Ravi Nori has uploaded a new change for review. Change subject: aaa : Remove Login sequence from backend ......................................................................
aaa : Remove Login sequence from backend Login user and admin commands and the parameter can be deleted from the backend as the login sequence is handled by SSO Change-Id: Id45087a723a8a58f858618db44221f26ec8186e7 Bug-Url: https://bugzilla.redhat.com/1092744 Signed-off-by: Ravi Nori <[email protected]> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginAdminUserCommand.java D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginUserCommand.java D backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java 8 files changed, 1 insertion(+), 603 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/27/38427/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java index 6980890..2afc2d5 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java @@ -37,7 +37,6 @@ import org.ovirt.engine.core.bll.job.JobRepositoryFactory; import org.ovirt.engine.core.bll.quota.QuotaManager; import org.ovirt.engine.core.common.EngineWorkingMode; -import org.ovirt.engine.core.common.action.LoginUserParameters; import org.ovirt.engine.core.common.action.LogoutUserParameters; import org.ovirt.engine.core.common.action.VdcActionParametersBase; import org.ovirt.engine.core.common.action.VdcActionType; @@ -559,25 +558,6 @@ @ExcludeClassInterceptors public ErrorTranslator getVdsErrorsTranslator() { return _vdsErrorsTranslator; - } - - /** - * Login in to the system - * @param parameters - * The parameters. - * @return user if success, else null // // - */ - @Override - public VdcReturnValueBase login(LoginUserParameters parameters) { - switch (parameters.getActionType()) { - case LoginUser: - case LoginAdminUser: - CommandBase<?> command = CommandsFactory.createCommand(parameters.getActionType(), parameters); - command.insertAsyncTaskPlaceHolders(); - return command.executeAction(); - default: - return getErrorCommandReturnValue(VdcBllMessages.USER_NOT_AUTHORIZED_TO_PERFORM_ACTION); - } } @Override diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginAdminUserCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginAdminUserCommand.java deleted file mode 100644 index 1164c6d..0000000 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginAdminUserCommand.java +++ /dev/null @@ -1,27 +0,0 @@ -package org.ovirt.engine.core.bll.aaa; - -import org.ovirt.engine.core.bll.NonTransactiveCommandAttribute; -import org.ovirt.engine.core.common.action.LoginUserParameters; -import org.ovirt.engine.core.common.errors.VdcBllMessages; - -@NonTransactiveCommandAttribute -public class LoginAdminUserCommand<T extends LoginUserParameters> extends LoginUserCommand<T> { - public LoginAdminUserCommand(T parameters) { - super(parameters); - } - - @Override - protected boolean canDoAction() { - boolean autheticated = super.canDoAction(); - - // only admin users can use LoginAdmin command - if (autheticated) { - autheticated = getCurrentUser().isAdmin(); - if (!autheticated) { - addCanDoActionMessage(VdcBllMessages.USER_NOT_AUTHORIZED_TO_PERFORM_ACTION); - logAutheticationFailure(); - } - } - return autheticated; - } -} diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java deleted file mode 100644 index 58406f2..0000000 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java +++ /dev/null @@ -1,437 +0,0 @@ -package org.ovirt.engine.core.bll.aaa; - -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Collections; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.apache.commons.lang.StringUtils; -import org.apache.commons.lang.time.DateUtils; -import