This is an automated email from the ASF dual-hosted git repository.
shwstppr pushed a commit to branch 4.17
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.17 by this push:
new b62f59ac956 Fixed list networks in projects after setting network
permissions (#6546)
b62f59ac956 is described below
commit b62f59ac956f9d8188fe1678d6d20d0b56dd2c93
Author: Harikrishna <[email protected]>
AuthorDate: Sun Jul 31 16:45:36 2022 +0530
Fixed list networks in projects after setting network permissions (#6546)
This PR fixes #6544 where it could not list networks in a project even
after network permissions are set.
* Added test cases to existing component tests to test network permissions
* Moved test_network_permissions.py from component to smoke tests
* Added test_network_permissions to travis.yml under smoke tests
---
.travis.yml | 2 +-
.../java/com/cloud/network/NetworkServiceImpl.java | 10 ++++----
.../test_network_permissions.py | 29 ++++++++++++++++++++++
3 files changed, 35 insertions(+), 6 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 365de7dcc2c..eb51ab9ec8b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -78,6 +78,7 @@ env:
smoke/test_nested_virtualization
smoke/test_network
smoke/test_network_acl
+ smoke/test_network_permissions
smoke/test_nic
smoke/test_nic_adapter_type
smoke/test_non_contigiousvlan
@@ -131,7 +132,6 @@ env:
- TESTS="component/test_acl_sharednetwork
component/test_acl_sharednetwork_deployVM-impersonation
- component/test_network_permissions
component/test_user_private_gateway
component/test_user_shared_network"
diff --git a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
index cb6e2a526d6..a3a3e4d9702 100644
--- a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
@@ -2022,7 +2022,7 @@ public class NetworkServiceImpl extends ManagerBase
implements NetworkService, C
if (Arrays.asList(Network.NetworkFilter.Shared,
Network.NetworkFilter.All).contains(networkFilter)) {
// get shared networks
List<NetworkVO> sharedNetworks =
listSharedNetworks(buildNetworkSearchCriteria(sb, keyword, id, isSystem,
zoneId, guestIpType, trafficType, physicalNetworkId, networkOfferingId,
- aclType, skipProjectNetworks, restartRequired,
specifyIpRanges, vpcId, tags, display, vlanId, associatedNetworkId),
searchFilter, permittedAccounts);
+ aclType, true, restartRequired, specifyIpRanges,
vpcId, tags, display, vlanId, associatedNetworkId), searchFilter,
permittedAccounts);
addNetworksToReturnIfNotExist(networksToReturn,
sharedNetworks);
}
@@ -2035,23 +2035,23 @@ public class NetworkServiceImpl extends ManagerBase
implements NetworkService, C
if (Arrays.asList(Network.NetworkFilter.Domain,
Network.NetworkFilter.AccountDomain,
Network.NetworkFilter.All).contains(networkFilter)) {
//add domain specific networks of domain + parent domains
networksToReturn.addAll(listDomainSpecificNetworksByDomainPath(buildNetworkSearchCriteria(sb,
keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId,
networkOfferingId,
- aclType, skipProjectNetworks, restartRequired,
specifyIpRanges, vpcId, tags, display, vlanId, associatedNetworkId),
searchFilter, path, isRecursive));
+ aclType, true, restartRequired, specifyIpRanges,
vpcId, tags, display, vlanId, associatedNetworkId), searchFilter, path,
isRecursive));
//add networks of subdomains
if (domainId == null) {
networksToReturn.addAll(listDomainLevelNetworks(buildNetworkSearchCriteria(sb,
keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId,
networkOfferingId,
- aclType, true, restartRequired,
specifyIpRanges, vpcId, tags, display, vlanId, associatedNetworkId),
searchFilter, caller.getDomainId(), true));
+ aclType, true, restartRequired, specifyIpRanges,
vpcId, tags, display, vlanId, associatedNetworkId), searchFilter,
caller.getDomainId(), true));
}
}
if (Arrays.asList(Network.NetworkFilter.Shared,
Network.NetworkFilter.All).contains(networkFilter)) {
// get shared networks
List<NetworkVO> sharedNetworks =
