server/src/main/java/com/cloud/tags/ResourceManagerUtilImpl.java - cloudstack - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
 package com.cloud.tags;

 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;

 import javax.inject.Inject;

 import org.apache.cloudstack.api.Identity;
 import org.apache.cloudstack.api.InternalIdentity;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
 import org.apache.commons.lang3.StringUtils;

 import com.cloud.dc.DataCenterVO;
 import com.cloud.domain.DomainVO;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.PermissionDeniedException;
 import com.cloud.network.LBHealthCheckPolicyVO;
 import com.cloud.network.as.AutoScaleVmGroupVO;
 import com.cloud.network.as.AutoScaleVmProfileVO;
 import com.cloud.network.dao.IPAddressVO;
 import com.cloud.network.dao.LBStickinessPolicyVO;
 import com.cloud.network.dao.LoadBalancerVO;
 import com.cloud.network.dao.NetworkVO;
 import com.cloud.network.dao.RemoteAccessVpnVO;
 import com.cloud.network.dao.Site2SiteCustomerGatewayVO;
 import com.cloud.network.dao.Site2SiteVpnConnectionVO;
 import com.cloud.network.dao.Site2SiteVpnGatewayVO;
 import com.cloud.network.rules.FirewallRuleVO;
 import com.cloud.network.rules.PortForwardingRuleVO;
 import com.cloud.network.security.SecurityGroupRuleVO;
 import com.cloud.network.security.SecurityGroupVO;
 import com.cloud.network.vpc.NetworkACLItemVO;
 import com.cloud.network.vpc.NetworkACLVO;
 import com.cloud.network.vpc.StaticRouteVO;
 import com.cloud.network.vpc.VpcOfferingVO;
 import com.cloud.network.vpc.VpcVO;
 import com.cloud.offerings.NetworkOfferingVO;
 import com.cloud.projects.ProjectVO;
 import com.cloud.server.ResourceManagerUtil;
 import com.cloud.server.ResourceTag;
 import com.cloud.service.ServiceOfferingVO;
 import com.cloud.storage.DiskOfferingVO;
 import com.cloud.storage.SnapshotPolicyVO;
 import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.VMTemplateVO;
 import com.cloud.storage.VolumeVO;
 import com.cloud.user.Account;
 import com.cloud.user.AccountManager;
 import com.cloud.user.AccountVO;
 import com.cloud.user.DomainManager;
 import com.cloud.user.UserVO;
 import com.cloud.utils.db.EntityManager;
 import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.vm.NicVO;
 import com.cloud.vm.UserVmVO;
 import com.cloud.vm.snapshot.VMSnapshotVO;
 import java.util.Optional;

 public class ResourceManagerUtilImpl implements ResourceManagerUtil {
     public static final Map<ResourceTag.ResourceObjectType, Class<?>> s_typeMap = new HashMap<>();

     static {
         s_typeMap.put(ResourceTag.ResourceObjectType.UserVm, UserVmVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Volume, VolumeVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Template, VMTemplateVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.VnfTemplate, VMTemplateVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.ISO, VMTemplateVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Snapshot, SnapshotVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Network, NetworkVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.LoadBalancer, LoadBalancerVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.PortForwardingRule, PortForwardingRuleVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.FirewallRule, FirewallRuleVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.SecurityGroup, SecurityGroupVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.SecurityGroupRule, SecurityGroupRuleVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.PublicIpAddress, IPAddressVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Project, ProjectVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Account, AccountVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Vpc, VpcVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Nic, NicVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.NetworkACL, NetworkACLItemVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.StaticRoute, StaticRouteVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.VMSnapshot, VMSnapshotVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.RemoteAccessVpn, RemoteAccessVpnVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Zone, DataCenterVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.ServiceOffering, ServiceOfferingVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Storage, StoragePoolVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.PrivateGateway, RemoteAccessVpnVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.NetworkACLList, NetworkACLVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.VpnGateway, Site2SiteVpnGatewayVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.CustomerGateway, Site2SiteCustomerGatewayVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.VpnConnection, Site2SiteVpnConnectionVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.User, UserVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.DiskOffering, DiskOfferingVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.AutoScaleVmProfile, AutoScaleVmProfileVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.AutoScaleVmGroup, AutoScaleVmGroupVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.LBStickinessPolicy, LBStickinessPolicyVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.LBHealthCheckPolicy, LBHealthCheckPolicyVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.SnapshotPolicy, SnapshotPolicyVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.NetworkOffering, NetworkOfferingVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.VpcOffering, VpcOfferingVO.class);
         s_typeMap.put(ResourceTag.ResourceObjectType.Domain, DomainVO.class);
     }

     @Inject
     EntityManager entityMgr;
     @Inject
     AccountManager accountMgr;
     @Inject
     DomainManager domainMgr;

