From 44079c71804a5d7353352936a90a93249d4d0162 Mon Sep 17 00:00:00 2001 From: Likitha Shetty Date: Wed, 27 Jun 2012 16:00:29 +0530 Subject: [PATCH] CS-15167. AWS API calls do not honor the "admin" accounts ability to view the resources(VirtualMachines and SecurityGroups) owned by regular users. Component: AWSAPI. reviewed-by: Prachi --- .../src/com/cloud/bridge/service/core/ec2/EC2Engine.java | 8 ++++---- awsapi/src/com/cloud/stack/CloudStackApi.java | 8 +++++--- awsapi/src/com/cloud/stack/models/ApiConstants.java | 2 +- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java index df869561293..3c17618f131 100644 --- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java +++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java @@ -870,7 +870,7 @@ public class EC2Engine { public boolean associateAddress( EC2AssociateAddress request ) { try { CloudStackIpAddress cloudIp = getApi().listPublicIpAddresses(null, null, null, null, null, request.getPublicIp(), null, null, null).get(0); - CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0); + CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, true, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0); CloudStackInfoResponse resp = getApi().enableStaticNat(cloudIp.getId(), cloudVm.getId()); if (resp != null) { @@ -1857,7 +1857,7 @@ public class EC2Engine { throws Exception { String instId = instanceId != null ? instanceId : null; - List vms = getApi().listVirtualMachines(null, null, null, null, null, null, + List vms = getApi().listVirtualMachines(null, null, true, null, null, null, null, instId, null, null, null, null, null, null, null, null); if(vms != null && vms.size() > 0) { @@ -1985,8 +1985,8 @@ public class EC2Engine { public EC2DescribeSecurityGroupsResponse listSecurityGroups( String[] interestedGroups ) throws Exception { try { EC2DescribeSecurityGroupsResponse groupSet = new EC2DescribeSecurityGroupsResponse(); - - List groups = getApi().listSecurityGroups(null, null, null, null, null, null); + + List groups = getApi().listSecurityGroups(null, null, null, true, null, null, null); if (groups != null && groups.size() > 0) for (CloudStackSecurityGroup group : groups) { boolean matched = false; diff --git a/awsapi/src/com/cloud/stack/CloudStackApi.java b/awsapi/src/com/cloud/stack/CloudStackApi.java index 14dfe747392..16f6c49ccd0 100644 --- a/awsapi/src/com/cloud/stack/CloudStackApi.java +++ b/awsapi/src/com/cloud/stack/CloudStackApi.java @@ -312,13 +312,14 @@ public class CloudStackApi { * @return * @throws Exception */ - public List listVirtualMachines(String account, String accountId, Boolean forVirtualNetwork, String groupId, String hostId, + public List listVirtualMachines(String account, String accountId, Boolean listAll, Boolean forVirtualNetwork, String groupId, String hostId, String hypervisor, String id, Boolean isRecursive, String keyWord, String name, String networkId, String podId, String state, String storageId, String zoneId) throws Exception { CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_VIRTUAL_MACHINES); if (cmd != null) { if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account); if (accountId != null) cmd.setParam(ApiConstants.ACCOUNT_ID, accountId); + if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString()); if (forVirtualNetwork != null) cmd.setParam(ApiConstants.FOR_VIRTUAL_NETWORK, forVirtualNetwork.toString()); if (groupId != null) cmd.setParam(ApiConstants.GROUP_ID, groupId); if (hostId != null) cmd.setParam(ApiConstants.HOST_ID, hostId); @@ -1162,13 +1163,14 @@ public class CloudStackApi { * @return * @throws Exception */ - public List listSecurityGroups(String account, String domainId, String id, String keyWord, String securityGroupName, - String virtualMachineId) throws Exception { + public List listSecurityGroups(String account, String domainId, String id, Boolean listAll, String keyWord, + String securityGroupName, String virtualMachineId) throws Exception { CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_SECURITY_GROUPS); if (cmd != null) { if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account); if (domainId != null) cmd.setParam(ApiConstants.DOMAIN_ID, domainId); if (id != null) cmd.setParam(ApiConstants.ID, id); + if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString()); if (keyWord != null) cmd.setParam(ApiConstants.KEYWORD, keyWord); if (securityGroupName != null) cmd.setParam(ApiConstants.SECURITY_GROUP_NAME, securityGroupName); if (virtualMachineId != null) cmd.setParam(ApiConstants.VIRTUAL_MACHINE_ID, virtualMachineId); diff --git a/awsapi/src/com/cloud/stack/models/ApiConstants.java b/awsapi/src/com/cloud/stack/models/ApiConstants.java index 059165224d7..127a7fe7c08 100644 --- a/awsapi/src/com/cloud/stack/models/ApiConstants.java +++ b/awsapi/src/com/cloud/stack/models/ApiConstants.java @@ -513,4 +513,4 @@ public class ApiConstants { public static final String ZONE_ID = "zoneid"; public static final String ZONE_NAME = "zonename"; public static final String ZONE_TOKEN = "zonetoken"; -} \ No newline at end of file +}