Skip to content

Commit 59fc89a

Browse files
yadvryadvr
committed
api: Fix ApiServer role base acl logic and response type value
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
1 parent 429b430 commit 59fc89a

1 file changed

Lines changed: 11 additions & 8 deletions

File tree

server/src/com/cloud/api/ApiServer.java

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@
3636
import java.util.Iterator;
3737
import java.util.List;
3838
import java.util.Map;
39-
import java.util.Properties;
4039
import java.util.Set;
4140
import java.util.TimeZone;
4241
import java.util.concurrent.ExecutorService;
@@ -243,6 +242,11 @@ public void handle(HttpRequest request, HttpResponse response, HttpContext conte
243242
parameterMap.put(/* name */paramValue[0], /* value */new String[] { paramValue[1] });
244243
}
245244
}
245+
246+
// Check responseType, if not among valid types, fallback to XML
247+
if (!(responseType.equals(BaseCmd.RESPONSE_TYPE_JSON) || responseType.equals(BaseCmd.RESPONSE_TYPE_XML)))
248+
responseType = BaseCmd.RESPONSE_TYPE_XML;
249+
246250
try {
247251
// always trust commands from API port, user context will always be UID_SYSTEM/ACCOUNT_ID_SYSTEM
248252
UserContext.registerContext(_systemUser.getId(), _systemAccount, null, true);
@@ -769,18 +773,17 @@ public boolean verifyUser(Long userId) {
769773
}
770774

771775
private boolean isCommandAvailable(User user, String commandName) {
772-
for(APIAccessChecker apichecker : _apiAccessCheckers) {
773-
// Break on the first adapter that validates
774-
// FIXME: In case of multiple adapters, this may not be the best way of validation. See CLOUDSTACK-618
775-
if (apichecker.canAccessAPI(user, commandName))
776-
return true;
776+
for (APIAccessChecker apiChecker : _apiAccessCheckers) {
777+
// Fail the checking if any checker fails to verify
778+
if (!apiChecker.canAccessAPI(user, commandName))
779+
return false;
777780
}
778-
return false;
781+
return true;
779782
}
780783

781784
private String getCmdClassName(String cmdName) {
782785
String cmdClassName = null;
783-
for(APIAccessChecker apiChecker : _apiAccessCheckers){
786+
for (APIAccessChecker apiChecker : _apiAccessCheckers){
784787
cmdClassName = apiChecker.getApiCommands().getProperty(cmdName);
785788
// Break on the first non-null value
786789
if (cmdClassName != null)

0 commit comments

Comments
 (0)