     @Override
     public long getResourceId(String resourceId, ResourceTag.ResourceObjectType resourceType) {
         Class<?> clazz = s_typeMap.get(resourceType);
         Object entity = entityMgr.findByUuid(clazz, resourceId);
         if (entity != null) {
             return ((InternalIdentity)entity).getId();
         }
         if (!StringUtils.isNumeric(resourceId)) {
             throw new InvalidParameterValueException("Unable to find resource by uuid " + resourceId + " and type " + resourceType);
         }
         entity = entityMgr.findById(clazz, resourceId);
         if (entity != null) {
             return ((InternalIdentity)entity).getId();
         }
         throw new InvalidParameterValueException("Unable to find resource by id " + resourceId + " and type " + resourceType);
     }

     @Override
     public String getUuid(String resourceId, ResourceTag.ResourceObjectType resourceType) {
         if (!StringUtils.isNumeric(resourceId)) {
             return resourceId;
         }

         Class<?> clazz = s_typeMap.get(resourceType);

         Object entity = entityMgr.findById(clazz, resourceId);
         if (entity != null && entity instanceof Identity) {
             return ((Identity)entity).getUuid();
         }

         return resourceId;
     }

     @Override
     public ResourceTag.ResourceObjectType getResourceType(String resourceTypeStr) {
         return Optional.ofNullable(ResourceTag.ResourceObjectType.getResourceObjectType(resourceTypeStr))
                 .orElseThrow(() -> new InvalidParameterValueException("Invalid resource type " + resourceTypeStr));
     }

     public void checkResourceAccessible(Long accountId, Long domainId, String exceptionMessage) {
         Account caller = CallContext.current().getCallingAccount();
         if (Objects.equals(domainId, -1))
         {
             throw new CloudRuntimeException("Invalid DomainId: -1");
         }
         if (accountId != null) {
             accountMgr.checkAccess(caller, null, false, accountMgr.getAccount(accountId));
         } else if (domainId != null && !accountMgr.isNormalUser(caller.getId())) {
             //check permissions;
             accountMgr.checkAccess(caller, domainMgr.getDomain(domainId));
         } else {
             throw new PermissionDeniedException(exceptionMessage);
         }
     }
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.
	package com.cloud.tags;

	import java.util.HashMap;
	import java.util.Map;
	import java.util.Objects;

	import javax.inject.Inject;

	import org.apache.cloudstack.api.Identity;
	import org.apache.cloudstack.api.InternalIdentity;
	import org.apache.cloudstack.context.CallContext;
	import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
	import org.apache.commons.lang3.StringUtils;

	import com.cloud.dc.DataCenterVO;
	import com.cloud.domain.DomainVO;
	import com.cloud.exception.InvalidParameterValueException;
	import com.cloud.exception.PermissionDeniedException;
	import com.cloud.network.LBHealthCheckPolicyVO;
	import com.cloud.network.as.AutoScaleVmGroupVO;
	import com.cloud.network.as.AutoScaleVmProfileVO;
	import com.cloud.network.dao.IPAddressVO;
	import com.cloud.network.dao.LBStickinessPolicyVO;
	import com.cloud.network.dao.LoadBalancerVO;
	import com.cloud.network.dao.NetworkVO;
	import com.cloud.network.dao.RemoteAccessVpnVO;
	import com.cloud.network.dao.Site2SiteCustomerGatewayVO;
	import com.cloud.network.dao.Site2SiteVpnConnectionVO;
	import com.cloud.network.dao.Site2SiteVpnGatewayVO;
	import com.cloud.network.rules.FirewallRuleVO;
	import com.cloud.network.rules.PortForwardingRuleVO;
	import com.cloud.network.security.SecurityGroupRuleVO;
	import com.cloud.network.security.SecurityGroupVO;
	import com.cloud.network.vpc.NetworkACLItemVO;
	import com.cloud.network.vpc.NetworkACLVO;
	import com.cloud.network.vpc.StaticRouteVO;
	import com.cloud.network.vpc.VpcOfferingVO;
	import com.cloud.network.vpc.VpcVO;
	import com.cloud.offerings.NetworkOfferingVO;
	import com.cloud.projects.ProjectVO;
	import com.cloud.server.ResourceManagerUtil;
	import com.cloud.server.ResourceTag;
	import com.cloud.service.ServiceOfferingVO;
	import com.cloud.storage.DiskOfferingVO;
	import com.cloud.storage.SnapshotPolicyVO;
	import com.cloud.storage.SnapshotVO;
	import com.cloud.storage.VMTemplateVO;
	import com.cloud.storage.VolumeVO;
	import com.cloud.user.Account;
	import com.cloud.user.AccountManager;
	import com.cloud.user.AccountVO;
	import com.cloud.user.DomainManager;
	import com.cloud.user.UserVO;
	import com.cloud.utils.db.EntityManager;
	import com.cloud.utils.exception.CloudRuntimeException;
	import com.cloud.vm.NicVO;
	import com.cloud.vm.UserVmVO;
	import com.cloud.vm.snapshot.VMSnapshotVO;
	import java.util.Optional;

