From 0ebce2024b7aeef7bb4426669efc558884c16462 Mon Sep 17 00:00:00 2001
From: nit <nitin@cloud.com>
Date: Thu, 2 Jun 2011 15:14:32 +0530
Subject: [PATCH] bug 9729 : Permission change - allow root admin to use
 anybody's private template. status 9729: resolved fixed

---
 api/src/com/cloud/api/BaseCmd.java          | 5 ++++-
 server/src/com/cloud/acl/DomainChecker.java | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/api/src/com/cloud/api/BaseCmd.java b/api/src/com/cloud/api/BaseCmd.java
index af72c02ee14..80f0dd1aa0c 100755
--- a/api/src/com/cloud/api/BaseCmd.java
+++ b/api/src/com/cloud/api/BaseCmd.java
@@ -549,5 +549,8 @@ public abstract class BaseCmd {
 	    		(accountType == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) ||
 	            (accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) ||
 	            (accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
-	}
+	}
+    public static boolean isRootAdmin(short accountType) {
+        return ((accountType == Account.ACCOUNT_TYPE_ADMIN));
+    }
 }
diff --git a/server/src/com/cloud/acl/DomainChecker.java b/server/src/com/cloud/acl/DomainChecker.java
index b0978fdf76b..058321aae47 100755
--- a/server/src/com/cloud/acl/DomainChecker.java
+++ b/server/src/com/cloud/acl/DomainChecker.java
@@ -82,7 +82,7 @@ public class DomainChecker extends AdapterBase implements SecurityChecker {
             // validate that the template is usable by the account
             if (!template.isPublicTemplate()) {
                 Account owner = _accountDao.findById(template.getAccountId());
-                if (BaseCmd.isAdmin(caller.getType()) || (owner.getId() == caller.getId())) {
+                if (BaseCmd.isRootAdmin(caller.getType()) || (owner.getId() == caller.getId())) {
                     return true;
                 }