CLOUDSTACK-7129: Non-admin user can use deleteNetwork with shared

networks fix ensures only admin users can delete shared network (cherry picked from commit 2f293f42d5)
2014-07-18 17:51:02 +05:30 · 2014-07-18 17:51:02 +05:30 · de85c4d555
parent b2efdf20c0
commit de85c4d555
1 changed files with 5 additions and 0 deletions
--- a/server/src/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/com/cloud/network/NetworkServiceImpl.java
@ -1837,6 +1837,11 @@ public class NetworkServiceImpl extends ManagerBase implements  NetworkService {

        Account owner = _accountMgr.getAccount(network.getAccountId());

+        // Only Admin can delete Shared networks
+        if (network.getGuestType() == GuestType.Shared && !_accountMgr.isAdmin(caller.getId())) {
+            throw new InvalidParameterValueException("Only Admins can delete network with guest type " + GuestType.Shared);
+        }
+
        // Perform permission check
        _accountMgr.checkAccess(caller, null, true, network);