resolve conflict with main

Author: sudo87

api/src/main/java/com/cloud/event/EventTypes.java

@@ -301,8 +301,9 @@ public class EventTypes {
     public static final String EVENT_REGISTER_CNI_CONFIG = "REGISTER.CNI.CONFIG";
     public static final String EVENT_DELETE_CNI_CONFIG = "DELETE.CNI.CONFIG";
 
-    //register for user API and secret keys
+    //user API and secret keys
     public static final String EVENT_REGISTER_FOR_SECRET_API_KEY = "REGISTER.USER.KEY";
+    public static final String EVENT_DELETE_SECRET_API_KEY = "DELETE.USER.KEY";
     public static final String API_KEY_ACCESS_UPDATE = "API.KEY.ACCESS.UPDATE";
 
     // Template Events

api/src/main/java/com/cloud/kubernetes/cluster/KubernetesCluster.java

@@ -98,7 +98,7 @@ enum State {
             s_fsm.addTransition(State.Running, Event.ScaleDownRequested, State.Scaling);
             s_fsm.addTransition(State.Stopped, Event.ScaleUpRequested, State.ScalingStoppedCluster);
             s_fsm.addTransition(State.Scaling, Event.OperationSucceeded, State.Running);
-            s_fsm.addTransition(State.Scaling, Event.OperationFailed, State.Alert);
+            s_fsm.addTransition(State.Scaling, Event.OperationFailed, State.Running);
             s_fsm.addTransition(State.ScalingStoppedCluster, Event.OperationSucceeded, State.Stopped);
             s_fsm.addTransition(State.ScalingStoppedCluster, Event.OperationFailed, State.Alert);
 

api/src/main/java/com/cloud/kubernetes/cluster/KubernetesServiceHelper.java

@@ -18,6 +18,7 @@
 
 import org.apache.cloudstack.acl.ControlledEntity;
 
+import java.util.List;
 import java.util.Map;
 
 import com.cloud.user.Account;
@@ -33,8 +34,10 @@ enum KubernetesClusterNodeType {
     ControlledEntity findByUuid(String uuid);
     ControlledEntity findByVmId(long vmId);
     void checkVmCanBeDestroyed(UserVm userVm);
+    void checkVmAffinityGroupsCanBeUpdated(UserVm userVm);
     boolean isValidNodeType(String nodeType);
     Map<String, Long> getServiceOfferingNodeTypeMap(Map<String, Map<String, String>> serviceOfferingNodeTypeMap);
     Map<String, Long> getTemplateNodeTypeMap(Map<String, Map<String, String>> templateNodeTypeMap);
+    Map<String, List<Long>> getAffinityGroupNodeTypeMap(Map<String, Map<String, String>> affinityGroupNodeTypeMap);
     void cleanupForAccount(Account account);
 }

api/src/main/java/com/cloud/user/AccountService.java

@@ -19,16 +19,15 @@
 import java.util.List;
 import java.util.Map;
 
+import com.cloud.utils.Pair;
 import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.RolePermissionEntity;
 import org.apache.cloudstack.acl.RoleType;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.acl.apikeypair.ApiKeyPair;
+import org.apache.cloudstack.acl.apikeypair.ApiKeyPairPermission;
+import org.apache.cloudstack.api.BaseCmd;
 import org.apache.cloudstack.api.command.admin.account.CreateAccountCmd;
-import org.apache.cloudstack.api.command.admin.user.GetUserKeysCmd;
-import org.apache.cloudstack.api.command.admin.user.RegisterUserKeyCmd;
-import org.apache.cloudstack.api.command.admin.user.UpdateUserCmd;
-import org.apache.cloudstack.auth.UserTwoFactorAuthenticator;
-import org.apache.cloudstack.backup.BackupOffering;
-import org.apache.cloudstack.dns.DnsServer;
 
 import com.cloud.dc.DataCenter;
 import com.cloud.domain.Domain;
@@ -37,7 +36,17 @@
 import com.cloud.offering.DiskOffering;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offering.ServiceOffering;
-import com.cloud.utils.Pair;
+import org.apache.cloudstack.api.command.admin.user.DeleteUserKeysCmd;
+import org.apache.cloudstack.api.command.admin.user.GetUserKeysCmd;
+import org.apache.cloudstack.api.command.admin.user.ListUserKeyRulesCmd;
+import org.apache.cloudstack.api.command.admin.user.ListUserKeysCmd;
+import org.apache.cloudstack.api.command.admin.user.RegisterUserKeysCmd;
+import org.apache.cloudstack.api.command.admin.user.UpdateUserCmd;
+import org.apache.cloudstack.api.response.ApiKeyPairResponse;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.auth.UserTwoFactorAuthenticator;
+import org.apache.cloudstack.backup.BackupOffering;
+import org.apache.cloudstack.dns.DnsServer;
 
 public interface AccountService {
 
@@ -98,7 +107,7 @@ User createUser(String userName, String password, String firstName, String lastN
 
     void markUserRegistered(long userId);
 
-    public String[] createApiKeyAndSecretKey(RegisterUserKeyCmd cmd);
+    ApiKeyPair createApiKeyAndSecretKey(RegisterUserKeysCmd cmd);
 
     public String[] createApiKeyAndSecretKey(final long userId);
 
