protected boolean lockAccount(long accountId) { boolean success = false; Account account = _accountDao.findById(accountId); if (account != null) { if (account.getState().equals(State.locked)) { return true; // already locked, no-op } else if (account.getState().equals(State.enabled)) { AccountVO acctForUpdate = _accountDao.createForUpdate(); acctForUpdate.setState(State.locked); success = _accountDao.update(Long.valueOf(accountId), acctForUpdate); } else { if (s_logger.isInfoEnabled()) { s_logger.info("Attempting to lock a non-enabled account, current state is " + account.getState() + " (accountId: " + accountId + "), locking failed."); } } } else { s_logger.warn("Failed to lock account " + accountId + ", account not found."); } return success; }
protected boolean lockAccount(long accountId) { final short opendb = TransactionLegacy.currentTxn().getDatabaseId(); boolean success = false; try (TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.CLOUD_DB)) { Account account = _accountDao.findById(accountId); if (account != null) { if (account.getState() == State.locked) { return true; // already locked, no-op } else if (account.getState() == State.enabled) { AccountVO acctForUpdate = _accountDao.createForUpdate(); acctForUpdate.setState(State.locked); success = _accountDao.update(Long.valueOf(accountId), acctForUpdate); } else { if (s_logger.isInfoEnabled()) { s_logger.info("Attempting to lock a non-enabled account, current state is " + account.getState() + " (accountId: " + accountId + "), locking failed."); } } } else { s_logger.warn("Failed to lock account " + accountId + ", account not found."); } } catch (Exception e) { s_logger.error("Exception occured while locking account by Quota Alert Manager", e); throw e; } finally { TransactionLegacy.open(opendb).close(); } return success; }
Account account = userAcctPair.second(); if (!user.getState().equals(Account.State.enabled) || !account.getState().equals(Account.State.enabled)) { s_logger.debug("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() + "; accountState: " + account.getState()); return false;
final Account account = userAcctPair.second(); if (user.getState() != Account.State.enabled || !account.getState().equals(Account.State.enabled)) { s_logger.info("disabled or locked user accessing the api, userid = " + user.getId() + "; name = " + user.getUsername() + "; state: " + user.getState() + "; accountState: " + account.getState()); return false;
public boolean verifyUser(Long userId) { // copy from ApiServer.java, a bit ugly here User user = _accountMgr.getUserIncludingRemoved(userId); Account account = null; if (user != null) { account = _accountMgr.getAccount(user.getAccountId()); } if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) || !account.getState().equals(Account.State.enabled)) { s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API"); return false; } return true; }
@Override public boolean verifyUser(final Long userId) { final User user = accountMgr.getUserIncludingRemoved(userId); Account account = null; if (user != null) { account = accountMgr.getAccount(user.getAccountId()); } if ((user == null) || (user.getRemoved() != null) || !user.getState().equals(Account.State.enabled) || (account == null) || !account.getState().equals(Account.State.enabled)) { s_logger.warn("Deleted/Disabled/Locked user with id=" + userId + " attempting to access public API"); return false; } return true; }
if (volAcct == null || volAcct.getState() == Account.State.disabled) {
private QuotaSummaryResponse getQuotaSummaryResponse(final Account account) { Calendar[] period = _statement.getCurrentStatementTime(); if (account != null) { QuotaSummaryResponse qr = new QuotaSummaryResponse(); DomainVO domain = _domainDao.findById(account.getDomainId()); BigDecimal curBalance = _quotaBalanceDao.lastQuotaBalance(account.getAccountId(), account.getDomainId(), period[1].getTime()); BigDecimal quotaUsage = _quotaUsageDao.findTotalQuotaUsage(account.getAccountId(), account.getDomainId(), null, period[0].getTime(), period[1].getTime()); qr.setAccountId(account.getAccountId()); qr.setAccountName(account.getAccountName()); qr.setDomainId(account.getDomainId()); qr.setDomainName(domain.getName()); qr.setBalance(curBalance); qr.setQuotaUsage(quotaUsage); qr.setState(account.getState()); qr.setStartDate(period[0].getTime()); qr.setEndDate(period[1].getTime()); qr.setCurrency(QuotaConfig.QuotaCurrencySymbol.value()); qr.setObjectName("summary"); return qr; } else { return new QuotaSummaryResponse(); } }
