68
68
import java.io.IOException;
69
69
import java.io.InputStream;
70
70
import java.net.MalformedURLException;
71
import java.security.GeneralSecurityException;
71
import java.security.Principal;
72
72
import java.util.ArrayList;
73
import java.util.Enumeration;
74
import java.util.HashSet;
73
75
import java.util.List;
74
77
import java.util.regex.Matcher;
75
78
import java.util.regex.Pattern;
76
79
import org.apache.commons.httpclient.HttpClient;
80
import org.apache.commons.httpclient.ProxyHost;
77
81
import org.apache.commons.httpclient.methods.GetMethod;
78
82
import org.apache.log4j.Logger;
79
import com.eucalyptus.auth.CredentialProvider;
83
import com.eucalyptus.auth.Groups;
84
import com.eucalyptus.auth.NoSuchGroupException;
80
85
import com.eucalyptus.auth.NoSuchUserException;
81
86
import com.eucalyptus.auth.UserExistsException;
87
import com.eucalyptus.auth.UserInfo;
88
import com.eucalyptus.auth.UserInfoStore;
89
import com.eucalyptus.auth.Users;
90
import com.eucalyptus.auth.crypto.Crypto;
91
import com.eucalyptus.auth.principal.Authorization;
92
import com.eucalyptus.auth.principal.AvailabilityZonePermission;
93
import com.eucalyptus.auth.principal.Group;
94
import com.eucalyptus.auth.principal.User;
95
import com.eucalyptus.auth.WrappedUser;
96
import com.eucalyptus.bootstrap.HttpServerBootstrapper;
97
import com.eucalyptus.entities.EntityWrapper;
82
98
import com.eucalyptus.entities.NetworkRulesGroup;
83
99
import com.eucalyptus.event.EventVetoedException;
84
import com.eucalyptus.event.GenericEvent;
85
100
import com.eucalyptus.event.ListenerRegistry;
86
101
import com.eucalyptus.event.SystemConfigurationEvent;
102
import com.eucalyptus.images.Image;
103
import com.eucalyptus.images.ImageInfo;
104
import com.eucalyptus.images.Images;
87
105
import com.eucalyptus.network.NetworkGroupUtil;
106
import com.eucalyptus.util.Composites;
88
107
import com.eucalyptus.util.DNSProperties;
89
import com.eucalyptus.util.EntityWrapper;
90
108
import com.eucalyptus.util.EucalyptusCloudException;
109
import com.eucalyptus.util.Tx;
110
import com.google.common.collect.Iterables;
111
import com.google.common.collect.Lists;
112
import com.google.common.collect.Sets;
91
113
import com.google.gwt.user.client.rpc.SerializableException;
92
114
import edu.ucsb.eucalyptus.admin.client.CloudInfoWeb;
93
115
import edu.ucsb.eucalyptus.admin.client.ImageInfoWeb;
94
116
import edu.ucsb.eucalyptus.admin.client.SystemConfigWeb;
95
117
import edu.ucsb.eucalyptus.admin.client.UserInfoWeb;
96
import edu.ucsb.eucalyptus.cloud.entities.Counters;
97
import edu.ucsb.eucalyptus.cloud.entities.ImageInfo;
98
118
import edu.ucsb.eucalyptus.cloud.entities.SystemConfiguration;
99
import edu.ucsb.eucalyptus.cloud.entities.UserGroupInfo;
100
import edu.ucsb.eucalyptus.cloud.entities.UserInfo;
101
import edu.ucsb.eucalyptus.util.EucalyptusProperties;
102
import edu.ucsb.eucalyptus.util.UserManagement;
104
120
public class EucalyptusManagement {
106
122
private static Logger LOG = Logger.getLogger( EucalyptusManagement.class );
108
public static UserInfoWeb fromServer( UserInfo source )
110
UserInfoWeb target = new UserInfoWeb();
111
update( target, source );
115
public static UserInfo fromClient( UserInfoWeb source )
117
UserInfo target = new UserInfo();
118
update( target, source );
122
public static void update( UserInfo target, UserInfo user )
124
target.setUserName( user.getUserName() );
125
target.setRealName( user.getRealName() );
126
target.setEmail( user.getEmail() );
127
target.setBCryptedPassword( user.getBCryptedPassword() );
128
target.setTelephoneNumber( user.getTelephoneNumber() );
129
target.setAffiliation( user.getAffiliation() );
130
target.setProjectDescription( user.getProjectDescription() );
131
target.setProjectPIName( user.getProjectPIName() );
132
target.setConfirmationCode( user.getConfirmationCode() );
133
target.setCertificateCode( user.getCertificateCode() );
134
target.setIsApproved( user.isApproved() );
135
target.setIsConfirmed( user.isConfirmed() );
136
target.setIsEnabled( user.isEnabled() );
