[Engine-patches] Change in ovirt-engine[master]: engine:Trusted Compute Pools - Open Attestation integration ...

Sun, 21 Jul 2013 01:00:39 -0700 

ofri masad has posted comments on this change.

Change subject: engine:Trusted Compute Pools - Open Attestation integration 
with oVirt engine
......................................................................


Patch Set 4: (6 inline comments)

....................................................
File 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmFromTemplateCommand.java
Line 51:     private void checkTrustedService() {
Line 52:         AuditLogableBase logable = new AuditLogableBase();
Line 53:         logable.addCustomValue("VmName", getVmName());
Line 54:         logable.addCustomValue("VmTemplateName", getVmTemplateName());
Line 55:         if (getVmTemplate().isTrustedService() && 
!getVm().isTrustedService()) {
I'm not sure i understand this logic. why would you expect the vm to be 
trusted?  I would have expected to check if the vdsGroup (cluster) selected for 
the new VM is trusted, not the VM itself.
Line 56:             AuditLogDirector.log(logable, 
AuditLogType.USER_ADD_VM_FROM_TRUSTED_TO_UNTRUSTED);
Line 57:         }
Line 58:         else if (!getVmTemplate().isTrustedService() && 
getVm().isTrustedService()) {
Line 59:             AuditLogDirector.log(logable, 
AuditLogType.USER_ADD_VM_FROM_UNTRUSTED_TO_TRUSTED);


Line 54:         logable.addCustomValue("VmTemplateName", getVmTemplateName());
Line 55:         if (getVmTemplate().isTrustedService() && 
!getVm().isTrustedService()) {
Line 56:             AuditLogDirector.log(logable, 
AuditLogType.USER_ADD_VM_FROM_TRUSTED_TO_UNTRUSTED);
Line 57:         }
Line 58:         else if (!getVmTemplate().isTrustedService() && 
getVm().isTrustedService()) {
same comment
Line 59:             AuditLogDirector.log(logable, 
AuditLogType.USER_ADD_VM_FROM_UNTRUSTED_TO_TRUSTED);
Line 60:         }
Line 61:     }
Line 62: 


....................................................
File 
backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dal/dbbroker/auditloghandling/AuditLogDirector.java
Line 618:         
severities.put(AuditLogType.USER_ADD_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED, 
AuditLogSeverity.NORMAL);
Line 619:         
severities.put(AuditLogType.USER_UPDATE_VM_TEMPLATE_FROM_TRUSTED_TO_UNTRUSTED, 
AuditLogSeverity.NORMAL);
Line 620:         
severities.put(AuditLogType.USER_UPDATE_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED, 
AuditLogSeverity.NORMAL);
Line 621:         
severities.put(AuditLogType.USER_ADD_VM_FROM_TRUSTED_TO_UNTRUSTED, 
AuditLogSeverity.NORMAL);
Line 622:         
severities.put(AuditLogType.USER_ADD_VM_FROM_UNTRUSTED_TO_TRUSTED, 
AuditLogSeverity.NORMAL);
please change both to "WARNING" instead of "NORMAL"
Line 623:     }
Line 624: 
Line 625:     private static void initClusterSeverities() {
Line 626:         severities.put(AuditLogType.USER_ADD_VDS_GROUP, 
AuditLogSeverity.NORMAL);