@Override public boolean checkAccess(Account caller, Domain domain) throws PermissionDeniedException { if (caller.getState() != Account.State.enabled) { throw new PermissionDeniedException(caller + " is disabled."); } long domainId = domain.getId(); if (_accountService.isNormalUser(caller.getId())) { if (caller.getDomainId() != domainId) { throw new PermissionDeniedException(caller + " does not have permission to operate within domain id=" + domain.getUuid()); } } else if (!_domainDao.isChildDomain(caller.getDomainId(), domainId)) { throw new PermissionDeniedException(caller + " does not have permission to operate within domain id=" + domain.getUuid()); } return true; }
@Override public long getEntityOwnerId() { Volume volume = _entityMgr.findById(Volume.class, getEntityId()); if (volume == null) { throw new InvalidParameterValueException("Unable to find volume by id=" + id); } Account account = _accountService.getAccount(volume.getAccountId()); //Can resize volumes for enabled projects/accounts only if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) { Project project = _projectService.findByProjectAccountId(volume.getAccountId()); if (project.getState() != Project.State.Active) { throw new PermissionDeniedException("Can't add resources to project id=" + project.getId() + " in state=" + project.getState() + " as it's no longer active"); } } else if (account.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of volume " + id + " is disabled: " + account); } return volume.getAccountId(); }
@Override public long getEntityOwnerId() { Volume volume = _entityMgr.findById(Volume.class, getVolumeId()); if (volume == null) { throw new InvalidParameterValueException("Unable to find volume by id=" + volumeId); } Account account = _accountService.getAccount(volume.getAccountId()); //Can create templates for enabled projects/accounts only if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) { Project project = _projectService.findByProjectAccountId(volume.getAccountId()); if (project.getState() != Project.State.Active) { throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() + " as it's no longer active"); } } else if (account.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of template is disabled: " + account); } return volume.getAccountId(); }
if (newAccount.getState() == Account.State.disabled) { throw new InvalidParameterValueException("The new account owner " + cmd.getAccountName() + " is disabled.");
@Override public long getEntityOwnerId() { Volume volume = _entityMgr.findById(Volume.class, getVolumeId()); if (volume == null) { throw new InvalidParameterValueException("Unable to find volume by id=" + volumeId); } Account account = _accountService.getAccount(volume.getAccountId()); //Can create templates for enabled projects/accounts only if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) { Project project = _projectService.findByProjectAccountId(volume.getAccountId()); if (project.getState() != Project.State.Active) { PermissionDeniedException ex = new PermissionDeniedException("Can't add resources to the specified project id in state=" + project.getState() + " as it's no longer active"); ex.addProxyObject(project.getUuid(), "projectId"); throw ex; } } else if (account.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of template is disabled: " + account); } return volume.getAccountId(); }
@Override public long getEntityOwnerId() { VMSnapshot vmsnapshot = _entityMgr.findById(VMSnapshot.class, getVMSnapshotId()); if (vmsnapshot == null) { throw new InvalidParameterValueException("Unable to find vmsnapshot by id=" + getVMSnapshotId()); } Account account = _accountService.getAccount(vmsnapshot.getAccountId()); //Can create templates for enabled projects/accounts only if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) { Project project = _projectService.findByProjectAccountId(vmsnapshot.getAccountId()); if (project == null) { throw new InvalidParameterValueException("Unable to find project by account id=" + account.getUuid()); } if (project.getState() != Project.State.Active) { throw new PermissionDeniedException("Can't add resources to the project id=" + project.getUuid() + " in state=" + project.getState() + " as it's no longer active"); } } else if (account.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of template is disabled: " + account); } return vmsnapshot.getAccountId(); }
if (owner.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of " + vm + " is disabled: " + vm.getAccountId());
if (owner.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of " + vm + " is disabled: " + vm.getAccountId());
if (owner.getState() == Account.State.disabled) { throw new PermissionDeniedException("The owner of vm to deploy is disabled: " + owner);