cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From likit...@apache.org
Subject git commit: updated refs/heads/master-6-17-stable to 739d0b1
Date Fri, 05 Jul 2013 11:05:16 GMT
Updated Branches:
  refs/heads/master-6-17-stable 27c59d057 -> 739d0b18c


CLOUDSTACK-3361. [Projects] Allow a normal user to edit public templates created by him.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/739d0b18
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/739d0b18
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/739d0b18

Branch: refs/heads/master-6-17-stable
Commit: 739d0b18c166a27b80040e117668cc4614c7f166
Parents: 27c59d0
Author: Likitha Shetty <likitha.shetty@citrix.com>
Authored: Fri Jul 5 16:15:29 2013 +0530
Committer: Likitha Shetty <likitha.shetty@citrix.com>
Committed: Fri Jul 5 16:31:34 2013 +0530

----------------------------------------------------------------------
 server/src/com/cloud/acl/DomainChecker.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/739d0b18/server/src/com/cloud/acl/DomainChecker.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index 8b20f3d..94cdfd1 100755
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -110,7 +110,10 @@ public class DomainChecker extends AdapterBase implements SecurityChecker
{
                 // Domain admin and regular user can delete/modify only templates created
by them
                 if (accessType != null && accessType == AccessType.ModifyEntry) {
                     if (!BaseCmd.isRootAdmin(caller.getType()) && owner.getId() !=
caller.getId()) {
-                        throw new PermissionDeniedException("Domain Admin and regular users
can modify only their own Public templates");
+                        // For projects check if the caller account can access the project
account
+                        if (owner.getType() != Account.ACCOUNT_TYPE_PROJECT || !(_projectMgr.canAccessProjectAccount(caller,
owner.getId()))) {
+                            throw new PermissionDeniedException("Domain Admin and regular
users can modify only their own Public templates");
+                        }
                     }
                 }
             }


Mime
View raw message