use bool to simplify. start introducing auth for start/stop network

bubble-server/src/main/java/bubble/model/account/Account.java

@@ -122,15 +122,15 @@ public class Account extends IdentifiableBase implements TokenPrincipal, SqlView
 
     @ECSearchable @ECField(index=60)
     @Getter @Setter private Boolean admin = false;
-    public boolean admin () { return admin != null && admin; }
+    public boolean admin () { return bool(admin); }
 
     @ECSearchable @ECField(index=70)
     @Getter @Setter private Boolean suspended = false;
-    public boolean suspended () { return suspended != null && suspended; }
+    public boolean suspended () { return bool(suspended); }
 
     @ECSearchable @ECField(index=80)
     @Getter @Setter private Boolean locked = false;
-    public boolean locked () { return locked != null && locked; }
+    public boolean locked () { return bool(locked); }
 
     @JsonIgnore @Embedded @Getter @Setter private HashedPassword hashedPassword;
 

bubble-server/src/main/java/bubble/model/account/AccountContact.java

@@ -68,8 +68,7 @@ public class AccountContact implements Serializable {
     @Getter @Setter private Boolean verified = null;
     public boolean verified () { return bool(verified); }
 
-    @Getter @Setter private Boolean requiredForNetworkUnlock = true;
-    @Getter @Setter private Boolean requiredForNodeOperations = true;
+    @Getter @Setter private Boolean requiredForNetworkOperations = true;
     @Getter @Setter private Boolean requiredForAccountOperations = true;
     @Getter @Setter private Boolean receiveVerifyNotifications = true;
     @Getter @Setter private Boolean receiveLoginNotifications = true;
@@ -82,9 +81,8 @@ public class AccountContact implements Serializable {
     public boolean authFactor () { return authFactor != null && authFactor != AuthFactorType.not_required; }
     public boolean requiredAuthFactor () { return authFactor == AuthFactorType.required; }
     public boolean sufficientAuthFactor () { return authFactor == AuthFactorType.sufficient; }
-    public boolean requiredForAccountOperations () { return requiredForAccountOperations != null && requiredForAccountOperations; }
-    public boolean requiredForNetworkUnlock () { return requiredForNetworkUnlock != null && requiredForNetworkUnlock; }
-    public boolean requiredForNodeOperations () { return requiredForNodeOperations != null && requiredForNodeOperations; }
+    public boolean requiredForAccountOperations () { return bool(requiredForAccountOperations); }
+    public boolean requiredForNetworkOperations() { return bool(requiredForNetworkOperations); }
 
     public static AccountContact[] set(AccountContact c, AccountContact[] contacts, Account account, BubbleConfiguration configuration) {
         if (!c.getType().isAuthenticationType()) return die("add: not an authentication type: "+c);
@@ -228,13 +226,13 @@ public class AccountContact implements Serializable {
                                         && verified()
                         ) || (
                                 target == ActionTarget.network
-                                        && bool(requiredForNodeOperations)
+                                        && bool(requiredForNetworkOperations)
                                         && getType() != CloudServiceType.authenticator
                                         && verified()
                         );
                     case confirmation:
                         return target == ActionTarget.network
-                                && bool(requiredForNodeOperations)
+                                && bool(requiredForNetworkOperations)
                                 && getType() != CloudServiceType.authenticator
                                 && verified();
                     default:
@@ -256,7 +254,7 @@ public class AccountContact implements Serializable {
                     if (target == ActionTarget.account && getType().isVerifiableAuthenticationType()) {
                         if (message.hasContact() && message.getContact().equals(getUuid())) return true;
                         return bool(receiveVerifyNotifications);
-                    } else if (target == ActionTarget.network && bool(requiredForNetworkUnlock)) {
+                    } else if (target == ActionTarget.network && requiredForNetworkOperations()) {
                         return true;
                     } else {
                         log.warn("isAllowed(verify): verify action not allowed for type/target: "+getType()+"/"+target);
@@ -269,7 +267,7 @@ public class AccountContact implements Serializable {
             case start: case stop: case delete:
                 switch (target) {
                     case account:            return bool(requiredForAccountOperations);
-                    case node: case network: return bool(requiredForNodeOperations);
+                    case node: case network: return bool(requiredForNetworkOperations);
                     default:
                         log.warn("isAllowed(start/stop/delete): unknown target: "+target+", returning false");
                         return false;

