rohityadavcloud commented on code in PR #7667:
URL: https://github.com/apache/cloudstack/pull/7667#discussion_r1243412174
##########
server/src/main/java/com/cloud/user/AccountManagerImpl.java:
##########
@@ -2957,16 +2957,16 @@ public void buildACLSearchParameters(Account caller,
Long id, String accountName
if (projectId == -1L) {
if (caller.getType() == Account.Type.ADMIN) {
domainIdRecursiveListProject.third(Project.ListProjectResourcesCriteria.ListProjectResourcesOnly);
- if (listAll) {
-
domainIdRecursiveListProject.third(ListProjectResourcesCriteria.ListAllIncludingProjectResources);
- }
} else {
permittedAccounts.addAll(_projectMgr.listPermittedProjectAccounts(caller.getId()));
// permittedAccounts can be empty when the caller is
not a part of any project (a domain account)
if (permittedAccounts.isEmpty()) {
permittedAccounts.add(caller.getId());
}
}
+ if (listAll) {
+
domainIdRecursiveListProject.third(ListProjectResourcesCriteria.ListAllIncludingProjectResources);
Review Comment:
LGTM, should we worry if there could be negative consequences? (I'm asking
to understand why this case was previously suported for admin only).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