org.ovirt.engine.api.extensions.Base; -import org.ovirt.engine.api.extensions.ExtMap; -import org.ovirt.engine.api.extensions.aaa.Acct; -import org.ovirt.engine.api.extensions.aaa.Authn.AuthRecord; -import org.ovirt.engine.api.extensions.aaa.Authn; -import org.ovirt.engine.api.extensions.aaa.Authz; -import org.ovirt.engine.api.extensions.aaa.Mapping; -import org.ovirt.engine.core.aaa.AcctUtils; -import org.ovirt.engine.core.aaa.AuthType; -import org.ovirt.engine.core.aaa.AuthenticationProfile; -import org.ovirt.engine.core.aaa.AuthenticationProfileRepository; -import org.ovirt.engine.core.aaa.AuthzUtils; -import org.ovirt.engine.core.bll.CommandBase; -import org.ovirt.engine.core.bll.MultiLevelAdministrationHandler; -import org.ovirt.engine.core.bll.utils.PermissionSubject; -import org.ovirt.engine.core.common.AuditLogType; -import org.ovirt.engine.core.common.VdcObjectType; -import org.ovirt.engine.core.common.action.LoginResult; -import org.ovirt.engine.core.common.action.LoginUserParameters; -import org.ovirt.engine.core.common.action.VdcLoginReturnValueBase; -import org.ovirt.engine.core.common.businessentities.aaa.DbUser; -import org.ovirt.engine.core.common.config.Config; -import org.ovirt.engine.core.common.config.ConfigValues; -import org.ovirt.engine.core.common.errors.VdcBllMessages; -import org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector; -import org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogableBase; -import org.ovirt.engine.core.extensions.mgr.ExtensionProxy; -import org.ovirt.engine.core.utils.threadpool.ThreadPoolUtil; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public abstract class LoginBaseCommand<T extends LoginUserParameters> extends CommandBase<T> { - protected static final Logger log = LoggerFactory.getLogger(LoginBaseCommand.class); - - private static final Map<Integer, AuditLogType> auditLogMap = new HashMap<>(); - private static final Map<Integer, VdcBllMessages> vdcBllMessagesMap = new HashMap<>(); - - static { - auditLogMap.put(Authn.AuthResult.CREDENTIALS_EXPIRED, AuditLogType.USER_ACCOUNT_PASSWORD_EXPIRED); - auditLogMap.put(Authn.AuthResult.GENERAL_ERROR, AuditLogType.USER_VDC_LOGIN_FAILED); - auditLogMap.put(Authn.AuthResult.CREDENTIALS_INVALID, AuditLogType.AUTH_FAILED_INVALID_CREDENTIALS); - auditLogMap.put(Authn.AuthResult.CREDENTIALS_INCORRECT, AuditLogType.AUTH_FAILED_INVALID_CREDENTIALS); - auditLogMap.put(Authn.AuthResult.ACCOUNT_LOCKED, AuditLogType.USER_ACCOUNT_DISABLED_OR_LOCKED); - auditLogMap.put(Authn.AuthResult.ACCOUNT_DISABLED, AuditLogType.USER_ACCOUNT_DISABLED_OR_LOCKED); - auditLogMap.put(Authn.AuthResult.TIMED_OUT, AuditLogType.USER_ACCOUNT_DISABLED_OR_LOCKED); - auditLogMap.put(Authn.AuthResult.ACCOUNT_EXPIRED, AuditLogType.USER_ACCOUNT_EXPIRED); - - vdcBllMessagesMap.put(Authn.AuthResult.GENERAL_ERROR, VdcBllMessages.USER_FAILED_TO_AUTHENTICATE); - vdcBllMessagesMap.put(Authn.AuthResult.CREDENTIALS_INVALID, - VdcBllMessages.USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD); - vdcBllMessagesMap.put(Authn.AuthResult.CREDENTIALS_INCORRECT, - VdcBllMessages.USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD); - vdcBllMessagesMap.put(Authn.AuthResult.ACCOUNT_LOCKED, VdcBllMessages.USER_ACCOUNT_DISABLED); - vdcBllMessagesMap.put(Authn.AuthResult.ACCOUNT_DISABLED, VdcBllMessages.USER_ACCOUNT_DISABLED); - vdcBllMessagesMap.put(Authn.AuthResult.ACCOUNT_EXPIRED, VdcBllMessages.USER_ACCOUNT_EXPIRED); - - vdcBllMessagesMap.put(Authn.AuthResult.TIMED_OUT, VdcBllMessages.USER_FAILED_TO_AUTHENTICATE_TIMED_OUT); - vdcBllMessagesMap.put(Authn.AuthResult.CREDENTIALS_EXPIRED, VdcBllMessages.USER_PASSWORD_EXPIRED); - } - - private