Skip to content

Commit b3c2758

Browse files
BryanMLimaBryanMLima
committed
Limit information on API response for non admin users
1 parent b0d4b84 commit b3c2758

File tree

1 file changed

+15
-11
lines changed

1 file changed

+15
-11
lines changed

server/src/main/java/com/cloud/api/ApiResponseHelper.java

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -5462,18 +5462,22 @@ public SharedFSResponse createSharedFSResponse(ResponseView view, SharedFS share
54625462
public GuiThemeResponse createGuiThemeResponse(GuiThemeJoinVO guiThemeJoinVO) {
54635463
GuiThemeResponse guiThemeResponse = new GuiThemeResponse();
54645464

5465-
guiThemeResponse.setId(guiThemeJoinVO.getUuid());
5466-
guiThemeResponse.setName(guiThemeJoinVO.getName());
5467-
guiThemeResponse.setDescription(guiThemeJoinVO.getDescription());
5468-
guiThemeResponse.setCss(guiThemeJoinVO.getCss());
5465+
Long callerId = CallContext.current().getCallingAccount().getAccountId();
5466+
if (callerId != Account.ACCOUNT_ID_SYSTEM && _accountMgr.isRootAdmin(callerId)) {
5467+
guiThemeResponse.setId(guiThemeJoinVO.getUuid());
5468+
guiThemeResponse.setName(guiThemeJoinVO.getName());
5469+
guiThemeResponse.setDescription(guiThemeJoinVO.getDescription());
5470+
guiThemeResponse.setCommonNames(guiThemeJoinVO.getCommonNames());
5471+
guiThemeResponse.setDomainIds(guiThemeJoinVO.getDomains());
5472+
guiThemeResponse.setRecursiveDomains(guiThemeJoinVO.isRecursiveDomains());
5473+
guiThemeResponse.setAccountIds(guiThemeJoinVO.getAccounts());
5474+
guiThemeResponse.setPublic(guiThemeJoinVO.getIsPublic());
5475+
guiThemeResponse.setCreated(guiThemeJoinVO.getCreated());
5476+
guiThemeResponse.setRemoved(guiThemeJoinVO.getRemoved());
5477+
}
5478+
54695479
guiThemeResponse.setJsonConfiguration(guiThemeJoinVO.getJsonConfiguration());
5470-
guiThemeResponse.setCommonNames(guiThemeJoinVO.getCommonNames());
5471-
guiThemeResponse.setDomainIds(guiThemeJoinVO.getDomains());
5472-
guiThemeResponse.setRecursiveDomains(guiThemeJoinVO.isRecursiveDomains());
5473-
guiThemeResponse.setAccountIds(guiThemeJoinVO.getAccounts());
5474-
guiThemeResponse.setPublic(guiThemeJoinVO.getIsPublic());
5475-
guiThemeResponse.setCreated(guiThemeJoinVO.getCreated());
5476-
guiThemeResponse.setRemoved(guiThemeJoinVO.getRemoved());
5480+
guiThemeResponse.setCss(guiThemeJoinVO.getCss());
54775481
guiThemeResponse.setResponseName("guithemes");
54785482

54795483
return guiThemeResponse;

0 commit comments

Comments
 (0)