
Hi Eli, Yes this is newly created 3.5 environment with engine-setup. 2014-12-11 17:13 GMT+08:00 Eli Mesika <emesika@redhat.com>:
From: "Oved Ourfali" <ovedo@redhat.com> To: "plysan" <plysab@gmail.com>, "Eli Mesika" <emesika@redhat.com> Cc: "Users@ovirt.org List" <users@ovirt.org> Sent: Thursday, December 11, 2014 9:48:32 AM Subject: Re: [ovirt-users] Problems while adding external event to ovirt
According to the log he is looking for the INJECT_EXTERNAL_EVENTS action group, on the System. I guess it means this action group isn't part of the SuperUser role.
Eli - you commit ecd7658c42b799d8632372de9fc6695a22705435 shows you added this action group, but not added to the SuperUser role. What was the reason for that? I also don't see an option to add this action group to roles. Maybe only the API supports creating a new custom role with this action group.
Thanks, Oved
----- Original Message -----
From: "plysan" <plysab@gmail.com> To: "Users@ovirt.org List" <users@ovirt.org> Sent: Thursday, December 11, 2014 9:20:34 AM Subject: Re: [ovirt-users] Problems while adding external event to ovirt
Oh, forgot the environment:
ovirt-engine-backend-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
ovirt-engine-restapi-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
2014-12-11 15:18 GMT+08:00 plysan < plysab@gmail.com > :
Hi,
When I try to add an external event to ovirt using curl, I get
----- Original Message ----- permission
issue:
$ curl -X POST --insecure -u admin@internal:abc123 -H "Content-Type: application/json" https://192.168.3.226/ovirt-engine/api/events --data
'{"origin":"thirdParty","severity":"normal","custom_id":"123","description":"hello
external event."}' <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <fault> <reason>Operation Failed</reason> <detail>[User is not authorized to perform this action.]</detail> </fault>
The engine.log says:
2014-12-11 14:52:33,725 INFO [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-7) Running command: LoginUserCommand internal: false. 2014-12-11 14:52:33,732 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User admin logged in. 2014-12-11 14:52:33,750 INFO [org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7) [6947ffae] No permission found for user fdfc627c-d875-11e0-90f0-83df133b58cc or one of the groups he is member of, when running action AddExternalEvent, Required permissions are: Action type: ADMIN Action group: INJECT_EXTERNAL_EVENTS Object type: System Object ID: aaa00000-0000-0000-0000-123456789aaa. 2014-12-11 14:52:33,751 WARN [org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7) [6947ffae] CanDoAction of action AddExternalEvent failed. Reasons:USER_NOT_AUTHORIZED_TO_PERFORM_ACTION 2014-12-11 14:52:33,765 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (ajp--127.0.0.1-8702-7) Operation Failed: [User is not authorized to perform this action.] 2014-12-11 14:52:33,779 INFO [org.ovirt.engine.core.bll.aaa.LogoutBySessionCommand] (ajp--127.0.0.1-8702-7) [21c639e1] Running command: LogoutBySessionCommand internal: false. 2014-12-11 14:52:33,780 INFO [org.ovirt.engine.core.bll.aaa.LogoutUserCommand] (ajp--127.0.0.1-8702-7) [6de8f467] Running command: LogoutUserCommand internal: false. 2014-12-11 14:52:33,790 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) [6de8f467] Correlation ID: 6de8f467, Call Stack: null, Custom Event ID: -1, Message: User admin logged out.
Is this the expected behavior? Or is there anything i missed?
Is this a newly created 3.5 DB ??? I suspect that maybe this is a result of 3.2 DB squashing work If this is an upgraded env please specify from and target versions
Thanks
thanks
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users