Github user rafaelweingartner commented on the issue:
https://github.com/apache/cloudstack/pull/1278
Great @anshul1886, we seem to start converging.
So, what you call setting context, is the execution of
âorg.apache.cloudstack.context.CallContext.getCallingAccount()â, that
returns an account object(the account that is executing the API call). This
method works in a lazy way, which means, it loads the âaccountâ only when
it is called at the first time. And this is what you consider setting the
context.
Now letâs get back to what I am questioning you.
Letâs get as an example the method you talked about before
âcom.cloud.storage.VolumeApiServiceImpl.uploadVolume(UploadVolumeCmd)â. At
line 275, it loads the account object, which is then sent as a parameter to the
method âcom.cloud.storage.VolumeApiServiceImpl.validateVolume(Account, long,
Long, String, String, String, Long)â. Then, at line 381 the account object is
used to check if the account executing the command has the proper permissions.
This is exactly my point here. Please check the variables, they are not
being used anywhere. The variables I am mentioning are only passed as
parameters, but the methods that receive them, do not make use of these
variables.
I am starting to think I am not seeing things here; I think we could
benefit from some fresh eyes here. @DaanHoogland, @rhtyd, @nvazquez, could you
lend us your fresh eyes for this PR?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
