Fix Path cannot be null error in creating ACL Policy. Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/5854c0bb Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/5854c0bb Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/5854c0bb
Branch: refs/heads/rbac Commit: 5854c0bbeb45add9ac52de370eea4464360aebc6 Parents: 97ec3f6 Author: Min Chen <min.c...@citrix.com> Authored: Tue Feb 11 22:45:57 2014 -0800 Committer: Min Chen <min.c...@citrix.com> Committed: Tue Feb 11 22:45:57 2014 -0800 ---------------------------------------------------------------------- .../cloudstack/acl/api/AclApiServiceImpl.java | 20 ++++++++++++-------- .../apache/cloudstack/iam/api/IAMService.java | 2 +- .../cloudstack/iam/server/IAMServiceImpl.java | 3 ++- 3 files changed, 15 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java ---------------------------------------------------------------------- diff --git a/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java b/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java index 29aa258..da655b8 100644 --- a/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java +++ b/services/iam/plugin/src/org/apache/cloudstack/acl/api/AclApiServiceImpl.java @@ -273,15 +273,14 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man private void createPolicyAndAddToDomainGroup(String policyName, String description, String entityType, Long entityId, String action, AccessType accessType, Long domainId, Boolean recursive) { - AclPolicy policy = _iamSrv.createAclPolicy(policyName, description, null); - _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(), - entityId, action, accessType.toString(), Permission.Allow, recursive); - - List<Long> policyList = new ArrayList<Long>(); - policyList.add(new Long(policy.getId())); - Domain domain = _domainDao.findById(domainId); if (domain != null) { + AclPolicy policy = _iamSrv.createAclPolicy(policyName, description, null, domain.getPath()); + _iamSrv.addAclPermissionToAclPolicy(policy.getId(), entityType, PermissionScope.RESOURCE.toString(), + entityId, action, accessType.toString(), Permission.Allow, recursive); + List<Long> policyList = new ArrayList<Long>(); + policyList.add(new Long(policy.getId())); + List<AclGroup> domainGroups = listDomainGroup(domain); if (domainGroups != null) { for (AclGroup group : domainGroups) { @@ -352,7 +351,12 @@ public class AclApiServiceImpl extends ManagerBase implements AclApiService, Man @Override @ActionEvent(eventType = EventTypes.EVENT_ACL_POLICY_CREATE, eventDescription = "Creating Acl Policy", create = true) public AclPolicy createAclPolicy(Account caller, final String aclPolicyName, final String description, final Long parentPolicyId) { - return _iamSrv.createAclPolicy(aclPolicyName, description, parentPolicyId); + Long domainId = caller.getDomainId(); + Domain callerDomain = _domainDao.findById(domainId); + if (callerDomain == null) { + throw new InvalidParameterValueException("Caller does not have a domain"); + } + return _iamSrv.createAclPolicy(aclPolicyName, description, parentPolicyId, callerDomain.getPath()); } @DB http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java ---------------------------------------------------------------------- diff --git a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java index 2b26e72..3957b62 100644 --- a/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java +++ b/services/iam/server/src/org/apache/cloudstack/iam/api/IAMService.java @@ -40,7 +40,7 @@ public interface IAMService { Pair<List<AclGroup>, Integer> listAclGroups(Long aclGroupId, String aclGroupName, String path, Long startIndex, Long pageSize); /* ACL Policy related interfaces */ - AclPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId); + AclPolicy createAclPolicy(String aclPolicyName, String description, Long parentPolicyId, String path); boolean deleteAclPolicy(long aclPolicyId); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5854c0bb/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java ---------------------------------------------------------------------- diff --git a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java index 84ed545..1398889 100644 --- a/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java +++ b/services/iam/server/src/org/apache/cloudstack/iam/server/IAMServiceImpl.java @@ -294,7 +294,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager { @DB @Override - public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId) { + public AclPolicy createAclPolicy(final String aclPolicyName, final String description, final Long parentPolicyId, final String path) { // check if the policy is already existing AclPolicy ro = _aclPolicyDao.findByName(aclPolicyName); @@ -308,6 +308,7 @@ public class IAMServiceImpl extends ManagerBase implements IAMService, Manager { @Override public AclPolicy doInTransaction(TransactionStatus status) { AclPolicyVO rvo = new AclPolicyVO(aclPolicyName, description); + rvo.setPath(path); AclPolicy role = _aclPolicyDao.persist(rvo); if (parentPolicyId != null) {
