cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mc...@apache.org
Subject [1/4] git commit: updated refs/heads/rbac to 5854c0b
Date Wed, 12 Feb 2014 06:46:43 GMT
Updated Branches:
  refs/heads/rbac 0b5b86199 -> 5854c0bbe


Handle scopeId=-1 properly, which indicates current caller domain or
account.

Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/63e42d3c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/63e42d3c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/63e42d3c

Branch: refs/heads/rbac
Commit: 63e42d3c47d1c0d5e885ec4265b20ea2f613d94b
Parents: 0b5b861
Author: Min Chen <min.chen@citrix.com>
Authored: Fri Feb 7 15:56:03 2014 -0800
Committer: Min Chen <min.chen@citrix.com>
Committed: Fri Feb 7 15:56:03 2014 -0800

----------------------------------------------------------------------
 .../cloudstack/acl/RoleBasedEntityQuerySelector.java    | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/63e42d3c/services/iam/plugin/src/org/apache/cloudstack/acl/RoleBasedEntityQuerySelector.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/acl/RoleBasedEntityQuerySelector.java
b/services/iam/plugin/src/org/apache/cloudstack/acl/RoleBasedEntityQuerySelector.java
index 8ff81ed..7b8715f 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/acl/RoleBasedEntityQuerySelector.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/acl/RoleBasedEntityQuerySelector.java
@@ -50,7 +50,11 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements
QuerySe
             if (pp != null) {
                 for (AclPolicyPermission p : pp) {
                     if (p.getScopeId() != null) {
-                        domainIds.add(p.getScopeId());
+                        if (p.getScopeId().longValue() == -1) {
+                            domainIds.add(caller.getDomainId());
+                        } else {
+                            domainIds.add(p.getScopeId());
+                        }
                     }
                 }
             }
@@ -70,7 +74,11 @@ public class RoleBasedEntityQuerySelector extends AdapterBase implements
QuerySe
             if (pp != null) {
                 for (AclPolicyPermission p : pp) {
                     if (p.getScopeId() != null) {
-                        accountIds.add(p.getScopeId());
+                        if (p.getScopeId().longValue() == -1) {
+                            accountIds.add(caller.getId());
+                        } else {
+                            accountIds.add(p.getScopeId());
+                        }
                     }
                 }
             }


Mime
View raw message