cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mc...@apache.org
Subject git commit: updated refs/heads/rbac to 841dcb0
Date Mon, 16 Dec 2013 18:08:46 GMT
Updated Branches:
  refs/heads/rbac 3f092d14c -> 841dcb0e8


Handle special scopeId = -1 case for current domain or current account
in AclPolicyPermission table.

Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/841dcb0e
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/841dcb0e
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/841dcb0e

Branch: refs/heads/rbac
Commit: 841dcb0e8e76793b07cf7ae48371ed81555275b4
Parents: 3f092d1
Author: Min Chen <min.chen@citrix.com>
Authored: Mon Dec 16 10:08:28 2013 -0800
Committer: Min Chen <min.chen@citrix.com>
Committed: Mon Dec 16 10:08:28 2013 -0800

----------------------------------------------------------------------
 .../org/apache/cloudstack/acl/AclPolicyPermissionVO.java | 11 +++++++++++
 1 file changed, 11 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/841dcb0e/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionVO.java b/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionVO.java
index 0d93b4f..0eb48ad 100644
--- a/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionVO.java
+++ b/engine/schema/src/org/apache/cloudstack/acl/AclPolicyPermissionVO.java
@@ -28,7 +28,9 @@ import javax.persistence.Id;
 import javax.persistence.Table;
 
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
+import org.apache.cloudstack.context.CallContext;
 
+import com.cloud.user.Account;
 import com.cloud.utils.db.GenericDao;
 
 @Entity
@@ -137,6 +139,15 @@ public class AclPolicyPermissionVO implements AclPolicyPermission {
 
     @Override
     public Long getScopeId() {
+        // handle special -1 scopeId, current caller domain, account
+        if ( scopeId < 0 ){
+            Account caller = CallContext.current().getCallingAccount();
+            if ( scope == PermissionScope.DOMAIN){
+                return caller.getDomainId();
+            } else if (scope == PermissionScope.ACCOUNT) {
+                return caller.getAccountId();
+            }
+        }
         return scopeId;
     }
 


Mime
View raw message