Shared networks that contain specifyvlan=true can only be created/modified/deleted/restarted by a root admin. The operations icons are present on these networks on non-root admin accounts. This results in a 531 error messages. It seems like if specifyvlan=true is set on a shared network, then the operations icons should be hidden for non-root accounts.
STEPS TO REPRODUCE
Log into as Root Admin
Create Shared network and specify a VLAN. (It doesn't seem to matter at what domain level the VLAN is built)
Log out
Log in as Domain Admin under a Sub Domain
Go to Networks --> Guest Networks
Drill into the Shared network you created and observe the operations icons. Trying to delete/restart/update the network will resolve in an 531 error.
Request failed. (531)
Shared network Network {"id": 211, "name": "AB123-NET-01", "uuid": "e3a7e8cf-9485-452a-a6a9-afddb062d18b", "networkofferingid": 26} with specifyvlan=true can only be operated by root admin
EXPECTED RESULTS
Operation Icons should not be present on a shared network if `specifyvlan=true`
ACTUAL RESULTS
Operation Icons should not be present on a shared networks and generate an error
ISSUE TYPE
COMPONENT NAME
CLOUDSTACK VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY
Shared networks that contain
specifyvlan=truecan only be created/modified/deleted/restarted by a root admin. The operations icons are present on these networks on non-root admin accounts. This results in a 531 error messages. It seems like ifspecifyvlan=trueis set on a shared network, then the operations icons should be hidden for non-root accounts.STEPS TO REPRODUCE
EXPECTED RESULTS
ACTUAL RESULTS