This is an automated email from the ASF dual-hosted git repository.
sureshanaparti pushed a commit to branch 4.16
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.16 by this push:
new 4a1ebb3 server: allow normal users to create isolated network without
source nat (#5920)
4a1ebb3 is described below
commit 4a1ebb3fa56addb0f2ab011c92d2d22dc3fc8327
Author: Wei Zhou <[email protected]>
AuthorDate: Thu Feb 3 12:14:11 2022 +0100
server: allow normal users to create isolated network without source nat
(#5920)
---
.../java/com/cloud/network/NetworkServiceImpl.java | 19 +++++++------------
1 file changed, 7 insertions(+), 12 deletions(-)
diff --git a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
index de13cd7..53dabc4 100644
--- a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
@@ -1360,9 +1360,8 @@ public class NetworkServiceImpl extends ManagerBase
implements NetworkService, C
performBasicPrivateVlanChecks(vlanId, secondaryVlanId,
privateVlanType);
- // Regular user can create Guest Isolated Source Nat enabled network
or L2 network only
- if (_accountMgr.isNormalUser(caller.getId())) {
- validateNetworkOfferingForRegularUser(ntwkOff);
+ if (!_accountMgr.isRootAdmin(caller.getId())) {
+ validateNetworkOfferingForNonRootAdminUser(ntwkOff);
}
// Don't allow to specify vlan if the caller is not ROOT admin
@@ -1454,20 +1453,16 @@ public class NetworkServiceImpl extends ManagerBase
implements NetworkService, C
return network;
}
- private void validateNetworkOfferingForRegularUser(NetworkOfferingVO
ntwkOff) {
+ private void validateNetworkOfferingForNonRootAdminUser(NetworkOfferingVO
ntwkOff) {
if (ntwkOff.getTrafficType() != TrafficType.Guest) {
- throw new InvalidParameterValueException("Regular users can only
create a Guest network");
+ throw new InvalidParameterValueException("This user can only
create a Guest network");
}
- if (ntwkOff.getGuestType() == GuestType.Isolated &&
areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)) {
- s_logger.debug(String.format("Creating a network from network
offerings having traffic type [%s] and network type [%s] with a service [%s]
enabled.",
- TrafficType.Guest, GuestType.Isolated,
Service.SourceNat.getName()));
- } else if (ntwkOff.getGuestType() == GuestType.L2) {
+ if (ntwkOff.getGuestType() == GuestType.L2 || ntwkOff.getGuestType()
== GuestType.Isolated) {
s_logger.debug(String.format("Creating a network from network
offerings having traffic type [%s] and network type [%s].",
- TrafficType.Guest, GuestType.L2));
+ TrafficType.Guest, ntwkOff.getGuestType()));
} else {
throw new InvalidParameterValueException(
- String.format("Regular users can only create an %s network
with a service [%s] enabled, or a %s network.",
- GuestType.Isolated, Service.SourceNat.getName(),
GuestType.L2));
+ String.format("This user can only create an %s network or
a %s network.", GuestType.Isolated, GuestType.L2));
}
}
