[ovirt-users] user permissions

Jorick Astrego j.astrego at netbulae.eu
Tue Jul 22 09:26:38 UTC 2014 

I had it set on the system (with the configure button) and the DC but 
tried every combination I could think off.

Also created a new user type role with all the user permissions selected.

Kind regards,
Jorick Astrego



On 07/22/2014 11:16 AM, Oved Ourfali wrote:
> On what object did you assign the PowerUser role?
> A permission consist of user+role+object.
>
> ----- Original Message -----
>> From: "Jorick Astrego" <j.astrego at netbulae.eu>
>> To: users at ovirt.org
>> Sent: Tuesday, July 22, 2014 11:43:43 AM
>> Subject: Re: [ovirt-users] user permissions
>>
>> Hi,
>>
>> Sorry let be a bit more clear. I want to have a user that can log into the
>> user portal and create vm's, stop them, add disks etc. But only as a user.
>>
>> I tried the poweruser role and can do all things except creating a new VM. I
>> also want the user to only see and manipulate his own VM's and not the other
>> ones running on the same system.
>>
>> Even with the PowerUser role, I am not able to create a new VM as this user.
>> Also when I edit the built-in PowerUser role, I only see the following
>> rights selected:
>>
>> Login Permissions
>>
>> Template
>>
>> Provisioning Operations
>> Create
>>
>> VM
>>
>>
>> Provisioning Operations
>> Edit properties
>> Create
>>
>> Disk
>>
>> Provisioning Operations
>> Create
>>
>> Everything else is deselected.
>>
>> Kind regards,
>>
>> Jorick Astrego
>> Netbulae
>>
>> On 07/22/2014 10:35 AM, Oved Ourfali wrote:
>>
>>
>>
>> Hi
>>
>> You didn't really specify what you would like to accomplish, and what
>> permissions were granted and on what object.
>> In general, we have two types of roles: User and Admin roles.
>> If a user has any admin role on any object, then he can login to the admin
>> portal.
>> So, as long as you don't assign the user with admin role he will not be able
>> to login to the admin portal.
>>
>> Giving PowerUser role on a DC will allow the user to create VMs and Disks
>> through the user portal.
>> Is that what you would like to accomplish?
>>
>> Oved
>>
>> ----- Original Message -----
>>
>>
>>
>> From: "Jorick Astrego" <j.astrego at netbulae.eu> To: users at ovirt.org Sent:
>> Tuesday, July 22, 2014 11:32:16 AM
>> Subject: [ovirt-users] user permissions
>>
>> Hi,
>>
>> In our 3.4.3 environment I started adding external users (it is
>> connected to a freeipa server) and I'm having some problems setting the
>> correct permissions.
>>
>> When I give all user roles to a user, I cannot create a vm and get an
>> error "User is not authorized to perform this action". I tried setting
>> it on the system level, DC level and cluster level.
>>
>> I needed to give this user an administrator role with only exactly the
>> same vm and disk permissions (nothing extra) and things work ok, but he
>> can now login to the admin portal. So I blocked it with a .htaccess
>> which is not the prettiest solution.
>>
>> Am I doing things wrong?
>>
>> Also the user disappeared from the "System permissions" overview but can
>> still login, which is a bit weird.
>>
>> Kind regards,
>>
>> Jorick Astrego
>> Netbulae
>>
>> _______________________________________________
>> Users mailing list Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>

More information about the Users mailing list