String engineSessionId; - - public LoginBaseCommand(T parameters) { - super(parameters); - } - - @Override - protected VdcLoginReturnValueBase createReturnValue() { - return new VdcLoginReturnValueBase(); - } - - @Override - public VdcLoginReturnValueBase getReturnValue() { - return (VdcLoginReturnValueBase) super.getReturnValue(); - } - - @Override - public AuditLogType getAuditLogTypeValue() { - return getSucceeded() ? AuditLogType.USER_VDC_LOGIN : AuditLogType.USER_VDC_LOGIN_FAILED; - } - - @Override - protected void executeCommand() { - setActionReturnValue(getCurrentUser()); - getReturnValue().setLoginResult(LoginResult.Autheticated); - getReturnValue().setSessionId(engineSessionId); - // Permissions for this user might been changed since last login so - // update his isAdmin flag accordingly - updateUserData(); - setSucceeded(true); - } - @Override - protected boolean canDoAction() { - String user = getParameters().getLoginName(); - if (StringUtils.isEmpty(user)) { - ExtMap authRecord = (ExtMap) getParameters().getAuthRecord(); - if (authRecord != null) { - user = authRecord.get(AuthRecord.PRINCIPAL); - } - } - String profile = getParameters().getProfileName(); - if (StringUtils.isEmpty(profile)) { - profile = "N/A"; - } - setUserName(String.format("%s@%s", user, profile)); - - boolean result = isUserCanBeAuthenticated(); - if (! result) { - logAutheticationFailure(); - } - return result; - } - - private boolean attachUserToSession(AuthenticationProfile profile, ExtMap authRecord, ExtMap principalRecord) { - engineSessionId = SessionDataContainer.getInstance().generateEngineSessionId(); - SessionDataContainer.getInstance().setUser(engineSessionId, getCurrentUser()); - SessionDataContainer.getInstance().refresh(engineSessionId); - SessionDataContainer.getInstance().setProfile(engineSessionId, profile); - SessionDataContainer.getInstance().setAuthRecord(engineSessionId, authRecord); - SessionDataContainer.getInstance().setPrincipalRecord(engineSessionId, principalRecord); - - // Add the user password to the session, as it will be needed later - // when trying to log on to virtual machines: - if (getParameters().getPassword() != null) { - SessionDataContainer.getInstance().setPassword(engineSessionId, getParameters().getPassword()); - } - - int userSessionHardLimit = Config.<Integer> getValue(ConfigValues.UserSessionHardLimit); - Date validTo = userSessionHardLimit != 0 ? DateUtils.addMinutes(new Date(), userSessionHardLimit) : null; - if (authRecord.<String> get(AuthRecord.VALID_TO) != null) { - try { - Date fromExtension = - new SimpleDateFormat("yyyyMMddHHmmssZ").parse(authRecord.<String> get(AuthRecord.VALID_TO)); - if (validTo != null) { - validTo = validTo.compareTo(fromExtension) < 0 ? validTo : fromExtension; - } else { - validTo = fromExtension; - } - } catch (ParseException e) { - log.warn("Error parsing AuthRecord.VALID_TO. Default VALID_TO value will be set on session: {}", - e.getMessage()); - log.debug("Exception", e); - } - } - SessionDataContainer.getInstance().setHardLimit(engineSessionId, validTo); - return true; - } - - protected boolean isUserCanBeAuthenticated() { - AuthenticationProfile profile = AuthenticationProfileRepository.getInstance().getProfile(getParameters().getProfileName()); - if (profile == null) { - log.error("Can't login because authentication profile '{}' doesn't exist.", - getParameters().getProfileName()); - addCanDoActionMessage(VdcBllMessages.USER_FAILED_TO_AUTHENTICATE); - return false; - } - - ExtensionProxy authnExtension = profile.getAuthn(); - ExtMap authRecord = (ExtMap) getParameters().getAuthRecord(); - int reportReason = Acct.ReportReason.PRINCIPAL_LOGIN_CREDENTIALS; - if (getParameters().getAuthType() != null) { - if (AuthType.NEGOTIATION == getParameters().getAuthType()) { - reportReason = Acct.ReportReason.PRINCIPAL_LOGIN_NEGOTIATE; - } - } - String loginName = null; - if (authRecord == null) { - reportReason = Acct.ReportReason.PRINCIPAL_LOGIN_CREDENTIALS; - - // Verify that the login name and password have been provided: - loginName = getParameters().getLoginName(); - if (loginName == null) { - log.error("Can't login user because no login name has been provided."); - addCanDoActionMessage(VdcBllMessages.USER_FAILED_TO_AUTHENTICATE); - return false; - } - String password = getParameters().getPassword(); - if (password == null) { - log.error("Can't login user '{}' because no password has been provided.", loginName); - return false; - } - - if (!AuthzUtils.supportsPasswordAuthentication(authnExtension)) { - log.error("Can't login user '{}' because the authentication profile '{}' doesn't support password" - + " authentication.", - loginName, - profile.getName()); - addCanDoActionMessage(VdcBllMessages.USER_FAILED_TO_AUTHENTICATE); - return false; - } - DbUser curUser = null; - String curPassword = null; - SessionDataContainer sessionDataContainer = SessionDataContainer.getInstance(); - if (StringUtils.isEmpty(getParameters().getSessionId())) { - curUser = sessionDataContainer.getUser(engineSessionId, false); - curPassword = sessionDataContainer.getPassword(engineSessionId); - } else { - curUser = sessionDataContainer.getUser(getParameters().getSessionId(), false); - curPassword = sessionDataContainer.getPassword(getParameters().getSessionId()); - } - // verify that in auto login mode , user is not taken from session. - if (curUser != null && !StringUtils.isEmpty(curPassword)) { - loginName = curUser.getLoginName(); - password = curPassword; - } - authRecord = authenticate(profile, loginName, password); - } - // Perform the actual authentication: - if (authRecord == null) { - return false; - } - - /* - * set principal based on what we - * have so far - */ - setUserName(String.format("%s@%s", authRecord.get(Authn.AuthRecord.PRINCIPAL), profile.getName())); - - ExtensionProxy mapper = profile.getMapper(); - if (mapper != null) { - authRecord = mapper.invoke( - new ExtMap().mput( - Base.InvokeKeys.COMMAND, - Mapping.InvokeCommands.MAP_AUTH_RECORD - ).mput( - Authn.InvokeKeys.AUTH_RECORD, - authRecord - ), - true - ).<ExtMap> get( - Authn.InvokeKeys.AUTH_RECORD, - authRecord - ); - } - - ExtMap principalRecord = AuthzUtils.fetchPrincipalRecord(profile.getAuthz(), authRecord); - if (principalRecord == null) { - log.info("Can't login user '{}' with authentication profile '{}' because the user doesn't exist in the" - + " directory.", - authRecord.<String> get(Authn.AuthRecord.PRINCIPAL), - profile.getName()); - addCanDoActionMessage(VdcBllMessages.USER_MUST_EXIST_IN_DIRECTORY); - AcctUtils.reportRecords( - Acct.ReportReason.PRINCIPAL_NOT_FOUND, - profile.getAuthzName(), - loginName, - authRecord, - null, - "Principal record was not found. User name is %1$s", - loginName - ); - - return false; - } - - // Check that the user exists in the database, if it doesn't exist then we need to add it now: - DbUser dbUser = DirectoryUtils.mapPrincipalRecordToDbUser(AuthzUtils.getName(profile.getAuthz()), principalRecord); - getDbUserDAO().saveOrUpdate(dbUser); - - // Check login permissions. We do it here and not via the - // getPermissionCheckSubjects mechanism, because we need the user to be logged in to - // the system in order to perform this check. The user is indeed logged in when running every command - // except