Return-Path: X-Original-To: apmail-incubator-cloudstack-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7ABA0D9D1 for ; Tue, 25 Sep 2012 17:48:10 +0000 (UTC) Received: (qmail 88020 invoked by uid 500); 25 Sep 2012 17:48:10 -0000 Delivered-To: apmail-incubator-cloudstack-commits-archive@incubator.apache.org Received: (qmail 87998 invoked by uid 500); 25 Sep 2012 17:48:10 -0000 Mailing-List: contact cloudstack-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-commits@incubator.apache.org Received: (qmail 87990 invoked by uid 99); 25 Sep 2012 17:48:10 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Sep 2012 17:48:10 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 1A0223B5FE; Tue, 25 Sep 2012 17:48:10 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: alena1108@apache.org To: cloudstack-commits@incubator.apache.org X-Mailer: ASF-Git Admin Mailer Subject: git commit: Fixed security problem in listAccounts call (regular user could see other accounts' info when domainId was passed in to listAccounts call) Message-Id: <20120925174810.1A0223B5FE@tyr.zones.apache.org> Date: Tue, 25 Sep 2012 17:48:10 +0000 (UTC) Updated Branches: refs/heads/master 5c4cf1186 -> 51041e4f7 Fixed security problem in listAccounts call (regular user could see other accounts' info when domainId was passed in to listAccounts call) Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/51041e4f Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/51041e4f Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/51041e4f Branch: refs/heads/master Commit: 51041e4f77d857cc0211ab9bac57cf071d30c266 Parents: 5c4cf11 Author: Alena Prokharchyk Authored: Tue Sep 25 10:38:04 2012 -0700 Committer: Alena Prokharchyk Committed: Tue Sep 25 10:44:22 2012 -0700 ---------------------------------------------------------------------- server/src/com/cloud/user/AccountManagerImpl.java | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/51041e4f/server/src/com/cloud/user/AccountManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index fa9fafb..a79251b 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -2007,7 +2007,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag if (domainId == null) { domainId = caller.getDomainId(); } - } else if (domainId != null) { + } else if (isAdmin(caller.getType()) && domainId != null) { listForDomain = true; } else { accountId = caller.getAccountId();