Daniel Erez has uploaded a new change for review.

Change subject: core: AddVmTemplate - check perms on target SDs
......................................................................

core: AddVmTemplate - check perms on target SDs

Make Template:
When VM contains disks, check permissions on each target
storage domain instead of the entire data-center.

Change-Id: Ib6b7913a6a456e8df1b8962a96757c4f77e0939f
Bug-Url: https://bugzilla.redhat.com/961053
Signed-off-by: Daniel Erez <[email protected]>
---
M 
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmTemplateCommand.java
1 file changed, 13 insertions(+), 3 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/99/32199/1

diff --git 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmTemplateCommand.java
 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmTemplateCommand.java
index 2152032..5583c6d 100644
--- 
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmTemplateCommand.java
+++ 
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVmTemplateCommand.java
@@ -736,9 +736,19 @@
             permissionCheckSubject = new ArrayList<PermissionSubject>();
             if (getParameters().getTemplateType() != 
VmEntityType.INSTANCE_TYPE) {
                 Guid storagePoolId = getVdsGroup() == null ? null : 
getVdsGroup().getStoragePoolId();
-                permissionCheckSubject.add(new PermissionSubject(storagePoolId,
-                        VdcObjectType.StoragePool,
-                        getActionType().getActionGroup()));
+
+                if (!diskInfoDestinationMap.isEmpty()) {
+                    for (DiskImage disk : diskInfoDestinationMap.values()) {
+                        permissionCheckSubject.add(new 
PermissionSubject(disk.getStorageIds().get(0),
+                                VdcObjectType.Storage,
+                                getActionType().getActionGroup()));
+                    }
+                }
+                else {
+                    permissionCheckSubject.add(new 
PermissionSubject(storagePoolId,
+                            VdcObjectType.StoragePool,
+                            getActionType().getActionGroup()));
+                }
 
                 // host-specific parameters can be changed by administration 
role only
                 if (getParameters().getMasterVm().getDedicatedVmForVds() != 
null ||


-- 
To view, visit http://gerrit.ovirt.org/32199
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ib6b7913a6a456e8df1b8962a96757c4f77e0939f
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Daniel Erez <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to