Moti Asayag has uploaded a new change for review. Change subject: engine: Prevent implicit usage of port mirroring ......................................................................
engine: Prevent implicit usage of port mirroring The patch denies attempt of an imported vm to use a vnic profile by the imported vnic if the vm or template haven't explicitly stated that the exact vnic profile to be used. Change-Id: I4f47627642d38fd537dbeed8f1b41a0849566063 Bug-Url: https://bugzilla.redhat.com/1001068 Signed-off-by: Moti Asayag <masa...@redhat.com> --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/VmInterfaceManager.java 1 file changed, 4 insertions(+), 4 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/47/18547/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/VmInterfaceManager.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/VmInterfaceManager.java index 8f5b963..b0afdd1 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/VmInterfaceManager.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/network/VmInterfaceManager.java @@ -231,7 +231,7 @@ List<VnicProfile> vnicProfiles = getVnicProfileDao().getAllForNetwork(network.getId()); for (VnicProfile profile : vnicProfiles) { - if (isVnicProfilePermitted(userId, profile, nic.isPortMirroring())) { + if (isVnicProfilePermitted(userId, profile)) { nic.setVnicProfileId(profile.getId()); return ValidationResult.VALID; } @@ -244,7 +244,7 @@ List<VnicProfile> networkProfiles = getVnicProfileDao().getAllForNetwork(network.getId()); for (VnicProfile profile : networkProfiles) { - if (isVnicProfilePermitted(userId, profile, profile.isPortMirroring())) { + if (isVnicProfilePermitted(userId, profile)) { return profile; } } @@ -270,8 +270,8 @@ return null; } - private boolean isVnicProfilePermitted(Guid userId, VnicProfile profile, boolean portMirroring) { - return portMirroring == profile.isPortMirroring() + private boolean isVnicProfilePermitted(Guid userId, VnicProfile profile) { + return !profile.isPortMirroring() && getPermissionDAO().getEntityPermissions(userId, ActionGroup.CONFIGURE_VM_NETWORK, profile.getId(), -- To view, visit http://gerrit.ovirt.org/18547 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I4f47627642d38fd537dbeed8f1b41a0849566063 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Moti Asayag <masa...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
