[jira] [Commented] (CLOUDSTACK-10247) L2 network not shared on projects

ASF GitHub Bot (JIRA) Sat, 10 Feb 2018 09:31:03 -0800

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10247?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16359539#comment-16359539
 ]


ASF GitHub Bot commented on CLOUDSTACK-10247:
---------------------------------------------

rhtyd closed pull request #2420: CLOUDSTACK-10247: L2 network not shared on 
projects
URL: https://github.com/apache/cloudstack/pull/2420
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/server/src/com/cloud/network/NetworkModelImpl.java 
b/server/src/com/cloud/network/NetworkModelImpl.java
index e583b717a16..b8e7b53b1fa 100644
--- a/server/src/com/cloud/network/NetworkModelImpl.java
+++ b/server/src/com/cloud/network/NetworkModelImpl.java
@@ -930,7 +930,7 @@ public boolean areServicesSupportedInNetwork(long 
networkId, Service... services
     @Override
     public String getIpOfNetworkElementInVirtualNetwork(long accountId, long 
dataCenterId) {
 
-        List<NetworkVO> virtualNetworks = 
_networksDao.listByZoneAndGuestType(accountId, dataCenterId, 
Network.GuestType.Isolated, false);
+        List<NetworkVO> virtualNetworks = 
_networksDao.listByZoneAndGuestType(accountId, dataCenterId, 
GuestType.Isolated, false);
 
         if (virtualNetworks.isEmpty()) {
             s_logger.trace("Unable to find default Virtual network account 
id=" + accountId);
@@ -950,13 +950,13 @@ public String getIpOfNetworkElementInVirtualNetwork(long 
accountId, long dataCen
     }
 
     @Override
-    public List<NetworkVO> listNetworksForAccount(long accountId, long zoneId, 
Network.GuestType type) {
+    public List<NetworkVO> listNetworksForAccount(long accountId, long zoneId, 
GuestType type) {
         List<NetworkVO> accountNetworks = new ArrayList<NetworkVO>();
         List<NetworkVO> zoneNetworks = _networksDao.listByZone(zoneId);
 
         for (NetworkVO network : zoneNetworks) {
             if (!isNetworkSystem(network)) {
-                if (network.getGuestType() == Network.GuestType.Shared || 
!_networksDao.listBy(accountId, network.getId()).isEmpty()) {
+                if (network.getGuestType() == GuestType.Shared || 
!_networksDao.listBy(accountId, network.getId()).isEmpty()) {
                     if (type == null || type == network.getGuestType()) {
                         accountNetworks.add(network);
                     }
@@ -967,7 +967,7 @@ public String getIpOfNetworkElementInVirtualNetwork(long 
accountId, long dataCen
     }
 
     @Override
-    public List<NetworkVO> listAllNetworksInAllZonesByType(Network.GuestType 
type) {
+    public List<NetworkVO> listAllNetworksInAllZonesByType(GuestType type) {
         List<NetworkVO> networks = new ArrayList<NetworkVO>();
         for (NetworkVO network : _networksDao.listAll()) {
             if (!isNetworkSystem(network)) {
@@ -1637,7 +1637,8 @@ public void checkNetworkPermissions(Account owner, 
Network network) {
             throw new CloudRuntimeException("cannot check permissions on 
(Network) <null>");
         }
         // Perform account permission check
-        if (network.getGuestType() != Network.GuestType.Shared || 
(network.getGuestType() == Network.GuestType.Shared && network.getAclType() == 
ACLType.Account)) {
+        if ((network.getGuestType() != GuestType.Shared && 
network.getGuestType() != GuestType.L2) ||
+                (network.getGuestType() == GuestType.Shared && 
network.getAclType() == ACLType.Account)) {
             AccountVO networkOwner = 
_accountDao.findById(network.getAccountId());
             if (networkOwner == null)
                 throw new PermissionDeniedException("Unable to use network 
with id= " + ((NetworkVO)network).getUuid() +
@@ -1802,14 +1803,14 @@ public boolean isPrivateGateway(long ntwkId) {
     public boolean isNetworkAvailableInDomain(long networkId, long domainId) {
         Long networkDomainId = null;
         Network network = getNetwork(networkId);
-        if (network.getGuestType() != Network.GuestType.Shared) {
-            s_logger.trace("Network id=" + networkId + " is not shared");
+        if (network.getGuestType() != GuestType.Shared && 
network.getGuestType() != GuestType.L2) {
+            s_logger.trace("Network id=" + networkId + " is not shared or L2");
             return false;
         }
 
         NetworkDomainVO networkDomainMap = 
_networkDomainDao.getDomainNetworkMapByNetworkId(networkId);
         if (networkDomainMap == null) {
-            s_logger.trace("Network id=" + networkId + " is shared, but not 
domain specific");
+            s_logger.trace("Network id=" + networkId + " is shared or L2, but 
not domain specific");
             return true;
         } else {
             networkDomainId = networkDomainMap.getDomainId();
diff --git a/server/src/com/cloud/network/NetworkServiceImpl.java 
b/server/src/com/cloud/network/NetworkServiceImpl.java
index d7ae6276f85..93f73d20a5f 100644
--- a/server/src/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/com/cloud/network/NetworkServiceImpl.java
@@ -1101,8 +1101,8 @@ public Network createGuestNetwork(CreateNetworkCmd cmd) 
throws InsufficientCapac
         }
 
         // Only Admin can create Shared networks
-        if (ntwkOff.getGuestType() == GuestType.Shared && 
!_accountMgr.isAdmin(caller.getId())) {
-            throw new InvalidParameterValueException("Only Admins can create 
network with guest type " + GuestType.Shared);
+        if ((ntwkOff.getGuestType() == GuestType.Shared || 
ntwkOff.getGuestType() == GuestType.L2) && 
!_accountMgr.isAdmin(caller.getId())) {
+            throw new InvalidParameterValueException("Only Admins can create 
network with guest type " + GuestType.Shared + " or " + GuestType.L2);
         }
 
         // Check if the network is domain specific


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> L2 network not shared on projects
> ---------------------------------
>
>                 Key: CLOUDSTACK-10247
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10247
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>            Reporter: Nicolas Vazquez
>            Assignee: Nicolas Vazquez
>            Priority: Major
>
> L2 networks are not shared between projects. When trying to deploy a vm 
> assigning a project id, error is logged:
> 2018-01-18 09:04:31,749 INFO  [c.c.a.ApiServer] 
> (qtp1310540333-17:ctx-7ff91c56 ctx-8c37c46b ctx-d58064ad) (logid:74e86028) 
> PermissionDenied: Unable to use network with id= 
> 5bee486a-ff20-4db2-b62e-4b4f3485cfff, permission denied on objs: []



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10247) L2 network not shared on projects

Reply via email to