listSharedNetworksByDomainPath(buildNetworkSearchCriteria(sb, keyword, id,
isSystem, zoneId, guestIpType, trafficType, physicalNetworkId,
networkOfferingId,
- aclType, skipProjectNetworks, restartRequired,
specifyIpRanges, vpcId, tags, display, vlanId, associatedNetworkId),
searchFilter, path, isRecursive);
+ aclType, true, restartRequired, specifyIpRanges,
vpcId, tags, display, vlanId, associatedNetworkId), searchFilter, path,
isRecursive);
addNetworksToReturnIfNotExist(networksToReturn,
sharedNetworks);
}
}
} else {
networksToReturn =
_networksDao.search(buildNetworkSearchCriteria(sb, keyword, id, isSystem,
zoneId, guestIpType, trafficType, physicalNetworkId, networkOfferingId,
- null, skipProjectNetworks, restartRequired,
specifyIpRanges, vpcId, tags, display, vlanId, associatedNetworkId),
searchFilter);
+ null, true, restartRequired, specifyIpRanges, vpcId, tags,
display, vlanId, associatedNetworkId), searchFilter);
}
if (supportedServicesStr != null && !supportedServicesStr.isEmpty() &&
!networksToReturn.isEmpty()) {
diff --git a/test/integration/component/test_network_permissions.py
b/test/integration/smoke/test_network_permissions.py
similarity index 94%
rename from test/integration/component/test_network_permissions.py
rename to test/integration/smoke/test_network_permissions.py
index b6c545f1027..1b4a331f260 100644
--- a/test/integration/component/test_network_permissions.py
+++ b/test/integration/smoke/test_network_permissions.py
@@ -758,3 +758,32 @@ class TestNetworkPermissions(cloudstackTestCase):
command = """self.reset_network_permission({apiclient},
self.user_network, expected=True)"""
self.exec_command("self.otheruser_apiclient", command, expected=False)
self.exec_command("self.user_apiclient", command, expected=True)
+
+ @attr(tags=["advanced"], required_hardware="false")
+ def test_05_list_networks_under_project(self):
+ """ Testing list networks under a project """
+ self.create_network_permission(self.apiclient, self.user_network,
self.domain_admin, self.project, expected=True)
+ self.list_network(self.apiclient, self.domain_admin,
self.user_network, self.project, None, expected=True)
+
+ self.remove_network_permission(self.apiclient, self.user_network,
self.domain_admin, self.project, expected=True)
+ self.list_network(self.apiclient, self.domain_admin,
self.user_network, self.project, None, expected=False)
+
+ @attr(tags=["advanced"], required_hardware="false")
+ def test_06_list_networks_under_account(self):
+ """ Testing list networks under a domain admin account and user
account """
+ self.create_network_permission(self.apiclient, self.user_network,
self.domain_admin, None, expected=True)
+ self.list_network(self.apiclient, self.domain_admin,
self.user_network, None, None, expected=True)
+ self.list_network(self.domainadmin_apiclient, self.domain_admin,
self.user_network, None, None, expected=True)
+ self.list_network(self.user_apiclient, self.domain_admin,
self.user_network, None, None, expected=False)
+
+ self.remove_network_permission(self.apiclient, self.user_network,
self.domain_admin, None, expected=True)
+ self.list_network(self.apiclient, self.domain_admin,
self.user_network, None, None, expected=False)
+ self.list_network(self.domainadmin_apiclient, self.domain_admin,
self.user_network, None, None, expected=False)
+
+ self.create_network_permission(self.apiclient, self.user_network,
self.other_user, None, expected=True)
+ self.list_network(self.apiclient, self.other_user, self.user_network,
None, None, expected=True)
+ self.list_network(self.otheruser_apiclient, self.other_user,
self.user_network, None, None, expected=True)
+
+ self.remove_network_permission(self.apiclient, self.user_network,
self.other_user, None, expected=True)
+ self.list_network(self.apiclient, self.other_user, self.user_network,
None, None, expected=False)
+ self.list_network(self.otheruser_apiclient, self.other_user,
self.user_network, None, None, expected=False)
\ No newline at end of file
