etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-6474: IAM - Not able to list shared networks that is created with scope="all" 

Changes:
- On startup the root domain group should be created
- Also the SYSTEM and Root Admin accounts should be added to that group
- This will make sure that the root domain shared network's policy gets attached to the root domain group
This commit is contained in:
Prachi Damle 2014-04-22 18:18:44 -07:00 committed by Daan Hoogland
parent 4ae75b426b
commit 52f40433b9
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
services/iam/plugin/src/org/apache/cloudstack/iam/IAMApiServiceImpl.java
View File

@ -352,6 +352,21 @@ public class IAMApiServiceImpl extends ManagerBase implements IAMApiService, Man
sysAccts.add(Account.ACCOUNT_ID_SYSTEM);
sysAccts.add(Account.ACCOUNT_ID_SYSTEM + 1);
_iamSrv.addAccountsToGroup(sysAccts, new Long(Account.ACCOUNT_TYPE_ADMIN + 1));
// add the root domain group
Domain domain = _domainDao.findById(Domain.ROOT_DOMAIN);
if (domain != null) {
List<IAMGroup> domainGroups = listDomainGroup(domain);
if (domainGroups != null && !domainGroups.isEmpty()) {
return;
}
IAMGroup rootDomainGrp = _iamSrv.createIAMGroup("DomainGrp-" + domain.getUuid(), "Root Domain group",
domain.getPath());
// add the system accounts to the root domain group
_iamSrv.addAccountsToGroup(sysAccts, rootDomainGrp.getId());
}
}
private void addDomainWideResourceAccess(Map<String, Object> params) {