From 7a5efcc2e8abf17d4d57d2cf889097f6b1960800 Mon Sep 17 00:00:00 2001 From: Alena Prokharchyk Date: Fri, 13 Jul 2012 15:56:51 -0700 Subject: [PATCH] CS-15579 - perform check when account/domainId is passed to list call by the regular user --- server/src/com/cloud/user/AccountManagerImpl.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index 2338f05adca..e66b886839d 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -2146,7 +2146,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag } @Override - public void buildACLSearchParameters(Account caller, Long id, String accountName, Long projectId, List permittedAccounts, Ternary domainIdRecursiveListProject, + public void buildACLSearchParameters(Account caller, Long id, String accountName, Long projectId, List + permittedAccounts, Ternary domainIdRecursiveListProject, boolean listAll, boolean forProjectInvitation) { Long domainId = domainIdRecursiveListProject.first(); @@ -2172,6 +2173,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag } if (userAccount != null) { + checkAccess(caller, null, false, userAccount); + //check permissions permittedAccounts.add(userAccount.getId()); } else { throw new InvalidParameterValueException("could not find account " + accountName + " in domain " + domainId);