Re: [PR] Fixed User type accounts being able to change resource limits of their own domain and account [cloudstack]

via GitHub Mon, 17 Nov 2025 09:52:15 -0800


lucas-a-martins commented on code in PR #12046:
URL: https://github.com/apache/cloudstack/pull/12046#discussion_r2534977539



##########
server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java:
##########
@@ -903,6 +903,11 @@ protected void 
addTaggedResourceLimits(List<ResourceLimitVO> limits, ResourceTyp
     public ResourceLimitVO updateResourceLimit(Long accountId, Long domainId, 
Integer typeId, Long max, String tag) {
         Account caller = CallContext.current().getCallingAccount();
 
+        if (caller.getType().equals(Account.Type.NORMAL)) {
+            logger.info("Throwing exception because only root admins and 
domain admins are allowed to update resource limits.");
+            throw new PermissionDeniedException("Your account does not have 
the right access level to update resource limits.");

Review Comment:
   ```suggestion
               throw new PermissionDeniedException("Your account does not have 
the permission to update resource limits.");
   ```
   I think `permission` is less verbose



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] Fixed User type accounts being able to change resource limits of their own domain and account [cloudstack]

Reply via email to