[Engine-devel] Adding users and assigning roles in Ovirt

Gilad Chaplik gchaplik at redhat.com
Mon Dec 2 08:47:56 UTC 2013 

Hi Ramesh,

You're right, I also think that the 'add users' is a bit pointless, but adding a system permission in that dialog can be dangerous (if admin doesn't fully understand what he's doing, and MLA is complicated enough ;-) ).

Currently when adding a permission we can specify a AD-user (regardless to the fact he's added or not), So eventually power users can add users to the system.
I can think of a case, that admins will want to manage the users by themselves, i.e- power users can add permissions for the added users only.
this way this dialog can be useful.

Thanks, 
Gilad.

----- Original Message -----
> From: "Oved Ourfalli" <ovedo at redhat.com>
> To: "Ramesh" <rnachimu at redhat.com>
> Cc: engine-devel at ovirt.org
> Sent: Monday, December 2, 2013 9:01:52 AM
> Subject: Re: [Engine-devel] Adding users and assigning roles in Ovirt
> 
> Your E-mail made me look a bit and check the different flows.
> 
> I think the only use-case for adding users without giving any permissions is
> when you add a user for notification reasons.
> You can add a user, and then in the Event Notifier sub-tab define what events
> he will get via E-mail.
> afaik (and I'm not an event notifier expert), this user doesn't have to be
> able to login, or to have permissions of any kind. He just gets events.
> 
> Other than that you're right. A user which is added to the system can't do
> much without assigning him roles.
> I think adding roles assignment to this dialog may be a bit cumbersome.
> Perhaps some wizard is required in that case. Or at least some checkbox
> saying "allow user to login". That way the new user will be able to login,
> and he will have some default permissions as well (permissions granted to
> Everyone).
> 
> Let's see what others think.
> 
> Regards,
> Oved
> 
> 
> ----- Original Message -----
> > From: "Ramesh" <rnachimu at redhat.com>
> > To: engine-devel at ovirt.org
> > Sent: Monday, December 2, 2013 7:22:53 AM
> > Subject: [Engine-devel] Adding users and assigning roles in Ovirt
> > 
> > Hi All,
> > 
> >    We have 'Add' action under 'Users' main tab to add users in Ovirt .
> > It looks slightly different from the "Add user" option of the Configure
> > option. Actually, this one is missing the "Role to Assign" option. I
> > think without assigning any role, adding a user is not meaningful and it
> > didn't complete the flow.
> > 
> >    Currently to assign any role to the user, either we have to use
> > 'Configure' option ( to add system permission) or we have to go to the
> > specific entity and add permission for that entity. It will be nice if
> > we can assign roles( system level permissions) while adding users in
> > 'Users' tab itself. It will be a clear user flow where one can add user
> > and assign role in the same place.
> > 
> > I have attached both the screen shots.
> > 
> > please share your thoughts.
> > 
> > Regards,
> > Ramesh
> > 
> > 
> > _______________________________________________
> > Engine-devel mailing list
> > Engine-devel at ovirt.org
> > http://lists.ovirt.org/mailman/listinfo/engine-devel
> > 
> _______________________________________________
> Engine-devel mailing list
> Engine-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/engine-devel
>

More information about the Engine-devel mailing list