Check the network access when deploying VM in Advanced Security Group.

Author: sureshanaparti

server/src/main/java/com/cloud/vm/UserVmManagerImpl.java

@@ -3517,6 +3517,8 @@ public UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, Service
                     throw new InvalidParameterValueException("Network is not security group enabled: " + network.getId());
                 }
 
+                _accountMgr.checkAccess(owner, AccessType.UseEntry, false, network);
+
                 networkList.add(network);
             }
             isSecurityGroupEnabledNetworkUsed = true;
@@ -3540,9 +3542,8 @@ public UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, Service
                 }
 
                 // Perform account permission check
-                if (network.getAclType() == ACLType.Account) {
-                    _accountMgr.checkAccess(caller, AccessType.UseEntry, false, network);
-                }
+                _accountMgr.checkAccess(owner, AccessType.UseEntry, false, network);
+
                 networkList.add(network);
             }
         }