server,ui: prevent non-user templates for External hypervisor

Signed-off-by: Abhishek Kumar <[email protected]>

Author: shwstppr

engine/components-api/src/main/java/com/cloud/template/TemplateManager.java

@@ -29,6 +29,7 @@
 import com.cloud.deploy.DeployDestination;
 import com.cloud.exception.ResourceAllocationException;
 import com.cloud.exception.StorageUnavailableException;
+import com.cloud.hypervisor.Hypervisor;
 import com.cloud.storage.DataStoreRole;
 import com.cloud.storage.Storage.TemplateType;
 import com.cloud.storage.StoragePool;
@@ -141,7 +142,7 @@ public interface TemplateManager {
     public static final String MESSAGE_REGISTER_PUBLIC_TEMPLATE_EVENT = "Message.RegisterPublicTemplate.Event";
     public static final String MESSAGE_RESET_TEMPLATE_PERMISSION_EVENT = "Message.ResetTemplatePermission.Event";
 
-    TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean isCrossZones);
+    TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean isCrossZones, Hypervisor.HypervisorType hypervisorType);
 
     List<DatadiskTO> getTemplateDisksOnImageStore(VirtualMachineTemplate template, DataStoreRole role, String configurationId);
 

plugins/hypervisors/external/src/main/java/org/apache/cloudstack/agent/manager/ExternalTemplateAdapter.java

@@ -69,7 +69,7 @@ public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocatio
         Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
         _accountMgr.checkAccess(caller, null, true, owner);
         Storage.TemplateType templateType = templateMgr.validateTemplateType(cmd, _accountMgr.isAdmin(caller.getAccountId()),
-                CollectionUtils.isEmpty(cmd.getZoneIds()));
+                CollectionUtils.isEmpty(cmd.getZoneIds()), Hypervisor.HypervisorType.External);
 
         List<Long> zoneId = cmd.getZoneIds();
         // ignore passed zoneId if we are using region wide image store

plugins/hypervisors/external/src/test/java/org/apache/cloudstack/agent/manager/ExternalTemplateAdapterTest.java

@@ -46,6 +46,7 @@
 import com.cloud.cpu.CPU;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.ResourceAllocationException;
+import com.cloud.hypervisor.Hypervisor;
 import com.cloud.storage.TemplateProfile;
 import com.cloud.storage.dao.VMTemplateDao;
 import com.cloud.template.TemplateManager;
@@ -118,7 +119,7 @@ public void prepare_WhenRegionImageStoresExist_ZoneIdsAreIgnored() throws Resour
             when(cmd.getExternalDetails()).thenReturn(Collections.emptyMap());
             when(_accountMgr.getAccount(anyLong())).thenReturn(mock(com.cloud.user.Account.class));
             when(_accountMgr.isAdmin(anyLong())).thenReturn(true);
-            when(templateMgr.validateTemplateType(any(), anyBoolean(), anyBoolean())).thenReturn(com.cloud.storage.Storage.TemplateType.USER);
+            when(templateMgr.validateTemplateType(any(), anyBoolean(), anyBoolean(), Hypervisor.HypervisorType.External)).thenReturn(com.cloud.storage.Storage.TemplateType.USER);
             when(_userDao.findById(any())).thenReturn(mock(UserVO.class));
             when(cmd.getEntityOwnerId()).thenReturn(1L);
             when(cmd.getTemplateName()).thenReturn("t");

server/src/main/java/com/cloud/template/TemplateAdapterBase.java

@@ -419,8 +419,16 @@ public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocatio
         Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
         _accountMgr.checkAccess(caller, null, true, owner);
 
+        HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
+        if(hypervisorType == HypervisorType.None) {
+            throw new InvalidParameterValueException(String.format(
+                    "Hypervisor Type: %s is invalid. Supported Hypervisor types are: %s",
+                    cmd.getHypervisor(),
+                    StringUtils.join(Arrays.stream(HypervisorType.values()).filter(h -> h != HypervisorType.None).map(HypervisorType::name).toArray(), ", ")));
+        }
+
         TemplateType templateType = templateMgr.validateTemplateType(cmd, _accountMgr.isAdmin(caller.getAccountId()),
-                CollectionUtils.isEmpty(cmd.getZoneIds()));
+                CollectionUtils.isEmpty(cmd.getZoneIds()), hypervisorType);
 
         List<Long> zoneId = cmd.getZoneIds();
         // ignore passed zoneId if we are using region wide image store
@@ -429,14 +437,6 @@ public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocatio
             zoneId = null;
         }
 
