apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 20:02:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-5145 : Added permission checks while deleting network ACLs

Browse Source 
Conflicts:
	server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
This commit is contained in:
Kishan Kavala 2013-12-16 17:50:08 +05:30
parent 7cac5aa9fc
commit 3a3fec3cb6
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
server/src/com/cloud/network/vpc/NetworkACLServiceImpl.java
View File

@ -579,8 +579,21 @@ public class NetworkACLServiceImpl extends ManagerBase implements NetworkACLServ
@Override
public boolean revokeNetworkACLItem(long ruleId) {
NetworkACLItemVO aclItem = _networkACLItemDao.findById(ruleId);
<<<<<<< HEAD
if (aclItem != null) {
if ((aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW) || (aclItem.getAclId() == NetworkACL.DEFAULT_DENY)) {
=======
if(aclItem != null){
NetworkACL acl = _networkAclMgr.getNetworkACL(aclItem.getAclId());
Vpc vpc = _entityMgr.findById(Vpc.class, acl.getVpcId());
Account caller = CallContext.current().getCallingAccount();
_accountMgr.checkAccess(caller, null, true, vpc);
if((aclItem.getAclId() == NetworkACL.DEFAULT_ALLOW) || (aclItem.getAclId() == NetworkACL.DEFAULT_DENY)){
>>>>>>> e2805b8... CLOUDSTACK-5145 : Added permission checks while deleting network ACLs
throw new InvalidParameterValueException("ACL Items in default ACL cannot be deleted");
}
}