Removing all the Users Permission on Data Center
Hello there, I need to remove the specific Users Permission a user have in a DataCenter. I manage to do it in this way: username = "..." dc = "..." system_service = connection.system_service() users_service = system_service.users_service() data_centers_service = system_service.data_centers_service() # Getting the User object for user in users_service.list(): if username in user.user_name: break # Getting the DataCenter object for data_center in data_centers_service.list(): if dc in data_center.name: break # Getting DataCenter service and its Permission Service data_center_service = data_centers_service.data_center_service(id= data_center.id) data_center_permissions_service = data_center_service.permissions_service() # Getting the Permission for the User in the DataCenter for data_center_permission in data_center_permissions_service.list(): data_center_permission_user = data_center_permission.user if data_center_permission_user: if data_center_permission_user.id == user.id: data_center_permission_user.remove() As you can see I can do it, but, I am using the permissions of the DataCenter and this list could be very long. In the old ovirtsdk (version 3) this was done by the following: u = kvm.users.get(id=userid) for perm in u.permissions.list(): udc = perm.get_data_center() if udc: globaldc = kvm.datacenters.get(id=udc.get_id()) if globaldc.get_name() == dc: perm.delete() that last piece of code iterate by the user permission list and delete the specific Data Center permission. I have been trying this doing the following: user_service = users_service.user_service(id=user.id) user_permissions_service = user_service.permissions_service() list = user_permissions_service.list() Is that last variable, list: the permissions list for the specified user, I ask that because if I print the size of the list for an specific user, the number I get is not correct... Thanks for all in advance to all Manuel
On Wed, Feb 22, 2017 at 10:16 AM, Manuel Luis Aznar <manuel.luis.aznar@gmail.com> wrote:
Hello there,
I need to remove the specific Users Permission a user have in a DataCenter.
I manage to do it in this way:
username = "..." dc = "..."
system_service = connection.system_service() users_service = system_service.users_service() data_centers_service = system_service.data_centers_service()
# Getting the User object for user in users_service.list(): if username in user.user_name: break
# Getting the DataCenter object for data_center in data_centers_service.list(): if dc in data_center.name: break
Just a note that you can use: data_center = data_centers_service.list(search='name=dc')[0]
# Getting DataCenter service and its Permission Service data_center_service = data_centers_service.data_center_service(id=data_center.id) data_center_permissions_service = data_center_service.permissions_service()
# Getting the Permission for the User in the DataCenter for data_center_permission in data_center_permissions_service.list(): data_center_permission_user = data_center_permission.user if data_center_permission_user: if data_center_permission_user.id == user.id: data_center_permission_user.remove()
As you can see I can do it, but, I am using the permissions of the DataCenter and this list could be very long.
In the old ovirtsdk (version 3) this was done by the following:
u = kvm.users.get(id=userid) for perm in u.permissions.list(): udc = perm.get_data_center() if udc: globaldc = kvm.datacenters.get(id=udc.get_id()) if globaldc.get_name() == dc: perm.delete()
that last piece of code iterate by the user permission list and delete the specific Data Center permission. I have been trying this doing the following:
user_service = users_service.user_service(id=user.id)
user_permissions_service = user_service.permissions_service()
list = user_permissions_service.list()
Is that last variable, list: the permissions list for the specified user, I ask that because if I print the size of the list for an specific user, the number I get is not correct...
It should work, what do you expect to see and what do you actually see?
Thanks for all in advance to all Manuel
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Hello there, Thanks for yours answer. I will try your note. We have an oVirt test installation (very litle users and few permissions, so you can count permissions) and if I try to get the permissions with the users entry point, I got a wrong number of them. user_service = users_service.user_service(id=user.id) user_permissions_service = user_service.permissions_service() list = user_permissions_service.list() The list "list" have wrong number of permissions...Do not know if this is a bug or what, I will double check later on. In case I am wrong I will be writing to you again. Thanks again Manuel 2017-02-22 12:01 GMT+00:00 Ondra Machacek <omachace@redhat.com>:
On Wed, Feb 22, 2017 at 10:16 AM, Manuel Luis Aznar <manuel.luis.aznar@gmail.com> wrote:
Hello there,
I need to remove the specific Users Permission a user have in a DataCenter.
I manage to do it in this way:
username = "..." dc = "..."
system_service = connection.system_service() users_service = system_service.users_service() data_centers_service = system_service.data_centers_service()
# Getting the User object for user in users_service.list(): if username in user.user_name: break
# Getting the DataCenter object for data_center in data_centers_service.list(): if dc in data_center.name: break
Just a note that you can use:
data_center = data_centers_service.list(search='name=dc')[0]
# Getting DataCenter service and its Permission Service data_center_service = data_centers_service.data_center_service(id=data_center.id) data_center_permissions_service = data_center_service.
permissions_service()
# Getting the Permission for the User in the DataCenter for data_center_permission in data_center_permissions_service.list(): data_center_permission_user = data_center_permission.user if data_center_permission_user: if data_center_permission_user.id == user.id: data_center_permission_user.remove()
As you can see I can do it, but, I am using the permissions of the DataCenter and this list could be very long.
