Updated Branches: refs/heads/master da8ee45a2 -> aa6dddc77
CLOUDSTACK-4987: when addNic to vm, don't make account check if the vm belongs to ROOT admin Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/aa6dddc7 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/aa6dddc7 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/aa6dddc7 Branch: refs/heads/master Commit: aa6dddc778ae693d57affa90404d1b75f2a0b1f0 Parents: da8ee45 Author: Alena Prokharchyk <alena.prokharc...@citrix.com> Authored: Thu Jan 16 10:58:40 2014 -0800 Committer: Alena Prokharchyk <alena.prokharc...@citrix.com> Committed: Thu Jan 16 10:59:38 2014 -0800 ---------------------------------------------------------------------- server/src/com/cloud/vm/UserVmManagerImpl.java | 22 +++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/aa6dddc7/server/src/com/cloud/vm/UserVmManagerImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java index e9cccc4..5a4cea4 100755 --- a/server/src/com/cloud/vm/UserVmManagerImpl.java +++ b/server/src/com/cloud/vm/UserVmManagerImpl.java @@ -965,10 +965,15 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir if (network == null) { throw new InvalidParameterValueException("unable to find a network with id " + networkId); } - if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain) - && !(network.getAclType() == ACLType.Account && network.getAccountId() == vmInstance.getAccountId())) { - throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vmId: " + vmId); + + Account vmOwner = _accountMgr.getAccount(vmInstance.getAccountId()); + if (vmOwner.getType() != Account.ACCOUNT_TYPE_ADMIN) { + if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain) + && !(network.getAclType() == ACLType.Account && network.getAccountId() == vmInstance.getAccountId())) { + throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vmId: " + vmId); + } } + List<NicVO> allNics = _nicDao.listByVmId(vmInstance.getId()); for (NicVO nic : allNics) { if (nic.getNetworkId() == network.getId()) @@ -2632,10 +2637,15 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Vir if (network.getDataCenterId() != zone.getId()) { throw new InvalidParameterValueException("Network id=" + network.getId() + " doesn't belong to zone " + zone.getId()); } - if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain) - && !(network.getAclType() == ACLType.Account && network.getAccountId() == accountId)) { - throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vm"); + + Account vmOwner = _accountMgr.getAccount(accountId); + if (vmOwner.getType() != Account.ACCOUNT_TYPE_ADMIN) { + if (!(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == ACLType.Domain) + && !(network.getAclType() == ACLType.Account && network.getAccountId() == accountId)) { + throw new InvalidParameterValueException("only shared network or isolated network with the same account_id can be added to vm"); + } } + IpAddresses requestedIpPair = null; if (requestedIps != null && !requestedIps.isEmpty()) { requestedIpPair = requestedIps.get(network.getId());