bubble-server/src/main/java/bubble/model/account/AccountPolicy.java

@@ -115,7 +115,7 @@ public class AccountPolicy extends IdentifiableBase implements HasAccount {
                 }
             case network: case node:
                 return Arrays.stream(getAccountContacts())
-                        .filter(c -> c.requiredForNodeOperations() || c.requiredAuthFactor())
+                        .filter(c -> c.requiredForNetworkOperations() || c.requiredAuthFactor())
                         .collect(Collectors.toList());
             default:
                 return requiredAuthFactors();

bubble-server/src/main/java/bubble/model/account/AccountSshKey.java

@@ -15,8 +15,7 @@ import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.Transient;
 
-import static org.cobbzilla.util.daemon.ZillaRuntime.empty;
-import static org.cobbzilla.util.daemon.ZillaRuntime.now;
+import static org.cobbzilla.util.daemon.ZillaRuntime.*;
 import static org.cobbzilla.util.reflect.ReflectionUtil.copy;
 import static org.cobbzilla.util.security.ShaUtil.sha256_hex;
 import static org.cobbzilla.util.time.TimeUtil.formatISO8601;
@@ -68,7 +67,7 @@ public class AccountSshKey extends IdentifiableBase implements HasAccount {
     @ECField(index=50) @ECSearchable
     @Column(nullable=false)
     @Getter @Setter private Boolean installSshKey = false;
-    public boolean installSshKey() { return installSshKey != null && installSshKey; }
+    public boolean installSshKey() { return bool(installSshKey); }
 
     @ECField(index=60)
     @Getter @Setter private Long expiration;

bubble-server/src/main/java/bubble/model/account/AuthenticatorRequest.java

@@ -5,6 +5,7 @@ import lombok.NoArgsConstructor;
 import lombok.Setter;
 import lombok.experimental.Accessors;
 
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.string.StringUtil.safeParseInt;
 
 @NoArgsConstructor @Accessors(chain=true)
@@ -16,6 +17,6 @@ public class AuthenticatorRequest {
     public Integer intToken() { return safeParseInt(getToken()); }
 
     @Getter @Setter private Boolean verify;
-    public boolean verify() { return verify != null && verify; }
+    public boolean verify() { return bool(verify); }
 
 }

bubble-server/src/main/java/bubble/model/app/AppData.java

@@ -20,6 +20,7 @@ import javax.persistence.Transient;
 import javax.validation.constraints.Size;
 
 import static bubble.ApiConstants.EP_DATA;
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.daemon.ZillaRuntime.now;
 import static org.cobbzilla.util.reflect.ReflectionUtil.copy;
 import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING;
@@ -96,12 +97,12 @@ public class AppData extends IdentifiableBase implements AppTemplateEntity {
     @ECSearchable
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean enabled = true;
-    public boolean enabled() { return enabled != null && enabled; }
+    public boolean enabled() { return bool(enabled); }
 
     public AppData(RuleConfig config) {
         setMatcher(config.getMatcher());

bubble-server/src/main/java/bubble/model/app/AppMatcher.java

@@ -20,6 +20,7 @@ import javax.validation.constraints.Size;
 import java.util.regex.Pattern;
 
 import static bubble.ApiConstants.EP_MATCHERS;
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.reflect.ReflectionUtil.copy;
 import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING;
 import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENC_PAD;
@@ -82,7 +83,7 @@ public class AppMatcher extends IdentifiableBase implements AppTemplateEntity {
     @ECSearchable @ECField(index=80)
     @Column(nullable=false)
     @Getter @Setter private Boolean blocked = false;
-    public boolean blocked() { return blocked != null && blocked; }
+    public boolean blocked() { return bool(blocked); }
 
