weizhouapache commented on issue #6049: URL: https://github.com/apache/cloudstack/issues/6049#issuecomment-1054542890
> Thanks for raising that PR, @weizhouapache. > > I have not dug deeper into your PR, so I might be missing another context beyond the lines you presented here. Please, correct me if I am missing something regarding your PR. > > Unfortunately, I don't see how changing from "caller" to "vmOwner" in the `_accountMgr.checkAccess,` does fix this issue. > > I've tested both ways: > > 1. Root admin deploying VM for a user account > 2. the user account itself deploying a VM (thus, **caller = vmOwner**) > > Both ways the VM was deployed even with the owner / caller not holding permissions to deploy VMs on the respective network. @GabrielBrascher OK, could you share your cloudstack version, zone type and network type ? in my PR #5769, there are many changes related to network permissoins, mostly in server/src/main/java/com/cloud/network/NetworkModelImpl.java However, first of all, we need to get a consensus if this is a critical issue for 4.16.1.0. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