In the old ovirtsdk (version 3) this was done by the following:
u = kvm.users.get(id=userid) for perm in u.permissions.list(): udc = perm.get_data_center() if udc: globaldc = kvm.datacenters.get(id=udc.get_id()) if globaldc.get_name() == dc: perm.delete()
that last piece of code iterate by the user permission list and delete
specific Data Center permission. I have been trying this doing the following:
user_service = users_service.user_service(id=user.id)
user_permissions_service = user_service.permissions_service()
list = user_permissions_service.list()
Is that last variable, list: the permissions list for the specified user, I ask that because if I print the size of the list for an specific user,
the the
number I get is not correct...
It should work, what do you expect to see and what do you actually see?
Thanks for all in advance to all Manuel
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Hello there again, I was fighting with the permissions yesterday night and in the end I find out all was fine. There was an Everyone permission that confused me... The main thing here is that we have an application that use the ovirt sdk version 3 and we want to migrate it to the ovirt sdk version 4. This is the function in the ovirt sdk 3 literally is (userid and dc is string type): def ovirt_remove_dc_permissions(userid, dc): kvm = ovirt_connect() u = kvm.users.get(id=userid) for perm in u.permissions.list(): udc = perm.get_data_center() if udc: globaldc = kvm.datacenters.get(id=udc.get_id()) if globaldc.get_name() == dc: perm.delete() kvm.disconnect() The function on the ovirt sdk 4 is: def ovirt_remove_dc_permissions(self, userid, dc): connection = self.ovirt_connect() system_service = connection.system_service() permissions_service = system_service.permissions_service() users_service = system_service.users_service() data_centers_service = system_service.data_centers_service() data_center=None for data_center_aux in data_centers_service.list(): if data_center_aux.name == dc: data_center = data_center_aux break user_service = users_service.user_service(id=userid) user_permission_service = user_service.permissions_service() for permission in user_permission_service.list(): udc = permission.data_center if udc: if udc.id == data_center.id: permission_service = permissions_service.permission_service(id=permission.id) permission_service.remove() connection.close() In the end I manage to translate from ovirt SDK v3 to ovirt SDK 4 Thanks again and sorry for this late response once more time. Manuel 2017-02-22 16:23 GMT+00:00 Manuel Luis Aznar <manuel.luis.aznar@gmail.com>:
Hello there,
Thanks for yours answer.
I will try your note.
We have an oVirt test installation (very litle users and few permissions, so you can count permissions) and if I try to get the permissions with the users entry point, I got a wrong number of them.
user_service = users_service.user_service(id=user.id)
user_permissions_service = user_service.permissions_service()
list = user_permissions_service.list()
The list "list" have wrong number of permissions...Do not know if this is a bug or what, I will double check later on. In case I am wrong I will be writing to you again.
Thanks again Manuel
2017-02-22 12:01 GMT+00:00 Ondra Machacek <omachace@redhat.com>:
On Wed, Feb 22, 2017 at 10:16 AM, Manuel Luis Aznar <manuel.luis.aznar@gmail.com> wrote:
Hello there,
I need to remove the specific Users Permission a user have in a DataCenter.
I manage to do it in this way:
username = "..." dc = "..."
system_service = connection.system_service() users_service = system_service.users_service() data_centers_service = system_service.data_centers_service()
# Getting the User object for user in users_service.list(): if username in user.user_name: break
# Getting the DataCenter object for data_center in data_centers_service.list(): if dc in data_center.name: break
Just a note that you can use:
data_center = data_centers_service.list(search='name=dc')[0]
# Getting DataCenter service and its Permission Service data_center_service = data_centers_service.data_center_service(id=data_center.id) data_center_permissions_service = data_center_service.permission
s_service()
# Getting the Permission for the User in the DataCenter for data_center_permission in data_center_permissions_service.list(): data_center_permission_user = data_center_permission.user if data_center_permission_user: if data_center_permission_user.id == user.id: data_center_permission_user.remove()
As you can see I can do it, but, I am using the permissions of the DataCenter and this list could be very long.
In the old ovirtsdk (version 3) this was done by the following:
u = kvm.users.get(id=userid) for perm in u.permissions.list(): udc = perm.get_data_center() if udc: globaldc = kvm.datacenters.get(id=udc.get_id()) if globaldc.get_name() == dc: perm.delete()
that last piece of code iterate by the user permission list and delete
specific Data Center permission. I have been trying this doing the following:
user_service = users_service.user_service(id=user.id)
user_permissions_service = user_service.permissions_service()
list = user_permissions_service.list()
Is that last variable, list: the permissions list for the specified user, I ask that because if I print the size of the list for an specific user,
the the
number I get is not correct...
It should work, what do you expect to see and what do you actually see?
Thanks for all in advance to all Manuel
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (2)
-
Manuel Luis Aznar -
Ondra Machacek