137
target.setIsAdministrator( user.isAdministrator() );
138
target.setPasswordExpires( user.getPasswordExpires() );
139
target.setTemporaryPassword( user.getTemporaryPassword() );
142
public static void update( UserInfoWeb target, UserInfo user )
144
target.setUserName( user.getUserName() );
145
target.setRealName( user.getRealName() );
146
target.setEmail( user.getEmail() );
147
target.setBCryptedPassword( user.getBCryptedPassword() );
148
target.setTelephoneNumber( user.getTelephoneNumber() );
149
target.setAffiliation( user.getAffiliation() );
150
target.setProjectDescription( user.getProjectDescription() );
151
target.setProjectPIName( user.getProjectPIName() );
152
target.setConfirmationCode( user.getConfirmationCode() );
153
target.setCertificateCode( user.getCertificateCode() );
154
target.setIsApproved( user.isApproved() );
155
target.setIsConfirmed( user.isConfirmed() );
156
target.setIsEnabled( user.isEnabled() );
157
target.setIsAdministrator( user.isAdministrator() );
158
target.setPasswordExpires( user.getPasswordExpires() );
159
target.setTemporaryPassword( user.getTemporaryPassword() );
160
String queryId = "uninitialized";
161
String secretKey = "uninitialized";
163
queryId = CredentialProvider.getQueryId( user.getUserName( ) );
164
secretKey = CredentialProvider.getSecretKey( queryId );
165
} catch ( GeneralSecurityException e ) {
168
target.setQueryId( queryId );
169
target.setSecretKey( secretKey );
172
public static void update( UserInfo target, UserInfoWeb user )
174
target.setUserName( user.getUserName() );
175
target.setRealName( user.getRealName() );
176
target.setEmail( user.getEmail() );
177
target.setBCryptedPassword( user.getBCryptedPassword() );
178
target.setTelephoneNumber( user.getTelephoneNumber() );
179
target.setAffiliation( user.getAffiliation() );
180
target.setProjectDescription( user.getProjectDescription() );
181
target.setProjectPIName( user.getProjectPIName() );
182
target.setConfirmationCode( user.getConfirmationCode() );
183
target.setCertificateCode( user.getCertificateCode() );
184
target.setIsApproved( user.isApproved() );
185
target.setIsConfirmed( user.isConfirmed() );
186
target.setIsEnabled( user.isEnabled() );
187
target.setIsAdministrator( user.isAdministrator() );
188
target.setPasswordExpires( user.getPasswordExpires() );
189
target.setTemporaryPassword( user.getTemporaryPassword() );
192
public static ImageInfoWeb imageConvertToWeb ( ImageInfo source)
194
ImageInfoWeb target = new ImageInfoWeb();
196
target.setId(source.getId());
197
target.setImageId(source.getImageId());
198
target.setImageLocation(source.getImageLocation());
199
target.setImageState(source.getImageState());
200
target.setImageOwnerId(source.getImageOwnerId());
201
target.setArchitecture(source.getArchitecture());
202
target.setImageType(source.getImageType());
203
target.setKernelId(source.getKernelId());
204
target.setRamdiskId(source.getRamdiskId());
205
target.setPublic(source.getPublic());
123
//grze: see Groups.{ALL,DEFAULT}
124
// private static final String GROUP_ALL = "all";
125
// private static final String GROUP_DEFAULT = "default";
210
127
public static String getError( String message )
212
129
return "<html><title>HTTP/1.0 403 Forbidden</title><body><div align=\"center\"><p><h1>403: Forbidden</h1></p><p><img src=\"themes/active/logo.png\" /></p><p><h3 style=\"font-color: red;\">" + message + "</h3></p></div></body></html>";
215
132
/* TODO: for now 'pattern' is ignored and all users are returned */
216
133
public static List <UserInfoWeb> getWebUsers (String pattern) throws SerializableException
218
UserInfo searchUser = new UserInfo(); /* empty => return all */
219
EntityWrapper<UserInfo> dbWrapper = new EntityWrapper<UserInfo>();
220
List<UserInfo> userList = dbWrapper.query( searchUser );
222
List<UserInfoWeb> webUsersList = new ArrayList<UserInfoWeb>();
223
for ( UserInfo u : userList)
224
webUsersList.add(fromServer(u));
135
final List<UserInfoWeb> webUsersList = Lists.newArrayList();
136
for( User u : Users.listAllUsers( ) ) {
138
