fix: cloudid 异常修复

pkg/cloudcommon/db/external.go

@@ -27,7 +27,7 @@ import (
 // +onecloud:model-api-gen
 type SExternalizedResourceBase struct {
 	// 外部Id, 对用公有云私有资源自身的Id
-	ExternalId string `width:"256" charset:"utf8" index:"true" list:"user" create:"admin_optional" update:"admin" json:"external_id"`
+	ExternalId string `width:"256" charset:"utf8" index:"true" list:"user" create:"domain_optional" update:"admin" json:"external_id"`
 }
 
 type SExternalizedResourceBaseManager struct{}

pkg/cloudcommon/db/statusinfrasuserresource.go

@@ -164,3 +164,16 @@ func (model *SStatusDomainLevelUserResourceBase) GetExtraDetails(
 ) (apis.StatusDomainLevelUserResourceDetails, error) {
 	return apis.StatusDomainLevelUserResourceDetails{}, nil
 }
+
+func (self *SStatusDomainLevelUserResourceBase) GetOwnerId() mcclient.IIdentityProvider {
+	owner := SOwnerId{UserId: self.OwnerId}
+	return &owner
+}
+
+func (manager *SStatusDomainLevelUserResourceBaseManager) NamespaceScope() rbacutils.TRbacScope {
+	return rbacutils.ScopeUser
+}
+
+func (manager *SStatusDomainLevelUserResourceBaseManager) ResourceScope() rbacutils.TRbacScope {
+	return rbacutils.ScopeUser
+}

pkg/cloudid/models/cloudaccount.go

@@ -28,6 +28,7 @@ import (
 	"yunion.io/x/pkg/errors"
 	"yunion.io/x/pkg/util/compare"
 	"yunion.io/x/pkg/utils"
+	"yunion.io/x/sqlchemy"
 
 	proxyapi "yunion.io/x/onecloud/pkg/apis/cloudcommon/proxy"
 	api "yunion.io/x/onecloud/pkg/apis/cloudid"
@@ -72,6 +73,10 @@ type SCloudaccount struct {
 	IamLoginUrl string `width:"512" charset:"ascii"`
 }
 
+func (manager *SCloudaccountManager) GetResourceCount() ([]db.SScopeResourceCount, error) {
+	return []db.SScopeResourceCount{}, nil
+}
+
 func (manager *SCloudaccountManager) GetICloudaccounts() ([]SCloudaccount, error) {
 	s := auth.GetAdminSession(context.Background(), options.Options.Region, "")
 
@@ -794,7 +799,9 @@ func (self *SCloudaccount) GetOrCreateCloudgroup(ctx context.Context, userCred m
 	}
 
 	for i := range iPolicies {
-		_, err := db.FetchByExternalId(CloudpolicyManager, iPolicies[i].GetGlobalId())
+		_, err := db.FetchByExternalIdAndManagerId(CloudpolicyManager, iPolicies[i].GetGlobalId(), func(q *sqlchemy.SQuery) *sqlchemy.SQuery {
+			return q.Equals("provider", self.Provider)
+		})
 		if err == nil {
 			continue
 		}

pkg/cloudid/models/cloudgroup.go

@@ -768,9 +768,11 @@ func (self *SCloudgroup) attachPolicyFromCloudpolicy(ctx context.Context, userCr
 	up := &SCloudgroupPolicy{}
 	up.SetModelManager(CloudgroupPolicyManager, up)
 	up.CloudgroupId = self.Id
-	p, err := db.FetchByExternalId(CloudpolicyManager, iPolicy.GetGlobalId())
+	p, err := db.FetchByExternalIdAndManagerId(CloudpolicyManager, iPolicy.GetGlobalId(), func(q *sqlchemy.SQuery) *sqlchemy.SQuery {
+		return q.Equals("provider", self.Provider)
+	})
 	if err != nil {
-		return errors.Wrapf(err, "db.FetchByExternalId(%s)", iPolicy.GetGlobalId())
+		return errors.Wrapf(err, "db.FetchByExternalIdAndManagerId(%s)", iPolicy.GetGlobalId())
 	}
 	_, err = self.GetCloudpolicy(p.GetId())
 	if err != nil {

pkg/cloudid/models/clouduser.go

@@ -77,6 +77,20 @@ type SClouduser struct {
 	Email string `width:"36" charset:"ascii" nullable:"true" list:"user" create:"domain_optional"`
 }
 
+func (manager *SClouduserManager) GetResourceCount() ([]db.SScopeResourceCount, error) {
+	q := manager.Query()
+	domainCnt, err := db.CalculateResourceCount(q, "domain_id")
+	if err != nil {
+		return nil, errors.Wrap(err, "CalculateResourceCount.domain_id")
+	}
+	q = manager.Query()
+	userCnt, err := db.CalculateResourceCount(q, "owner_id")
+	if err != nil {
+		return nil, errors.Wrap(err, "CalculateResourceCount.owner_id")
+	}
+	return append(domainCnt, userCnt...), nil
+}
+
 func (manager *SClouduserManager) AllowListItems(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) bool {
 	return true
 }
@@ -583,7 +597,9 @@ func (self *SClouduser) SyncCloudgroups(ctx context.Context, userCred mcclient.T
 
