cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sangeetha Hariharan (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (CLOUDSTACK-1688) AWS Regions - Domain admin user is not able to use getUser() command to fetch user details.
Date Fri, 22 Mar 2013 22:35:15 GMT

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-1688?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sangeetha Hariharan closed CLOUDSTACK-1688.
-------------------------------------------


Closing this issue as per the comments from Kishan.
                
> AWS Regions - Domain admin user is not able to use getUser() command to fetch user details.
> -------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1688
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1688
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.1.0
>         Environment: Build from 4.1
>            Reporter: Sangeetha Hariharan
>            Assignee: Kishan Kavala
>             Fix For: 4.1.0
>
>
> AWS Regions - Domain admin user is not able to use getUser() command to fetch user details.
> As domain admin user , try to execute getUser() API call for a regular user who belongs
to this domain. 
> Api returnd error:
> http://10.223.131.202:8080/client/api?command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggzkMet5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ
> { "errorresponse" : {"errorcode":432,"cserrorcode":9999,"errortext":"The given command
does not exist or it is not available for user"} }
> management-server.logs
> 2013-03-14 17:16:56,812 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null) ===START===
 10.217.252.128 -- GET  command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggz
> kMet5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ
> 2013-03-14 17:16:56,815 DEBUG [cloud.api.ApiServer] (catalina-exec-24:null) The given
command:getUser does not exist or it is not available for user with id:22
> 2013-03-14 17:16:56,815 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null) ===END===
 10.217.252.128 -- GET  command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggzkM
> et5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ
> mysql> select * from user where id=22;
> +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
> | id | uuid                                 | username   | password                 
       | account_id | firstname  | lastname   | email              | state   | api_key | secret_key
| created             | removed | timezone            | registration_token | is_registered
| incorrect_login_attempts | region_id |
> +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
> | 22 | 73ea9221-6d3a-4fca-af57-9030c2f99865 | dom-admin1 | 9cab41a7d2013e5b00c774de073fbe13
|         13 | dom-admin1 | dom-admin1 | dom-admin1@abc.com | enabled | NULL    | NULL   
   | 2013-03-15 00:05:00 | NULL    | America/Los_Angeles | NULL               |          
  0 |                        0 |         1 |
> +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+
> 1 row in set (0.00 sec)
> mysql> select * from account where id=13;
> +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+
> | id | account_name | uuid                                 | type | domain_id | state
  | removed | cleanup_needed | network_domain | default_zone_id | region_id |
> +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+
> | 13 | dom-admin1   | ea65cc60-fc1a-4873-a379-1946ea31b4b9 |    2 |         2 | enabled
| NULL    |              0 | NULL           |            NULL |         1 |
> +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+
> 1 row in set (0.00 sec)
> Expected Behavior:
> As domain user , i am allowed to view all the user details of regular users under this
doamin. This would mean I should be able to use getUser() command to fetch user details as
well.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message