cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kis...@apache.org
Subject git commit: updated refs/heads/master to d810ab4
Date Wed, 18 Dec 2013 09:14:56 GMT
Updated Branches:
  refs/heads/master 96309a786 -> d810ab46f


Revert "reverted 3a3fec3cb6bb4f9a008370ea02279d286654b01a because it fails a unit test"

This reverts commit f4ee1a8115cd927ce15feb9af60b18d108dcd6e7.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/d810ab46
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/d810ab46
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/d810ab46

Branch: refs/heads/master
Commit: d810ab46feeea233cb4fdfdd3e342a598cbd609b
Parents: 96309a7
Author: Kishan Kavala <kishan@cloud.com>
Authored: Wed Dec 18 14:21:07 2013 +0530
Committer: Kishan Kavala <kishan@cloud.com>
Committed: Wed Dec 18 14:43:25 2013 +0530

----------------------------------------------------------------------
 .../cloud/network/vpc/NetworkACLServiceImpl.java    | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/d810ab46/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java b/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
index ade83e3..a95ef1a 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
@@ -23,6 +23,8 @@ import java.util.Map;
 import javax.ejb.Local;
 import javax.inject.Inject;
 
+import com.cloud.network.vpc.dao.VpcDao;
+import org.apache.cloudstack.api.command.user.network.ListNetworkACLListsCmd;
 import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
@@ -30,7 +32,6 @@ import org.springframework.stereotype.Component;
 import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.ServerApiException;
 import org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd;
-import org.apache.cloudstack.api.command.user.network.ListNetworkACLListsCmd;
 import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd;
 import org.apache.cloudstack.context.CallContext;
 
@@ -42,7 +43,6 @@ import com.cloud.network.Networks;
 import com.cloud.network.dao.NetworkDao;
 import com.cloud.network.dao.NetworkVO;
 import com.cloud.network.vpc.dao.NetworkACLDao;
-import com.cloud.network.vpc.dao.VpcDao;
 import com.cloud.network.vpc.dao.VpcGatewayDao;
 import com.cloud.projects.Project.ListProjectResourcesCriteria;
 import com.cloud.server.ResourceTag.ResourceObjectType;
@@ -579,8 +579,16 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
     @Override
     public boolean revokeNetworkACLItem(long ruleId) {
         NetworkACLItemVO aclItem = _networkACLItemDao.findById(ruleId);
-        if (aclItem != null) {
-            if ((aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW) || (aclItem.getAclId() ==
NetworkACL.DEFAULT_DENY)) {
+        if(aclItem != null){
+            NetworkACL acl = _networkAclMgr.getNetworkACL(aclItem.getAclId());
+
+            Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
+
+            Account caller = CallContext.current().getCallingAccount();
+
+            _accountMgr.checkAccess(caller, null, true, vpc);
+
+            if((aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW) || (aclItem.getAclId() ==
NetworkACL.DEFAULT_DENY)){
                 throw new InvalidParameterValueException("ACL Items in default ACL cannot
be deleted");
             }
         }


Mime
View raw message