10:48 a.m.
According to the log he is looking for the INJECT_EXTERNAL_EVENTS action group, on the
System.
I guess it means this action group isn't part of the SuperUser role.
Eli - you commit ecd7658c42b799d8632372de9fc6695a22705435 shows you added this action
group, but not added to the SuperUser role.
What was the reason for that?
I also don't see an option to add this action group to roles.
Maybe only the API supports creating a new custom role with this action group.
Thanks,
Oved
----- Original Message -----
From: "plysan" <plysab(a)gmail.com>
To: "Users(a)ovirt.org List" <users(a)ovirt.org>
Sent: Thursday, December 11, 2014 9:20:34 AM
Subject: Re: [ovirt-users] Problems while adding external event to ovirt
Oh, forgot the environment:
ovirt-engine-backend-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
ovirt-engine-restapi-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
2014-12-11 15:18 GMT+08:00 plysan < plysab(a)gmail.com > :
Hi,
When I try to add an external event to ovirt using curl, I get permission
issue:
$ curl -X POST --insecure -u admin@internal:abc123 -H "Content-Type:
application/json" https://192.168.3.226/ovirt-engine/api/events --data
'{"origin":"thirdParty","severity":"normal","custom_id":"123","description":"hello
external event."}'
<?xml version="1.0" encoding="UTF-8"
standalone="yes"?>
<fault>
<reason>Operation Failed</reason>
<detail>[User is not authorized to perform this action.]</detail>
</fault>
The engine.log says:
2014-12-11 14:52:33,725 INFO [org.ovirt.engine.core.bll.aaa.LoginUserCommand]
(ajp--127.0.0.1-8702-7) Running command: LoginUserCommand internal: false.
2014-12-11 14:52:33,732 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event
ID: -1, Message: User admin logged in.
2014-12-11 14:52:33,750 INFO
[org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7)
[6947ffae] No permission found for user fdfc627c-d875-11e0-90f0-83df133b58cc
or one of the groups he is member of, when running action AddExternalEvent,
Required permissions are: Action type: ADMIN Action group:
INJECT_EXTERNAL_EVENTS Object type: System Object ID:
aaa00000-0000-0000-0000-123456789aaa.
2014-12-11 14:52:33,751 WARN
[org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7)
[6947ffae] CanDoAction of action AddExternalEvent failed.
Reasons:USER_NOT_AUTHORIZED_TO_PERFORM_ACTION
2014-12-11 14:52:33,765 ERROR
[org.ovirt.engine.api.restapi.resource.AbstractBackendResource]
(ajp--127.0.0.1-8702-7) Operation Failed: [User is not authorized to perform
this action.]
2014-12-11 14:52:33,779 INFO
[org.ovirt.engine.core.bll.aaa.LogoutBySessionCommand]
(ajp--127.0.0.1-8702-7) [21c639e1] Running command: LogoutBySessionCommand
internal: false.
2014-12-11 14:52:33,780 INFO
[org.ovirt.engine.core.bll.aaa.LogoutUserCommand] (ajp--127.0.0.1-8702-7)
[6de8f467] Running command: LogoutUserCommand internal: false.
2014-12-11 14:52:33,790 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-7) [6de8f467] Correlation ID: 6de8f467, Call Stack:
null, Custom Event ID: -1, Message: User admin logged out.
Is this the expected behavior? Or is there anything i missed?
thanks
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users