the login command - if (!checkUserAndGroupsAuthorization(dbUser.getId(), - dbUser.getGroupIds(), - getActionType().getActionGroup(), - MultiLevelAdministrationHandler.BOTTOM_OBJECT_ID, - VdcObjectType.Bottom, - true)) { - AcctUtils.reportRecords( - Acct.ReportReason.PRINCIPAL_LOGIN_NO_PERMISSION, - profile.getAuthzName(), - dbUser.getLoginName(), - authRecord, - principalRecord, - - "The user %1$s is not authorized to perform login", - dbUser.getLoginName() - ); - addCanDoActionMessage(VdcBllMessages.USER_NOT_AUTHORIZED_TO_PERFORM_ACTION); - return false; - } - - // Retrieve the MLA admin status of the user. - // This may be redundant in some use-cases, but looking forward to Single Sign On, - // we will want this info - boolean isAdmin = MultiLevelAdministrationHandler.isAdminUser(dbUser); - log.debug("Checking if user '{}' is an admin, result {}", dbUser.getLoginName(), isAdmin); - dbUser.setAdmin(isAdmin); - setCurrentUser(dbUser); - AcctUtils.reportRecords( - reportReason, - profile.getAuthzName(), - dbUser.getLoginName(), - authRecord, - principalRecord, - "User %1$s which has princnipal name %2$s logged in ", - dbUser.getLoginName(), - principalRecord.<String> get(Authz.PrincipalRecord.NAME) - ); - - return attachUserToSession(profile, authRecord, principalRecord); - } - - private void logEventForUser(String userName, AuditLogType auditLogType) { - AuditLogableBase msg = new AuditLogableBase(); - msg.setUserName(userName); - AuditLogDirector.log(msg, auditLogType); - } - - @Override - protected boolean isUserAuthorizedToRunAction() { - log.debug("IsUserAutorizedToRunAction: login - no permission check"); - return true; - } - - @Override - public List<PermissionSubject> getPermissionCheckSubjects() { - // Not needed for admin operations. - return Collections.emptyList(); - } - - private void updateUserData() { - ThreadPoolUtil.execute(new Runnable() { - @Override - public void run() { - // TODO: Will look at this later. - // DbFacade.getInstance().updateLastAdminCheckStatus(dbUser.getId()); - } - }); - } - - protected void logAutheticationFailure() { - AuditLogableBase logable = new AuditLogableBase(); - logable.setUserName(getUserName()); - AuditLogDirector.log(logable, AuditLogType.USER_VDC_LOGIN_FAILED); - } - - private boolean isCredentialsAuth(ExtensionProxy authnExtension) { - return (authnExtension.getContext().<Long> get(Authn.ContextKeys.CAPABILITIES).longValue() & - Authn.Capabilities.AUTHENTICATE_CREDENTIALS) != 0; - } - - private ExtMap authenticate(AuthenticationProfile profile, String user, String password) { - ExtensionProxy authnExtension = profile.getAuthn(); - ExtMap authRecord = null; - - if (isCredentialsAuth(authnExtension)) { - ExtensionProxy mapper = profile.getMapper(); - if (mapper != null) { - user = mapper.invoke(new ExtMap().mput( - Base.InvokeKeys.COMMAND, - Mapping.InvokeCommands.MAP_USER - ).mput( - Mapping.InvokeKeys.USER, - user), - true).<String> get(Mapping.InvokeKeys.USER, user); - } - } - - ExtMap outputMap = authnExtension.invoke(new ExtMap().mput( - Base.InvokeKeys.COMMAND, - Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS - ).mput( - Authn.InvokeKeys.USER, - user - ).mput( - Authn.InvokeKeys.CREDENTIALS, - password - )); - - /* - * set principal based on what we - * have so far - */ - if (outputMap.get(Authn.InvokeKeys.PRINCIPAL) != null) { - setUserName(String.format("%s@%s", outputMap.get(Authn.InvokeKeys.PRINCIPAL), profile.getName())); - } - - int authResult = outputMap.