[Engine-devel] Managing permissions on network
Moti Asayag
masayag at redhat.com
Tue Nov 13 13:41:08 UTC 2012
On 11/13/2012 03:19 PM, Itamar Heim wrote:
> On 11/13/2012 12:45 PM, Livnat Peer wrote:
>> Interesting point, I think that if a user has permission to create a VM
>> from a specific template we should give him permission to use the
>> template networks on this VM implicitly upon the VM creation.
>
> having a permission to a template does not mean a permission to the
> default network of that VM, especially as we'll use templates more as
> instance types.
If a user is the template's owner he should be capable to modify the its
nics. I'd expect the user will modify the networks of the template only
if he has permissions for the required network.
Else, a user can update the template's nics to any of cluster's network
and to create a VM with a network the user doesn't suppose to use.
> _______________________________________________
> Engine-devel mailing list
> Engine-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/engine-devel
More information about the Engine-devel
mailing list