Skip to content

Commit a56f355

Browse files
yadvryadvr
committed
ApiServer: get role type from account manager using account
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
1 parent 1425736 commit a56f355

1 file changed

Lines changed: 3 additions & 26 deletions

File tree

server/src/com/cloud/api/ApiServer.java

Lines changed: 3 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -790,37 +790,14 @@ public boolean verifyUser(Long userId) {
790790
return true;
791791
}
792792

793-
private boolean isCommandAvailable(User user, String commandName) {
793+
private boolean isCommandAvailable(User user, String commandName)
794+
throws PermissionDeniedException {
794795
if (user == null) {
795796
return false;
796797
}
797798

798799
Account account = _accountMgr.getAccount(user.getAccountId());
799-
if (account == null) {
800-
return false;
801-
}
802-
803-
RoleType roleType = RoleType.Unknown;
804-
short accountType = account.getType();
805-
806-
// Account type to role type translation
807-
switch (accountType) {
808-
case Account.ACCOUNT_TYPE_ADMIN:
809-
roleType = RoleType.Admin;
810-
break;
811-
case Account.ACCOUNT_TYPE_DOMAIN_ADMIN:
812-
roleType = RoleType.DomainAdmin;
813-
break;
814-
case Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN:
815-
roleType = RoleType.ResourceAdmin;
816-
break;
817-
case Account.ACCOUNT_TYPE_NORMAL:
818-
roleType = RoleType.User;
819-
break;
820-
default:
821-
return false;
822-
}
823-
800+
RoleType roleType = _accountMgr.getRoleType(account);
824801
for (APIAccessChecker apiChecker : _apiAccessCheckers) {
825802
// Fail the checking if any checker fails to verify
826803
if (!apiChecker.canAccessAPI(roleType, commandName))

0 commit comments

Comments
 (0)