Skip to content

Commit edeffd8

Browse files
shwstpprshwstppr
committed
added admin caller check
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
1 parent 97be960 commit edeffd8

1 file changed

Lines changed: 9 additions & 1 deletion

File tree

server/src/main/java/org/apache/cloudstack/ingestion/VmIngestionManagerImpl.java

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@
6060
import com.cloud.dc.dao.DataCenterDao;
6161
import com.cloud.exception.InsufficientCapacityException;
6262
import com.cloud.exception.InvalidParameterValueException;
63+
import com.cloud.exception.PermissionDeniedException;
6364
import com.cloud.host.Host;
6465
import com.cloud.host.HostVO;
6566
import com.cloud.host.Status;
@@ -143,6 +144,10 @@ public VmIngestionManagerImpl() {
143144

144145
@Override
145146
public ListResponse<UnmanagedInstanceResponse> listUnmanagedInstances(ListUnmanagedInstancesCmd cmd) {
147+
final Account caller = CallContext.current().getCallingAccount();
148+
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
149+
throw new PermissionDeniedException(String.format("Cannot perform this operation, Calling account is not root admin: %s", caller.getUuid()));
150+
}
146151
final Long clusterId = cmd.getClusterId();
147152
if (clusterId == null) {
148153
throw new InvalidParameterValueException(String.format("Cluster ID cannot be null!"));
@@ -236,6 +241,10 @@ public ListResponse<UnmanagedInstanceResponse> listUnmanagedInstances(ListUnmana
236241

237242
@Override
238243
public UserVmResponse importUnmanagedInstance(ImportUnmanageInstanceCmd cmd) {
244+
final Account caller = CallContext.current().getCallingAccount();
245+
if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
246+
throw new PermissionDeniedException(String.format("Cannot perform this operation, Calling account is not root admin: %s", caller.getUuid()));
247+
}
239248
final Long clusterId = cmd.getClusterId();
240249
if (clusterId == null) {
241250
throw new InvalidParameterValueException(String.format("Cluster ID cannot be null!"));
@@ -252,7 +261,6 @@ public UserVmResponse importUnmanagedInstance(ImportUnmanageInstanceCmd cmd) {
252261
if (Strings.isNullOrEmpty(instanceName)) {
253262
throw new InvalidParameterValueException(String.format("Instance name cannot be empty!"));
254263
}
255-
final Account caller = CallContext.current().getCallingAccount();
256264
final Account owner = accountService.getActiveAccountById(cmd.getEntityOwnerId());
257265

258266
Long userId = null;

0 commit comments

Comments
 (0)