Gilad Chaplik has posted comments on this change.
Change subject: webadmin: Restrict destination host parameter for administrator
only
......................................................................
Patch Set 1: (1 inline comment)
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RunVmOnceCommand.java
Line 33: returnValue = false;
Line 34: }
Line 35:
Line 36: // only administrator can specify destination host
Line 37: if(getParameters().getDestinationVdsId() != null &&
!getCurrentUser().isAdmin()) {
I wasn't talking about the portal;
Users via REST can pass their default host (visible to them), and should fail
dest Host?
Same as in edit a vm and passing the same parameters you got (although you may
not edit some them).
In this cases, you should fail only on parameter visibility to users.
Line 38:
addCanDoActionMessage(VdcBllMessages.VM_CANNOT_RUN_ONCE_NOT_ADMIN_FOR_DESTINATION_VDS_PARAM);
Line 39: returnValue = false;
Line 40: }
Line 41:
--
To view, visit http://gerrit.ovirt.org/11303
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I5294854d24b235f2c50fa7f3d4e7472cf7598b53
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Libor Spevak <[email protected]>
Gerrit-Reviewer: Doron Fediuck <[email protected]>
Gerrit-Reviewer: Gilad Chaplik <[email protected]>
Gerrit-Reviewer: Libor Spevak <[email protected]>
Gerrit-Reviewer: Omer Frenkel <[email protected]>
Gerrit-Reviewer: Tomas Jelinek <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
