cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sangeetha Hariharan (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-6429) IAM - As admin , When listAll=false is used to list all Vms under a subdomain , all Vms (even those that are not in this subdmain) are listed.
Date Wed, 16 Apr 2014 18:08:18 GMT
Sangeetha Hariharan created CLOUDSTACK-6429:
-----------------------------------------------

             Summary: IAM - As admin , When listAll=false is used to list all Vms under a
subdomain , all Vms (even those that are not in this subdmain) are listed.
                 Key: CLOUDSTACK-6429
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6429
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Management Server
    Affects Versions: 4.4.0
         Environment: Build from 4.4
            Reporter: Sangeetha Hariharan
            Priority: Critical
             Fix For: 4.4.0


IAM - As admin , When listAll=false is used to list all Vms under a subdomain , all Vms (even
those that are not in this subdmain) are listed.

Steps to reproduce the problem:
Set up:
Pre Reqs:
Admin - Creates object
Domain Admin for d1 - D1 - Creates object - d1
Domain Admin for d1 - D1/D11
User account for d1 - D1/D111 - Creates object - d111a
Domain Admin for d1 - D1/D12
Domain Admin for d2 - D2 - Creates object -d2
User Account in domain D1 - userD1-1 - Creates object -d1a
User Account in domain D1 - userD1-2 - Creates object - d1b
User Account in domain D1/D11 - userD1-a - Creates object - d11a
User Account in domain D1/D11 - userD1-a - Creates object - d11b
User Account in domain D1/D12- userD1-b - Creates object - d12a
User Account in domain D1/D12 - userD-a - Creates object - d12b

As ROOT admin , tried to list all the Vms for domain - d1/d11 , this results in all the Vms
(even those that are not in this subdmain) being listed.

All the following API calls as Admin when trying to list Vms from domain - d1/d11 , results
in 11 Vms which is all the Vms in the cluouds.

GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=7add6894-37ba-4b9a-bc43-12e49c3599c0&listAll=false&apiKey=oKz6XB3IKFtUTdw_0rYhGMk4AV0ih4AvpPKCcD-KO51d6qYpyPXLPOjoHp5V02-J-pwnci7khJvhV0c4XDP8ag&signature=1S3PA2HyPP70jnv5FiKSp%2FXfqw4%3D
\n\n

GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=7add6894-37ba-4b9a-bc43-12e49c3599c0&listAll=false&isrecursive=false&apiKey=oKz6XB3IKFtUTdw_0rYhGMk4AV0ih4AvpPKCcD-KO51d6qYpyPXLPOjoHp5V02-J-pwnci7khJvhV0c4XDP8ag&signature=FtoJ8isO896ZkqLJH5YzVjodFdg%3D
\n\n

GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=7add6894-37ba-4b9a-bc43-12e49c3599c0&listAll=false&isrecursive=true&apiKey=oKz6XB3IKFtUTdw_0rYhGMk4AV0ih4AvpPKCcD-KO51d6qYpyPXLPOjoHp5V02-J-pwnci7khJvhV0c4XDP8ag&signature=4HHrtJo1Cx3yqjdIHUFi43kqZ3E%3D
\n\n

GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=7add6894-37ba-4b9a-bc43-12e49c3599c0&isrecursive=false&apiKey=oKz6XB3IKFtUTdw_0rYhGMk4AV0ih4AvpPKCcD-KO51d6qYpyPXLPOjoHp5V02-J-pwnci7khJvhV0c4XDP8ag&signature=A6kJuc9XDIp6f9Ha8Bp9Ig3Xigg%3D
\n\n

GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=7add6894-37ba-4b9a-bc43-12e49c3599c0&isrecursive=true&apiKey=oKz6XB3IKFtUTdw_0rYhGMk4AV0ih4AvpPKCcD-KO51d6qYpyPXLPOjoHp5V02-J-pwnci7khJvhV0c4XDP8ag&signature=S04gwOtMs0%2F00CV4I1Q7pbCCC08%3D
\n\n






--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message