 	for i := 0; i < len(added); i++ {
 		var cloudgroupId string
-		_cache, err := db.FetchByExternalId(CloudgroupcacheManager, added[i].GetGlobalId())
+		_cache, err := db.FetchByExternalIdAndManagerId(CloudgroupcacheManager, added[i].GetGlobalId(), func(q *sqlchemy.SQuery) *sqlchemy.SQuery {
+			return q.Equals("cloudaccount_id", self.CloudaccountId)
+		})
 		if err != nil {
 			if errors.Cause(err) != sql.ErrNoRows {
 				result.AddError(errors.Wrapf(err, "FetchByExternalId(%s)", added[i].GetGlobalId()))

pkg/cloudid/models/clouduser_policies.go

@@ -194,19 +194,23 @@ func (manager *SClouduserPolicyManager) newFromClouduserPolicy(ctx context.Conte
 	lockman.LockClass(ctx, manager, db.GetLockClassKey(manager, userCred))
 	defer lockman.ReleaseClass(ctx, manager, db.GetLockClassKey(manager, userCred))
 
+	account, err := user.GetCloudaccount()
+	if err != nil {
+		return errors.Wrap(err, "user.GetCloudaccount")
+	}
+
 	up := &SClouduserPolicy{}
 	up.SetModelManager(manager, up)
 	up.ClouduserId = user.Id
 
-	p, err := db.FetchByExternalId(CloudpolicyManager, iPolicy.GetGlobalId())
+	p, err := db.FetchByExternalIdAndManagerId(CloudpolicyManager, iPolicy.GetGlobalId(), func(q *sqlchemy.SQuery) *sqlchemy.SQuery {
+		return q.Equals("provider", account.Provider)
+	})
+
 	if err != nil {
 		if errors.Cause(err) != sql.ErrNoRows {
 			return errors.Wrapf(err, "db.FetchByExternalId(%s)", iPolicy.GetGlobalId())
 		}
-		account, err := user.GetCloudaccount()
-		if err != nil {
-			return errors.Wrap(err, "user.GetCloudaccount")
-		}
 		policy, err := CloudpolicyManager.newFromCloudpolicy(ctx, userCred, iPolicy, account.Provider)
 		if err != nil {
 			return errors.Wrap(err, "newFromCloudpolicy")

pkg/multicloud/aws/aws.go

@@ -507,8 +507,8 @@ func (client *SAwsClient) GetIamLoginUrl() string {
 		return ""
 	}
 
-	switch client.accessUrl {
-	case "ChinaCloud":
+	switch client.GetAccessEnv() {
+	case api.CLOUD_ACCESS_ENV_AWS_CHINA:
 		return fmt.Sprintf("https://%s.signin.amazonaws.cn/console/", identity.Account)
 	default:
 		return fmt.Sprintf("https://%s.signin.aws.amazon.com/console/", identity.Account)

pkg/multicloud/aws/cloudgroup.go

@@ -58,18 +58,18 @@ func (self *SCloudgroup) RemoveUser(name string) error {
 }
 
 func (self *SCloudgroup) AttachSystemPolicy(policyArn string) error {
-	return self.client.AttachGroupPolicy(self.GroupName, policyArn)
+	return self.client.AttachGroupPolicy(self.GroupName, self.client.getIamArn(policyArn))
 }
 
 func (self *SCloudgroup) DetachSystemPolicy(policyArn string) error {
-	return self.client.DetachGroupPolicy(self.GroupName, policyArn)
+	return self.client.DetachGroupPolicy(self.GroupName, self.client.getIamArn(policyArn))
 }
 
-func (self *SCloudgroup) GetICloudusers() ([]cloudprovider.IClouduser, error) {
+func (self *SAwsClient) ListGroupUsers(groupName string) ([]SClouduser, error) {
 	users := []SClouduser{}
 	marker := ""
 	for {
-		part, err := self.client.GetGroup(self.GroupName, marker, 1000)
+		part, err := self.GetGroup(groupName, marker, 1000)
 		if err != nil {
 			return nil, errors.Wrap(err, "GetGroup")
 		}
@@ -79,6 +79,14 @@ func (self *SCloudgroup) GetICloudusers() ([]cloudprovider.IClouduser, error) {
 			break
 		}
 	}
+	return users, nil
+}
+
+func (self *SCloudgroup) GetICloudusers() ([]cloudprovider.IClouduser, error) {
+	users, err := self.client.ListGroupUsers(self.GroupName)
+	if err != nil {
+		return nil, err
+	}
 	ret := []cloudprovider.IClouduser{}
 	for i := range users {
 		users[i].client = self.client
@@ -88,14 +96,14 @@ func (self *SCloudgroup) GetICloudusers() ([]cloudprovider.IClouduser, error) {
 }
 
 func (self *SCloudgroup) GetISystemCloudpolicies() ([]cloudprovider.ICloudpolicy, error) {
-	policies := []SPolicy{}
+	policies := []SAttachedPolicy{}
 	marker := ""
 	for {
-		part, err := self.client.ListGroupPolicies(self.GroupName, marker, 1000)
+		part, err := self.client.ListAttachedGroupPolicies(self.GroupName, marker, 1000)
 		if err != nil {
 			return nil, errors.Wrap(err, "ListGroupPolicies")
 		}
-		policies = append(policies, part.Policies...)
+		policies = append(policies, part.AttachedPolicies...)
 		marker = part.Marker
 		if len(marker) == 0 {
 			break