     @ECSearchable @ECField(index=90)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/app/BubbleApp.java

@@ -64,7 +64,7 @@ public class BubbleApp extends IdentifiableBaseParentEntity implements AccountTe
     @ECSearchable @ECField(index=50)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=60)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/app/RuleDriver.java

@@ -68,7 +68,7 @@ public class RuleDriver extends IdentifiableBase implements AccountTemplate {
     @ECSearchable @ECField(index=30)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=40)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/bill/AccountPaymentMethod.java

@@ -25,6 +25,7 @@ import javax.persistence.Entity;
 import javax.persistence.EnumType;
 import javax.persistence.Enumerated;
 
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.daemon.ZillaRuntime.empty;
 import static org.cobbzilla.util.reflect.ReflectionUtil.copy;
 import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING;
@@ -78,7 +79,7 @@ public class AccountPaymentMethod extends IdentifiableBase implements HasAccount
     @ECSearchable @ECField(index=50)
     @Column(nullable=false)
     @Getter @Setter private Boolean deleted = false;
-    public boolean deleted() { return deleted != null && deleted; }
+    public boolean deleted() { return bool(deleted); }
     public boolean notDeleted() { return !deleted(); }
 
     public ValidationResult validate(ValidationResult result, BubbleConfiguration configuration) {

bubble-server/src/main/java/bubble/model/bill/AccountPlan.java

@@ -22,6 +22,7 @@ import javax.persistence.Transient;
 import javax.validation.constraints.Size;
 
 import static bubble.model.bill.BillPeriod.BILL_START_END_FORMAT;
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.daemon.ZillaRuntime.empty;
 import static org.cobbzilla.util.reflect.ReflectionUtil.copy;
 
@@ -87,7 +88,7 @@ public class AccountPlan extends IdentifiableBase implements HasAccount {
     @ECSearchable @ECField(index=80)
     @Column(nullable=false)
     @Getter @Setter private Boolean enabled = false;
-    public boolean enabled() { return enabled != null && enabled; }
+    public boolean enabled() { return bool(enabled); }
     public boolean disabled() { return !enabled(); }
 
     @ECSearchable(type=EntityFieldType.epoch_time) @ECField(index=90)
@@ -107,7 +108,7 @@ public class AccountPlan extends IdentifiableBase implements HasAccount {
     @ECSearchable @ECField(index=120)
     @Column(nullable=false)
     @ECIndex @Getter @Setter private Boolean closed = false;
-    public boolean closed() { return closed != null && closed; }
+    public boolean closed() { return bool(closed); }
     public boolean notClosed() { return !closed(); }
 
     @ECSearchable @ECField(index=130)

bubble-server/src/main/java/bubble/model/boot/ActivationRequest.java

@@ -13,6 +13,7 @@ import org.cobbzilla.wizard.validation.HasValue;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.daemon.ZillaRuntime.empty;
 
 @NoArgsConstructor @Accessors(chain=true)
@@ -46,10 +47,10 @@ public class ActivationRequest {
     @Getter @Setter private BubbleDomain domain;
 
     @Getter @Setter private Boolean createDefaultObjects = true;
-    public boolean createDefaultObjects () { return createDefaultObjects != null && createDefaultObjects; };
+    public boolean createDefaultObjects () { return bool(createDefaultObjects); };
 
     @Getter @Setter private Boolean skipTests = false;
-    public boolean skipTests () { return skipTests != null && skipTests; };
+    public boolean skipTests () { return bool(skipTests); };
 
     @Getter @Setter private AccountSshKey sshKey;
     public boolean hasSshKey () { return sshKey != null; }

bubble-server/src/main/java/bubble/model/cloud/AnsibleRole.java

@@ -94,7 +94,7 @@ public class AnsibleRole extends IdentifiableBase implements AccountTemplate, Ha
     @ECSearchable @ECField(index=60)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=70)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/cloud/BubbleDomain.java

@@ -83,7 +83,7 @@ public class BubbleDomain extends IdentifiableBase implements AccountTemplate {
     @ECSearchable @ECField(index=40)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=50)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/cloud/BubbleFootprint.java

