Libor Spevak has posted comments on this change.
Change subject: webadmin: Restrict destination host parameter for administrator
only
......................................................................
Patch Set 1: (1 inline comment)
....................................................
File
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/RunVmOnceCommand.java
Line 33: returnValue = false;
Line 34: }
Line 35:
Line 36: // only administrator can specify destination host
Line 37: if(getParameters().getDestinationVdsId() != null &&
!getCurrentUser().isAdmin()) {
Yes, I understand, I wrote previously, that REST API is not an exception, but
REST API user must be authenticated and authorized, too. And if the
authenticated user has administrative rights, he/she can select destination
host for RunOnce action, which overrides default VM setting done using Edit VM
dialog/action.
Line 38:
addCanDoActionMessage(VdcBllMessages.VM_CANNOT_RUN_ONCE_NOT_ADMIN_FOR_DESTINATION_VDS_PARAM);
Line 39: returnValue = false;
Line 40: }
Line 41:
--
To view, visit http://gerrit.ovirt.org/11303
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I5294854d24b235f2c50fa7f3d4e7472cf7598b53
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Libor Spevak <[email protected]>
Gerrit-Reviewer: Doron Fediuck <[email protected]>
Gerrit-Reviewer: Gilad Chaplik <[email protected]>
Gerrit-Reviewer: Libor Spevak <[email protected]>
Gerrit-Reviewer: Omer Frenkel <[email protected]>
Gerrit-Reviewer: Tomas Jelinek <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
