You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "venkata swamybabu budumuru (JIRA)" <ji...@apache.org> on 2013/07/23 09:10:48 UTC
[jira] [Closed] (CLOUDSTACK-1573) listNics API when fired as a
non-ROOT admin user shouldn't list vlan info
[ https://issues.apache.org/jira/browse/CLOUDSTACK-1573?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
venkata swamybabu budumuru closed CLOUDSTACK-1573.
--------------------------------------------------
Have verified on the latest build. listNics now doesn't show VLAN info now.
ET /client/api?command=listNics&response=json&session...72fa3e-2118-4104-80a7-7ab94b4dff75&_=1374563339484
200 OK
87ms
ParamsHeadersResponseJSON
{ "listnicsresponse" : { "count":1 ,"nic" : [ {"id":"6d4b28f1-9901-4109-99a1-b3a594d2c8f7","networkid":"aa81c8fe-2bed-481c-a7ff-3002c2b5260d","netmask":"255.255.255.0","gateway":"10.1.1.1","ipaddress":"10.1.1.117","isdefault":true,"macaddress":"02:00:7b:3b:00:01","secondaryip":[{"id":"ab47a592-20fa-479d-9d07-2e749223830d","ipaddress":"10.1.1.231"}]} ] } }
> listNics API when fired as a non-ROOT admin user shouldn't list vlan info
> -------------------------------------------------------------------------
>
> Key: CLOUDSTACK-1573
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1573
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Network Controller
> Affects Versions: 4.2.0
> Environment: Latest master : commit id # a4521551a35cadd19a95752d3d93af8c2a9edd5b
> - Advanced Zone
> - Xen Cluster with 1 hypervisor
> Reporter: venkata swamybabu budumuru
> Assignee: Jayapal Reddy
> Fix For: 4.2.0
>
> Attachments: api.log
>
>
> Steps to reproduce :
> 1. Have a non-ROOT domain user
> 2. create at least 1 isolate n/w
> 3. deploy a VM using the above isolated n/ws
> 4. verify listNics API as the user mentioned in step :1
> http://localhost:8080/client/api?command=listNics&virtualmachineid=9cf1139f-731e-4679-892f-4375058806fc&response=xml&sessionkey=Hix07fkTU1FTmQw07J56zBl2KY0%3D&listAll=true&page=1&pagesize=20&_=1362647277083
> Observatons :
> - It shows the vlan info. There is no need to allow end-user to see L2 info.
> <listnics cloud-stack-version="4.2.0-SNAPSHOT"><count>2</count><nic><id>3d23de95-1e0b-4920-8fa6-82a29417ee9d</id><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.165</ipaddress><isolationuri>vlan://906</isolationuri><broadcasturi>vlan://906</broadcasturi><isdefault>true</isdefault><macaddress>02:00:7c:10:00:02</macaddress><secondaryip><ipaddress>10.1.1.115</ipaddress></secondaryip></nic><nic><id>a5ca7b64-98c6-4cc4-9ca7-38136fdc1937</id><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.221</ipaddress><isolationuri>vlan://908</isolationuri><broadcasturi>vlan://908</broadcasturi><isdefault>false</isdefault><macaddress>02:00:72:d7:00:02</macaddress></nic></listnics>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira