cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject [2/3] git commit: updated refs/heads/4.5 to 4d096ea
Date Wed, 17 Jun 2015 20:20:52 GMT
CLOUDSTACK-8537 refactor registerSSHKeyPair() for legibility and testability reasons

Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/6e3c6e82
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/6e3c6e82
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/6e3c6e82

Branch: refs/heads/4.5
Commit: 6e3c6e82990cafdab8453ed56530dc619ba70338
Parents: 570d162
Author: Daan Hoogland <daan.hoogland@gmail.com>
Authored: Tue Jun 9 23:57:00 2015 +0200
Committer: Daan Hoogland <daan.hoogland@gmail.com>
Committed: Wed Jun 17 22:19:53 2015 +0200

----------------------------------------------------------------------
 .../com/cloud/server/ManagementServerImpl.java  | 110 ++++++++++++++-----
 1 file changed, 83 insertions(+), 27 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6e3c6e82/server/src/com/cloud/server/ManagementServerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index e9f2e0b..08fd9e9 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -16,7 +16,9 @@
 // under the License.
 package com.cloud.server;
 
+import java.io.UnsupportedEncodingException;
 import java.lang.reflect.Field;
+import java.net.URLDecoder;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Calendar;
@@ -940,7 +942,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public boolean archiveEvents(ArchiveEventsCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> ids = cmd.getIds();
         boolean result = true;
         List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -967,7 +969,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public boolean deleteEvents(DeleteEventsCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> ids = cmd.getIds();
         boolean result = true;
         List<Long> permittedAccountIds = new ArrayList<Long>();
@@ -1091,8 +1093,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public Ternary<Pair<List<? extends Host>, Integer>, List<? extends
Host>, Map<Host, Boolean>> listHostsForMigrationOfVM(Long vmId, Long startIndex,
Long pageSize) {
-        // access check - only root admin can migrate VM
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         if (!_accountMgr.isRootAdmin(caller.getId())) {
             if (s_logger.isDebugEnabled()) {
                 s_logger.debug("Caller is not a root admin, permission denied to migrate
the VM");
@@ -1269,8 +1270,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public Pair<List<? extends StoragePool>, List<? extends StoragePool>>
listStoragePoolsForMigrationOfVolume(Long volumeId) {
-        // Access check - only root administrator can migrate volumes.
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         if (!_accountMgr.isRootAdmin(caller.getId())) {
             if (s_logger.isDebugEnabled()) {
                 s_logger.debug("Caller is not a root admin, permission denied to migrate
the volume");
@@ -1762,7 +1762,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
         List<Long> permittedAccounts = new ArrayList<Long>();
         ListProjectResourcesCriteria listProjectResourcesCriteria = null;
         if (isAllocated) {
-            Account caller = CallContext.current().getCallingAccount();
+            Account caller = getCaller();
 
             Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject
= new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
                     cmd.getDomainId(), cmd.isRecursive(), null);
@@ -2255,8 +2255,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
             throw new InvalidParameterValueException("ROOT domain can not be edited with
a new name");
         }
 
-        // check permissions
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         _accountMgr.checkAccess(caller, domain);
 
         // domain name is unique under the parent domain
@@ -3304,7 +3303,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public ArrayList<String> getCloudIdentifierResponse(long userId) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         // verify that user exists
         User user = _accountMgr.getUserIncludingRemoved(userId);
@@ -3344,7 +3343,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
     public Map<String, Object> listCapabilities(ListCapabilitiesCmd cmd) {
         Map<String, Object> capabilities = new HashMap<String, Object>();
 
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         boolean securityGroupsEnabled = false;
         boolean elasticLoadBalancerEnabled = false;
         boolean KVMSnapshotEnabled = false;
@@ -3410,7 +3409,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public InstanceGroupVO updateVmGroup(UpdateVMGroupCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         Long groupId = cmd.getId();
         String groupName = cmd.getGroupName();
 
@@ -3528,7 +3527,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public SSHKeyPair createSSHKeyPair(CreateSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         String accountName = cmd.getAccountName();
         Long domainId = cmd.getDomainId();
         Long projectId = cmd.getProjectId();
@@ -3552,7 +3551,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public boolean deleteSSHKeyPair(DeleteSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         String accountName = cmd.getAccountName();
         Long domainId = cmd.getDomainId();
         Long projectId = cmd.getProjectId();
@@ -3580,7 +3579,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
         String name = cmd.getName();
         String fingerPrint = cmd.getFingerprint();
 
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
         List<Long> permittedAccounts = new ArrayList<Long>();
 
         Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject
= new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
@@ -3612,30 +3611,87 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
     @Override
     @ActionEvent(eventType = EventTypes.EVENT_REGISTER_SSH_KEYPAIR, eventDescription = "registering
ssh keypair", async = true)
     public SSHKeyPair registerSSHKeyPair(RegisterSSHKeyPairCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account owner = getOwner(cmd);
+        checkForKeyByName(cmd, owner);
+        checkForKeyByPublicKey(cmd, owner);
 
-        Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(),
cmd.getProjectId());
+        String name = cmd.getName();
+        String key = cmd.getPublicKey();
+        try {
+            key = URLDecoder.decode(key, "UTF-8");
+        } catch (UnsupportedEncodingException e) {
+            s_logger.warn("key decoding tried invain: " + e.getLocalizedMessage());
+        }
+        String publicKey = getPublicKeyFromKeyKeyMaterial(key);
+        String fingerprint = getFingerprint(publicKey);
 
-        SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(),
cmd.getName());
+        return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+    }
+
+    /**
+     * @param cmd
+     * @param owner
+     * @throws InvalidParameterValueException
+     */
+    private void checkForKeyByPublicKey(RegisterSSHKeyPairCmd cmd, Account owner) throws
InvalidParameterValueException {
+        SSHKeyPairVO existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(),
owner.getDomainId(), cmd.getPublicKey());
         if (existingPair != null) {
-            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName()
+ "' already exists for this account.");
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey()
+ "' already exists for this account.");
         }
+    }
 
-        existingPair = _sshKeyPairDao.findByPublicKey(owner.getAccountId(), owner.getDomainId(),
cmd.getPublicKey());
+    /**
+     * @param cmd
+     * @param owner
+     * @throws InvalidParameterValueException
+     */
+    private void checkForKeyByName(RegisterSSHKeyPairCmd cmd, Account owner) throws InvalidParameterValueException
{
+        SSHKeyPairVO existingPair = _sshKeyPairDao.findByName(owner.getAccountId(), owner.getDomainId(),
cmd.getName());
         if (existingPair != null) {
-            throw new InvalidParameterValueException("A key pair with name '" + cmd.getPublicKey()
+ "' already exists for this account.");
+            throw new InvalidParameterValueException("A key pair with name '" + cmd.getName()
+ "' already exists for this account.");
         }
+    }
 
-        String name = cmd.getName();
-        String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(cmd.getPublicKey());
+    /**
+     * @param publicKey
+     * @return
+     */
+    private String getFingerprint(String publicKey) {
+        String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+        return fingerprint;
+    }
+
+    /**
+     * @param key
+     * @return
+     * @throws InvalidParameterValueException
+     */
+    private String getPublicKeyFromKeyKeyMaterial(String key) throws InvalidParameterValueException
{
+        String publicKey = SSHKeysHelper.getPublicKeyFromKeyMaterial(key);
 
         if (publicKey == null) {
             throw new InvalidParameterValueException("Public key is invalid");
         }
+        return publicKey;
+    }
 
-        String fingerprint = SSHKeysHelper.getPublicKeyFingerprint(publicKey);
+    /**
+     * @param cmd
+     * @return
+     */
+    private Account getOwner(RegisterSSHKeyPairCmd cmd) {
+        Account caller = getCaller();
 
-        return createAndSaveSSHKeyPair(name, fingerprint, publicKey, null, owner);
+        Account owner = _accountMgr.finalizeOwner(caller, cmd.getAccountName(), cmd.getDomainId(),
cmd.getProjectId());
+        return owner;
+    }
+
+    /**
+     * @return
+     */
+    private Account getCaller() {
+        Account caller = CallContext.current().getCallingAccount();
+        return caller;
     }
 
     private SSHKeyPair createAndSaveSSHKeyPair(String name, String fingerprint, String publicKey,
String privateKey, Account owner) {
@@ -3655,7 +3711,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
 
     @Override
     public String getVMPassword(GetVMPasswordCmd cmd) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         UserVmVO vm = _userVmDao.findById(cmd.getId());
         if (vm == null) {
@@ -3831,7 +3887,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
     }
 
     private VirtualMachine upgradeStoppedSystemVm(Long systemVmId, Long serviceOfferingId,
Map<String, String> customparameters) {
-        Account caller = CallContext.current().getCallingAccount();
+        Account caller = getCaller();
 
         VMInstanceVO systemVm = _vmInstanceDao.findByIdTypes(systemVmId, VirtualMachine.Type.ConsoleProxy,
VirtualMachine.Type.SecondaryStorageVm);
         if (systemVm == null) {


Mime
View raw message