-        HypervisorType hypervisorType = HypervisorType.getType(cmd.getHypervisor());
-        if(hypervisorType == HypervisorType.None) {
-            throw new InvalidParameterValueException(String.format(
-                    "Hypervisor Type: %s is invalid. Supported Hypervisor types are: %s",
-                    cmd.getHypervisor(),
-                    StringUtils.join(Arrays.stream(HypervisorType.values()).filter(h -> h != HypervisorType.None).map(HypervisorType::name).toArray(), ", ")));
-        }
-
         Map details = cmd.getDetails();
         if (cmd.isDeployAsIs()) {
             if (MapUtils.isNotEmpty(details)) {

server/src/main/java/com/cloud/template/TemplateManagerImpl.java

@@ -34,9 +34,6 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
-import com.cloud.cpu.CPU;
-import com.cloud.vm.VirtualMachine;
-import com.cloud.storage.snapshot.SnapshotManager;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.BaseCmd;
@@ -129,6 +126,7 @@
 import com.cloud.api.query.vo.UserVmJoinVO;
 import com.cloud.configuration.Config;
 import com.cloud.configuration.Resource.ResourceType;
+import com.cloud.cpu.CPU;
 import com.cloud.dc.DataCenter;
 import com.cloud.dc.DataCenterVO;
 import com.cloud.dc.dao.DataCenterDao;
@@ -184,6 +182,7 @@
 import com.cloud.storage.dao.VMTemplatePoolDao;
 import com.cloud.storage.dao.VMTemplateZoneDao;
 import com.cloud.storage.dao.VolumeDao;
+import com.cloud.storage.snapshot.SnapshotManager;
 import com.cloud.template.TemplateAdapter.TemplateAdapterType;
 import com.cloud.template.VirtualMachineTemplate.BootloaderType;
 import com.cloud.user.Account;
@@ -213,6 +212,7 @@
 import com.cloud.vm.UserVmManager;
 import com.cloud.vm.UserVmVO;
 import com.cloud.vm.VMInstanceVO;
+import com.cloud.vm.VirtualMachine;
 import com.cloud.vm.VirtualMachine.State;
 import com.cloud.vm.VirtualMachineProfile;
 import com.cloud.vm.VirtualMachineProfileImpl;
@@ -2173,7 +2173,7 @@ private VMTemplateVO updateTemplateOrIso(BaseUpdateTemplateOrIsoCmd cmd) {
         String templateTag = null;
         if (cmd instanceof UpdateTemplateCmd) {
             boolean isAdmin = _accountMgr.isAdmin(account.getId());
-            templateType = validateTemplateType(cmd, isAdmin, template.isCrossZones());
+            templateType = validateTemplateType(cmd, isAdmin, template.isCrossZones(), template.getHypervisorType());
             if (cmd instanceof UpdateVnfTemplateCmd) {
                 VnfTemplateUtils.validateApiCommandParams(cmd, template);
                 vnfTemplateManager.updateVnfTemplate(template.getId(), (UpdateVnfTemplateCmd) cmd);
@@ -2311,7 +2311,7 @@ else if (details != null && !details.isEmpty()) {
     }
 
     @Override
-    public TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean isCrossZones) {
+    public TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean isCrossZones, HypervisorType hypervisorType) {
         if (!(cmd instanceof UpdateTemplateCmd) && !(cmd instanceof RegisterTemplateCmd)) {
             return null;
         }
@@ -2345,6 +2345,7 @@ public TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean i
             boolean isRouting = Boolean.TRUE.equals(isRoutingType);
             templateType = (cmd instanceof RegisterVnfTemplateCmd) ? TemplateType.VNF : (isRouting ? TemplateType.ROUTING : TemplateType.USER);
         }
+        validateExternalHypervisorTemplateType(hypervisorType, templateType);
         if (templateType != null && !isAdmin && !Arrays.asList(TemplateType.USER, TemplateType.VNF).contains(templateType)) {
             if (cmd instanceof RegisterTemplateCmd) {
                 throw new InvalidParameterValueException(String.format("Users can not register template with template type %s.", templateType));
@@ -2355,6 +2356,15 @@ public TemplateType validateTemplateType(BaseCmd cmd, boolean isAdmin, boolean i
         return templateType;
     }
 
+    protected void validateExternalHypervisorTemplateType(HypervisorType hypervisorType, TemplateType templateType) {
+        if (!HypervisorType.External.equals(hypervisorType) ||
+                templateType == null || templateType == TemplateType.USER) {
+            return;
+        }
+        throw new InvalidParameterValueException(String.format("Only %s templates supported for %s hypervisor type",
+                TemplateType.USER, HypervisorType.External));
+    }
+
     void validateDetails(VMTemplateVO template, Map<String, String> details) {
         if (MapUtils.isEmpty(details)) {
             return;

server/src/test/java/com/cloud/template/TemplateManagerImplTest.java

@@ -651,102 +651,102 @@ public void getImageStoreTestStoreUuidIsNullAndThereIsActiveHeuristicRulesShould
     public void testRegisterTemplateWithTemplateType() {
         RegisterTemplateCmd cmd = Mockito.mock(RegisterTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.KVM);
         Assert.assertEquals(Storage.TemplateType.SYSTEM, type);
     }
 
