You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by al...@apache.org on 2012/07/10 03:31:07 UTC

[8/18] git commit: CS-15167: AWS API calls do not honor the "admin" accounts ability to view/act on the resources owned by regular users.

CS-15167: AWS API calls do not honor the "admin" accounts ability to view/act on the resources owned by regular users.


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/8d38f4e0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/8d38f4e0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/8d38f4e0

Branch: refs/heads/vpc
Commit: 8d38f4e051c6ba114d3841f4aeb29b700aa0c81e
Parents: 47ea9f2
Author: Likitha Shetty <li...@citrix.com>
Authored: Fri Jul 6 16:00:27 2012 -0700
Committer: prachi <pr...@cloud.com>
Committed: Fri Jul 6 16:00:27 2012 -0700

----------------------------------------------------------------------
 .../cloud/bridge/service/core/ec2/EC2Engine.java   |    8 ++++----
 awsapi/src/com/cloud/stack/CloudStackApi.java      |    8 +++++---
 .../src/com/cloud/stack/models/ApiConstants.java   |    1 +
 3 files changed, 10 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/8d38f4e0/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
----------------------------------------------------------------------
diff --git a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
index 0d2e713..5f45847 100644
--- a/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
+++ b/awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
@@ -870,7 +870,7 @@ public class EC2Engine {
 	public boolean associateAddress( EC2AssociateAddress request ) {
 		try {
 			CloudStackIpAddress cloudIp = getApi().listPublicIpAddresses(null, null, null, null, null, request.getPublicIp(), null, null, null).get(0);
-			CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0);
+	        CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, true, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0);
 
 			CloudStackInfoResponse resp = getApi().enableStaticNat(cloudIp.getId(), cloudVm.getId());
 			if (resp != null) {
@@ -1783,7 +1783,7 @@ public class EC2Engine {
 			throws Exception {
 
 		String instId = instanceId != null ? instanceId : null;
-		List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, null, null, null, null, 
+        List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, true, null, null, null, null,
 				instId, null, null, null, null, null, null, null, null);
 		
 		if(vms != null && vms.size() > 0) {
@@ -1911,8 +1911,8 @@ public class EC2Engine {
 	public EC2DescribeSecurityGroupsResponse listSecurityGroups( String[] interestedGroups ) throws Exception {
 		try {
 			EC2DescribeSecurityGroupsResponse groupSet = new EC2DescribeSecurityGroupsResponse();
-			
-			List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, null, null, null);
+
+            List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, true, null, null, null);
 			if (groups != null && groups.size() > 0)
     			for (CloudStackSecurityGroup group : groups) {
     				boolean matched = false;

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/8d38f4e0/awsapi/src/com/cloud/stack/CloudStackApi.java
----------------------------------------------------------------------
diff --git a/awsapi/src/com/cloud/stack/CloudStackApi.java b/awsapi/src/com/cloud/stack/CloudStackApi.java
index 65db139..e46ebdd 100644
--- a/awsapi/src/com/cloud/stack/CloudStackApi.java
+++ b/awsapi/src/com/cloud/stack/CloudStackApi.java
@@ -311,13 +311,14 @@ public class CloudStackApi {
 	 * @return
 	 * @throws Exception
 	 */
-	public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean forVirtualNetwork, String groupId, String hostId, 
+    public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean listAll, Boolean forVirtualNetwork, String groupId, String hostId,
 			String hypervisor, String id, Boolean isRecursive, String keyWord, String name, String networkId, String podId, String state, String storageId, 
 			String zoneId) throws Exception {
 		CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_VIRTUAL_MACHINES);
 		if (cmd != null) {
 			if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
 			if (accountId != null) cmd.setParam(ApiConstants.ACCOUNT_ID, accountId);
+            if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
 			if (forVirtualNetwork != null) cmd.setParam(ApiConstants.FOR_VIRTUAL_NETWORK, forVirtualNetwork.toString());
 			if (groupId != null) cmd.setParam(ApiConstants.GROUP_ID, groupId);
 			if (hostId != null) cmd.setParam(ApiConstants.HOST_ID, hostId);
@@ -1087,13 +1088,14 @@ public class CloudStackApi {
 	 * @return
 	 * @throws Exception
 	 */
-	public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, String keyWord, String securityGroupName, 
-			String virtualMachineId) throws Exception {
+    public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, Boolean listAll, String keyWord,
+            String securityGroupName, String virtualMachineId) throws Exception {
 		CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_SECURITY_GROUPS);
 		if (cmd != null) { 
 			if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
 			if (domainId != null) cmd.setParam(ApiConstants.DOMAIN_ID, domainId);
 			if (id != null) cmd.setParam(ApiConstants.ID, id);
+            if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
 			if (keyWord != null) cmd.setParam(ApiConstants.KEYWORD, keyWord);
 			if (securityGroupName != null) cmd.setParam(ApiConstants.SECURITY_GROUP_NAME, securityGroupName);
 			if (virtualMachineId != null) cmd.setParam(ApiConstants.VIRTUAL_MACHINE_ID, virtualMachineId);

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/8d38f4e0/awsapi/src/com/cloud/stack/models/ApiConstants.java
----------------------------------------------------------------------
diff --git a/awsapi/src/com/cloud/stack/models/ApiConstants.java b/awsapi/src/com/cloud/stack/models/ApiConstants.java
index 3305843..e00a9b9 100644
--- a/awsapi/src/com/cloud/stack/models/ApiConstants.java
+++ b/awsapi/src/com/cloud/stack/models/ApiConstants.java
@@ -242,6 +242,7 @@ public class ApiConstants {
     public static final String LINMIN_USERNAME = "linminusername";
     public static final String LIST_ACCOUNTS = "listAccounts";
     public static final String LIST_ACCOUNTS_RESPONSE = "listaccountsresponse";
+    public static final String LIST_ALL = "listall";
     public static final String LIST_CAPABILITIES = "listCapabilities";
     public static final String LIST_CAPABILITIES_RESPONSE = "listcapabilitiesresponse";
     public static final String LIST_DISK_OFFERINGS = "listDiskOfferings";