cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From likit...@apache.org
Subject git commit: updated refs/heads/master to 47de56d
Date Thu, 11 Jul 2013 08:25:57 GMT
Updated Branches:
  refs/heads/master 33376f145 -> 47de56d66


CLOUDSTACK-3447. CLOUDSTACK-3448.
Correct the access check on networks in APIs addNicToVM and removeNicFromVM


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/47de56d6
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/47de56d6
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/47de56d6

Branch: refs/heads/master
Commit: 47de56d665243eb648f10cac5c806e095e03ef75
Parents: 33376f1
Author: Likitha Shetty <likitha.shetty@citrix.com>
Authored: Thu Jul 11 13:46:25 2013 +0530
Committer: Likitha Shetty <likitha.shetty@citrix.com>
Committed: Thu Jul 11 13:50:11 2013 +0530

----------------------------------------------------------------------
 server/src/com/cloud/vm/UserVmManagerImpl.java | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/47de56d6/server/src/com/cloud/vm/UserVmManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 53b4b6e..f95123e 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -863,13 +863,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager,
Use
         }
 
         // Perform account permission check on network
-        if (network.getGuestType() != Network.GuestType.Shared) {
-            // Check account permissions
-            List<NetworkVO> networkMap = _networkDao.listBy(caller.getId(), network.getId());
-            if ((networkMap == null || networkMap.isEmpty() ) && caller.getType()
!= Account.ACCOUNT_TYPE_ADMIN) {
-                throw new PermissionDeniedException("Unable to modify a vm using network
with id " + network.getId() + ", permission denied");
-            }
-        }
+        _accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
 
         //ensure network belongs in zone
         if (network.getDataCenterId() != vmInstance.getDataCenterId()) {
@@ -940,13 +934,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager,
Use
         }
 
         // Perform account permission check on network
-        if (network.getGuestType() != Network.GuestType.Shared) {
-            // Check account permissions
-            List<NetworkVO> networkMap = _networkDao.listBy(caller.getId(), network.getId());
-            if ((networkMap == null || networkMap.isEmpty() ) && caller.getType()
!= Account.ACCOUNT_TYPE_ADMIN) {
-                throw new PermissionDeniedException("Unable to modify a vm using network
with id " + network.getId() + ", permission denied");
-            }
-        }
+        _accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
 
         boolean nicremoved = false;
 


Mime
View raw message