Repository: cloudstack Updated Branches: refs/heads/master c1aed5558 -> 2f293f42d
CLOUDSTACK-7129: Non-admin user can use deleteNetwork with shared networks fix ensures only admin users can delete shared network Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2f293f42 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2f293f42 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2f293f42 Branch: refs/heads/master Commit: 2f293f42d567b1218cb083250707eeffc5324dc3 Parents: c1aed55 Author: Murali Reddy <muralimmre...@gmail.com> Authored: Fri Jul 18 17:51:02 2014 +0530 Committer: Murali Reddy <muralimmre...@gmail.com> Committed: Fri Jul 18 17:52:09 2014 +0530 ---------------------------------------------------------------------- server/src/com/cloud/network/NetworkServiceImpl.java | 5 +++++ 1 file changed, 5 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2f293f42/server/src/com/cloud/network/NetworkServiceImpl.java ---------------------------------------------------------------------- diff --git a/server/src/com/cloud/network/NetworkServiceImpl.java b/server/src/com/cloud/network/NetworkServiceImpl.java index c5d7134..b154fd9 100755 --- a/server/src/com/cloud/network/NetworkServiceImpl.java +++ b/server/src/com/cloud/network/NetworkServiceImpl.java @@ -1838,6 +1838,11 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { Account owner = _accountMgr.getAccount(network.getAccountId()); + // Only Admin can delete Shared networks + if (network.getGuestType() == GuestType.Shared && !_accountMgr.isAdmin(caller.getId())) { + throw new InvalidParameterValueException("Only Admins can delete network with guest type " + GuestType.Shared); + } + // Perform permission check _accountMgr.checkAccess(caller, null, true, network);