@@ -128,6 +137,8 @@ User createUser(String userName, String password, String firstName, String lastN
 
     void validateAccountHasAccessToResource(Account account, AccessType accessType, Object resource);
 
+    void validateCallingUserHasAccessToDesiredUser(Long userId);
+
     Long finalizeAccountId(String accountName, Long domainId, Long projectId, boolean enabledOnly);
 
     /**
@@ -137,9 +148,15 @@ User createUser(String userName, String password, String firstName, String lastN
      */
     UserAccount getUserAccountById(Long userId);
 
-    public Pair<Boolean, Map<String, String>> getKeys(GetUserKeysCmd cmd);
+    Pair<Boolean, Map<String, String>> getKeys(GetUserKeysCmd cmd);
+
+    ListResponse<ApiKeyPairResponse> listKeys(ListUserKeysCmd cmd);
+
+    List<ApiKeyPairPermission> listKeyRules(ListUserKeyRulesCmd cmd);
 
-    public Pair<Boolean, Map<String, String>> getKeys(Long userId);
+    void deleteApiKey(DeleteUserKeysCmd cmd);
+
+    void deleteApiKey(ApiKeyPair id);
 
     /**
      * Lists user two-factor authentication provider plugins
@@ -154,4 +171,13 @@ User createUser(String userName, String password, String firstName, String lastN
      */
     UserTwoFactorAuthenticator getUserTwoFactorAuthenticationProvider(final Long domainId);
 
+    ApiKeyPair getLatestUserKeyPair(Long userId);
+
+    ApiKeyPair getKeyPairById(Long id);
+
+    ApiKeyPair getKeyPairByApiKey(String apiKey);
+
+    String getAccessingApiKey(BaseCmd cmd);
+
+    List<RolePermissionEntity> getAllKeypairPermissions(String apiKey);
 }

api/src/main/java/com/cloud/user/ApiKeyPairState.java

@@ -0,0 +1,21 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.user;
+
+public enum ApiKeyPairState {
+    ENABLED, REMOVED, EXPIRED
+}

api/src/main/java/com/cloud/user/User.java

@@ -65,14 +65,6 @@ public enum Source {
 
     public void setState(Account.State state);
 
-    public String getApiKey();
-
-    public void setApiKey(String apiKey);
-
-    public String getSecretKey();
-
-    public void setSecretKey(String secretKey);
-
     public String getTimezone();
 
     public void setTimezone(String timezone);

api/src/main/java/com/cloud/user/UserAccount.java

@@ -39,10 +39,6 @@ public interface UserAccount extends InternalIdentity {
 
     String getState();
 
-    String getApiKey();
-
-    String getSecretKey();
-
     Date getCreated();
 
     Date getRemoved();

api/src/main/java/com/cloud/vm/VmDetailConstants.java

@@ -96,6 +96,7 @@ public interface VmDetailConstants {
     String CKS_NODE_TYPE = "node";
     String OFFERING = "offering";
     String TEMPLATE = "template";
+    String AFFINITY_GROUP = "affinitygroup";
 
     // VMware to KVM VM migrations specific
     String VMWARE_TO_KVM_PREFIX = "vmware-to-kvm";

api/src/main/java/org/apache/cloudstack/acl/APIChecker.java

@@ -20,6 +20,7 @@
 import com.cloud.user.Account;
 import com.cloud.user.User;
 import com.cloud.utils.component.Adapter;
+import org.apache.cloudstack.acl.apikeypair.ApiKeyPairPermission;
 
 import java.util.List;
 
@@ -31,8 +32,8 @@ public interface APIChecker extends Adapter {
     // If true, apiChecker has checked the operation
     // If false, apiChecker is unable to handle the operation or not implemented
     // On exception, checkAccess failed don't allow
-    boolean checkAccess(User user, String apiCommandName) throws PermissionDeniedException;
-    boolean checkAccess(Account account, String apiCommandName) throws PermissionDeniedException;
+    boolean checkAccess(User user, String apiCommandName, ApiKeyPairPermission... apiKeyPairPermissions) throws PermissionDeniedException;
+    boolean checkAccess(Account account, String apiCommandName, ApiKeyPairPermission... apiKeyPairPermissions) throws PermissionDeniedException;
     /**
      * Verifies if the account has permission for the given list of APIs and returns only the allowed ones.
      *
@@ -43,4 +44,5 @@ public interface APIChecker extends Adapter {
      */
     List<String> getApisAllowedToUser(Role role, User user, List<String> apiNames) throws PermissionDeniedException;
     boolean isEnabled();
+    List<RolePermissionEntity> getImplicitRolePermissions(RoleType roleType);
 }

api/src/main/java/org/apache/cloudstack/acl/RolePermissionEntity.java

@@ -21,7 +21,7 @@
 import org.apache.cloudstack.api.InternalIdentity;
 
 public interface RolePermissionEntity extends InternalIdentity, Identity {
-    public enum Permission {
+    enum Permission {
         ALLOW, DENY
     }
     Rule getRule();