[jira] [Commented] (CLOUDSTACK-639) API Refactoring: Adapters for ACL

Fri, 14 Dec 2012 11:20:13 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-639?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13532560#comment-13532560
 ] 

Rohit Yadav commented on CLOUDSTACK-639:
----------------------------------------

Part 1 was mostly already done by Prachi on api_refactoring:

commit a2306f4917a6705819b0112fcb085ebafe752ed0
Author: Prachi Damle <pra...@cloud.com>
Date:   Tue Nov 13 11:47:38 2012 -0800

    some more poc work

commit 073863249abf36b6879359889f5731984391fa41
Author: Prachi Damle <pra...@cloud.com>
Date:   Thu Nov 29 16:09:47 2012 -0800

    Some ACL POC work
    
    Conflicts:
    
        server/src/com/cloud/api/ApiDispatcher.java

commit 79b54e6ac1eea7ccc6a76255be3770f4e8b03703
Author:     Rohit Yadav <bhais...@apache.org>
AuthorDate: Tue Dec 11 14:16:25 2012 -0800
Commit:     Rohit Yadav <bhais...@apache.org>
CommitDate: Tue Dec 11 14:16:25 2012 -0800

    api: Fix obj injections in ApiServer

    - Inject classes using Inject annotation
    - Don't misuse component locator

commit 6ce68b93ccfe23c4001713ae38c6422029891726
Author:     Rohit Yadav <bhais...@apache.org>
AuthorDate: Tue Dec 11 14:10:36 2012 -0800
Commit:     Rohit Yadav <bhais...@apache.org>
CommitDate: Tue Dec 11 14:10:36 2012 -0800

    api: Fix APIAccessChecker and StaticRoleBasedAPIAccessChecker

    - Add getCmd api interface in APIAccessChecker adapter to get cmd properties
    - Add mechanism in StaticRoleBasedAPIAccessChecker to get config properties
    - Add public interface to get the cmd properties for the adapter impl
                
> API Refactoring: Adapters for ACL
> ---------------------------------
>
>                 Key: CLOUDSTACK-639
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-639
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: API
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: 4.1.0
>
>
> The work is to do the access control checks and entities checks using 
> adapters.
> Part 1: APIAccessChecker to check if caller can evoke given API command. 
> Implement a static role based checker using commands.properties file to check 
> necessary roles for the command (the old school way CS used to do it)
> Part 2: Entity access checkers to check is caller can do operations on an 
> entity. May use existing DomainChecker implementation. We may need to group 
> entities in two groups (Infra entity like datacenter, disk offering etc. and 
> controlled entity like those which have domain and accountid)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to