You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2013/10/15 01:32:42 UTC

git commit: updated refs/heads/4.2 to 2ceea80

Updated Branches:
  refs/heads/4.2 1d982a5d4 -> 2ceea80a1


CLOUDSTACK-4862:Admin cannot delete shared network scoped to user
account.

Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2ceea80a
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2ceea80a
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2ceea80a

Branch: refs/heads/4.2
Commit: 2ceea80a1ddf8c0ef970efde8a030b2efa261c4b
Parents: 1d982a5
Author: Min Chen <mi...@citrix.com>
Authored: Mon Oct 14 16:32:13 2013 -0700
Committer: Min Chen <mi...@citrix.com>
Committed: Mon Oct 14 16:32:13 2013 -0700

----------------------------------------------------------------------
 server/src/com/cloud/network/element/VirtualRouterElement.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2ceea80a/server/src/com/cloud/network/element/VirtualRouterElement.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java
index 13096b8..783886a 100755
--- a/server/src/com/cloud/network/element/VirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VirtualRouterElement.java
@@ -75,6 +75,7 @@ import com.cloud.network.rules.StaticNat;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offerings.NetworkOfferingVO;
 import com.cloud.offerings.dao.NetworkOfferingDao;
+import com.cloud.user.Account;
 import com.cloud.user.AccountManager;
 import com.cloud.uservm.UserVm;
 import com.cloud.utils.Pair;
@@ -663,8 +664,11 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
             return true;
         }
         boolean result = true;
+        // NOTE that we need to pass caller account to destroyRouter, otherwise it will fail permission check there. Context passed in from deleteNetwork is the network account, 
+        // not caller account
+        Account callerAccount = _accountMgr.getAccount(context.getCaller().getAccountId());        
         for (DomainRouterVO router : routers) {
-            result = result && (_routerMgr.destroyRouter(router.getId(), context.getAccount(), context.getCaller().getId()) != null);
+            result = result && (_routerMgr.destroyRouter(router.getId(), callerAccount, context.getCaller().getId()) != null);
         }
         return result;
     }