     @Test
     public void testRegisterTemplateWithoutTemplateType() {
         RegisterTemplateCmd cmd = Mockito.mock(RegisterTemplateCmd.class);
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.KVM);
         Assert.assertEquals(Storage.TemplateType.USER, type);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testRegisterTemplateWithSystemTemplateTypeByUser() {
         RegisterVnfTemplateCmd cmd = Mockito.mock(RegisterVnfTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.KVM);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testRegisterVnfTemplateWithTemplateType() {
         RegisterVnfTemplateCmd cmd = Mockito.mock(RegisterVnfTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.KVM);
         Assert.assertEquals(Storage.TemplateType.VNF, type);
     }
 
     @Test
     public void testRegisterVnfTemplateWithoutTemplateType() {
         RegisterVnfTemplateCmd cmd = Mockito.mock(RegisterVnfTemplateCmd.class);
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.KVM);
         Assert.assertEquals(Storage.TemplateType.VNF, type);
     }
 
     @Test
     public void testUpdateTemplateWithTemplateType() {
         UpdateTemplateCmd cmd = Mockito.mock(UpdateTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.XenServer);
         Assert.assertEquals(Storage.TemplateType.SYSTEM, type);
     }
 
     @Test
     public void testUpdateTemplateWithoutTemplateType() {
         UpdateTemplateCmd cmd = Mockito.mock(UpdateTemplateCmd.class);
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.KVM);
         Assert.assertNull(type);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testUpdateTemplateWithInvalidTemplateType() {
         UpdateTemplateCmd cmd = Mockito.mock(UpdateTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn("invalidtype");
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.VMware);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testUpdateTemplateWithInvalidTemplateTypeForRouting() {
         UpdateTemplateCmd cmd = Mockito.mock(UpdateTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.USER.toString());
         when(cmd.isRoutingType()).thenReturn(true);
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.KVM);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testUpdateTemplateWithInvalidCrossZonesForSystem() {
         UpdateTemplateCmd cmd = Mockito.mock(UpdateTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, false);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, false, Hypervisor.HypervisorType.KVM);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testUpdateTemplateWithSystemTemplateTypeByUser() {
         UpdateVnfTemplateCmd cmd = Mockito.mock(UpdateVnfTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.XenServer);
     }
 
     @Test(expected = InvalidParameterValueException.class)
     public void testUpdateVnfTemplateWithTemplateType() {
         UpdateVnfTemplateCmd cmd = Mockito.mock(UpdateVnfTemplateCmd.class);
         when(cmd.getTemplateType()).thenReturn(Storage.TemplateType.SYSTEM.toString());
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.KVM);
         Assert.assertEquals(Storage.TemplateType.VNF, type);
     }
 
     @Test
     public void testUpdateVnfTemplateWithoutTemplateType() {
         UpdateVnfTemplateCmd cmd = Mockito.mock(UpdateVnfTemplateCmd.class);
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, false, true, Hypervisor.HypervisorType.KVM);
         Assert.assertNull(type);
     }
 
     @Test
     public void testDeleteTemplateWithTemplateType() {
         DeleteTemplateCmd cmd = new DeleteTemplateCmd();
-        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true);
+        Storage.TemplateType type = templateManager.validateTemplateType(cmd, true, true, Hypervisor.HypervisorType.VMware);
         Assert.assertNull(type);
     }
 

ui/src/views/image/UpdateTemplate.vue

@@ -178,8 +178,8 @@
             v-model:value="form.templatetype"
             :placeholder="apiParams.templatetype.description"
             @change="val => { selectedTemplateType = val }">
-            <a-select-option v-for="opt in templatetypes" :key="opt">
-              {{ opt }}
+            <a-select-option v-for="opt in templatetypes" :key="opt.id">
+              {{ opt.name || opt.description }}
             </a-select-option>
           </a-select>
         </a-form-item>
@@ -239,7 +239,7 @@ export default {
   },
   data () {
     return {
-      templatetypes: ['BUILTIN', 'USER', 'SYSTEM', 'ROUTING', 'VNF'],
+      templatetypes: [],
       emptyAllowedFields: ['templatetag'],
       rootDisk: {},
       nicAdapterType: {},
@@ -261,6 +261,7 @@ export default {
   },
   created () {
     this.initForm()
+    this.templatetypes = this.$fetchTemplateTypes(this.resource.hypervisor)
     this.rootDisk.loading = false
     this.rootDisk.opts = []
     this.nicAdapterType.loading = false