apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CS-15167: AWS API calls do not honor the "admin" accounts ability to view/act on the resources owned by regular users.

Browse Source
This commit is contained in:
Likitha Shetty 2012-07-06 16:00:27 -07:00 committed by prachi
parent 47ea9f254c
commit 8d38f4e051
3 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
View File

@ -870,7 +870,7 @@ public class EC2Engine {
public boolean associateAddress( EC2AssociateAddress request ) { public boolean associateAddress( EC2AssociateAddress request ) {
try { try {
CloudStackIpAddress cloudIp = getApi().listPublicIpAddresses(null, null, null, null, null, request.getPublicIp(), null, null, null).get(0); CloudStackIpAddress cloudIp = getApi().listPublicIpAddresses(null, null, null, null, null, request.getPublicIp(), null, null, null).get(0);
CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0); CloudStackUserVm cloudVm = getApi().listVirtualMachines(null, null, true, null, null, null, null, request.getInstanceId(), null, null, null, null, null, null, null, null).get(0);
CloudStackInfoResponse resp = getApi().enableStaticNat(cloudIp.getId(), cloudVm.getId()); CloudStackInfoResponse resp = getApi().enableStaticNat(cloudIp.getId(), cloudVm.getId());
if (resp != null) { if (resp != null) {
@ -1783,7 +1783,7 @@ public class EC2Engine {
throws Exception { throws Exception {
String instId = instanceId != null ? instanceId : null; String instId = instanceId != null ? instanceId : null;
List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, null, null, null, null, List<CloudStackUserVm> vms = getApi().listVirtualMachines(null, null, true, null, null, null, null,
instId, null, null, null, null, null, null, null, null); instId, null, null, null, null, null, null, null, null);
if(vms != null && vms.size() > 0) { if(vms != null && vms.size() > 0) {
@ -1912,7 +1912,7 @@ public class EC2Engine {
try { try {
EC2DescribeSecurityGroupsResponse groupSet = new EC2DescribeSecurityGroupsResponse(); EC2DescribeSecurityGroupsResponse groupSet = new EC2DescribeSecurityGroupsResponse();
List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, null, null, null); List<CloudStackSecurityGroup> groups = getApi().listSecurityGroups(null, null, null, true, null, null, null);
if (groups != null && groups.size() > 0) if (groups != null && groups.size() > 0)
for (CloudStackSecurityGroup group : groups) { for (CloudStackSecurityGroup group : groups) {
boolean matched = false; boolean matched = false;

8
awsapi/src/com/cloud/stack/CloudStackApi.java
View File

@ -311,13 +311,14 @@ public class CloudStackApi {
* @return * @return
* @throws Exception * @throws Exception
*/ */
public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean forVirtualNetwork, String groupId, String hostId, public List<CloudStackUserVm> listVirtualMachines(String account, String accountId, Boolean listAll, Boolean forVirtualNetwork, String groupId, String hostId,
String hypervisor, String id, Boolean isRecursive, String keyWord, String name, String networkId, String podId, String state, String storageId, String hypervisor, String id, Boolean isRecursive, String keyWord, String name, String networkId, String podId, String state, String storageId,
String zoneId) throws Exception { String zoneId) throws Exception {
CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_VIRTUAL_MACHINES); CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_VIRTUAL_MACHINES);
if (cmd != null) { if (cmd != null) {
if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account); if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
if (accountId != null) cmd.setParam(ApiConstants.ACCOUNT_ID, accountId); if (accountId != null) cmd.setParam(ApiConstants.ACCOUNT_ID, accountId);
if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
if (forVirtualNetwork != null) cmd.setParam(ApiConstants.FOR_VIRTUAL_NETWORK, forVirtualNetwork.toString()); if (forVirtualNetwork != null) cmd.setParam(ApiConstants.FOR_VIRTUAL_NETWORK, forVirtualNetwork.toString());
if (groupId != null) cmd.setParam(ApiConstants.GROUP_ID, groupId); if (groupId != null) cmd.setParam(ApiConstants.GROUP_ID, groupId);
if (hostId != null) cmd.setParam(ApiConstants.HOST_ID, hostId); if (hostId != null) cmd.setParam(ApiConstants.HOST_ID, hostId);
@ -1087,13 +1088,14 @@ public class CloudStackApi {
* @return * @return
* @throws Exception * @throws Exception
*/ */
public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, String keyWord, String securityGroupName, public List<CloudStackSecurityGroup> listSecurityGroups(String account, String domainId, String id, Boolean listAll, String keyWord,
String virtualMachineId) throws Exception { String securityGroupName, String virtualMachineId) throws Exception {
CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_SECURITY_GROUPS); CloudStackCommand cmd = new CloudStackCommand(ApiConstants.LIST_SECURITY_GROUPS);
if (cmd != null) { if (cmd != null) {
if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account); if (account != null) cmd.setParam(ApiConstants.ACCOUNT, account);
if (domainId != null) cmd.setParam(ApiConstants.DOMAIN_ID, domainId); if (domainId != null) cmd.setParam(ApiConstants.DOMAIN_ID, domainId);
if (id != null) cmd.setParam(ApiConstants.ID, id); if (id != null) cmd.setParam(ApiConstants.ID, id);
if (listAll != null) cmd.setParam(ApiConstants.LIST_ALL, listAll.toString());
if (keyWord != null) cmd.setParam(ApiConstants.KEYWORD, keyWord); if (keyWord != null) cmd.setParam(ApiConstants.KEYWORD, keyWord);
if (securityGroupName != null) cmd.setParam(ApiConstants.SECURITY_GROUP_NAME, securityGroupName); if (securityGroupName != null) cmd.setParam(ApiConstants.SECURITY_GROUP_NAME, securityGroupName);
if (virtualMachineId != null) cmd.setParam(ApiConstants.VIRTUAL_MACHINE_ID, virtualMachineId); if (virtualMachineId != null) cmd.setParam(ApiConstants.VIRTUAL_MACHINE_ID, virtualMachineId);

1
awsapi/src/com/cloud/stack/models/ApiConstants.java
View File

@ -242,6 +242,7 @@ public class ApiConstants {
public static final String LINMIN_USERNAME = "linminusername"; public static final String LINMIN_USERNAME = "linminusername";
public static final String LIST_ACCOUNTS = "listAccounts"; public static final String LIST_ACCOUNTS = "listAccounts";
public static final String LIST_ACCOUNTS_RESPONSE = "listaccountsresponse"; public static final String LIST_ACCOUNTS_RESPONSE = "listaccountsresponse";
public static final String LIST_ALL = "listall";
public static final String LIST_CAPABILITIES = "listCapabilities"; public static final String LIST_CAPABILITIES = "listCapabilities";
public static final String LIST_CAPABILITIES_RESPONSE = "listcapabilitiesresponse"; public static final String LIST_CAPABILITIES_RESPONSE = "listcapabilitiesresponse";
public static final String LIST_DISK_OFFERINGS = "listDiskOfferings"; public static final String LIST_DISK_OFFERINGS = "listDiskOfferings";