bug 14295: allow regular user to create network with the custom cidr

status 14295: resolved fixed
2012-03-14 10:45:54 -07:00 · 2012-03-14 10:45:54 -07:00 · d5e95fa407
parent 97d797e55c
commit d5e95fa407
1 changed files with 18 additions and 18 deletions
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@ -2149,8 +2149,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
        Boolean subdomainAccess = cmd.getSubdomainAccess();

        // Validate network offering
-        NetworkOfferingVO networkOffering = _networkOfferingDao.findById(networkOfferingId);
-        if (networkOffering == null || networkOffering.isSystemOnly()) {
+        NetworkOfferingVO ntwkOff = _networkOfferingDao.findById(networkOfferingId);
+        if (ntwkOff == null || ntwkOff.isSystemOnly()) {
            throw new InvalidParameterValueException("Unable to find network offeirng by id " + networkOfferingId);
        }
        // validate physical network and zone
@ -2183,25 +2183,25 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
                throw new InvalidParameterValueException("Incorrect aclType specified. Check the API documentation for supported types");
            }
            // In 3.0 all Shared networks should have aclType == Domain, all Isolated networks aclType==Account
-            if (networkOffering.getGuestType() == GuestType.Isolated) {
+            if (ntwkOff.getGuestType() == GuestType.Isolated) {
                if (aclType != ACLType.Account) {
                    throw new InvalidParameterValueException("AclType should be " + ACLType.Account + " for network of type " + Network.GuestType.Isolated);
                }
-            } else if (networkOffering.getGuestType() == GuestType.Shared) {
+            } else if (ntwkOff.getGuestType() == GuestType.Shared) {
                if (!(aclType == ACLType.Domain || aclType == ACLType.Account)) {
                    throw new InvalidParameterValueException("AclType should be " + ACLType.Domain + " or " + ACLType.Account + " for network of type " + Network.GuestType.Shared);
                }
            }
        } else {
-            if (networkOffering.getGuestType() == GuestType.Isolated) {
+            if (ntwkOff.getGuestType() == GuestType.Isolated) {
                aclType = ACLType.Account;
-            } else if (networkOffering.getGuestType() == GuestType.Shared) {
+            } else if (ntwkOff.getGuestType() == GuestType.Shared) {
                aclType = ACLType.Domain;
            }
        }

        // Only Admin can create Shared networks
-        if (networkOffering.getGuestType() == GuestType.Shared && !_accountMgr.isAdmin(caller.getType())) {
+        if (ntwkOff.getGuestType() == GuestType.Shared && !_accountMgr.isAdmin(caller.getType())) {
            throw new InvalidParameterValueException("Only Admins can create network with guest type " + GuestType.Shared);
        }

@ -2213,12 +2213,12 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
            }

            // only shared networks can be Domain specific
-            if (networkOffering.getGuestType() != GuestType.Shared) {
+            if (ntwkOff.getGuestType() != GuestType.Shared) {
                throw new InvalidParameterValueException("Only " + GuestType.Shared + " networks can have aclType=" + ACLType.Domain);
            }

            if (domainId != null) {
-                if (networkOffering.getTrafficType() != TrafficType.Guest || networkOffering.getGuestType() != Network.GuestType.Shared) {
+                if (ntwkOff.getTrafficType() != TrafficType.Guest || ntwkOff.getGuestType() != Network.GuestType.Shared) {
                    throw new InvalidParameterValueException("Domain level networks are supported just for traffic type " + TrafficType.Guest + " and guest type " + Network.GuestType.Shared);
                }

@ -2275,15 +2275,15 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag

        // Regular user can create Guest Isolated Source Nat enabled network only
        if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL
-                && (networkOffering.getTrafficType() != TrafficType.Guest || networkOffering.getGuestType() != Network.GuestType.Isolated
-                        && areServicesSupportedByNetworkOffering(networkOffering.getId(), Service.SourceNat))) {
+                && (ntwkOff.getTrafficType() != TrafficType.Guest || ntwkOff.getGuestType() != Network.GuestType.Isolated
+                        && areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat))) {
            throw new InvalidParameterValueException("Regular user can create a network only from the network offering having traffic type " + TrafficType.Guest + " and network type "
                    + Network.GuestType.Isolated + " with a service " + Service.SourceNat.getName() + " enabled");
        }

-        // Don't allow to specify cidr if the caller is a regular user
-        if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL && (cidr != null || vlanId != null)) {
-            throw new InvalidParameterValueException("Regular user is not allowed to specify gateway/netmask/ipRange/vlanId");
+        // Don't allow to specify vlan if the caller is a regular user
+        if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL && (ntwkOff.getSpecifyVlan() || vlanId != null)) {
+            throw new InvalidParameterValueException("Regular user is not allowed to specify vlanId");
        }

        // For non-root admins check cidr limit - if it's allowed by global config value
@ -2308,12 +2308,12 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
        // 1) GuestType is Shared
        // 2) GuestType is Isolated, but SourceNat service is disabled
        boolean createVlan = (startIP != null && endIP != null && zone.getNetworkType() == NetworkType.Advanced
-                && ((networkOffering.getGuestType() == Network.GuestType.Shared)
-                || (networkOffering.getGuestType() == GuestType.Isolated && !areServicesSupportedByNetworkOffering(networkOffering.getId(), Service.SourceNat))));
+                && ((ntwkOff.getGuestType() == Network.GuestType.Shared)
+                || (ntwkOff.getGuestType() == GuestType.Isolated && !areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat))));

        // Can add vlan range only to the network which allows it
-        if (createVlan && !networkOffering.getSpecifyIpRanges()) {
-            throw new InvalidParameterValueException("Network offering " + networkOffering + " doesn't support adding multiple ip ranges");
+        if (createVlan && !ntwkOff.getSpecifyIpRanges()) {
+            throw new InvalidParameterValueException("Network offering " + ntwkOff + " doesn't support adding multiple ip ranges");
        }

        Transaction txn = Transaction.currentTxn();