UserInfo userInfo = (( WrappedUser ) u).getUserInfo( );
139
webUsersList.add( Composites.composeNew( UserInfoWeb.class, userInfo, u ) );
140
} catch ( Exception e ) {
226
144
return webUsersList;
229
147
/* TODO: for now 'pattern' is ignored and all images are returned */
230
public static List <ImageInfoWeb> getWebImages (String pattern) throws SerializableException
232
ImageInfo searchImage = new ImageInfo(); /* empty => return all */
233
EntityWrapper<ImageInfo> db = new EntityWrapper<ImageInfo>();
234
List<ImageInfo> results= db.query( searchImage );
235
List<ImageInfoWeb> imagesList = new ArrayList<ImageInfoWeb>();
236
for ( ImageInfo i : results )
237
imagesList.add(imageConvertToWeb(i));
242
public static UserInfoWeb getWebUser( String userName ) throws SerializableException
244
EntityWrapper<UserInfo> dbWrapper = new EntityWrapper<UserInfo>();
245
List<UserInfo> userList = dbWrapper.query( new UserInfo( userName ) );
246
if ( userList.size() != 1 )
248
try {//TODO: temporary hack to support older user info objects
249
if( "admin".equals( userName )) {
250
UserInfo u = UserManagement.generateAdmin( );
252
UserGroupInfo allGroup = new UserGroupInfo( "all" );
253
dbWrapper.getSession( ).persist( new Counters( ) );
255
return EucalyptusManagement.fromServer( u );
257
dbWrapper.rollback( );
258
throw EucalyptusManagement.makeFault("User does not exist" );
260
} catch ( Exception e ) {
261
dbWrapper.rollback( );
262
throw EucalyptusManagement.makeFault("User does not exist" );
266
return EucalyptusManagement.fromServer( userList.get( 0 ) );
269
public static UserInfoWeb getWebUserByEmail( String emailAddress ) throws SerializableException
271
UserInfo searchUser = new UserInfo( );
272
searchUser.setEmail ( emailAddress );
273
EntityWrapper<UserInfo> dbWrapper = new EntityWrapper<UserInfo>();
274
List<UserInfo> userList = dbWrapper.query( searchUser );
275
if ( userList.size() != 1 )
277
dbWrapper.rollback();
278
throw EucalyptusManagement.makeFault("User does not exist" );
281
return EucalyptusManagement.fromServer( userList.get( 0 ) );
284
public static UserInfoWeb getWebUserByCode( String code ) throws SerializableException
286
UserInfo searchUser = new UserInfo( );
287
searchUser.setConfirmationCode ( code );
288
EntityWrapper<UserInfo> dbWrapper = new EntityWrapper<UserInfo>();
289
List<UserInfo> userList = dbWrapper.query( searchUser );
290
if ( userList.size() != 1 )
292
dbWrapper.rollback();
293
throw EucalyptusManagement.makeFault("Invalid confirmation code" );
296
return EucalyptusManagement.fromServer( userList.get( 0 ) );
148
public static List <ImageInfoWeb> getWebImages (String pattern) throws SerializableException {
149
List<ImageInfoWeb> ret = Lists.newArrayList( );
150
for( Image i : Images.listAllImages( ) ) {
151
ret.add( Composites.update( i, new ImageInfoWeb( ) ) );
156
public static UserInfoWeb getWebUser( String userName ) throws SerializableException {
157
return EucalyptusManagement.getWebUserByExample( new UserInfo( userName ) );
160
public static UserInfoWeb getWebUserByEmail( String emailAddress ) throws SerializableException {
161
UserInfo s = new UserInfo( );
162
s.setEmail( emailAddress );
163
return EucalyptusManagement.getWebUserByExample( s );
166
public static UserInfoWeb getWebUserByCode( String confCode ) throws SerializableException {
167
UserInfo s = new UserInfo( );
168
s.setConfirmationCode( confCode );
169
return EucalyptusManagement.getWebUserByExample( s );
172
private static UserInfoWeb getWebUserByExample( UserInfo ex ) throws SerializableException {
174
UserInfo userInfo = UserInfoStore.getUserInfo( ex );
175
User user = Users.lookupUser( userInfo.getUserName( ) );
176
UserInfoWeb webUser = Composites.composeNew( UserInfoWeb.class, userInfo, user );
178
} catch ( NoSuchUserException e ) {
179
throw EucalyptusManagement.makeFault( "User does not exist" );
299
183
public static synchronized void addWebUser( UserInfoWeb webUser ) throws SerializableException
301
EntityWrapper<UserInfo> dbWrapper = new EntityWrapper<UserInfo>();
302