@@ -74,7 +74,7 @@ public class BubbleFootprint extends IdentifiableBase implements AccountTemplate
     @ECSearchable @ECField(index=40)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=50)
     @ECIndex @Column(nullable=false)

bubble-server/src/main/java/bubble/model/cloud/BubbleNode.java

@@ -30,8 +30,7 @@ import java.util.*;
 
 import static bubble.ApiConstants.EP_NODES;
 import static bubble.model.cloud.BubbleNodeState.*;
-import static org.cobbzilla.util.daemon.ZillaRuntime.die;
-import static org.cobbzilla.util.daemon.ZillaRuntime.empty;
+import static org.cobbzilla.util.daemon.ZillaRuntime.*;
 import static org.cobbzilla.util.io.FileUtil.abs;
 import static org.cobbzilla.util.json.JsonUtil.fromJson;
 import static org.cobbzilla.util.network.NetworkUtil.isLocalIpv4;
@@ -217,7 +216,7 @@ public class BubbleNode extends IdentifiableBase implements HasNetwork, HasBubbl
 
     // After a restore operation, we will want to notify the server
     @Transient @Getter @Setter private transient Boolean wasRestored;
-    public boolean wasRestored() { return wasRestored != null && wasRestored; }
+    public boolean wasRestored() { return bool(wasRestored); }
 
     public ApiClientBase getApiClient(BubbleConfiguration configuration) {
         return new BubbleNodeClient(this, configuration);

bubble-server/src/main/java/bubble/model/cloud/CloudService.java

@@ -108,7 +108,7 @@ public class CloudService extends IdentifiableBaseParentEntity implements Accoun
     @ECSearchable @ECField(index=60)
     @ECIndex @Column(nullable=false)
     @Getter @Setter private Boolean template = false;
-    public boolean template() { return template != null && template; }
+    public boolean template() { return bool(template); }
 
     @ECSearchable @ECField(index=70)
     @ECIndex @Column(nullable=false)
@@ -301,7 +301,7 @@ public class CloudService extends IdentifiableBaseParentEntity implements Accoun
 
     @Transient @JsonIgnore @Getter @Setter private Object testArg = null;
     @Transient @JsonIgnore @Getter @Setter private Boolean skipTest = false;
-    public boolean skipTest () { return skipTest != null && skipTest; };
+    public boolean skipTest () { return bool(skipTest); };
 
     public static ValidationResult testDriver(CloudService cloud, BubbleConfiguration configuration) {
         return testDriver(cloud, configuration, new ValidationResult());

bubble-server/src/main/java/bubble/model/cloud/notify/NotificationBase.java

@@ -19,6 +19,7 @@ import org.hibernate.annotations.Type;
 import javax.persistence.*;
 
 import static bubble.ApiConstants.ERROR_MAXLEN;
+import static org.cobbzilla.util.daemon.ZillaRuntime.bool;
 import static org.cobbzilla.util.daemon.ZillaRuntime.errorString;
 import static org.cobbzilla.util.json.JsonUtil.json;
 import static org.cobbzilla.util.string.StringUtil.ellipsis;
@@ -72,7 +73,7 @@ public class NotificationBase extends IdentifiableBase implements HasAccountNoNa
 
     @ECField(index=80)
     @Getter @Setter private Boolean truncated = false;
-    public boolean truncated () { return truncated != null && truncated; }
+    public boolean truncated () { return bool(truncated); }
 
     @ECField(index=90)
     @Type(type=ENCRYPTED_STRING) @Column(updatable=false, columnDefinition="varchar("+(1000+ENC_PAD)+")")

bubble-server/src/main/java/bubble/resources/cloud/NetworkActionsResource.java

@@ -78,6 +78,9 @@ public class NetworkActionsResource {
 
         if (!network.getState().canStartNetwork()) return invalid("err.network.cannotStartInCurrentState");
 
+        final AccountPolicy policy = policyDAO.findSingleByAccount(account.getUuid());
+        // todo: enforce policy
+
         return _startNetwork(network, cloud, region, req);
     }