	public class ResourceManagerUtilImpl implements ResourceManagerUtil {
	public static final Map<ResourceTag.ResourceObjectType, Class<?>> s_typeMap = new HashMap<>();

	static {
	s_typeMap.put(ResourceTag.ResourceObjectType.UserVm, UserVmVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Volume, VolumeVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Template, VMTemplateVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.VnfTemplate, VMTemplateVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.ISO, VMTemplateVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Snapshot, SnapshotVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Network, NetworkVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.LoadBalancer, LoadBalancerVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.PortForwardingRule, PortForwardingRuleVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.FirewallRule, FirewallRuleVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.SecurityGroup, SecurityGroupVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.SecurityGroupRule, SecurityGroupRuleVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.PublicIpAddress, IPAddressVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Project, ProjectVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Account, AccountVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Vpc, VpcVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Nic, NicVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.NetworkACL, NetworkACLItemVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.StaticRoute, StaticRouteVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.VMSnapshot, VMSnapshotVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.RemoteAccessVpn, RemoteAccessVpnVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Zone, DataCenterVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.ServiceOffering, ServiceOfferingVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Storage, StoragePoolVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.PrivateGateway, RemoteAccessVpnVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.NetworkACLList, NetworkACLVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.VpnGateway, Site2SiteVpnGatewayVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.CustomerGateway, Site2SiteCustomerGatewayVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.VpnConnection, Site2SiteVpnConnectionVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.User, UserVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.DiskOffering, DiskOfferingVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.AutoScaleVmProfile, AutoScaleVmProfileVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.AutoScaleVmGroup, AutoScaleVmGroupVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.LBStickinessPolicy, LBStickinessPolicyVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.LBHealthCheckPolicy, LBHealthCheckPolicyVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.SnapshotPolicy, SnapshotPolicyVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.NetworkOffering, NetworkOfferingVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.VpcOffering, VpcOfferingVO.class);
	s_typeMap.put(ResourceTag.ResourceObjectType.Domain, DomainVO.class);
	}

	@Inject
	EntityManager entityMgr;
	@Inject
	AccountManager accountMgr;
	@Inject
	DomainManager domainMgr;

	@Override
	public long getResourceId(String resourceId, ResourceTag.ResourceObjectType resourceType) {
	Class<?> clazz = s_typeMap.get(resourceType);
	Object entity = entityMgr.findByUuid(clazz, resourceId);
	if (entity != null) {
	return ((InternalIdentity)entity).getId();
	}
	if (!StringUtils.isNumeric(resourceId)) {
	throw new InvalidParameterValueException("Unable to find resource by uuid " + resourceId + " and type " + resourceType);
	}
	entity = entityMgr.findById(clazz, resourceId);
	if (entity != null) {
	return ((InternalIdentity)entity).getId();
	}
	throw new InvalidParameterValueException("Unable to find resource by id " + resourceId + " and type " + resourceType);
	}

	@Override
	public String getUuid(String resourceId, ResourceTag.ResourceObjectType resourceType) {
	if (!StringUtils.isNumeric(resourceId)) {
	return resourceId;
	}

	Class<?> clazz = s_typeMap.get(resourceType);

	Object entity = entityMgr.findById(clazz, resourceId);
	if (entity != null && entity instanceof Identity) {
	return ((Identity)entity).getUuid();
	}

	return resourceId;
	}

	@Override
	public ResourceTag.ResourceObjectType getResourceType(String resourceTypeStr) {
	return Optional.ofNullable(ResourceTag.ResourceObjectType.getResourceObjectType(resourceTypeStr))
	.orElseThrow(() -> new InvalidParameterValueException("Invalid resource type " + resourceTypeStr));
	}

	public void checkResourceAccessible(Long accountId, Long domainId, String exceptionMessage) {
	Account caller = CallContext.current().getCallingAccount();
	if (Objects.equals(domainId, -1))
	{
	throw new CloudRuntimeException("Invalid DomainId: -1");
	}
	if (accountId != null) {
	accountMgr.checkAccess(caller, null, false, accountMgr.getAccount(accountId));
	} else if (domainId != null && !accountMgr.isNormalUser(caller.getId())) {
	//check permissions;
	accountMgr.checkAccess(caller, domainMgr.getDomain(domainId));
	} else {
	throw new PermissionDeniedException(exceptionMessage);
	}
	}
	}