shwstppr commented on a change in pull request #3248: [WIP DO NOT MERGE]
server: offerings for specified domain(s) and zone(s)
URL: https://github.com/apache/cloudstack/pull/3248#discussion_r288954604
##########
File path: server/src/main/java/com/cloud/acl/DomainChecker.java
##########
@@ -167,81 +182,155 @@ public boolean checkAccess(User user, ControlledEntity
entity) throws Permission
}
@Override
- public boolean checkAccess(Account account, DiskOffering dof) throws
PermissionDeniedException {
- if (account == null || dof == null || dof.getDomainId() == null)
{//public offering
- return true;
+ public boolean checkAccess(Account account, DiskOffering dof, DataCenter
zone) throws PermissionDeniedException {
+ boolean isAccess = false;
+ // Check fo domains
+ if (account == null || dof == null) {
+ isAccess = true;
} else {
//admin has all permissions
if (_accountService.isRootAdmin(account.getId())) {
- return true;
+ isAccess = true;
Review comment:
Because later in this method there is checkAccess for the zone as well. It
might be possible that offering is not specified for the passed zone.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
