From 81117f325d87c97f0a160df692cc7c496ba3d9ba Mon Sep 17 00:00:00 2001
From: alena <alena@cloud.com>
Date: Mon, 20 Jun 2011 11:22:23 -0700
Subject: [PATCH] bug 9743: respect id/accountName/domainId parameters when
 call is executed by the regular user status 9743: resolved fixed

---
 .../cloud/server/ManagementServerImpl.java    | 43 ++++++++++++-------
 1 file changed, 27 insertions(+), 16 deletions(-)

diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java
index 04c53d278d5..a14c5fbcef8 100755
--- a/server/src/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/com/cloud/server/ManagementServerImpl.java
@@ -1779,27 +1779,38 @@ public class ManagementServerImpl implements ManagementServer {
             List<AccountVO> emptyList = new ArrayList<AccountVO>();
             return emptyList;
         }
+        
+        if (accountId != null) {
+            Account account = _accountDao.findById(accountId);
+            if (account == null) {
+                throw new InvalidParameterValueException("Unable to find account by id " + accountId);
+            }
+
+            _accountMgr.checkAccess(caller, account);
+        }
+        
+        if (domainId != null) {
+            Domain domain = _domainDao.findById(domainId);
+            if (domain == null) {
+                throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
+            }
+            _accountMgr.checkAccess(caller, domain);
+
+            if (accountName != null) {
+                Account account = _accountDao.findActiveAccount(accountName, domainId);
+                if (account == null) {
+                    throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
+                }
+
+                _accountMgr.checkAccess(caller, account);
+            }
+        }
 
         if (isAdmin(caller.getType())) {
             if (domainId == null) {
                 domainId = caller.getDomainId();
                 isRecursive = true;
-            } else {
-                Domain domain = _domainDao.findById(domainId);
-                if (domain == null) {
-                    throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist");
-                }
-                _accountMgr.checkAccess(caller, domain);
-
-                if (accountName != null) {
-                    Account account = _accountDao.findActiveAccount(accountName, domainId);
-                    if (account == null) {
-                        throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain " + domainId);
-                    }
-
-                    _accountMgr.checkAccess(caller, account);
-                }
-            }
+            } 
         } else {
             // regular user is constraint to only his account
             accountId = caller.getId();