This is an automated email from the ASF dual-hosted git repository.
winterhazel pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/main by this push:
new 4425ee42348 Remove unnecessary if-else branch in template permission
validation (#12683)
4425ee42348 is described below
commit 4425ee423480d12a71a867300c366b87c2e53ab4
Author: Manoj Kumar <[email protected]>
AuthorDate: Fri May 8 06:07:31 2026 +0530
Remove unnecessary if-else branch in template permission validation (#12683)
* consolidate if-else branch
---
server/src/main/java/com/cloud/api/query/QueryManagerImpl.java | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
index 2ceaffd69d1..051af377c6d 100644
--- a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
@@ -5034,16 +5034,13 @@ public class QueryManagerImpl extends
MutualExclusiveIdsManagerBase implements Q
ex.addProxyObject(template.getUuid(), "templateId");
throw ex;
}
+
if (!template.isPublicTemplate() && caller.getType() ==
Account.Type.DOMAIN_ADMIN) {
Account template_acc =
accountMgr.getAccount(template.getAccountId());
DomainVO domain =
_domainDao.findById(template_acc.getDomainId());
accountMgr.checkAccess(caller, domain);
- }
-
- // if template is not public, perform permission check here
- else if (!template.isPublicTemplate() && caller.getType() !=
Account.Type.ADMIN) {
- accountMgr.checkAccess(caller, null, false, template);
- } else if (template.isPublicTemplate()) {
+ } else if (template.isPublicTemplate() || caller.getType() !=
Account.Type.ADMIN) {
+ // if template is not public or non-admin caller, perform
permission check here
accountMgr.checkAccess(caller, null, false, template);
}