List<UserInfo> userList = dbWrapper.query( new UserInfo( webUser.getUserName() ) );
303
if ( userList.size() != 0 )
305
dbWrapper.rollback();
306
throw EucalyptusManagement.makeFault("User already exists" );
309
//String hash = BCrypt.hashpw( webUser.getBCryptedPassword(), BCrypt.gensalt() );
310
//webUser.setBCryptedPassword( hash );
311
//webUser.setIsAdministrator( false );
312
//webUser.setIsApproved( false );
313
//webUser.setIsEnabled( false );
315
// TODO: add web user properly, with all keys and certs generated, too
316
webUser.setConfirmationCode( UserManagement.generateConfirmationCode( webUser.getUserName() ) );
317
webUser.setCertificateCode( UserManagement.generateCertificateCode( webUser.getUserName() ) );
319
webUser.setSecretKey( UserManagement.generateSecretKey( webUser.getUserName() ) );
320
webUser.setQueryId( UserManagement.generateQueryId( webUser.getUserName() ));
322
UserInfo newUser = EucalyptusManagement.fromClient( webUser );
323
newUser.setReservationId( 0l );
325
NetworkGroupUtil.createUserNetworkRulesGroup( newUser.getUserName( ), NetworkRulesGroup.NETWORK_DEFAULT_NAME, "default group" );
326
} catch ( EucalyptusCloudException e1 ) {
330
dbWrapper.add( newUser );
333
try {//FIXME: fix this nicely
334
CredentialProvider.addUser(newUser.getUserName( ),newUser.isAdministrator( ));
335
} catch ( UserExistsException e ) {
187
user = Users.lookupUser( webUser.getUserName( ) );
188
throw EucalyptusManagement.makeFault("User already exists" );
189
} catch ( NoSuchUserException e ) {
191
user = Users.addUser( webUser.getUserName( ), webUser.isAdministrator( ), webUser.isEnabled( ) );
193
UserInfo userInfo = Composites.updateNew( webUser, UserInfo.class );
194
userInfo.setConfirmationCode( Crypto.generateSessionToken( webUser.getUserName() ) );
196
NetworkGroupUtil.createUserNetworkRulesGroup( userInfo.getUserName( ), NetworkRulesGroup.NETWORK_DEFAULT_NAME, "default group" );
197
} catch ( EucalyptusCloudException e1 ) {
200
UserInfoStore.addUserInfo( userInfo );
201
} catch ( Exception e1 ) {
203
throw EucalyptusManagement.makeFault("Error adding user: " + e1.getMessage( ) );
205
} catch ( UserExistsException e1 ) {
207
throw EucalyptusManagement.makeFault("User already exists" );
208
} catch ( UnsupportedOperationException e1 ) {
210
throw EucalyptusManagement.makeFault("Error adding user: " + e1.getMessage( ) );
340
215
private static SerializableException makeFault(String message)
353
228
public static void deleteUser( String userName ) throws SerializableException
355
EntityWrapper<UserInfo> db = new EntityWrapper<UserInfo>();
356
List<UserInfo> userList = db.query( new UserInfo( userName ) );
357
if ( userList.size() != 1 )
360
throw EucalyptusManagement.makeFault("User already exists" );
362
db.delete( userList.get(0) );
365
CredentialProvider.deleteUser(userName);
366
} catch ( NoSuchUserException e ) {
368
throw EucalyptusManagement.makeFault( "Unable to delete user" );
372
public static void commitWebUser( UserInfoWeb webUser ) throws SerializableException
374
UserInfo user = fromClient( webUser );
378
public static void commitUser( UserInfo user ) throws SerializableException
380
UserInfo searchUser = new UserInfo( user.getUserName() );
381
EntityWrapper<UserInfo> db = new EntityWrapper<UserInfo>();
382
List<UserInfo> userList = db.query( searchUser );
383
UserInfo target = userList.get( 0 );
384
if ( userList.size() != 1 )
387
throw EucalyptusManagement.makeFault( "User does not exist" );
389
update( target, user );
391
CredentialProvider.updateUser(user.getUserName(), user.isEnabled());
392
} catch ( NoSuchUserException e ) {
395
throw EucalyptusManagement.makeFault( "Unable to update user" );
231
Users.deleteUser( userName );
232
UserInfoStore.deleteUserInfo( userName );
233
} catch ( NoSuchUserException e1 ) {
235
throw EucalyptusManagement.makeFault( "Unable to delete user" );
236
} catch ( UnsupportedOperationException e1 ) {
238
throw EucalyptusManagement.makeFault("Error while deleting user: " + e1.getMessage( ) );
242
public static void commitWebUser( final UserInfoWeb webUser ) throws SerializableException
