[ovirt-users] Removing all the Users Permission on Data Center

Manuel Luis Aznar manuel.luis.aznar at gmail.com
Mon Mar 13 12:19:25 UTC 2017 

Hello there again,

I was fighting with the permissions yesterday night and in the end I find
out all was fine. There was an Everyone permission that confused me...

The main thing here is that we have an application that use the ovirt sdk
version 3 and we want to migrate it to the ovirt sdk version 4.

This is the function in the ovirt sdk 3 literally is (userid and dc is
string type):

def ovirt_remove_dc_permissions(userid, dc):
    kvm = ovirt_connect()

    u = kvm.users.get(id=userid)
    for perm in u.permissions.list():
        udc = perm.get_data_center()
        if udc:
            globaldc = kvm.datacenters.get(id=udc.get_id())
            if globaldc.get_name() == dc:
                perm.delete()

    kvm.disconnect()

The function on the ovirt sdk 4 is:

    def ovirt_remove_dc_permissions(self, userid, dc):
        connection = self.ovirt_connect()

        system_service = connection.system_service()
        permissions_service = system_service.permissions_service()
        users_service = system_service.users_service()
        data_centers_service = system_service.data_centers_service()

        data_center=None
        for data_center_aux in data_centers_service.list():
            if data_center_aux.name == dc:
                data_center = data_center_aux
                break

        user_service = users_service.user_service(id=userid)
        user_permission_service = user_service.permissions_service()

        for permission in user_permission_service.list():
            udc = permission.data_center
            if udc:
                if udc.id == data_center.id:
                    permission_service =
permissions_service.permission_service(id=permission.id)
                    permission_service.remove()

        connection.close()

In the end I manage to translate from ovirt SDK v3 to ovirt SDK 4

Thanks again and sorry for this late response once more time.
Manuel


2017-02-22 16:23 GMT+00:00 Manuel Luis Aznar <manuel.luis.aznar at gmail.com>:

> Hello there,
>
> Thanks for yours answer.
>
> I will try your note.
>
> We have an oVirt test installation (very litle users and few permissions,
> so you can count permissions) and if I try to get the permissions with the
> users entry point, I got a wrong number of them.
>
> user_service = users_service.user_service(id=user.id)
>
> user_permissions_service = user_service.permissions_service()
>
> list = user_permissions_service.list()
>
> The list "list" have wrong number of permissions...Do not know if this is
> a bug or what, I will double check later on. In case I am wrong I will be
> writing to you again.
>
> Thanks again
> Manuel
>
>
>
> 2017-02-22 12:01 GMT+00:00 Ondra Machacek <omachace at redhat.com>:
>
>> On Wed, Feb 22, 2017 at 10:16 AM, Manuel Luis Aznar
>> <manuel.luis.aznar at gmail.com> wrote:
>> > Hello there,
>> >
>> > I need to remove the specific Users Permission a user have in a
>> DataCenter.
>> >
>> > I manage to do it in this way:
>> >
>> > username = "..."
>> > dc = "..."
>> >
>> > system_service = connection.system_service()
>> > users_service = system_service.users_service()
>> > data_centers_service = system_service.data_centers_service()
>> >
>> > # Getting the User object
>> > for user in users_service.list():
>> >     if username in user.user_name:
>> >         break
>> >
>> > # Getting the DataCenter object
>> > for data_center in data_centers_service.list():
>> >     if dc in data_center.name:
>> >         break
>>
>> Just a note that you can use:
>>
>>    data_center = data_centers_service.list(search='name=dc')[0]
>>
>>
>> >
>> > # Getting DataCenter service and its Permission Service
>> > data_center_service =
>> > data_centers_service.data_center_service(id=data_center.id)
>> > data_center_permissions_service = data_center_service.permission
>> s_service()
>> >
>> > # Getting the Permission for the User in the DataCenter
>> > for data_center_permission in data_center_permissions_service.list():
>> >     data_center_permission_user = data_center_permission.user
>> >     if data_center_permission_user:
>> >         if data_center_permission_user.id == user.id:
>> >             data_center_permission_user.remove()
>> >
>> > As you can see I can do it, but, I am using the permissions of the
>> > DataCenter and this list could be very long.
>> >
>> > In the old ovirtsdk (version 3) this was done by the following:
>> >
>> > u = kvm.users.get(id=userid)
>> > for perm in u.permissions.list():
>> >    udc = perm.get_data_center()
>> >       if udc:
>> >          globaldc = kvm.datacenters.get(id=udc.get_id())
>> >          if globaldc.get_name() == dc:
>> >             perm.delete()
>> >
>> > that last piece of code iterate by the user permission list and delete
>> the
>> > specific Data Center permission. I have been trying this doing the
>> > following:
>> >
>> > user_service = users_service.user_service(id=user.id)
>> >
>> > user_permissions_service = user_service.permissions_service()
>> >
>> > list = user_permissions_service.list()
>> >
>> > Is that last variable, list: the permissions list for the specified
>> user, I
>> > ask that because if I print the size of the list for an specific user,
>> the
>> > number I get is not correct...
>>
>> It should work, what do you expect to see and what do you actually see?
>>
>> >
>> > Thanks for all in advance to all
>> > Manuel
>> >
>> > _______________________________________________
>> > Users mailing list
>> > Users at ovirt.org
>> > http://lists.ovirt.org/mailman/listinfo/users
>> >
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170313/4891efa6/attachment-0001.html>

More information about the Users mailing list