From 1c0c753342a2df2de1ee1ed99f239bababb96ed9 Mon Sep 17 00:00:00 2001
From: root <root@aj-laptop.(none)>
Date: Thu, 21 Oct 2010 14:24:34 -0700
Subject: [PATCH] bug 3386: final part of the enh for tagging zones with
 domains. We make the same check for childdomains as exist in the current
 code, to ensure the right domain permissions are enforced. By default, we
 will use the domainId passed by the user, if this is not passed, we will try
 to get the id from the dc. If it exists (private dc), if it doesn't then it
 is (public dc)

---
 .../cloud/server/ManagementServerImpl.java    | 23 +++++++++++++++----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 83f3aadfc83..b73c345143b 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -1774,6 +1774,11 @@ public class ManagementServerImpl implements ManagementServer {
         Long sizeObj = cmd.getSize();
         long size = (sizeObj == null) ? 0 : sizeObj;
 
+        DataCenterVO dc = _dcDao.findById(dataCenterId);
+        if (dc == null) {
+            throw new InvalidParameterValueException("Unable to find zone: " + dataCenterId);
+        }
+                
         if ((ctxAccount == null) || isAdmin(ctxAccount.getType())) {
             if (domainId != null) {
                 if ((ctxAccount != null) && !_domainDao.isChildDomain(ctxAccount.getDomainId(), domainId)) {
@@ -1797,6 +1802,19 @@ public class ManagementServerImpl implements ManagementServer {
             throw new InvalidParameterValueException("No valid account specified for deploying a virtual machine.");
         }
 
+        if(domainId == null){
+        	domainId = dc.getDomainId(); //get the domain id from zone (private zone case)
+        	
+        	if(domainId == null){
+        		//do nothing (public zone case)
+        	}
+        	else{
+        		if(!_domainDao.isChildDomain(ctxAccount.getDomainId(), domainId)){
+        			throw new PermissionDeniedException("Failed to deploy VM, invalid domain id (" + domainId + ") given.");
+        		}
+        	}
+        }
+
         List<String> netGrpList = cmd.getNetworkGroupList();
         if ((netGrpList != null) && !netGrpList.isEmpty()) {
             networkGroups = netGrpList.toArray(new String[netGrpList.size()]);
@@ -1807,11 +1825,6 @@ public class ManagementServerImpl implements ManagementServer {
             throw new InvalidParameterValueException("Unable to find account: " + accountId);
         }
 
-        DataCenterVO dc = _dcDao.findById(dataCenterId);
-        if (dc == null) {
-            throw new InvalidParameterValueException("Unable to find zone: " + dataCenterId);
-        }
-
         ServiceOfferingVO offering = _offeringsDao.findById(serviceOfferingId);
         if (offering == null) {
             throw new InvalidParameterValueException("Unable to find service offering: " + serviceOfferingId);