);
-        sc.setParameters("accessType", accessType);
-        return listBy(sc);
-    }
-
-    @Override
-    public List<AclPolicyPermissionVO> listByEntity(String entityType, Long entityId) {
-        SearchCriteria<AclPolicyPermissionVO> sc = fullSearch.create();
-        sc.setParameters("entityType", entityType);
-        sc.setParameters("scopeId", entityId);
-        return listBy(sc);
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
new file mode 100644
index 0000000..4caf659
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDao.java
@@ -0,0 +1,17 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.iam.server.IAMAccountPolicyMapVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMAccountPolicyMapDao extends GenericDao<IAMAccountPolicyMapVO, Long> {
+
+    List<IAMAccountPolicyMapVO> listByAccountId(long acctId);
+
+    List<IAMAccountPolicyMapVO> listByPolicyId(long policyId);
+
+    IAMAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId);
+
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
new file mode 100644
index 0000000..883fd5c
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMAccountPolicyMapDaoImpl.java
@@ -0,0 +1,61 @@
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.server.IAMAccountPolicyMapVO;
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+public class IAMAccountPolicyMapDaoImpl extends GenericDaoBase<IAMAccountPolicyMapVO, Long> implements IAMAccountPolicyMapDao {
+
+    private SearchBuilder<IAMAccountPolicyMapVO> ListByAccountId;
+    private SearchBuilder<IAMAccountPolicyMapVO> ListByPolicyId;
+    private SearchBuilder<IAMAccountPolicyMapVO> findByPolicyAccountId;
+
+    @Override
+    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+        super.configure(name, params);
+
+        ListByAccountId = createSearchBuilder();
+        ListByAccountId.and("accountId", ListByAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
+        ListByAccountId.done();
+
+        ListByPolicyId = createSearchBuilder();
+        ListByPolicyId.and("policyId", ListByPolicyId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+        ListByPolicyId.done();
+
+        findByPolicyAccountId = createSearchBuilder();
+        findByPolicyAccountId.and("policyId", findByPolicyAccountId.entity().getAclPolicyId(), SearchCriteria.Op.EQ);
+        findByPolicyAccountId.and("accountId", findByPolicyAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
+        findByPolicyAccountId.done();
+
+        return true;
+    }
+
+    @Override
+    public List<IAMAccountPolicyMapVO> listByAccountId(long acctId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = ListByAccountId.create();
+        sc.setParameters("accountId", acctId);
+        return listBy(sc);
+    }
+
+    @Override
+    public List<IAMAccountPolicyMapVO> listByPolicyId(long policyId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = ListByPolicyId.create();
+        sc.setParameters("policyId", policyId);
+        return listBy(sc);
+    }
+
+    @Override
+    public IAMAccountPolicyMapVO findByAccountAndPolicy(long acctId, long policyId) {
+        SearchCriteria<IAMAccountPolicyMapVO> sc = findByPolicyAccountId.create();
+        sc.setParameters("policyId", policyId);
+        sc.setParameters("accountId", acctId);
+        return findOneBy(sc);
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
new file mode 100644
index 0000000..a94dbaa
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDao.java
@@ -0,0 +1,40 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+
+import org.apache.cloudstack.iam.server.IAMGroupAccountMapVO;
+
+import com.cloud.utils.db.GenericDao;
+
+public interface IAMGroupAccountMapDao extends GenericDao<IAMGroupAccountMapVO, Long> {
+
+    List<IAMGroupAccountMapVO> listByGroupId(long groupId);
+
+    List<IAMGroupAccountMapVO> listByAccountId(long accountId);
+
+    IAMGroupAccountMapVO findAccountInAdminGroup(long accountId);
+
+    IAMGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId);
+
+    void removeAccountFromGroups(long accountId);
+
