bug 3386: final part of the enh for tagging zones with domains. We make the same check for childdomains as exist in the current code, to ensure the right domain permissions are enforced. By default, we will use the domainId passed by the user, if this is not passed, we will try to get the id from the dc. If it exists (private dc), if it doesn't then it is (public dc)

2010-10-21 14:24:34 -07:00 · 2010-10-21 14:24:34 -07:00 · 1c0c753342
parent fdd2b27e60
commit 1c0c753342
1 changed files with 18 additions and 5 deletions
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@ -1774,6 +1774,11 @@ public class ManagementServerImpl implements ManagementServer {
        Long sizeObj = cmd.getSize();
        long size = (sizeObj == null) ? 0 : sizeObj;

+        DataCenterVO dc = _dcDao.findById(dataCenterId);
+        if (dc == null) {
+            throw new InvalidParameterValueException("Unable to find zone: " + dataCenterId);
+        }
+                
        if ((ctxAccount == null) || isAdmin(ctxAccount.getType())) {
            if (domainId != null) {
                if ((ctxAccount != null) && !_domainDao.isChildDomain(ctxAccount.getDomainId(), domainId)) {
@ -1797,6 +1802,19 @@ public class ManagementServerImpl implements ManagementServer {
            throw new InvalidParameterValueException("No valid account specified for deploying a virtual machine.");
        }

+        if(domainId == null){
+        	domainId = dc.getDomainId(); //get the domain id from zone (private zone case)
+        	
+        	if(domainId == null){
+        		//do nothing (public zone case)
+        	}
+        	else{
+        		if(!_domainDao.isChildDomain(ctxAccount.getDomainId(), domainId)){
+        			throw new PermissionDeniedException("Failed to deploy VM, invalid domain id (" + domainId + ") given.");
+        		}
+        	}
+        }
+
        List<String> netGrpList = cmd.getNetworkGroupList();
        if ((netGrpList != null) && !netGrpList.isEmpty()) {
            networkGroups = netGrpList.toArray(new String[netGrpList.size()]);
@ -1807,11 +1825,6 @@ public class ManagementServerImpl implements ManagementServer {
            throw new InvalidParameterValueException("Unable to find account: " + accountId);
        }

-        DataCenterVO dc = _dcDao.findById(dataCenterId);
-        if (dc == null) {
-            throw new InvalidParameterValueException("Unable to find zone: " + dataCenterId);
-        }
-
        ServiceOfferingVO offering = _offeringsDao.findById(serviceOfferingId);
        if (offering == null) {
            throw new InvalidParameterValueException("Unable to find service offering: " + serviceOfferingId);