Skip to content

Commit 4111061

Browse files
list only own zones for resource admin (#11087)
Co-authored-by: Suresh Kumar Anaparti <[email protected]>
1 parent 1b74c2d commit 4111061

File tree

9 files changed

+248
-273
lines changed

9 files changed

+248
-273
lines changed

api/src/main/java/com/cloud/user/AccountService.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,8 @@ User createUser(String userName, String password, String firstName, String lastN
8787

8888
boolean isDomainAdmin(Long accountId);
8989

90+
boolean isResourceDomainAdmin(Long accountId);
91+
9092
boolean isNormalUser(long accountId);
9193

9294
User getActiveUserByRegistrationToken(String registrationToken);

api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -128,19 +128,19 @@ public CPU.CPUArch getArch() {
128128

129129
protected Pair<List<ClusterResponse>, Integer> getClusterResponses() {
130130
Pair<List<? extends Cluster>, Integer> result = _mgr.searchForClusters(this);
131-
List<ClusterResponse> clusterResponses = new ArrayList<ClusterResponse>();
131+
List<ClusterResponse> clusterResponses = new ArrayList<>();
132132
for (Cluster cluster : result.first()) {
133133
ClusterResponse clusterResponse = _responseGenerator.createClusterResponse(cluster, showCapacities);
134134
clusterResponse.setObjectName("cluster");
135135
clusterResponses.add(clusterResponse);
136136
}
137-
return new Pair<List<ClusterResponse>, Integer>(clusterResponses, result.second());
137+
return new Pair<>(clusterResponses, result.second());
138138
}
139139

140140
@Override
141141
public void execute() {
142142
Pair<List<ClusterResponse>, Integer> clusterResponses = getClusterResponses();
143-
ListResponse<ClusterResponse> response = new ListResponse<ClusterResponse>();
143+
ListResponse<ClusterResponse> response = new ListResponse<>();
144144
response.setResponses(clusterResponses.first(), clusterResponses.second());
145145
response.setResponseName(getCommandName());
146146
this.setResponseObject(response);

api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -86,8 +86,8 @@ public Boolean getShowCapacities() {
8686
@Override
8787
public void execute() {
8888
Pair<List<? extends Pod>, Integer> result = _mgr.searchForPods(this);
89-
ListResponse<PodResponse> response = new ListResponse<PodResponse>();
90-
List<PodResponse> podResponses = new ArrayList<PodResponse>();
89+
ListResponse<PodResponse> response = new ListResponse<>();
90+
List<PodResponse> podResponses = new ArrayList<>();
9191
for (Pod pod : result.first()) {
9292
PodResponse podResponse = _responseGenerator.createPodResponse(pod, showCapacities);
9393
podResponse.setObjectName("pod");

api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -34,8 +34,6 @@
3434
requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
3535
public class ListZonesCmd extends BaseListCmd implements UserCmd {
3636

37-
private static final String s_name = "listzonesresponse";
38-
3937
/////////////////////////////////////////////////////
4038
//////////////// API parameters /////////////////////
4139
/////////////////////////////////////////////////////
@@ -113,11 +111,6 @@ public Boolean getShowIcon () {
113111
/////////////// API Implementation///////////////////
114112
/////////////////////////////////////////////////////
115113

116-
@Override
117-
public String getCommandName() {
118-
return s_name;
119-
}
120-
121114
@Override
122115
public void execute() {
123116
ListResponse<ZoneResponse> response = _queryService.listDataCenters(this);

api/src/main/java/org/apache/cloudstack/query/QueryService.java

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -112,11 +112,11 @@ public interface QueryService {
112112
ConfigKey<Boolean> AllowUserViewDestroyedVM = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.destroyed.vm", "false",
113113
"Determines whether users can view their destroyed or expunging vm ", true, ConfigKey.Scope.Account);
114114

115-
static final ConfigKey<String> UserVMDeniedDetails = new ConfigKey<>(String.class,
115+
ConfigKey<String> UserVMDeniedDetails = new ConfigKey<>(String.class,
116116
"user.vm.denied.details", "Advanced", "rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag",
117117
"Determines whether users can view certain VM settings. When set to empty, default value used is: rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag.", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
118118

119-
static final ConfigKey<String> UserVMReadOnlyDetails = new ConfigKey<>(String.class,
119+
ConfigKey<String> UserVMReadOnlyDetails = new ConfigKey<>(String.class,
120120
"user.vm.readonly.details", "Advanced", "dataDiskController, rootDiskController",
121121
"List of read-only VM settings/details as comma separated string", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
122122

@@ -125,16 +125,20 @@ public interface QueryService {
125125
"network offering, zones), we use the flag to determine if the entities should be sorted ascending (when flag is true) " +
126126
"or descending (when flag is false). Within the scope of the config all users see the same result.", true, ConfigKey.Scope.Global);
127127

128-
public static final ConfigKey<Boolean> AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class,
128+
ConfigKey<Boolean> AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class,
129129
"allow.user.view.all.domain.accounts", "false",
130130
"Determines whether users can view all user accounts within the same domain", true, ConfigKey.Scope.Domain);
131131

132-
static final ConfigKey<Boolean> SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true",
132+
ConfigKey<Boolean> AllowUserViewAllDataCenters = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.all.zones", "true",
133+
"Determines whether for instance a Resource Admin can view zones that are not dedicated to them.", true, ConfigKey.Scope.Domain);
134+
135+
ConfigKey<Boolean> SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true",
133136
"If false, templates of this domain will not show up in the list templates of other domains.", true, ConfigKey.Scope.Domain);
134137

135138
ConfigKey<Boolean> ReturnVmStatsOnVmList = new ConfigKey<>("Advanced", Boolean.class, "list.vm.default.details.stats", "true",
136139
"Determines whether VM stats should be returned when details are not explicitly specified in listVirtualMachines API request. When false, details default to [group, nics, secgrp, tmpl, servoff, diskoff, backoff, iso, volume, min, affgrp]. When true, all details are returned including 'stats'.", true, ConfigKey.Scope.Global);
137140

141+
138142
ListResponse<UserResponse> searchForUsers(ResponseObject.ResponseView responseView, ListUsersCmd cmd) throws PermissionDeniedException;
139143

140144
ListResponse<UserResponse> searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException;

plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -236,6 +236,12 @@ public boolean isDomainAdmin(Long accountId) {
236236
return false;
237237
}
238238

239+
@Override
240+
public boolean isResourceDomainAdmin(Long accountId) {
241+
// TODO Auto-generated method stub
242+
return false;
243+
}
244+
239245
@Override
240246
public boolean isNormalUser(long accountId) {
241247
// TODO Auto-generated method stub

0 commit comments

Comments
 (0)