[ovirt-users] user permissions
Zhong Qiang
xiaoqiang3243 at gmail.com
Thu Jan 11 03:19:29 UTC 2018
according to the description of this article:
https://gerrit.ovirt.org/#/c/74173/
Changed the value of property 'ENGINE_API_FILTER_BY_DEFAULT' to
false,but it still did not work.BTW. My Ovirt is 4.2.0.2-1
thanks.
2018-01-11 10:57 GMT+08:00 Zhong Qiang <xiaoqiang3243 at gmail.com>:
> Hi,
>
> I tried to give a user the permissions for vms. when this user log in
> vm portal ,get messages "No VM available."
> this user was granted follow roles:
> UserVmManager
> UserRole
>
> engine logs:
> 2018-01-10 20:32:33,938-05 INFO [org.ovirt.engine.core.bll.AddPermissionCommand]
> (EE-ManagedThreadFactory-engine-Thread-7438) [9b5a405a-c956-4d69-b286-f6b22cbf3c12]
> Running command: AddPermissionCommand internal: false. Entities affected :
> ID: 1cf75959-7992-43fe-a1f7-ed6c0c48fd35 Type: VMAction group
> MANIPULATE_PERMISSIONS with role type USER, ID: 1cf75959-7992-43fe-a1f7-ed6c0c48fd35
> Type: VMAction group
> ADD_USERS_AND_GROUPS_FROM_DIRECTORY with role type USER
> 2018-01-10 20:32:33,944-05 INFO [org.ovirt.engine.core.bll.aaa.AddUserCommand]
> (EE-ManagedThreadFactory-engine-Thread-7438) [787deac0] Running command:
> AddUserCommand internal: true. Entities affected :
> ID: aaa00000-0000-0000-0000-123456789aaa Type: SystemAction group
> MANIPULATE_USERS with role type ADMIN
> 2018-01-10 20:32:33,981-05 INFO [org.ovirt.engine.core.dal.
> dbbroker.auditloghandling.AuditLogDirector] (EE-ManagedThreadFactory-engine-Thread-7438)
> [787deac0] EVENT_ID: USER_ADD(149), User 'zhongq at ctcnet.com' was added
> successfully to the system.
> 2018-01-10 20:32:34,036-05 INFO [org.ovirt.engine.core.dal.
> dbbroker.auditloghandling.AuditLogDirector] (EE-ManagedThreadFactory-engine-Thread-7438)
> [787deac0] EVENT_ID: USER_ADD_PERMISSION(850), User/Group
> zhongq at ctcnet.com, Namespace DC=ctcnet,DC=com, Authorization provider:
> ctcnet.com-authz was granted permission for Role UserRole on VM
> ubuntu16.04-64, by admin at internal-authz.
>
>
> 2018-01-10 20:38:06,263-05 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils]
> (default task-4) [] User zhongq at ctcnet.com successfully logged in with
> scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal
> ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all
> ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search
> ovirt-ext=token-info:validate ovirt-ext=token:passwor
> d-access
> 2018-01-10 20:38:06,301-05 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand]
> (default task-5) [2a6c3d14] Running command: CreateUserSessionCommand
> internal: false.
> 2018-01-10 20:38:06,338-05 INFO [org.ovirt.engine.core.dal.
> dbbroker.auditloghandling.AuditLogDirector] (default task-5) [2a6c3d14]
> EVENT_ID: USER_VDC_LOGIN(30), User zhongq at ctcnet.com@ctcnet.com-authz
> connecting from '10.10.19.228' using session 'z0/9HgB4mjzfDnIN4P/
> fe4A3fzwWIWWcR9xKDvsI/XXgHZApjRp1BCufgtSK6n3kvA/ScdP4qqGqiX01lyJHSQ=='
> logged in.
> 2018-01-10 20:38:06,956-05 ERROR [org.ovirt.engine.core.bll.GetSystemStatisticsQuery]
> (default task-14) [06c80cc6-ad15-4d82-a907-21ab9a5c1cc4] Query execution
> failed due to insufficient permissions.
> 2018-01-10 20:38:07,044-05 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery]
> (default task-20) [1b7a6564-534d-4df5-a2b7-52da214b95cd] Query execution
> failed due to insufficient permissions.
> 2018-01-10 20:38:07,045-05 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource]
> (default task-20) [] Operation Failed: query execution failed due to
> insufficient permissions.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180111/1618de76/attachment.html>
More information about the Users
mailing list