- public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
- @RequestParam(required = true) String action) {
- if (!authorize(UserLevel.NETWORKADMIN)) { return "Operation not authorized"; }
-
- IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
- .getInstance(IForwardingRulesManager.class, "default", this);
- if (frm == null) { return null; }
-
+ public String removeFlow(@PathVariable("nodeId") String nodeId,
+ @PathVariable("name") String name,
+ @RequestParam(required = true) String action,
+ HttpServletRequest request, @RequestParam(required = false) String container) {
+ String containerName = (container == null) ? GlobalConstants.DEFAULT.toString() : container;
+
+ // Authorization check
+ String userName = request.getUserPrincipal().getName();
+ if (DaylightWebUtil.getContainerPrivilege(userName, containerName, this) != Privilege.WRITE) {
+ return "Operation not authorized";
+ }
+
+ IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
+ .getInstance(IForwardingRulesManager.class, containerName, this);
+ if (frm == null) {
+ return null;
+ }
+