<Integer>get(Authn.InvokeKeys.RESULT); - if (authResult != Authn.AuthResult.SUCCESS) { - log.info("Can't login user '{}' with authentication profile '{}' because the authentication failed.", - user, - getParameters().getProfileName()); - - - AuditLogType auditLogType = auditLogMap.get(authResult); - // if found matching audit log type, and it's not general login failure audit log (which will be logged - // anyway due to CommandBase.log) - if (auditLogType != null && auditLogType != AuditLogType.USER_VDC_LOGIN_FAILED) { - logEventForUser(user, auditLogType); - } - - if (authResult == Authn.AuthResult.CREDENTIALS_EXPIRED) { - boolean addedUserPasswordExpiredCDA = false; - if (outputMap.<String> get(Authn.InvokeKeys.CREDENTIALS_CHANGE_URL) != null) { - addCanDoActionMessage(VdcBllMessages.USER_PASSWORD_EXPIRED_CHANGE_URL_PROVIDED); - addCanDoActionMessageVariable("URL", - outputMap.<String>get(Authn.InvokeKeys.CREDENTIALS_CHANGE_URL)); - addedUserPasswordExpiredCDA = true; - } - if (outputMap.<String> get(Authn.InvokeKeys.USER_MESSAGE) != null) { - addCanDoActionMessage(VdcBllMessages.USER_PASSWORD_EXPIRED_CHANGE_MSG_PROVIDED); - addCanDoActionMessageVariable("MSG", - outputMap.<String>get(Authn.InvokeKeys.USER_MESSAGE)); - addedUserPasswordExpiredCDA = true; - } - if (!addedUserPasswordExpiredCDA) { - addCanDoActionMessage(VdcBllMessages.USER_PASSWORD_EXPIRED); - } - } else { - VdcBllMessages msg = vdcBllMessagesMap.get(authResult); - if (msg == null) { - msg = VdcBllMessages.USER_FAILED_TO_AUTHENTICATE; - } - addCanDoActionMessage(msg); - } - } else { - authRecord = outputMap.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD); - } - - return authRecord; - } - -} diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginUserCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginUserCommand.java deleted file mode 100644 index a9018a3..0000000 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginUserCommand.java +++ /dev/null @@ -1,11 +0,0 @@ -package org.ovirt.engine.core.bll.aaa; - -import org.ovirt.engine.core.bll.NonTransactiveCommandAttribute; -import org.ovirt.engine.core.common.action.LoginUserParameters; - -@NonTransactiveCommandAttribute -public class LoginUserCommand<T extends LoginUserParameters> extends LoginBaseCommand<T> { - public LoginUserCommand(T parameters) { - super(parameters); - } -} diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java deleted file mode 100644 index 18f6227..0000000 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java +++ /dev/null @@ -1,101 +0,0 @@ -package org.ovirt.engine.core.common.action; - -import java.io.Serializable; - -import org.ovirt.engine.core.aaa.AuthType; - - -public class LoginUserParameters extends VdcActionParametersBase implements Serializable { - private static final long serialVersionUID = -1660445011620552804L; - - private static class AuthenticationInformation implements Serializable { - private static final long serialVersionUID = -3144932226242786617L; - private String loginName; - private String password; - private transient Object authRecord; - private AuthType authType; - } - - private AuthenticationInformation authInfo; - - private String profileName; - private VdcActionType actionType; - private boolean isAdmin; - - public LoginUserParameters(String profileName, String loginName, String password) { - this.profileName = profileName; - this.authInfo = new AuthenticationInformation(); - this.authInfo.loginName = loginName; - this.authInfo.password = password; - this.authInfo.authType = AuthType.CREDENTIALS; - actionType = VdcActionType.LoginUser; - - } - - public LoginUserParameters() { - actionType = VdcActionType.LoginUser; - } - - public LoginUserParameters(String profileName, Object authRecord, String password, AuthType authType) { - this(profileName, authRecord, password, VdcActionType.LoginUser, authType); - } - - public LoginUserParameters( - String profileName, - Object authRecord, - String password, - VdcActionType vdcActionType, - AuthType authType - ) { - this.authInfo = new AuthenticationInformation(); - this.authInfo.authRecord = authRecord; - this.authInfo.authType = AuthType.CREDENTIALS; - this.profileName = profileName; - this.actionType = vdcActionType; - this.authInfo.password = password; - - } - - public String getLoginName() { - return authInfo.loginName; - } - - public void setLoginName(String value) { - authInfo.loginName = value; - } - - @ShouldNotBeLogged - public String getPassword() { - return authInfo.password; - } - - public String getProfileName() { - return profileName; - } - - public Object getAuthRecord() { - return authInfo.authRecord; - } - - public AuthType getAuthType() { - return authInfo.authType; - } - - public VdcActionType getActionType() { - return actionType; - } - - public void setActionType(VdcActionType value) { - actionType = value; - } - - - public boolean getIsAdmin() { - return isAdmin; - } - - public void setIsAdmin(boolean value) { - isAdmin = value; - } - -} diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java index 85492de..573df01 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java @@ -169,12 +169,10 @@ RemoveVmFromPool(314, ActionGroup.EDIT_VM_POOL_CONFIGURATION, false, QuotaDependency.NONE), AttachUserToVmFromPoolAndRun(318, ActionGroup.VM_POOL_BASIC_OPERATIONS, QuotaDependency.VDS_GROUP), // UserAndGroupsCommands - LoginUser(406, ActionGroup.LOGIN, false, QuotaDependency.NONE), LogoutUser(408, false, QuotaDependency.NONE), LogoutBySession(410, false, QuotaDependency.NONE), RemoveUser(409, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), RemoveGroup(415, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), - LoginAdminUser(418, ActionGroup.LOGIN, false, QuotaDependency.NONE), AddUser(419, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), AddGroup(420, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), CreateUserSession(421, ActionGroup.LOGIN, false, QuotaDependency.NONE), diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java index 0dd5246..ef47bb0 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java @@ -1,7 +1,6 @@ package org.ovirt.engine.core.common.interfaces; import java.util.ArrayList; -import org.ovirt.engine.core.common.action.LoginUserParameters; import org.ovirt.engine.core.common.action.LogoutUserParameters; import org.ovirt.engine.core.common.action.VdcActionParametersBase; import org.ovirt.engine.core.common.action.VdcActionType; @@ -32,8 +31,6 @@ void initialize(); VdcQueryReturnValue runPublicQuery(VdcQueryType actionType, VdcQueryParametersBase parameters); - - VdcReturnValueBase login(LoginUserParameters parameters); VdcReturnValueBase logoff(LogoutUserParameters parameters); } diff --git a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java index 0e6d7f8..171cd22 100644 --- a/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java +++ b/frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java @@ -31,8 +31,7 @@ @Override public Boolean isRaiseErrorModalPanel(VdcActionType actionType, VdcFault fault) { - return (actionType != VdcActionType.LoginUser) && - !(actionType == VdcActionType.VmLogon && fault.getError() == VdcBllErrors.nonresp); + return !(actionType == VdcActionType.VmLogon && fault.getError() == VdcBllErrors.nonresp); } @Override -- To view, visit https://gerrit.ovirt.org/38427 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Id45087a723a8a58f858618db44221f26ec8186e7 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
