Sangeetha Hariharan created CLOUDSTACK-6381: -----------------------------------------------
Summary: IAM -IAM - DomainAdmin - When listVirtualMachines is used with listall=true (with out passing isrecursive falg) , all Vms from the subdomain are also listed. Key: CLOUDSTACK-6381 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6381 Project: CloudStack Issue Type: Bug Security Level: Public (Anyone can view this level - this is the default.) Components: Management Server Affects Versions: 4.4.0 Environment: Build from 4.4. Reporter: Sangeetha Hariharan Priority: Critical Fix For: 4.4.0 IAM - DomainAdmin - When listVirtualMachines is used with listall=true (with out passing isrecursive falg) , all Vms from the subdomain are also listed. Set up: Pre Reqs: Admin - Creates object Domain Admin for d1 - D1 - Creates object - d1 Domain Admin for d1 - D1/D11 User account for d1 - D1/D111 - Creates object - d111a Domain Admin for d1 - D1/D12 Domain Admin for d2 - D2 - Creates object -d2 User Account in domain D1 - userD1-1 - Creates object -d1a User Account in domain D1 - userD1-2 - Creates object - d1b User Account in domain D1/D11 - userD1-a - Creates object - d11a User Account in domain D1/D11 - userD1-a - Creates object - d11b User Account in domain D1/D12- userD1-b - Creates object - d12a User Account in domain D1/D12 - userD-a - Creates object - d12b As domain admin - D1 , i tried to listVistualMachines passing listAll=true parameter (no isrecurssive parameter). Expected result: only all the Vms that belong to this domain should be listed , which should be 3 Vms , d1,d1a and d1b. But I see 8 Vms being returned , which also includes the Vms in the domain, d12 and d111. GET http://10.223.49.6/client/api?command=listVirtualMachines&listAll=true&apiKey=Hv0VKnmBjXhyRMKZ7ixI51gG-iqHqRVTp1xCCLU2-gTnZwhuUNWsa4zZLYZWWLD5lEhvwe05tJKJVa9NeS5REw&signature=cDqQMD6qlKeiz2g40pSOYqJKqoE%3D \n\n <?xml version="1.0" encoding="UTF-8"?><listvirtualmachinesresponse cloud-stack-version="4.4.0-SNAPSHOT"><count>8</count><virtualmachine><id>22193996-12f9-46ff-91cd-3d409f7f8c60</id><name>d11a</name><displayname>d11a</displayname><account>testD11A-TestVMList-3385RP</account><domainid>0a0f7c09-2f1a-4939-94ce-88388e197949</domainid><domain>D11-UFBXGQ</domain><created>2014-04-10T09:01:37-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>a1c079e5-ae0f-4470-b0ed-26895fbcf14d</id><networkid>f1cf7cfb-c354-47c4-854e-af329c54d77e</networkid><networkname>testD11A-TestVMList-3385RP-network</networkname><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.217</ipaddress><isolationuri>vlan://1071</isolationuri><broadcasturi>vlan://1071</broadcasturi><traffictype>Guest</traffictype><type>Isolated</type><isdefault>true</isdefault><macaddress>02:00:06:7b:00:01</macaddress></nic><hypervisor>Simulator</hypervisor><isdynamicallyscalable>false</isdynamicallyscalable><ostypeid>11</ostypeid></virtualmachine><virtualmachine><id>660a829f-5265-44c3-aa92-957d8bbec8e2</id><name>d1a</name><displayname>d1b</displayname><account>testD1B-TestVMList-CB23CT</account><domainid>dc4bf103-27bf-4292-99aa-dc91fa23ee04</domainid><domain>D1-NN5QWT</domain><created>2014-04-10T09:01:32-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>b58c4f55-ed7d-4c1c-922b-6e2aecad642c</id><networkid>ee8c3501-10e5-4247-b5b4-6e261dde56b1</networkid><networkname>testD1B-TestVMList-CB23CT-network</networkname><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.252</ipaddress><isolationuri>vlan://1697</isolationuri><broadcasturi>vlan://1697</broadcasturi><traffictype>Guest</traffictype><type>Isolated</type><isdefault>true</isdefault><macaddress>02:00:17:50:00:01</macaddress></nic><hypervisor>Simulator</hypervisor><isdynamicallyscalable>false</isdynamicallyscalable><ostypeid>11</ostypeid></virtualmachine><virtualmachine><id>daf1dd0f-214c-4ed4-88fa-441c4e150527</id><name>d12b</name><displayname>d12b</displayname><account>testD12B-TestVMList-DUV38Z</account><domainid>647a2057-2ed7-471f-b2a5-e6fff8a5d2c4</domainid><domain>D12-ZRH0RP</domain><created>2014-04-10T09:01:59-0400</created><state>Running</state><haenable>false</haenable><zoneid>75d61334-ff70-49c3-99ed-3af702cd51d7</zoneid><zonename>BLR1</zonename><templateid>e65cdfa0-c019-11e3-907f-4adf980f9414</templateid><templatename>CentOS 5.3(64-bit) no GUI (Simulator)</templatename><templatedisplaytext>CentOS 5.3(64-bit) no GUI (Simulator)</templatedisplaytext><passwordenabled>false</passwordenabled><serviceofferingid>49dee9f8-a49a-414d-b8b2-b0d59b5981f0</serviceofferingid><serviceofferingname>Small Instance</serviceofferingname><cpunumber>1</cpunumber><cpuspeed>100</cpuspeed><memory>128</memory><cpuused>10%</cpuused><networkkbsread>10190848</networkkbsread><networkkbswrite>5095424</networkkbswrite><guestosid>e5eba5c4-c019-11e3-907f-4adf980f9414</guestosid><rootdeviceid>0</rootdeviceid><rootdevicetype>ROOT</rootdevicetype><nic><id>5481afa0-aba3-4837-b2cb-647482e43559</id><networkid>9952cae1-ec5e-4265-b3...... -- This message was sent by Atlassian JIRA (v6.2#6252)