244
String userName = webUser.getUserName( );
246
Users.updateUser( userName, new Tx<User>( ) {
247
public void fire( User user ) throws Throwable {
248
Composites.project( webUser, user );
251
UserInfoStore.updateUserInfo( userName, new Tx<UserInfo>( ) {
252
public void fire( UserInfo info ) throws Throwable {
253
Composites.project( webUser, info );
256
} catch ( NoSuchUserException e1 ) {
258
throw EucalyptusManagement.makeFault( "Unable to update user" );
259
} catch ( UnsupportedOperationException e1 ) {
261
throw EucalyptusManagement.makeFault("Error while updating user: " + e1.getMessage( ) );
400
265
public static String getAdminEmail() throws SerializableException
402
UserInfo searchUser = new UserInfo();
403
searchUser.setIsAdministrator( true );
404
EntityWrapper<UserInfo> db = new EntityWrapper<UserInfo>();
405
List<UserInfo> userList = db.query( searchUser );
406
if ( userList.size() < 1 || userList.isEmpty() )
409
throw EucalyptusManagement.makeFault("Administrator account not found" );
412
UserInfo first = userList.get( 0 );
413
String addr = first.getEmail();
414
if (addr==null || addr.equals("")) {
416
throw EucalyptusManagement.makeFault( "Email address is not set" );
269
UserInfo adminUser = UserInfoStore.getUserInfo( new UserInfo("admin") );
270
addr = adminUser.getEmail( );
271
} catch ( NoSuchUserException e ) {
272
throw EucalyptusManagement.makeFault("Administrator account not found" );
274
if (addr==null || addr.equals("")) {
275
throw EucalyptusManagement.makeFault( "Email address is not set" );
421
//return Configuration.getConfiguration().getAdminEmail();
424
280
public static void deleteImage(String imageId)
444
300
public static void disableImage(String imageId)
445
301
throws SerializableException
447
ImageInfo searchImg = new ImageInfo( );
448
searchImg.setImageId( imageId );
449
EntityWrapper<ImageInfo> db = new EntityWrapper<ImageInfo>();
450
List<ImageInfo> imgList= db.query( searchImg );
452
if ( imgList.size() > 0 && !imgList.isEmpty() )
454
ImageInfo foundimgSearch = imgList.get( 0 );
455
foundimgSearch.setImageState( "deregistered" );
461
throw EucalyptusManagement.makeFault ("Specified image was not found, sorry.");
304
new Images._byId( imageId ) {{ new _mutator() {
305
@Override public void set( ImageInfo e ) {
306
e.setImageState( "deregistered" );
309
} catch ( EucalyptusCloudException e ) {
310
throw EucalyptusManagement.makeFault ("Specified image was not found, sorry.");
464
313
public static void enableImage(String imageId)
465
314
throws SerializableException
467
ImageInfo searchImg = new ImageInfo( );
468
searchImg.setImageId( imageId );
469
EntityWrapper<ImageInfo> db = new EntityWrapper<ImageInfo>();
470
List<ImageInfo> imgList= db.query( searchImg );
472
if ( imgList.size() > 0 && !imgList.isEmpty() )
474
ImageInfo foundimgSearch = imgList.get( 0 );
475
foundimgSearch.setImageState( "available" );
481
throw EucalyptusManagement.makeFault ("Specified image was not found, sorry.");
317
new Images._byId( imageId ) {{ new _mutator() {
318
@Override public void set( ImageInfo e ) {
319
e.setImageState( "available" );
322
} catch ( EucalyptusCloudException e ) {
323
throw EucalyptusManagement.makeFault ("Specified image was not found, sorry.");
485
327
public static SystemConfigWeb getSystemConfig() throws SerializableException
487
EntityWrapper<SystemConfiguration> db = new EntityWrapper<SystemConfiguration>();
488
SystemConfiguration sysConf = EucalyptusProperties.getSystemConfiguration();
329
SystemConfiguration sysConf = SystemConfiguration.getSystemConfiguration();
330
LOG.debug( "Sending cloud host: " + sysConf.getCloudHost( ) );
489
331
return new SystemConfigWeb(
490
332
sysConf.getDefaultKernel(),
491
333
sysConf.getDefaultRamdisk(),
492
334
sysConf.getMaxUserPublicAddresses(),
493
335
sysConf.isDoDynamicPublicAddresses(),
494
336
sysConf.getSystemReservedPublicAddresses(),
495
sysConf.getZeroFillVolumes(),
496
337
sysConf.getDnsDomain(),
497
338
sysConf.getNameserver(),
498
339
sysConf.getNameserverAddress(),