Skip verification of privileges on project accounts

This commit is contained in:
Harikrishna Patnala 2025-05-28 13:40:19 +05:30 committed by Pearl Dsilva
parent a0080a04fe
commit 864327b836

View File

@ -1539,17 +1539,21 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
public void verifyCallerPrivilegeForUserOrAccountOperations(Account userAccount) { public void verifyCallerPrivilegeForUserOrAccountOperations(Account userAccount) {
s_logger.debug(String.format("Verifying whether the caller has the correct privileges based on the user's role type and API permissions: %s", userAccount)); s_logger.debug(String.format("Verifying whether the caller has the correct privileges based on the user's role type and API permissions: %s", userAccount));
if (!Account.Type.PROJECT.equals(userAccount.getType())) {
checkCallerRoleTypeAllowedForUserOrAccountOperations(userAccount, null); checkCallerRoleTypeAllowedForUserOrAccountOperations(userAccount, null);
checkCallerApiPermissionsForUserOrAccountOperations(userAccount); checkCallerApiPermissionsForUserOrAccountOperations(userAccount);
} }
}
protected void verifyCallerPrivilegeForUserOrAccountOperations(User user) { protected void verifyCallerPrivilegeForUserOrAccountOperations(User user) {
s_logger.debug(String.format("Verifying whether the caller has the correct privileges based on the user's role type and API permissions: %s", user)); s_logger.debug(String.format("Verifying whether the caller has the correct privileges based on the user's role type and API permissions: %s", user));
Account userAccount = getAccount(user.getAccountId()); Account userAccount = getAccount(user.getAccountId());
if (!Account.Type.PROJECT.equals(userAccount.getType())) {
checkCallerRoleTypeAllowedForUserOrAccountOperations(userAccount, user); checkCallerRoleTypeAllowedForUserOrAccountOperations(userAccount, user);
checkCallerApiPermissionsForUserOrAccountOperations(userAccount); checkCallerApiPermissionsForUserOrAccountOperations(userAccount);
} }
}
protected void checkCallerRoleTypeAllowedForUserOrAccountOperations(Account userAccount, User user) { protected void checkCallerRoleTypeAllowedForUserOrAccountOperations(Account userAccount, User user) {
Account callingAccount = getCurrentCallingAccount(); Account callingAccount = getCurrentCallingAccount();
@ -2626,10 +2630,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
} }
} }
if (!Account.Type.PROJECT.equals(accountType)) {
AccountVO newAccount = new AccountVO(accountName, domainId, networkDomain, accountType, roleId, uuid); AccountVO newAccount = new AccountVO(accountName, domainId, networkDomain, accountType, roleId, uuid);
verifyCallerPrivilegeForUserOrAccountOperations(newAccount); verifyCallerPrivilegeForUserOrAccountOperations(newAccount);
}
// Create the account // Create the account
return Transaction.execute(new TransactionCallback<AccountVO>() { return Transaction.execute(new TransactionCallback<AccountVO>() {