From fc3020c57a55fc009feeb80b54186c695edc3233 Mon Sep 17 00:00:00 2001
From: Rene Moser <mail@renemoser.net>
Date: Tue, 9 Jun 2015 16:16:58 +0200
Subject: [PATCH] cloudstack: prevent getting the wrong project.

Since we use domain and account data to filter the project, listall is not needed and can return the wrong identical named project of another account if root admin permissions are used.

Fixed projects names are not case insensitive.
---
 lib/ansible/module_utils/cloudstack.py | 4 ++--
 v1/ansible/module_utils/cloudstack.py  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/ansible/module_utils/cloudstack.py b/lib/ansible/module_utils/cloudstack.py
index 82306b9a0b..86ccef588e 100644
--- a/lib/ansible/module_utils/cloudstack.py
+++ b/lib/ansible/module_utils/cloudstack.py
@@ -124,13 +124,12 @@ class AnsibleCloudStack:
         if not project:
             return None
         args = {}
-        args['listall'] = True
         args['account'] = self.get_account(key='name')
         args['domainid'] = self.get_domain(key='id')
         projects = self.cs.listProjects(**args)
         if projects:
             for p in projects['project']:
-                if project in [ p['name'], p['displaytext'], p['id'] ]:
+                if project.lower() in [ p['name'].lower(), p['id'] ]:
                     self.project = p
                     return self._get_by_key(key, self.project)
         self.module.fail_json(msg="project '%s' not found" % project)
@@ -361,6 +360,7 @@ class AnsibleCloudStack:
         self.capabilities = capabilities['capability']
         return self._get_by_key(key, self.capabilities)
 
+
     # TODO: rename to poll_job()
     def _poll_job(self, job=None, key=None):
         if 'jobid' in job:
diff --git a/v1/ansible/module_utils/cloudstack.py b/v1/ansible/module_utils/cloudstack.py
index e887367c2f..2b4ec0be17 100644
--- a/v1/ansible/module_utils/cloudstack.py
+++ b/v1/ansible/module_utils/cloudstack.py
@@ -122,13 +122,12 @@ class AnsibleCloudStack:
         if not project:
             return None
         args = {}
-        args['listall'] = True
         args['account'] = self.get_account(key='name')
         args['domainid'] = self.get_domain(key='id')
         projects = self.cs.listProjects(**args)
         if projects:
             for p in projects['project']:
-                if project in [ p['name'], p['displaytext'], p['id'] ]:
+                if project.lower() in [ p['name'].lower(), p['id'] ]:
                     self.project = p
                     return self._get_by_key(key, self.project)
         self.module.fail_json(msg="project '%s' not found" % project)
@@ -359,6 +358,7 @@ class AnsibleCloudStack:
         self.capabilities = capabilities['capability']
         return self._get_by_key(key, self.capabilities)
 
+
     # TODO: rename to poll_job()
     def _poll_job(self, job=None, key=None):
         if 'jobid' in job: