You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Rajani Karuturi (JIRA)" <ji...@apache.org> on 2015/08/12 08:22:46 UTC
[jira] [Updated] (CLOUDSTACK-6974) IAM-Root Admin - When
listNetwork is used with listall=false (or no listall passed), all isoalted
networks belonging to other users is listed.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6974?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rajani Karuturi updated CLOUDSTACK-6974:
----------------------------------------
Fix Version/s: (was: 4.6.0)
> IAM-Root Admin - When listNetwork is used with listall=false (or no listall passed), all isoalted networks belonging to other users is listed.
> ----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-6974
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6974
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Affects Versions: 4.4.0
> Environment: Build from 4.4-forward
> Reporter: Sangeetha Hariharan
>
> Root Admin - When listNetwork is used with listall=false (or no listall passed) and isrecursive=true , all networks in the system are returned.
> Steps to reproduce the problem:
> Create multiple domains with few user and domain accounts in them.
> Create isolated networks as each of these accounts.
> Create an admin user under ROOT.
> As this admin user, deploy a VM.
> Use listNetwork with listall=false (or no listall passed) and isrecursive=true to retrieve all the networks owned by this admin.
> This results in all the networks in the system being returned.
> Following is the API call that was made , that resulted in 15 networks being fetched when it should have fetched only 1 isolated network and 1
> shared network.
> http://10.223.49.6:8080/client/api?apiKey=PB2CyeaqN0vfTodPzXV52OdE9YZLC8K-BrdLiEijWmq85nuAEfXVoAPxbzW0J5BgFAT-f5lnwDEgeOfp_boJAg&isrecursive=true&response=json&listall=false&command=listNetworks&signature=l%2FNR4aBSnk7aAEDHhlsAvEXe7Cg%3D Response: { "listnetworksresponse" : { "count":15 ,"network" : [ {"id":"fb3b563c-5ba2-4f9a-aa65-82996f78f20e","name":"SharedNetwork-Account","displaytext":"SharedNetwork-Account","broadcastdomaintype":"Vlan","traffictype":"Guest","gateway":"10.223.1.1","netmask":"255.255.255.0","cidr":"10.223.1.0/24","zoneid":"b690dddf-5755-49ab-8a4d-0aff04fa39f7","zonename":"BLR1","networkofferingid":"1bec2c7f-d35d-4d33-a655-d3159be4a6ff","networkofferingname":"DefaultSharedNetworkOfferingWithSGService","networkofferingdisplaytext":"Offering for Shared Security group enabled networks","networkofferingconservemode":true,"networkofferingavailability":"Optional","issystem":false,"state":"Setup","related":"fb3b563c-5ba2-4f9a-aa65-82996f78f20e","broadcasturi":"vlan://153","dns1":"4.2.2.2","type":"Shared","vlan":"153","acltype":"Account","account":"testD111A-TestNetworkList-RPNQIQ","domainid":"b706ea33-fbf7-4167-a857-16f79f332cf3","domain":"D111-A243U3","service":[
> {"name":"UserData"}
> ,{"name":"Dhcp","capability":[
> {"name":"DhcpAccrossMultipleSubnets","value":"true","canchooseservicecapability":false}
> ]},{" ...
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)