....................................................
File 
backend/manager/modules/dal/src/main/resources/bundles/AuditLogMessages.properties
Line 25: USER_ADD_VM_TEMPLATE_FROM_TRUSTED_TO_UNTRUSTED=the non-trusted 
Template ${VmTemplateName} was created from trusted Vm ${VmName}.
Line 26: USER_ADD_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED=the trusted template 
${VmTemplateName} was created from non-trusted Vm ${VmName}.
Line 27: USER_UPDATE_VM_TEMPLATE_FROM_TRUSTED_TO_UNTRUSTED=the Template 
${VmTemplateName} was updated from trusted cluster to non-trusted cluster.
Line 28: USER_UPDATE_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED=the Template 
${VmTemplateName} was updated from non-trusted cluster to trusted cluster.
Line 29: USER_ADD_VM_FROM_TRUSTED_TO_UNTRUSTED=the non-trusted Vm ${VmName} was 
created from trusted Template ${VmTemplateName}.
Please change message: "The VM ${VmName} was created in an untrusted cluster. 
It was originated from the Template ${VmTemplateName} which was created in a 
trusted cluster."
Line 30: USER_ADD_VM_FROM_UNTRUSTED_TO_TRUSTED=the trusted Vm ${VmName} was 
created from non-trusted Template ${VmTemplateName}.
Line 31: USER_ADD_VM_TO_POOL=VM ${VmName} was added to VM Pool ${VmPoolName} by 
${UserName}.
Line 32: USER_ADD_VM_TO_POOL_FAILED=Failed to add VM ${VmName} to VM Pool 
${VmPoolName}(User: ${UserName}).
Line 33: USER_ATTACH_USER_TO_POOL=User ${AdUserName} was attached to VM Pool 
${VmPoolName} by ${UserName}.


Line 26: USER_ADD_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED=the trusted template 
${VmTemplateName} was created from non-trusted Vm ${VmName}.
Line 27: USER_UPDATE_VM_TEMPLATE_FROM_TRUSTED_TO_UNTRUSTED=the Template 
${VmTemplateName} was updated from trusted cluster to non-trusted cluster.
Line 28: USER_UPDATE_VM_TEMPLATE_FROM_UNTRUSTED_TO_TRUSTED=the Template 
${VmTemplateName} was updated from non-trusted cluster to trusted cluster.
Line 29: USER_ADD_VM_FROM_TRUSTED_TO_UNTRUSTED=the non-trusted Vm ${VmName} was 
created from trusted Template ${VmTemplateName}.
Line 30: USER_ADD_VM_FROM_UNTRUSTED_TO_TRUSTED=the trusted Vm ${VmName} was 
created from non-trusted Template ${VmTemplateName}.
Please change message: "The VM ${VmName} was created in a trusted cluster. It 
was originated from the Template ${VmTemplateName} which was created in an 
untrusted cluster."
Line 31: USER_ADD_VM_TO_POOL=VM ${VmName} was added to VM Pool ${VmPoolName} by 
${UserName}.
Line 32: USER_ADD_VM_TO_POOL_FAILED=Failed to add VM ${VmName} to VM Pool 
${VmPoolName}(User: ${UserName}).
Line 33: USER_ATTACH_USER_TO_POOL=User ${AdUserName} was attached to VM Pool 
${VmPoolName} by ${UserName}.
Line 34: USER_ATTACH_USER_TO_POOL_INTERNAL=User ${AdUserName} was attached to 
VM Pool ${VmPoolName}.


....................................................
Commit Message
Line 7: engine:Trusted Compute Pools - Open Attestation integration with oVirt 
engine
Line 8: 
Line 9: Detailed description: http://wiki.ovirt.org/Trusted_compute_pools
Line 10: 
Line 11: Import trusted template and then create vm from it into a untrusted 
cluster, and make an audit event.
Please change the message: "Add Audit log message when creating a VM in a 
non-trusted cluster from a Template then was originally created in a trusted 
cluster"
Line 12: 
Line 13: Change-Id: I3a89c59ba97628292ff5941290beda87b5137e8b
Line 14: Signed-off-by: Gang Wei <[email protected]>


-- 
To view, visit http://gerrit.ovirt.org/16598
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I3a89c59ba97628292ff5941290beda87b5137e8b
Gerrit-PatchSet: 4
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Gang Wei <[email protected]>
Gerrit-Reviewer: Dave Chen <[email protected]>
Gerrit-Reviewer: Emily Zhang <[email protected]>
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-Reviewer: ofri masad <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to