On 03/19/2012 12:47 PM, Einav Cohen wrote: > 1. > According to the wiki, these are the new Action Groups that will be added: > CREATE_DISK - AddDisk, AddDiskToVm > EDIT_DISK_PROPERTIES - UpdateDisk, UpdateVM, Activate/Deactivate > ATTACH_DISK - AttachDiskToVm > CONFIGURE_DISK_STORAGE - MoveOrCopyDisk > DELETE_DISK - RemoveDisk, RemoveVm > > Currently we have: > CONFIGURE_VM_STORAGE - AddDiskToVm, RemoveDisksFromVm, UpdateVmDisk > > So, since "AddDiskToVm" has moved to "CREATE_DISK", it will now be: > CONFIGURE_VM_STORAGE - RemoveDisksFromVm, UpdateVmDisk > > - Is there a difference between RemoveDisk and RemoveDisksFromVm? If so, what > is the difference? > - Is there a difference between UpdateDisk and UpdateVmDisk? If so, what is > the difference? > [If answer to both questions is "no", CONFIGURE_VM_STORAGE action-group > should be removed; this should be considered in the upgrade process]
This point should be taken into consideration when design/implementation of new verbs (RemoveDisk / UpdateDisk ) is done. > > 2. [Michael/Daniel] (more related to the floating disks feature): In which > Action Group will "DetachDiskFromVm" reside? > > 3. "Updated Roles: VM Operator should be extended with permissions on Disk" - > note that all other pre-defined roles that have "UpdateVM" within them (and > most of them do, AFAIK) should also be extended with the extra Disk-related > ActionGroups (otherwise we can reach strange situations in which a Cluster > Admin can do everything in his cluster except manipulate Disks in his VMs, > for example). Updated wiki: http://www.ovirt.org/wiki/Features/DiskPermissions#Updated_Roles > > 4. "Upgrade DB: Add Disk Operator role to users that have VM Operators to > allow permissions on Disks": > - I assume that you mean that Disk Operator *permissions* should be added on > the relevant *Disks* to the "VM Operator" users. > - I suggest to add these during upgrade not only for "VM Operators" but for > all users that have a direct permission on a VM which is associated with any > Role that contains the action "UpdateVM". > Updated wiki: http://www.ovirt.org/wiki/Features/DiskPermissions#Upgrade_DB > 5. GUI will need a new query: GetAllAttachableDisks. > - This query should be an Admin + User query and will have two "flavors": > Admin and User (using the "isFiltered" property). > - With "isFiltered = false" (will be used for the admin portal), it should > return a list of all floating and/or sharable disks. > - With "isFiltered = true" (will be used in the power user portal), it > should return a list of all floating and/or sharable disks on which the user > has permissions. > > > ---- > Thanks, > Einav > > ----- Original Message ----- >> From: "Moti Asayag" <masa...@redhat.com> >> To: engine-devel@ovirt.org >> Sent: Wednesday, March 14, 2012 2:20:18 AM >> Subject: [Engine-devel] Disk Permissions Feature >> >> Hi all, >> >> Disk Permissions feature description Wiki page: >> http://www.ovirt.org/wiki/Features/DiskPermissions >> >> Please share your comments. >> >> Thanks, >> Moti >> >> _______________________________________________ >> Engine-devel mailing list >> Engine-devel@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/engine-devel >> _______________________________________________ Engine-devel mailing list Engine-devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel
