You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Min Chen (JIRA)" <ji...@apache.org> on 2014/04/16 19:22:32 UTC
[jira] [Resolved] (CLOUDSTACK-6428) IAM - Domain Admin - When his
sub-domainId is passed to the listVirtualMachine command, Vms from all the
domains are being listed.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6428?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Min Chen resolved CLOUDSTACK-6428.
----------------------------------
Resolution: Fixed
> IAM - Domain Admin - When his sub-domainId is passed to the listVirtualMachine command, Vms from all the domains are being listed.
> ----------------------------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-6428
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6428
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: API
> Affects Versions: 4.4.0
> Reporter: Min Chen
> Assignee: Min Chen
> Priority: Critical
> Fix For: 4.4.0
>
>
> IAM - Domain Admin - When domainId is passed to the listVirtualMachine command, Vms from all the domains are being listed.
> Set up:
> Pre Reqs:
> Admin - Creates object
> Domain Admin for d1 - D1 - Creates object - d1
> Domain Admin for d1 - D1/D11
> User account for d1 - D1/D111 - Creates object - d111a
> Domain Admin for d1 - D1/D12
> Domain Admin for d2 - D2 - Creates object -d2
> User Account in domain D1 - userD1-1 - Creates object -d1a
> User Account in domain D1 - userD1-2 - Creates object - d1b
> User Account in domain D1/D11 - userD1-a - Creates object - d11a
> User Account in domain D1/D11 - userD1-a - Creates object - d11b
> User Account in domain D1/D12- userD1-b - Creates object - d12a
> User Account in domain D1/D12 - userD-a - Creates object - d12b
> As domain admin d1 , tried to list all the Vms for domain - d1/d11.
> The Vm list returned has all the Vms including the Vms from domain d2.
> GET http://10.223.49.6/client/api?command=listVirtualMachines&domainId=0a0f7c09-2f1a-4939-94ce-88388e197949&listAll=true&apiKey=Hv0VKnmBjXhyRMKZ7ixI51gG-iqHqRVTp1xCCLU2-gTnZwhuUNWsa4zZLYZWWLD5lEhvwe05tJKJVa9NeS5REw&signature=ZH7kEjKVDh1eXbLv84T6pHAApt0%3D \n\n
> <?xml version="1.0" encoding="UTF-8"?><listvirtualmachinesresponse cloud-stack-version="4.4.0-SNAPSHOT"><count>10</count><virtualmachine><id>22193996-12f9-46ff-91cd-3d409f7f8c60</id><name>d11a</name><displayname>d11a</displayname><account>testD11A-TestVMList-3385RP</account><domainid>0a0f7c09-2f1a-4939-94ce-88388e197949</domainid><domain>D11-UFBXGQ</domain><created>2014-04-10T09:01:37-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>a1c079e5-ae0f-4470-b0ed-26895fbcf14d</id><networkid>f1cf7cfb-c354-47c4-854e-af329c54d77e</networkid><networkname>testD11A-TestVMList-3385RP-network</networkname><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.217</ipaddress><isolationuri>vlan://1071</isolationuri><broadcasturi>vlan://1071</broadcasturi><traffictype>Guest</traffictype><type>Isolated</type><isdefault>true</isdefault><macaddress>02:00:06:7b:00:01</macaddress></nic><hypervisor>Simulator</hypervisor><isdynamicallyscalable>false</isdynamicallyscalable><ostypeid>11</ostypeid></virtualmachine><virtualmachine><id>660a829f-5265-44c3-aa92-957d8bbec8e2</id><name>d1a</name><displayname>d1b</displayname><account>testD1B-TestVMList-CB23CT</account><domainid>dc4bf103-27bf-4292-99aa-dc91fa23ee04</domainid><domain>D1-NN5QWT</domain><created>2014-04-10T09:01:32-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>b58c4f55-ed7d-4c1c-922b-6e2aecad642c</id><networkid>ee8c3501-10e5-4247-b5b4-6e261dde56b1</networkid><networkname>testD1B-TestVMList-CB23CT-network</networkname><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.252</ipaddress><isolationuri>vlan://1697</isolationuri><broadcasturi>vlan://1697</broadcasturi><traffictype>Guest</traffictype><type>Isolated</type><isdefault>true</isdefault><macaddress>02:00:17:50:00:01</macaddress></nic><hypervisor>Simulator</hypervisor><isdynamicallyscalable>false</isdynamicallyscalable><ostypeid>11</ostypeid></virtualmachine><virtualmachine><id>2a729bb9-8597-4a07-8259-fdcc1ef328ff</id><name>d1a</name><displayname>d1a</displayname><account>testD1A-TestVMList-VAZC6S</account><domainid>dc4bf103-27bf-4292-99aa-dc91fa23ee04</domainid><domain>D1-NN5QWT</domain><created>2014-04-10T09:01:27-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>61ce424c-a7c0-4543-a748-97184a86716a</id><networkid>8a3ac0bc-2192-48d9-8934-18a6aeec6a0a</networkid><networkname>testD1A-TestVMList-VAZC6S-network</networkname><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.27</ipaddress><isolationuri>vlan://3450</isolationuri><broadcasturi>vlan://3450</broadcasturi><traffictype>Guest</traffictype><type>Isolated</type><isdefault>true</isdefault><macaddress>02:00:49:c4:00:01</macaddress></nic><hypervisor>Simulator</hypervisor><isdynamicallyscalable>false</isdynamicallyscalable><ostypeid>11</ostypeid></virtualmachine><virtualmachine><id>e520b97e-13be-4c6a-993c-3b581524e247</id><name>d1</name><displayname>d1</displayname><account>testD1-TestVMList-3VK254</account><domainid>dc4bf103-27bf-4292-99aa-dc91fa2 ....
--
This message was sent by Atlassian JIRA
(v6.2#6252)