On 03/19/2012 12:47 PM, Einav Cohen wrote:
1.
According to the wiki, these are the new Action Groups that will be added:
CREATE_DISK - AddDisk, AddDiskToVm
EDIT_DISK_PROPERTIES - UpdateDisk, UpdateVM, Activate/Deactivate
ATTACH_DISK - AttachDiskToVm
CONFIGURE_DISK_STORAGE - MoveOrCopyDisk
DELETE_DISK - RemoveDisk, RemoveVm
Currently we have:
CONFIGURE_VM_STORAGE - AddDiskToVm, RemoveDisksFromVm, UpdateVmDisk
So, since "AddDiskToVm" has moved to "CREATE_DISK", it will now be:
CONFIGURE_VM_STORAGE - RemoveDisksFromVm, UpdateVmDisk
- Is there a difference between RemoveDisk and RemoveDisksFromVm? If so, what is the
difference?
- Is there a difference between UpdateDisk and UpdateVmDisk? If so, what is the
difference?
[If answer to both questions is "no", CONFIGURE_VM_STORAGE action-group should
be removed; this should be considered in the upgrade process]
This point should be taken into consideration when design/implementation
of new verbs (RemoveDisk / UpdateDisk ) is done.
2. [Michael/Daniel] (more related to the floating disks feature): In which Action Group
will "DetachDiskFromVm" reside?
3. "Updated Roles: VM Operator should be extended with permissions on Disk" -
note that all other pre-defined roles that have "UpdateVM" within them (and most
of them do, AFAIK) should also be extended with the extra Disk-related ActionGroups
(otherwise we can reach strange situations in which a Cluster Admin can do everything in
his cluster except manipulate Disks in his VMs, for example).
Updated wiki:
http://www.ovirt.org/wiki/Features/DiskPermissions#Updated_Roles
4. "Upgrade DB: Add Disk Operator role to users that have VM Operators to allow
permissions on Disks":
- I assume that you mean that Disk Operator *permissions* should be added on the relevant
*Disks* to the "VM Operator" users.
- I suggest to add these during upgrade not only for "VM Operators" but for all
users that have a direct permission on a VM which is associated with any Role that
contains the action "UpdateVM".
Updated wiki:
http://www.ovirt.org/wiki/Features/DiskPermissions#Upgrade_DB
5. GUI will need a new query: GetAllAttachableDisks.
- This query should be an Admin + User query and will have two "flavors":
Admin and User (using the "isFiltered" property).
- With "isFiltered = false" (will be used for the admin portal), it should
return a list of all floating and/or sharable disks.
- With "isFiltered = true" (will be used in the power user portal), it should
return a list of all floating and/or sharable disks on which the user has permissions.
----
Thanks,
Einav
----- Original Message -----
> From: "Moti Asayag" <masayag(a)redhat.com>
> To: engine-devel(a)ovirt.org
> Sent: Wednesday, March 14, 2012 2:20:18 AM
> Subject: [Engine-devel] Disk Permissions Feature
>
> Hi all,
>
> Disk Permissions feature description Wiki page:
>
http://www.ovirt.org/wiki/Features/DiskPermissions
>
> Please share your comments.
>
> Thanks,
> Moti
>
> _______________________________________________
> Engine-devel mailing list
> Engine-devel(a)ovirt.org
>
http://lists.ovirt.org/mailman/listinfo/engine-devel
>