Hi, any more thoughts on how I can get all the permissions assigned to each VM?

Thanks

On Wed, Nov 6, 2019 at 8:07 PM Colin Coe <colin.coe@gmail.com> wrote:
Hi

At the moment I'm just trying to work out how to get the info but ultimately it needs to be a matrix of users across the top, VMs down and print the role where the two intersect.

Thanks

On Wed, Nov 6, 2019 at 1:22 AM Ondra Machacek <omachace@redhat.com> wrote:


On 05/11/2019 11:57, Colin Coe wrote:
> Hi all
>
> I've been tasked with creating a matrix of users/groups and VMs so we
> can easily see who has access to what (via SPCIE console).
>
> Google has given me a couple of hints but I can get it over the line.
>
> ---
> users_service = connection.system_service().users_service()
> users = users_service.list()
>
> for user in users:
>      username = user.user_name.split('@')[0]
>
>      # Follow the link to the permissions of the user:
>      perms = connection.follow_link(user.permissions)
>      for perm in perms:
>          if perm.vm:
>              print(username)
>              permissions_service =
> connection.system_service().permissions_service()

Well if you would add here:

print (connections.follow_link(perm.role).name)

you would know the name of the role that user have,
but you wouldn't know for which object this role is
assigned.

What exactly should be the output of your script?

For example:

User1:
VMs:
  vm1: UserVmManager
  vm2: UserRole
CLusters:
  cluster1: UserRole

User2:
VMs:
  vm3: UserRole

Group1:
CLusters:
  cluster2: UserRole

?

>              print(perm.vm.id <http://perm.vm.id>)
> ---
>
> The problem is with permissions, the output from above is:
> ---
> user1
> 1b645daf-de26-4f33-9e3b-6a12eadd4618
> user2
> 9c79e763-f78d-4bf9-b8ca-20fe197fd80c
> user3
> f9d00b30-8003-41c3-95a1-10e0c452fa63
> user4
> 1bbadf96-ef95-4ece-b5f3-1fa112aa3571
> user5
> e9085627-324e-48d3-bc04-52ff7798ddd0
> ---
>
> I can't work out how to get the actual permissions rather that the ID.
>
> Any ideas?
>
> Thanks
>
>
> _______________________________________________
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-leave@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
> List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/PILAIVCF7C4LXVATL5T6P4VMZP3Y22G7/
>