apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed security issue in listNetworks

Browse Source 
Conflicts:

	server/src/com/cloud/network/NetworkManagerImpl.java
This commit is contained in:
alena 2011-08-22 10:51:44 -07:00
parent 009e60266d
commit 0998b04098
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -1831,16 +1831,19 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
if (isSystem != null && isSystem && (accountName != null || domainId != null)) {
throw new InvalidParameterValueException("System network belongs to system, account and domainId parameters can't be specified");
}
DomainVO domain = null;
if (domainId != null) {
domain = _domainDao.findById(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist in the system");
}
_accountMgr.checkAccess(caller, domain);
}
if (_accountMgr.isAdmin(caller.getType())) {
if (domainId != null) {
DomainVO domain = _domainDao.findById(domainId);
if (domain == null) {
throw new InvalidParameterValueException("Domain id=" + domainId + " doesn't exist in the system");
}
_accountMgr.checkAccess(caller, domain);
if (accountName != null) {
Account owner = _accountMgr.getActiveAccount(accountName, domainId);
if (owner == null) {
@ -1849,12 +1852,15 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
accountId = owner.getId();
}
}
DomainVO domain = _domainDao.findById(caller.getDomainId());
path = domain.getPath();
} else {
accountId = caller.getId();
}
path = _domainDao.findById(caller.getDomainId()).getPath();
if (domainId == null) {
domainId = caller.getDomainId();
}
if ((isSystem == null || !isSystem) && (isShared == null || isShared)) {
sharedNetworkDomainId = domainId;
@ -1896,7 +1902,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
networksToReturn.addAll(listDomainSpecificNetworks(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, type, isDefault, trafficType, isShared), searchFilter, path));
}
if (accountId != null || (domainId == null && accountName == null)) {
//if user requested only domain specific networks, don't return account/zone wide networks
if (!(isShared != null && isShared && cmd.getDomainId() != null) && (accountId != null || (domainId == null && accountName == null))) {
networksToReturn.addAll(listAccountSpecificAndZoneLevelNetworks(buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, type, isDefault, trafficType, isShared), searchFilter, accountId, path));
}