etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-4987: when addNic to vm, don't make account check if the vm belongs to ROOT admin

This commit is contained in:
Alena Prokharchyk 2014-01-16 10:58:40 -08:00
parent da8ee45a24
commit aa6dddc778
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -965,10 +965,15 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
if (network == null) {
throw new InvalidParameterValueException("unable to find a network with id " + networkId);
}
if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
&& !(network.getAclType() == ACLType.Account && network.getAccountId() == vmInstance.getAccountId())) {
throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vmId: " + vmId);
Account vmOwner = _accountMgr.getAccount(vmInstance.getAccountId());
if (vmOwner.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
&& !(network.getAclType() == ACLType.Account && network.getAccountId() == vmInstance.getAccountId())) {
throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vmId: " + vmId);
}
}
List<NicVO> allNics = _nicDao.listByVmId(vmInstance.getId());
for (NicVO nic : allNics) {
if (nic.getNetworkId() == network.getId())
@ -2632,10 +2637,15 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir
if (network.getDataCenterId() != zone.getId()) {
throw new InvalidParameterValueException("Network id=" + network.getId() + " doesn't belong to zone " + zone.getId());
}
if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
&& !(network.getAclType() == ACLType.Account && network.getAccountId() == accountId)) {
throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vm");
Account vmOwner = _accountMgr.getAccount(accountId);
if (vmOwner.getType() != Account.ACCOUNT_TYPE_ADMIN) {
if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain)
&& !(network.getAclType() == ACLType.Account && network.getAccountId() == accountId)) {
throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vm");
}
}
IpAddresses requestedIpPair = null;
if (requestedIps != null && !requestedIps.isEmpty()) {
requestedIpPair = requestedIps.get(network.getId());