[jira] [Created] (CLOUDSTACK-1573) listNics API when fired as a non-ROOT admin user shouldn't list vlan info

Thu, 07 Mar 2013 02:14:18 -0800 

venkata swamybabu budumuru created CLOUDSTACK-1573:
------------------------------------------------------

             Summary: listNics API when fired as a non-ROOT admin user 
shouldn't list vlan info
                 Key: CLOUDSTACK-1573
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1573
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.2.0
         Environment: Latest master : commit id # 
a4521551a35cadd19a95752d3d93af8c2a9edd5b
- Advanced Zone 
- Xen Cluster with 1 hypervisor
            Reporter: venkata swamybabu budumuru
            Assignee: Jayapal Reddy
             Fix For: 4.2.0


Steps to reproduce :

1. Have a non-ROOT domain user 
2. create at least 1 isolate n/w
3. deploy a VM using the above isolated n/ws
4. verify listNics API as the user mentioned in step :1 

http://localhost:8080/client/api?command=listNics&virtualmachineid=9cf1139f-731e-4679-892f-4375058806fc&response=xml&sessionkey=Hix07fkTU1FTmQw07J56zBl2KY0%3D&listAll=true&page=1&pagesize=20&_=1362647277083

Observatons :

- It shows the vlan info. There is no need to allow end-user to see L2 info.

<listnics 
cloud-stack-version="4.2.0-SNAPSHOT"><count>2</count><nic><id>3d23de95-1e0b-4920-8fa6-82a29417ee9d</id><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.165</ipaddress><isolationuri>vlan://906</isolationuri><broadcasturi>vlan://906</broadcasturi><isdefault>true</isdefault><macaddress>02:00:7c:10:00:02</macaddress><secondaryip><ipaddress>10.1.1.115</ipaddress></secondaryip></nic><nic><id>a5ca7b64-98c6-4cc4-9ca7-38136fdc1937</id><netmask>255.255.255.0</netmask><gateway>10.1.1.1</gateway><ipaddress>10.1.1.221</ipaddress><isolationuri>vlan://908</isolationuri><broadcasturi>vlan://908</broadcasturi><isdefault>false</isdefault><macaddress>02:00:72:d7:00:02</macaddress></nic></listnics>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to