You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by mc...@apache.org on 2014/05/09 20:28:46 UTC

git commit: updated refs/heads/4.4-forward to 4889031

Repository: cloudstack
Updated Branches:
  refs/heads/4.4-forward f2c3114bf -> 488903149


CLOUDSTACK-6600: fix a bug in IAM cache in constructing cache key.


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/48890314
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/48890314
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/48890314

Branch: refs/heads/4.4-forward
Commit: 4889031492e543c318fcd639d7491cfb2013eb76
Parents: f2c3114
Author: Min Chen <mi...@citrix.com>
Authored: Fri May 9 11:10:26 2014 -0700
Committer: Min Chen <mi...@citrix.com>
Committed: Fri May 9 11:27:07 2014 -0700

----------------------------------------------------------------------
 .../org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/48890314/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
----------------------------------------------------------------------
diff --git a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
index eaa4302..f0df132 100644
--- a/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
+++ b/services/iam/plugin/src/org/apache/cloudstack/iam/RoleBasedEntityAccessChecker.java
@@ -66,6 +66,9 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         String entityType = null;
         if (entity != null && entity.getEntityType() != null) {
             entityType = entity.getEntityType().getSimpleName();
+            if (entity instanceof InternalIdentity) {
+                entityType += ((InternalIdentity)entity).getId();
+            }
         }
         key.append(entityType != null ? entityType : "null");
         key.append("-");
@@ -91,7 +94,7 @@ public class RoleBasedEntityAccessChecker extends DomainChecker implements Secur
         String accessKey = buildAccessCacheKey(caller, entity, accessType, action);
         CheckAccessResult allowDeny = (CheckAccessResult)_iamSrv.getFromIAMCache(accessKey);
         if (allowDeny != null) {
-            s_logger.debug("IAM access check for " + accessKey + " from cache");
+            s_logger.debug("IAM access check for " + accessKey + " from cache: " + allowDeny.isAllow());
             if (allowDeny.isAllow()) {
                 return true;
             } else {