[jira] [Commented] (CLOUDSTACK-639) API Refactoring: Adapters for ACL

[Rohit Yadav (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-639?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13543671#comment-13543671
 ] 

Rohit Yadav commented on CLOUDSTACK-639:
----------------------------------------

Smoke tests on devcloud, all passed now! api_refactoring branch is much stable 
now:

commit 6929bd947348c3912c19a260428c063bb0aea0ea
Author: Rohit Yadav <bhais...@apache.org>
Date:   Thu Jan 3 22:18:27 2013 -0800

    server: Don't silently ignore uuid param translation for required param in 
case they fail
    
    Signed-off-by: Rohit Yadav <bhais...@apache.org>

commit 6fa8c708eeed0b511780b900b7869385091cac1d
Author: Rohit Yadav <bhais...@apache.org>
Date:   Thu Jan 3 22:16:51 2013 -0800

    api: Fix service and disk offering annotations
    
    Signed-off-by: Rohit Yadav <bhais...@apache.org>

commit 98d5719b57e34b5852fb9e27ea939361a75a2099
Author: Rohit Yadav <bhais...@apache.org>
Date:   Thu Jan 3 17:17:21 2013 -0800

    server: Make ApiDispatcher backward compatible to not throw error on 
incorrect params
    
    Incorrect params are silently ignored in 4.0 and before. The fix would log 
the error
    in debug log, but will continue processing. In case of an issue with uuid 
or param
    an empty response is sent, for ex. in case of deleted entities as well.
    
    Signed-off-by: Rohit Yadav <bhais...@apache.org>

Next, the ACL adapters will be moved in separate artifacts in plugins/acl and 
logic for processing acl annotation will be fixed in ApiDispatcher.
                
> API Refactoring: Adapters for ACL
> ---------------------------------
>
>                 Key: CLOUDSTACK-639
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-639
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: API
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>             Fix For: 4.1.0
>
>
> The work is to do the access control checks and entities checks using 
> adapters.
> Part 1: APIAccessChecker to check if caller can evoke given API command. 
> Implement a static role based checker using commands.properties file to check 
> necessary roles for the command (the old school way CS used to do it)
> Part 2: Entity access checkers to check is caller can do operations on an 
> entity. May use existing DomainChecker implementation. We may need to group 
> entities in two groups (Infra entity like datacenter, disk offering etc. and 
> controlled entity like those which have domain and accountid)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira