[ovirt-users] api access with poweruser role

Jorick Astrego j.astrego at netbulae.eu
Wed Oct 28 06:29:01 EDT 2015



On 10/26/2015 03:14 PM, Jorick Astrego wrote:
>
>
> On 10/26/2015 02:57 PM, Ondra Machacek wrote:
>>
>>
>> On 10/26/2015 02:53 PM, Jorick Astrego wrote:
>>> Hi,
>>>
>>> Currently I'm trying to add an ovirt compute resource in forman that
>>> is limited to the VM's of the user.
>>>
>>> When I give this user the PowerUser role, I cannot access the api:
>>>
>>>     query execution failed due to insufficient permissions
>>>
>>
>> Are you sending header 'Filter: true' with the request ?
>> If your user is not admin(PowerUserRole is not admin role),
>> you have to use this header.
>>
>>
>

Hmm, not much response on foreman-users..

I checked the code of fog in my foreman install (
/opt/rh/ruby193/root/usr/share/gems/gems/fog-1.32.0/lib/fog/ovirt/compute.rb
) and it appears to have the correct option merged:

              connection_opts[:filtered_api]  = options[:ovirt_filtered_api]


But I don't know what url the foreman actually generates, is there any
way to capture the login string? I tried setting some DEBUG logging but
don't get the output I'm looking for.

            <logger category="org.ovirt.engine.core.bll.SearchQuery">
                    <level name="DEBUG"/>
            </logger>
            <logger
    category="org.ovirt.engine.core.bll.aaa.LoginUserCommand">
                    <level name="DEBUG"/>
            </logger>
            <logger
    category="org.ovirt.engine.api.restapi.resource.AbstractBackendResource">
                    <level name="DEBUG"/>
            </logger>








Met vriendelijke groet, With kind regards,

Jorick Astrego

Netbulae Virtualization Experts 

----------------

	Tel: 053 20 30 270 	info at netbulae.eu 	Staalsteden 4-3A 	KvK 08198180
 	Fax: 053 20 30 271 	www.netbulae.eu 	7547 TA Enschede 	BTW NL821234584B01

----------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20151028/90cc9c27/attachment-0001.html>


More information about the Users mailing list