cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bfede...@apache.org
Subject [11/32] git commit: updated refs/heads/ui-vpc-redesign to f3cc57f
Date Fri, 24 May 2013 18:09:50 GMT
CLOUDSTACK-2659 Advanced Zone - during VM deployment need to check network permissions for
shared account-specific guest networks too

Changes:
- Check network permissions for account specific shared networks as well
- Changes to error to include network uuid instead of id


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/51cf797d
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/51cf797d
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/51cf797d

Branch: refs/heads/ui-vpc-redesign
Commit: 51cf797d5ef69060c95dcb0fce47b2d96f16e26e
Parents: 704471e
Author: Prachi Damle <prachi@cloud.com>
Authored: Thu May 23 22:57:13 2013 -0700
Committer: Prachi Damle <prachi@cloud.com>
Committed: Thu May 23 22:57:49 2013 -0700

----------------------------------------------------------------------
 server/src/com/cloud/network/NetworkModelImpl.java |   12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/51cf797d/server/src/com/cloud/network/NetworkModelImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/NetworkModelImpl.java b/server/src/com/cloud/network/NetworkModelImpl.java
index 8971f8c..010cb9d 100755
--- a/server/src/com/cloud/network/NetworkModelImpl.java
+++ b/server/src/com/cloud/network/NetworkModelImpl.java
@@ -32,6 +32,7 @@ import javax.ejb.Local;
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import org.apache.cloudstack.acl.ControlledEntity.ACLType;
 import org.apache.cloudstack.lb.dao.ApplicationLoadBalancerRuleDao;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
@@ -1488,24 +1489,25 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel
{
     @Override
     public void checkNetworkPermissions(Account owner, Network network) {
         // Perform account permission check
-        if (network.getGuestType() != Network.GuestType.Shared) {
+        if (network.getGuestType() != Network.GuestType.Shared
+                || (network.getGuestType() == Network.GuestType.Shared && network.getAclType()
== ACLType.Account)) {
             AccountVO networkOwner = _accountDao.findById(network.getAccountId());
             if(networkOwner == null)
-                throw new PermissionDeniedException("Unable to use network with id= " + network.getId()
+ ", network does not have an owner");
+                throw new PermissionDeniedException("Unable to use network with id= " + ((network
!= null)? ((NetworkVO)network).getUuid() : "") + ", network does not have an owner");
             if(owner.getType() != Account.ACCOUNT_TYPE_PROJECT && networkOwner.getType()
== Account.ACCOUNT_TYPE_PROJECT){
                 if(!_projectAccountDao.canAccessProjectAccount(owner.getAccountId(), network.getAccountId())){
-                    throw new PermissionDeniedException("Unable to use network with id= "
+ network.getId() + ", permission denied");
+                    throw new PermissionDeniedException("Unable to use network with id= "
+ ((network != null)? ((NetworkVO)network).getUuid() : "") + ", permission denied");
                 }
             }else{
                 List<NetworkVO> networkMap = _networksDao.listBy(owner.getId(), network.getId());
                 if (networkMap == null || networkMap.isEmpty()) {
-                    throw new PermissionDeniedException("Unable to use network with id= "
+ network.getId() + ", permission denied");
+                    throw new PermissionDeniedException("Unable to use network with id= "
+ ((network != null)? ((NetworkVO)network).getUuid() : "") + ", permission denied");
                 }
             }
 
         } else {
             if (!isNetworkAvailableInDomain(network.getId(), owner.getDomainId())) {
-                throw new PermissionDeniedException("Shared network id=" + network.getUuid()
+ " is not available in domain id=" + owner.getDomainId());
+                throw new PermissionDeniedException("Shared network id=" + ((network != null)?
((NetworkVO)network).getUuid() : "") + " is not available in domain id=" + owner.getDomainId());
             }
         }
     }


Mime
View raw message