You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2014/05/13 11:35:50 UTC

[4/7] git commit: updated refs/heads/4.4 to 68a44cf

CLOUDSTACK-6600: fix a bug in IAM cache in constructing cache key.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/89e0e632
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/89e0e632
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/89e0e632

Branch: refs/heads/4.4
Commit: 89e0e63253fffe886203af1617cea123097aa8ba
Parents: e865cf8
Author: Min Chen <mi...@citrix.com>
Authored: Fri May 9 11:10:26 2014 -0700
Committer: Daan Hoogland <da...@onecht.net>
Committed: Tue May 13 11:21:22 2014 +0200

----------------------------------------------------------------------
 .../org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/89e0e632/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
index eaa4302..f0df132 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
@@ -66,6 +66,9 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         String entityType = null;
         if (entity != null && entity.getEntityType() != null) {
             entityType = entity.getEntityType().getSimpleName();
+            if (entity instanceof InternalIdentity) {
+                entityType += ((InternalIdentity)entity).getId();
+            }
         }
         key.append(entityType != null ? entityType : "null");
         key.append("-");
@@ -91,7 +94,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         String accessKey = buildAccessCacheKey(caller, entity, accessType, action);
         CheckAccessResult allowDeny = (CheckAccessResult)_iamSrv.getFromIAMCache(accessKey);
         if (allowDeny != null) {
-            s_logger.debug("IAM access check for " + accessKey + " from cache");
+            s_logger.debug("IAM access check for " + accessKey + " from cache: " + allowDeny.isAllow());
             if (allowDeny.isAllow()) {
                 return true;
             } else {