On 03/15/2012 05:34 PM, Omer Frenkel wrote:
> > 1. "Create disk - requires permissions on the Storage Domain,
> > (can't
> > assume Quota is sufficient to permit user creating the disk on the
> > Storage Domain, as Quota might be disabled)"
> >
> > I'd also specify create disk for regular disks is at storage domain
> > level?, while direct lun disks require system level permission of
> > add disk.
> >
> > so, if quota is disabled, how important is it to prevent creation
> > of
> > disks (other than direct lun ones, which would require a permission
> > similar to storage domain creation)?
> >
> > if this is added, it has to be implicitly added / not needed if
> > user has
> > quota (i.e., having a quota should be similar to having a
> > permission as
> > far as the check goes).
> >
>
> We should look into it, how complicate is it to validate if user has
> either quota or permission, and allow creating a disk on a SD if
> either
> exists.
this might be confusing to the user as he can disable the quota,
then stuff would stop working.
we can't require both quota and permissions from user on storage domains
- that's cumbersome.
question is if we can limit the need for permissions to disks only to
places where they are needed (shared, direct, floating)?
_______________________________________________
Engine-devel mailing list
Engine-devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-devel
