[ovirt-users] Problems while adding external event to ovirt

Oved Ourfali ovedo at redhat.com
Thu Dec 11 07:48:32 UTC 2014


According to the log he is looking for the INJECT_EXTERNAL_EVENTS action group, on the System.
I guess it means this action group isn't part of the SuperUser role.

Eli - you commit ecd7658c42b799d8632372de9fc6695a22705435 shows you added this action group, but not added to the SuperUser role.
What was the reason for that?
I also don't see an option to add this action group to roles.
Maybe only the API supports creating a new custom role with this action group.

Thanks,
Oved

----- Original Message -----
> From: "plysan" <plysab at gmail.com>
> To: "Users at ovirt.org List" <users at ovirt.org>
> Sent: Thursday, December 11, 2014 9:20:34 AM
> Subject: Re: [ovirt-users] Problems while adding external event to ovirt
> 
> Oh, forgot the environment:
> 
> ovirt-engine-backend-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
> ovirt-engine-restapi-3.5.1-0.0.master.20141112062025.git2c24911.el6.noarch
> 
> 2014-12-11 15:18 GMT+08:00 plysan < plysab at gmail.com > :
> 
> 
> 
> Hi,
> 
> When I try to add an external event to ovirt using curl, I get permission
> issue:
> 
> $ curl -X POST --insecure -u admin at internal:abc123 -H "Content-Type:
> application/json" https://192.168.3.226/ovirt-engine/api/events --data
> '{"origin":"thirdParty","severity":"normal","custom_id":"123","description":"hello
> external event."}'
> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
> <fault>
> <reason>Operation Failed</reason>
> <detail>[User is not authorized to perform this action.]</detail>
> </fault>
> 
> The engine.log says:
> 
> 2014-12-11 14:52:33,725 INFO [org.ovirt.engine.core.bll.aaa.LoginUserCommand]
> (ajp--127.0.0.1-8702-7) Running command: LoginUserCommand internal: false.
> 2014-12-11 14:52:33,732 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event
> ID: -1, Message: User admin logged in.
> 2014-12-11 14:52:33,750 INFO
> [org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7)
> [6947ffae] No permission found for user fdfc627c-d875-11e0-90f0-83df133b58cc
> or one of the groups he is member of, when running action AddExternalEvent,
> Required permissions are: Action type: ADMIN Action group:
> INJECT_EXTERNAL_EVENTS Object type: System Object ID:
> aaa00000-0000-0000-0000-123456789aaa.
> 2014-12-11 14:52:33,751 WARN
> [org.ovirt.engine.core.bll.AddExternalEventCommand] (ajp--127.0.0.1-8702-7)
> [6947ffae] CanDoAction of action AddExternalEvent failed.
> Reasons:USER_NOT_AUTHORIZED_TO_PERFORM_ACTION
> 2014-12-11 14:52:33,765 ERROR
> [org.ovirt.engine.api.restapi.resource.AbstractBackendResource]
> (ajp--127.0.0.1-8702-7) Operation Failed: [User is not authorized to perform
> this action.]
> 2014-12-11 14:52:33,779 INFO
> [org.ovirt.engine.core.bll.aaa.LogoutBySessionCommand]
> (ajp--127.0.0.1-8702-7) [21c639e1] Running command: LogoutBySessionCommand
> internal: false.
> 2014-12-11 14:52:33,780 INFO
> [org.ovirt.engine.core.bll.aaa.LogoutUserCommand] (ajp--127.0.0.1-8702-7)
> [6de8f467] Running command: LogoutUserCommand internal: false.
> 2014-12-11 14:52:33,790 INFO
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-7) [6de8f467] Correlation ID: 6de8f467, Call Stack:
> null, Custom Event ID: -1, Message: User admin logged out.
> 
> Is this the expected behavior? Or is there anything i missed?
> 
> thanks
> 
> 
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 



More information about the Users mailing list