winterhazel commented on code in PR #10505:
URL: https://github.com/apache/cloudstack/pull/10505#discussion_r2273519464
##########
plugins/database/quota/src/main/java/org/apache/cloudstack/api/command/QuotaSummaryCmd.java:
##########
@@ -16,60 +16,81 @@
//under the License.
package org.apache.cloudstack.api.command;
-import com.cloud.user.Account;
import com.cloud.utils.Pair;
+
+import org.apache.cloudstack.api.ACL;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.response.AccountResponse;
import org.apache.cloudstack.api.response.DomainResponse;
-import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.QuotaResponseBuilder;
import org.apache.cloudstack.api.response.QuotaSummaryResponse;
-import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.api.response.ProjectResponse;
+import org.apache.cloudstack.api.response.ListResponse;
+import org.apache.cloudstack.quota.QuotaAccountStateFilter;
+import org.apache.cloudstack.quota.QuotaService;
+import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
+
import java.util.List;
import javax.inject.Inject;
-@APICommand(name = "quotaSummary", responseObject =
QuotaSummaryResponse.class, description = "Lists balance and quota usage for
all accounts", since = "4.7.0", requestHasSensitiveInfo = false,
responseHasSensitiveInfo = false)
+@APICommand(name = "quotaSummary", responseObject =
QuotaSummaryResponse.class, description = "Lists accounts' balance summary.",
since = "4.7.0",
+ requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
public class QuotaSummaryCmd extends BaseListCmd {
+ @Inject
+ QuotaResponseBuilder quotaResponseBuilder;
+
+ @Inject
+ QuotaService quotaService;
+
+ @ACL
+ @Parameter(name = ApiConstants.ACCOUNT_ID, type = CommandType.UUID,
entityType = AccountResponse.class, description = "ID of the account for which
balance will be listed. Can not be specified with projectId.", since = "4.21.0")
+ private Long accountId;
+
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING,
required = false, description = "Optional, Account Id for which statement needs
to be generated")
private String accountName;
@Parameter(name = ApiConstants.DOMAIN_ID, type = CommandType.UUID,
required = false, entityType = DomainResponse.class, description = "Optional,
If domain Id is given and the caller is domain admin then the statement is
generated for domain.")
Review Comment:
Add a `@ACL` here to ensure access check is performed when the summary is
listed via `domainid` + `accountname`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