+    IAMGroupAccountMapVO findAccountInDomainAdminGroup(long accountId);
+
+    IAMGroupAccountMapVO findAccountInUserGroup(long accountId);
+}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/187f9cd0/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
----------------------------------------------------------------------
diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
new file mode 100644
index 0000000..4bb5d1a
--- /dev/null
+++ b/services/iam/server/src/org/apache/cloudstack/iam/server/dao/IAMGroupAccountMapDaoImpl.java
@@ -0,0 +1,119 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.iam.server.dao;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import org.apache.cloudstack.iam.server.IAMGroupAccountMapVO;
+import org.apache.log4j.Logger;
+import org.springframework.stereotype.Component;
+
+
+import com.cloud.utils.db.GenericDaoBase;
+import com.cloud.utils.db.SearchBuilder;
+import com.cloud.utils.db.SearchCriteria;
+
+@Component
+public class IAMGroupAccountMapDaoImpl extends GenericDaoBase<IAMGroupAccountMapVO, Long> implements IAMGroupAccountMapDao {
+    private SearchBuilder<IAMGroupAccountMapVO> ListByGroupId;
+    private SearchBuilder<IAMGroupAccountMapVO> ListByAccountId;
+    private SearchBuilder<IAMGroupAccountMapVO> _findByAccountAndGroupId;
+
+    public static final Logger s_logger = Logger.getLogger(IAMGroupAccountMapDaoImpl.class.getName());
+
+    @Override
+    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+        super.configure(name, params);
+
+        ListByGroupId = createSearchBuilder();
+        ListByGroupId.and("groupId", ListByGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+        ListByGroupId.done();
+
+        ListByAccountId = createSearchBuilder();
+        ListByAccountId.and("accountId", ListByAccountId.entity().getAccountId(), SearchCriteria.Op.EQ);
+        ListByAccountId.done();
+
+        _findByAccountAndGroupId = createSearchBuilder();
+        _findByAccountAndGroupId
+                .and("groupId", _findByAccountAndGroupId.entity().getAclGroupId(), SearchCriteria.Op.EQ);
+        _findByAccountAndGroupId.and("accountId", _findByAccountAndGroupId.entity().getAccountId(),
+                SearchCriteria.Op.EQ);
+        _findByAccountAndGroupId.done();
+
+        return true;
+    }
+
+    @Override
+    public List<IAMGroupAccountMapVO> listByGroupId(long groupId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByGroupId.create();
+        sc.setParameters("groupId", groupId);
+        return listBy(sc);
+    }
+
+    @Override
+    public List<IAMGroupAccountMapVO> listByAccountId(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByAccountId.create();
+        sc.setParameters("accountId", accountId);
+        return listBy(sc);
+    }
+
+    @Override
+    public IAMGroupAccountMapVO findAccountInAdminGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("groupId", 2);
+        return findOneBy(sc);
+    }
+
+    @Override
+    public IAMGroupAccountMapVO findAccountInDomainAdminGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("groupId", 3);
+        return findOneBy(sc);
+    }
+
+    @Override
+    public IAMGroupAccountMapVO findAccountInUserGroup(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+        sc.setParameters("accountId", accountId);
+        sc.setParameters("groupId", 1);
+        return findOneBy(sc);
+    }
+
+    @Override
+    public IAMGroupAccountMapVO findByGroupAndAccount(long groupId, long acctId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = _findByAccountAndGroupId.create();
+        sc.setParameters("accountId", acctId);
+        sc.setParameters("groupId", groupId);
+        return findOneBy(sc);
+    }
+
+    @Override
+    public void removeAccountFromGroups(long accountId) {
+        SearchCriteria<IAMGroupAccountMapVO> sc = ListByAccountId.create();
+        sc.setParameters("accountId", accountId);
+
+        int rowsRemoved = remove(sc);
+        if (rowsRemoved > 0) {
+            s_logger.debug("Removed account id=" + accountId + " from " + rowsRemoved + " groups");
+        }
+    }
+}


Mime
View raw message