// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.admin.acl;
import com.cloud.user.Account;
import org.apache.cloudstack.acl.Role;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.ApiArgValidator;
import org.apache.cloudstack.api.response.RoleResponse;
import org.apache.cloudstack.context.CallContext;
@APICommand(name = CreateRoleCmd.APINAME, description = "Creates a role", responseObject = RoleResponse.class,
requestHasSensitiveInfo = false, responseHasSensitiveInfo = false,
since = "4.9.0",
authorized = {RoleType.Admin})
public class CreateRoleCmd extends BaseCmd {
public static final String APINAME = "createRole";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true,
description = "creates a role with this unique name", validations = {ApiArgValidator.NotNullOrEmpty})
private String roleName;
@Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, required = true,
description = "The type of the role, valid options are: Admin, ResourceAdmin, DomainAdmin, User",
validations = {ApiArgValidator.NotNullOrEmpty})
private String roleType;
@Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "The description of the role")
private String roleDescription;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getRoleName() {
return roleName;
}
public RoleType getRoleType() {
return RoleType.fromString(roleType);
}
public String getRoleDescription() {
return roleDescription;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return APINAME.toLowerCase() + BaseCmd.RESPONSE_SUFFIX;
}
@Override
public long getEntityOwnerId() {
return Account.ACCOUNT_ID_SYSTEM;
}
private void setupResponse(final Role role) {
final RoleResponse response = new RoleResponse();
response.setId(role.getUuid());
response.setRoleName(role.getName());
response.setRoleType(role.getRoleType());
response.setResponseName(getCommandName());
response.setObjectName("role");
setResponseObject(response);
}
@Override
public void execute() {
CallContext.current().setEventDetails("Role: " + getRoleName() + ", type:" + getRoleType() + ", description: " + getRoleDescription());
final Role role = roleService.createRole(getRoleName(), getRoleType(), getRoleDescription());
if (role == null) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create role");
}
setupResponse(role);
}
}