[ https://issues.apache.org/jira/browse/CLOUDSTACK-6974?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Animesh Chaturvedi updated CLOUDSTACK-6974: ------------------------------------------- Fix Version/s: (was: 4.5.0) 4.6.0 > IAM-Root Admin - When listNetwork is used with listall=false (or no listall > passed), all isoalted networks belonging to other users is listed. > ---------------------------------------------------------------------------------------------------------------------------------------------- > > Key: CLOUDSTACK-6974 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6974 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Affects Versions: 4.4.0 > Environment: Build from 4.4-forward > Reporter: Sangeetha Hariharan > Fix For: 4.6.0 > > > Root Admin - When listNetwork is used with listall=false (or no listall > passed) and isrecursive=true , all networks in the system are returned. > Steps to reproduce the problem: > Create multiple domains with few user and domain accounts in them. > Create isolated networks as each of these accounts. > Create an admin user under ROOT. > As this admin user, deploy a VM. > Use listNetwork with listall=false (or no listall passed) and > isrecursive=true to retrieve all the networks owned by this admin. > This results in all the networks in the system being returned. > Following is the API call that was made , that resulted in 15 networks being > fetched when it should have fetched only 1 isolated network and 1 > shared network. > http://10.223.49.6:8080/client/api?apiKey=PB2CyeaqN0vfTodPzXV52OdE9YZLC8K-BrdLiEijWmq85nuAEfXVoAPxbzW0J5BgFAT-f5lnwDEgeOfp_boJAg&isrecursive=true&response=json&listall=false&command=listNetworks&signature=l%2FNR4aBSnk7aAEDHhlsAvEXe7Cg%3D > Response: { "listnetworksresponse" : { "count":15 ,"network" : [ > {"id":"fb3b563c-5ba2-4f9a-aa65-82996f78f20e","name":"SharedNetwork-Account","displaytext":"SharedNetwork-Account","broadcastdomaintype":"Vlan","traffictype":"Guest","gateway":"10.223.1.1","netmask":"255.255.255.0","cidr":"10.223.1.0/24","zoneid":"b690dddf-5755-49ab-8a4d-0aff04fa39f7","zonename":"BLR1","networkofferingid":"1bec2c7f-d35d-4d33-a655-d3159be4a6ff","networkofferingname":"DefaultSharedNetworkOfferingWithSGService","networkofferingdisplaytext":"Offering > for Shared Security group enabled > networks","networkofferingconservemode":true,"networkofferingavailability":"Optional","issystem":false,"state":"Setup","related":"fb3b563c-5ba2-4f9a-aa65-82996f78f20e","broadcasturi":"vlan://153","dns1":"4.2.2.2","type":"Shared","vlan":"153","acltype":"Account","account":"testD111A-TestNetworkList-RPNQIQ","domainid":"b706ea33-fbf7-4167-a857-16f79f332cf3","domain":"D111-A243U3","service":[ > {"name":"UserData"} > ,{"name":"Dhcp","capability":[ > {"name":"DhcpAccrossMultipleSubnets","value":"true","canchooseservicecapability":false} > ]},{" ... -- This message was sent by Atlassian JIRA (v6.3.4#6332)