Re: [ovirt-users] User permissions
On Wed, Dec 14, 2016 at 9:54 AM, Michal Skrivanek <
michal.skrivanek(a)redhat.com> wrote:
On 9 Dec 2016, at 16:53, Bill Bill <jax2568(a)outlook.com> wrote:
Hello,
There seems to be an issue with assigning permissions. When creating a
user, if the user has “create” functionality for a VM, they can also delete
the VM even if “delete” is not checked. Is this by design or perhaps
something that was overlooked? Essentially, I want a user that can
add/modify but not delete.
it is probably a bug. worth filing a bug (ovirt-engine, virt)
It's not a bug. This is by design. When user has 'create_vm' permission and
he is using
UserPortal or filtered REST API, then he will get UserVmManager permission
on newly created VM
and with this permission you can delete that VM, but not any other vm, only
the one you've created.
there’s likely no easy workaround…you can try to create your own role
with
only the create permission, but…unlikely
Thanks,
michal
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.phx.ovirt.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.phx.ovirt.org/mailman/listinfo/users
Attachments:
- attachment.html (text/html — 4.6 KB)