You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2013/01/15 20:44:28 UTC
git commit: We need to catch PermissionDeniedException in checking if
command is available to an user.
Updated Branches:
refs/heads/master a6b902763 -> 7f1486e2d
We need to catch PermissionDeniedException in checking if command is
available to an user.
Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/7f1486e2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/7f1486e2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/7f1486e2
Branch: refs/heads/master
Commit: 7f1486e2dc9f612af94901ab8804e24c48b8122b
Parents: a6b9027
Author: Min Chen <mi...@citrix.com>
Authored: Tue Jan 15 11:40:49 2013 -0800
Committer: Min Chen <mi...@citrix.com>
Committed: Tue Jan 15 11:43:59 2013 -0800
----------------------------------------------------------------------
server/src/com/cloud/api/ApiServer.java | 13 +++++++++----
1 files changed, 9 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/7f1486e2/server/src/com/cloud/api/ApiServer.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiServer.java b/server/src/com/cloud/api/ApiServer.java
index 4d60215..e106f03 100755
--- a/server/src/com/cloud/api/ApiServer.java
+++ b/server/src/com/cloud/api/ApiServer.java
@@ -549,7 +549,10 @@ public class ApiServer implements HttpRequestHandler {
// if userId not null, that mean that user is logged in
if (userId != null) {
User user = ApiDBUtils.findUserById(userId);
- if (!isCommandAvailable(user, commandName)) {
+ try{
+ checkCommandAvailable(user, commandName);
+ }
+ catch (PermissionDeniedException ex){
s_logger.debug("The given command:" + commandName + " does not exist or it is not available for user with id:" + userId);
throw new ServerApiException(BaseCmd.UNSUPPORTED_ACTION_ERROR, "The given command does not exist or it is not available for user");
}
@@ -649,7 +652,10 @@ public class ApiServer implements HttpRequestHandler {
UserContext.updateContext(user.getId(), account, null);
- if (!isCommandAvailable(user, commandName)) {
+ try{
+ checkCommandAvailable(user, commandName);
+ }
+ catch (PermissionDeniedException ex){
s_logger.debug("The given command:" + commandName + " does not exist or it is not available for user");
throw new ServerApiException(BaseCmd.UNSUPPORTED_ACTION_ERROR, "The given command:" + commandName + " does not exist or it is not available for user with id:" + userId);
}
@@ -780,7 +786,7 @@ public class ApiServer implements HttpRequestHandler {
return true;
}
- private boolean isCommandAvailable(User user, String commandName) throws PermissionDeniedException {
+ private void checkCommandAvailable(User user, String commandName) throws PermissionDeniedException {
if (user == null) {
throw new PermissionDeniedException("User is null for role based API access check for command" + commandName);
}
@@ -788,7 +794,6 @@ public class ApiServer implements HttpRequestHandler {
for (APIChecker apiChecker : _apiAccessCheckers) {
apiChecker.checkAccess(user, commandName);
}
- return true;
}
private Class<?> getCmdClass(String cmdName) {