<div dir="ltr"><div><div><div>Hello there again,</div><div><br></div>I was fighting with the permissions yesterday night and in the end I find out all was fine. There was an Everyone permission that confused me...<br><br></div>The main thing here is that we have an application that use the ovirt sdk version 3 and we want to migrate it to the ovirt sdk version 4.<br><br></div><div>This is the function in the ovirt sdk 3 literally is (userid and dc is string type):<br><br>def ovirt_remove_dc_permissions(<wbr>userid, dc):<br> kvm = ovirt_connect()<br><br> u = kvm.users.get(id=userid)<br> for perm in u.permissions.list():<br> udc = perm.get_data_center()<br> if udc:<br> globaldc = kvm.datacenters.get(id=udc.<wbr>get_id())<br> if globaldc.get_name() == dc:<br> perm.delete()<br><br> kvm.disconnect()<br><br></div><div>The function on the ovirt sdk 4 is:<br><br></div><div><div> def ovirt_remove_dc_permissions(self, userid, dc):</div><div> connection = self.ovirt_connect()</div><div><br></div><div> system_service = connection.system_service()</div><div> permissions_service = system_service.permissions_service()</div><div> users_service = system_service.users_service()</div><div> data_centers_service = system_service.data_centers_service()</div><div><br></div><div> data_center=None</div><div> for data_center_aux in data_centers_service.list():</div><div> if <a href="http://data_center_aux.name">data_center_aux.name</a> == dc:</div><div> data_center = data_center_aux</div><div> break</div><div><br></div><div> user_service = users_service.user_service(id=userid)</div><div> user_permission_service = user_service.permissions_service()</div><div><br></div><div> for permission in user_permission_service.list():</div><div> udc = permission.data_center</div><div> if udc:</div><div> if <a href="http://udc.id">udc.id</a> == <a href="http://data_center.id">data_center.id</a>:</div><div> permission_service = permissions_service.permission_service(id=<a href="http://permission.id">permission.id</a>)</div><div> permission_service.remove()</div><div><br></div><div> connection.close()</div> <br>In the end I manage to translate from ovirt SDK v3 to ovirt SDK 4</div><div><br></div><div>Thanks again and sorry for this late response once more time.</div><div>Manuel <br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2017-02-22 16:23 GMT+00:00 Manuel Luis Aznar <span dir="ltr"><<a href="mailto:manuel.luis.aznar@gmail.com" target="_blank">manuel.luis.aznar@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello there,<div><br></div><div>Thanks for yours answer.</div><div><br></div><div>I will try your note.</div><div><br></div><div>We have an oVirt test installation (very litle users and few permissions, so you can count permissions) and if I try to get the permissions with the users entry point, I got a wrong number of them.</div><span class=""><div><br></div><div><span style="color:rgb(80,0,80);font-size:12.8px">user_service = users_service.user_service(id=</span><a href="http://user.id/" rel="noreferrer" style="font-size:12.8px" target="_blank"><wbr>user.id</a><span style="color:rgb(80,0,80);font-size:12.8px">)</span><br style="color:rgb(80,0,80);font-size:12.8px"><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">user_permissions_service = user_service.permissions_</span><span style="color:rgb(80,0,80);font-size:12.8px">servi<wbr>ce()</span><br style="color:rgb(80,0,80);font-size:12.8px"><br style="color:rgb(80,0,80);font-size:12.8px"><span style="color:rgb(80,0,80);font-size:12.8px">list = user_permissions_service.list(</span><span style="color:rgb(80,0,80);font-size:12.8px"><wbr>)</span><br></div><div><br></div></span><div>The list "list" have wrong number of permissions...Do not know if this is a bug or what, I will double check later on. In case I am wrong I will be writing to you again.</div><div><br></div><div>Thanks again</div><span class="HOEnZb"><font color="#888888"><div>Manuel</div><div><br></div><div><br></div></font></span></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2017-02-22 12:01 GMT+00:00 Ondra Machacek <span dir="ltr"><<a href="mailto:omachace@redhat.com" target="_blank">omachace@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>On Wed, Feb 22, 2017 at 10:16 AM, Manuel Luis Aznar<br>
