fix the permission check when user is not root for non-public template

sudo87 · sudo87 · commit afaf21d5c881 · 2026-02-23T11:41:46.000+05:30
diff --git a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
@@ -4965,15 +4965,13 @@ private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(Long temp
                 ex.addProxyObject(template.getUuid(), "templateId");
                 throw ex;
             }
+
             if (!template.isPublicTemplate() && caller.getType() == Account.Type.DOMAIN_ADMIN) {
                 Account template_acc = accountMgr.getAccount(template.getAccountId());
                 DomainVO domain = _domainDao.findById(template_acc.getDomainId());
                 accountMgr.checkAccess(caller, domain);
-            }
-
-            // if template is not public, perform permission check here
-            else if (!template.isPublicTemplate() && caller.getType() != Account.Type.ADMIN) {
-                accountMgr.checkAccess(caller, null, false, template);
+            } else if (!template.isPublicTemplate() && caller.getType() != Account.Type.ADMIN) { // if template is not public, perform permission check here
+                accountMgr.checkAccess(caller, null, true, template);
             } else if (template.isPublicTemplate()) {
                 accountMgr.checkAccess(caller, null, false, template);
             }
