Return-Path: X-Original-To: apmail-incubator-cloudstack-issues-archive@minotaur.apache.org Delivered-To: apmail-incubator-cloudstack-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 919C1C55A for ; Fri, 15 Mar 2013 00:30:13 +0000 (UTC) Received: (qmail 84585 invoked by uid 500); 15 Mar 2013 00:30:13 -0000 Delivered-To: apmail-incubator-cloudstack-issues-archive@incubator.apache.org Received: (qmail 84550 invoked by uid 500); 15 Mar 2013 00:30:13 -0000 Mailing-List: contact cloudstack-issues-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: cloudstack-dev@incubator.apache.org Delivered-To: mailing list cloudstack-issues@incubator.apache.org Received: (qmail 84416 invoked by uid 99); 15 Mar 2013 00:30:13 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Mar 2013 00:30:13 +0000 Date: Fri, 15 Mar 2013 00:30:12 +0000 (UTC) From: "Sangeetha Hariharan (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Created] (CLOUDSTACK-1688) AWS Regions - Domain admin user is not able to use getUser() command to fetch user details. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 Sangeetha Hariharan created CLOUDSTACK-1688: ----------------------------------------------- Summary: AWS Regions - Domain admin user is not able to use getUser() command to fetch user details. Key: CLOUDSTACK-1688 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1688 Project: CloudStack Issue Type: Bug Security Level: Public (Anyone can view this level - this is the default.) Components: Management Server Affects Versions: 4.1.0 Environment: Build from 4.1 Reporter: Sangeetha Hariharan Fix For: 4.1.0 AWS Regions - Domain admin user is not able to use getUser() command to fetch user details. As domain admin user , try to execute getUser() API call for a regular user who belongs to this domain. Api returnd error: http://10.223.131.202:8080/client/api?command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggzkMet5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ { "errorresponse" : {"errorcode":432,"cserrorcode":9999,"errortext":"The given command does not exist or it is not available for user"} } management-server.logs 2013-03-14 17:16:56,812 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null) ===START=== 10.217.252.128 -- GET command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggz kMet5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ 2013-03-14 17:16:56,815 DEBUG [cloud.api.ApiServer] (catalina-exec-24:null) The given command:getUser does not exist or it is not available for user with id:22 2013-03-14 17:16:56,815 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null) ===END=== 10.217.252.128 -- GET command=getUser&response=json&sessionkey=Y3XVal5FZOFZobsJggzkM et5rT0%3D&userapikey=2Ffgfp460CozE0yojXXQd3gbLozpWqjz9C_Kr3A-Vnu5bZaeUUGGLOp7tL9rsBIA6NLNaKSp63zvl31e7Q_aQ mysql> select * from user where id=22; +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+ | id | uuid | username | password | account_id | firstname | lastname | email | state | api_key | secret_key | created | removed | timezone | registration_token | is_registered | incorrect_login_attempts | region_id | +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+ | 22 | 73ea9221-6d3a-4fca-af57-9030c2f99865 | dom-admin1 | 9cab41a7d2013e5b00c774de073fbe13 | 13 | dom-admin1 | dom-admin1 | dom-admin1@abc.com | enabled | NULL | NULL | 2013-03-15 00:05:00 | NULL | America/Los_Angeles | NULL | 0 | 0 | 1 | +----+--------------------------------------+------------+----------------------------------+------------+------------+------------+--------------------+---------+---------+------------+---------------------+---------+---------------------+--------------------+---------------+--------------------------+-----------+ 1 row in set (0.00 sec) mysql> select * from account where id=13; +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+ | id | account_name | uuid | type | domain_id | state | removed | cleanup_needed | network_domain | default_zone_id | region_id | +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+ | 13 | dom-admin1 | ea65cc60-fc1a-4873-a379-1946ea31b4b9 | 2 | 2 | enabled | NULL | 0 | NULL | NULL | 1 | +----+--------------+--------------------------------------+------+-----------+---------+---------+----------------+----------------+-----------------+-----------+ 1 row in set (0.00 sec) Expected Behavior: As domain user , i am allowed to view all the user details of regular users under this doamin. This would mean I should be able to use getUser() command to fetch user details as well. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira