Handle special scopeId = -1 case for current domain or current account

in AclPolicyPermission table.
This commit is contained in:
Min Chen 2013-12-16 10:08:28 -08:00
parent 3f092d14cc
commit 841dcb0e8e
1 changed files with 11 additions and 0 deletions

View File

@ -28,7 +28,9 @@ import javax.persistence.Id;
import javax.persistence.Table;
import org.apache.cloudstack.acl.SecurityChecker.AccessType;
import org.apache.cloudstack.context.CallContext;
import com.cloud.user.Account;
import com.cloud.utils.db.GenericDao;
@Entity
@ -137,6 +139,15 @@ public class AclPolicyPermissionVO implements AclPolicyPermission {
@Override
public Long getScopeId() {
// handle special -1 scopeId, current caller domain, account
if ( scopeId < 0 ){
Account caller = CallContext.current().getCallingAccount();
if ( scope == PermissionScope.DOMAIN){
return caller.getDomainId();
} else if (scope == PermissionScope.ACCOUNT) {
return caller.getAccountId();
}
}
return scopeId;
}