git commit: updated refs/heads/master to 6895251

Mon, 14 Oct 2013 17:03:43 -0700 

Updated Branches:
  refs/heads/master aad1cda7e -> 68952514c


CLOUDSTACK-4862:Admin cannot delete shared network scoped to user
account.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/68952514
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/68952514
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/68952514

Branch: refs/heads/master
Commit: 68952514ce4d9af3bed0473b41bad83aa7eed62a
Parents: aad1cda
Author: Min Chen <min.c...@citrix.com>
Authored: Mon Oct 14 16:32:13 2013 -0700
Committer: Min Chen <min.c...@citrix.com>
Committed: Mon Oct 14 16:37:38 2013 -0700

----------------------------------------------------------------------
 server/src/com/cloud/network/element/VirtualRouterElement.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/68952514/server/src/com/cloud/network/element/VirtualRouterElement.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java 
b/server/src/com/cloud/network/element/VirtualRouterElement.java
index 0cd3bcf..eb53db6 100755
--- a/server/src/com/cloud/network/element/VirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VirtualRouterElement.java
@@ -78,6 +78,7 @@ import com.cloud.network.rules.StaticNat;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offerings.NetworkOfferingVO;
 import com.cloud.offerings.dao.NetworkOfferingDao;
+import com.cloud.user.Account;
 import com.cloud.user.AccountManager;
 import com.cloud.utils.Pair;
 import com.cloud.utils.component.AdapterBase;
@@ -662,8 +663,11 @@ public class VirtualRouterElement extends AdapterBase 
implements VirtualRouterEl
             return true;
         }
         boolean result = true;
+        // NOTE that we need to pass caller account to destroyRouter, 
otherwise it will fail permission check there. Context passed in from 
deleteNetwork is the network account, 
+        // not caller account
+        Account callerAccount = 
_accountMgr.getAccount(context.getCaller().getAccountId());        
         for (DomainRouterVO router : routers) {
-            result = result && (_routerMgr.destroyRouter(router.getId(), 
context.getAccount(), context.getCaller().getId()) != null);
+            result = result && (_routerMgr.destroyRouter(router.getId(), 
callerAccount, context.getCaller().getId()) != null);
         }
         return result;
     }

Reply via email to