use of com.cloud.acl.InfrastructureEntity in project cosmic by MissionCriticalCloud.
the class ApiDispatcher method doAccessChecks.
private void doAccessChecks(final BaseCmd cmd, final Map<Object, AccessType> entitiesToAccess) {
final Account caller = CallContext.current().getCallingAccount();
final APICommand commandAnnotation = cmd.getClass().getAnnotation(APICommand.class);
final String apiName = commandAnnotation != null ? commandAnnotation.name() : null;
if (!entitiesToAccess.isEmpty()) {
for (final Object entity : entitiesToAccess.keySet()) {
if (entity instanceof ControlledEntity) {
_accountMgr.checkAccess(caller, entitiesToAccess.get(entity), false, apiName, (ControlledEntity) entity);
} else if (entity instanceof InfrastructureEntity) {
// FIXME: Move this code in adapter, remove code from Account manager
}
}
}
}
use of com.cloud.acl.InfrastructureEntity in project cosmic by MissionCriticalCloud.
the class ParamProcessWorker method doAccessChecks.
private void doAccessChecks(final BaseCmd cmd, final Map<Object, AccessType> entitiesToAccess) {
final Account caller = CallContext.current().getCallingAccount();
// due to deleteAccount design flaw CLOUDSTACK-6588, we should still include those removed account as well to clean up leftover resources from that account
final Account owner = _accountMgr.getAccount(cmd.getEntityOwnerId());
if (cmd instanceof BaseAsyncCreateCmd) {
// check that caller can access the owner account.
_accountMgr.checkAccess(caller, null, false, owner);
}
if (!entitiesToAccess.isEmpty()) {
// check that caller can access the owner account.
_accountMgr.checkAccess(caller, null, false, owner);
for (final Map.Entry<Object, AccessType> entry : entitiesToAccess.entrySet()) {
final Object entity = entry.getKey();
if (entity instanceof ControlledEntity) {
_accountMgr.checkAccess(caller, entry.getValue(), true, (ControlledEntity) entity);
} else if (entity instanceof InfrastructureEntity) {
// FIXME: Move this code in adapter, remove code from
// Account manager
}
}
}
}
Aggregations