F #2427: Checked quotas

OpenNebula · Oct 1, 2018 · f5eb662 · f5eb662
1 parent c2b10a0
commit f5eb662
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 7 deletions.
diff --git a/src/rm/RequestManagerVirtualMachine.cc b/src/rm/RequestManagerVirtualMachine.cc
@@ -733,7 +733,9 @@ void VirtualMachineDeploy::request_execute(xmlrpc_c::paramList const& paramList,
     Nebula&             nd = Nebula::instance();
     DispatchManager *   dm = nd.get_dm();
     DatastorePool * dspool = nd.get_dspool();
+    UserPool*        upool = nd.get_upool();
 
+    User * user;
     VirtualMachine * vm;
     VirtualMachineTemplate  tmpl;
 
@@ -750,6 +752,8 @@ void VirtualMachineDeploy::request_execute(xmlrpc_c::paramList const& paramList,
 
     bool auth = false;
     int rc;
+    int uid, gid;
+    set<int> gids;
     int has_net_mode, nic_id;
     string net_mode;
 
@@ -803,11 +807,32 @@ void VirtualMachineDeploy::request_execute(xmlrpc_c::paramList const& paramList,
         return;
     }
 
-    AuthRequest ar(att.uid, att.group_ids);
+    if ((vm = get_vm(id, att)) == 0)
+    {
+        return;
+    }
+
+    uid = vm->get_uid();
+    gid = vm->get_gid();
+
+    vm->unlock();
+
+    user = upool->get(vm->get_uid());
+
+    if (user == 0)
+    {
+        return;
+    }
+
+    gids = user->get_groups();
+
+    AuthRequest ar(uid, gids);
+
+    user->unlock();
 
     ar.add_auth(AuthRequest::MANAGE, vm_perms);
 
-    VirtualMachine::set_auth_request(att.uid, ar, &tmpl, true);
+    VirtualMachine::set_auth_request(uid, ar, &tmpl, true);
 
     if (UserPool::authorize(ar) == -1)
     {
@@ -816,7 +841,7 @@ void VirtualMachineDeploy::request_execute(xmlrpc_c::paramList const& paramList,
         return;
     }
 
-    RequestAttributes att_quota(vm_perms.uid, vm_perms.gid, att);
+    RequestAttributes att_quota(uid, gid, att);
 
     if (!att.is_admin())
     {

diff --git a/src/um/QuotaNetwork.cc b/src/um/QuotaNetwork.cc
@@ -36,7 +36,7 @@ bool QuotaNetwork::check(PoolObjectSQL::ObjectType otype, Template * tmpl,
     int num;
     bool uses_lease;
     string net_mode;
-    int has_net_mode;
+    int has_net_mode, has_net_id;
 
     map<string, float> net_request;
 
@@ -49,13 +49,13 @@ bool QuotaNetwork::check(PoolObjectSQL::ObjectType otype, Template * tmpl,
         has_net_mode = nic[i]->vector_value("NETWORK_MODE", net_mode);
         one_util::toupper(net_mode);
 
-        if ( has_net_mode == 0 && net_mode == "AUTO")
+        has_net_id = nic[i]->vector_value("NETWORK_ID", net_id);
+
+        if ( has_net_mode == 0 && net_mode == "AUTO" && has_net_id != 0)
         {
             continue;
         }
 
-        net_id = nic[i]->vector_value("NETWORK_ID");
-
         uses_lease = true;
 
         if ( otype == PoolObjectSQL::VROUTER )