CS-15167. AWS API calls do not honor the "admin" accounts ability to view

the resources(VirtualMachines and SecurityGroups) owned by regular users. Component: AWSAPI. reviewed-by: Prachi
2012-06-27 16:00:29 +05:30 · 2012-06-27 16:00:29 +05:30 · 44079c7180
parent c237e0a960
commit 44079c7180
3 changed files with 10 additions and 8 deletions
--- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
+++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
@ -870,7 +870,7 @@ public class EC2Engine {
 	public boolean associateAddress( EC2AssociateAddress request ) {
 		try {
 			CloudStackIpAddress cloudIp = getApi().listPublicIpAddresses(null, null, null, null, null, request.getPublicIp(), null, null, null).get(0);
-			CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0);
+	        CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, true, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0);

 			CloudStackInfoResponse resp = getApi().enableStaticNat(cloudIp.getId(), cloudVm.getId());
 			if (resp != null) {
@ -1857,7 +1857,7 @@ public class EC2Engine {
 			throws Exception {

 		String instId = instanceId != null ? instanceId : null;
-		List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, null, null, null, null, 
+        List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, true, null, null, null, null, 
 				instId, null, null, null, null, null, null, null, null);
 		
 		if(vms != null && vms.size() > 0) {
@ -1985,8 +1985,8 @@ public class EC2Engine {
 	public EC2DescribeSecurityGroupsResponse listSecurityGroups( String[] interestedGroups ) throws Exception {
 		try {
 			EC2DescribeSecurityGroupsResponse groupSet = new EC2DescribeSecurityGroupsResponse();
-			
-			List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, null, null, null);
+
+            List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, true, null, null, null);
 			if (groups != null && groups.size() > 0)
    			for (CloudStackSecurityGroup group : groups) {
    				boolean matched = false;
--- a/awsapi/src/com/cloud/stack/CloudStackApi.java
+++ b/awsapi/src/com/cloud/stack/CloudStackApi.java
@ -312,13 +312,14 @@ public class CloudStackApi {
 	 * @return
 	 * @throws Exception
 	 */
-	public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean forVirtualNetwork, String groupId, String hostId, 
+    public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean listAll, Boolean forVirtualNetwork, String groupId, String hostId, 
 			String hypervisor, String id, Boolean isRecursive, String keyWord, String name, String networkId, String podId, String state, String storageId, 
 			String zoneId) throws Exception {
 		CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_VIRTUAL_MACHINES);
 		if (cmd != null) {
 			if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
 			if (accountId != null) cmd.setParam(ApiConstants.ACCOUNT_ID, accountId);
+            if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
 			if (forVirtualNetwork != null) cmd.setParam(ApiConstants.FOR_VIRTUAL_NETWORK, forVirtualNetwork.toString());
 			if (groupId != null) cmd.setParam(ApiConstants.GROUP_ID, groupId);
 			if (hostId != null) cmd.setParam(ApiConstants.HOST_ID, hostId);
@ -1162,13 +1163,14 @@ public class CloudStackApi {
 	 * @return
 	 * @throws Exception
 	 */
-	public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, String keyWord, String securityGroupName, 
-			String virtualMachineId) throws Exception {
+    public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, Boolean listAll, String keyWord, 
+            String securityGroupName, String virtualMachineId) throws Exception {
 		CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_SECURITY_GROUPS);
 		if (cmd != null) { 
 			if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
 			if (domainId != null) cmd.setParam(ApiConstants.DOMAIN_ID, domainId);
 			if (id != null) cmd.setParam(ApiConstants.ID, id);
+            if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
 			if (keyWord != null) cmd.setParam(ApiConstants.KEYWORD, keyWord);
 			if (securityGroupName != null) cmd.setParam(ApiConstants.SECURITY_GROUP_NAME, securityGroupName);
 			if (virtualMachineId != null) cmd.setParam(ApiConstants.VIRTUAL_MACHINE_ID, virtualMachineId);
--- a/awsapi/src/com/cloud/stack/models/ApiConstants.java
+++ b/awsapi/src/com/cloud/stack/models/ApiConstants.java
@ -513,4 +513,4 @@ public class ApiConstants {
 	public static final String ZONE_ID = "zoneid";
 	public static final String ZONE_NAME = "zonename";
 	public static final String ZONE_TOKEN = "zonetoken";	
-}
+}