<<a href="mailto:manuel.luis.aznar@gmail.com" target="_blank">manuel.luis.aznar@gmail.com</a>> wrote:<br>
> Hello there,<br>
><br>
> I need to remove the specific Users Permission a user have in a DataCenter.<br>
><br>
> I manage to do it in this way:<br>
><br>
> username = "..."<br>
> dc = "..."<br>
><br>
> system_service = connection.system_service()<br>
> users_service = system_service.users_service()<br>
> data_centers_service = system_service.data_centers_se<wbr>rvice()<br>
><br>
> # Getting the User object<br>
> for user in users_service.list():<br>
> if username in user.user_name:<br>
> break<br>
><br>
> # Getting the DataCenter object<br>
> for data_center in data_centers_service.list():<br>
> if dc in <a href="http://data_center.name" rel="noreferrer" target="_blank">data_center.name</a>:<br>
> break<br>
<br>
</span>Just a note that you can use:<br>
<br>
data_center = data_centers_service.list(sear<wbr>ch='name=dc')[0]<br>
<div><div class="m_8316447269744464942h5"><br>
<br>
><br>
> # Getting DataCenter service and its Permission Service<br>
> data_center_service =<br>
> data_centers_service.data_cent<wbr>er_service(id=<a href="http://data_center.id" rel="noreferrer" target="_blank">data_center.id</a>)<br>
> data_center_permissions_servic<wbr>e = data_center_service.permission<wbr>s_service()<br>
><br>
> # Getting the Permission for the User in the DataCenter<br>
> for data_center_permission in data_center_permissions_servic<wbr>e.list():<br>
> data_center_permission_user = data_center_permission.user<br>
> if data_center_permission_user:<br>
> if <a href="http://data_center_permission_user.id" rel="noreferrer" target="_blank">data_center_permission_user.id</a> == <a href="http://user.id" rel="noreferrer" target="_blank">user.id</a>:<br>
> data_center_permission_user.r<wbr>emove()<br>
><br>
> As you can see I can do it, but, I am using the permissions of the<br>
> DataCenter and this list could be very long.<br>
><br>
> In the old ovirtsdk (version 3) this was done by the following:<br>
><br>
> u = kvm.users.get(id=userid)<br>
> for perm in u.permissions.list():<br>
> udc = perm.get_data_center()<br>
> if udc:<br>
> globaldc = kvm.datacenters.get(id=udc.get<wbr>_id())<br>
> if globaldc.get_name() == dc:<br>
> perm.delete()<br>
><br>
> that last piece of code iterate by the user permission list and delete the<br>
> specific Data Center permission. I have been trying this doing the<br>
> following:<br>
><br>
> user_service = users_service.user_service(id=<a href="http://user.id" rel="noreferrer" target="_blank"><wbr>user.id</a>)<br>
><br>
> user_permissions_service = user_service.permissions_servi<wbr>ce()<br>
><br>
> list = user_permissions_service.list(<wbr>)<br>
><br>
> Is that last variable, list: the permissions list for the specified user, I<br>
> ask that because if I print the size of the list for an specific user, the<br>
> number I get is not correct...<br>
<br>
</div></div>It should work, what do you expect to see and what do you actually see?<br>
<span><br>
><br>
> Thanks for all in advance to all<br>
> Manuel<br>
><br>
</span>> ______________________________<wbr>_________________<br>
> Users mailing list<br>
> <a href="mailto:Users@ovirt.org" target="_blank">Users@ovirt.org</a><br>
> <a href="http://lists.ovirt.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.ovirt.org/mailman<wbr>/listinfo/users</a><br>
><br>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>