On 11/23/2012 01:10 AM, Eli Mesika wrote:
----- Original Message -----
From: "Itamar Heim" <[email protected]>
To: "Christopher Morrissey" <[email protected]>
Cc: "Eli Mesika" <[email protected]>, "engine-devel" <[email protected]>
Sent: Thursday, November 22, 2012 8:35:56 AM
Subject: Re: [Engine-devel] Design review summary for 3.2 - adding support for
External Events
On 11/20/2012 04:07 PM, Morrissey, Christopher wrote:
...
Hi Eli,
I've perused the design and it looks very good for the purpose
of
adding events to the log as back end tasks on the NetApp VSC are
started and complete.
I do have one question. As part of the new UI plugin framework
that
Vojtech is working on he added the capability to retrieve a
session
ID that will be used outside of the oVirt engine to invoke REST
API
calls. I'm assuming this session would have the same role as the
user that is currently logged in.
According to the event log design, only the Super user will have
permissions to add events by default. This would mean that if
anyone
other than the super user is logged in and performing any tasks
through the NetApp plugin, the server side of the VSC will
likely
not be able to log events. This could be confusing for users as
sometimes they see events showing up giving them information on
the
task progress and sometimes they don't depending on the role
logged
in.
Would it make sense to allow all roles to log events by default?
I'm
not sure what security problems would arise given that it is
just a
log and they would be tagged as external events.
Hi Christopher, our security model implies a black-list,
oops, I meant white-list of course ....
That's what I figured. :)
so, I don;t
think this is possible
But still, a super-user can of course give the permission to add
new
events to all Roles in the system and you will have the same
result.
Does that make sense ?
That does make sense. We'll likely just try to use the API to log
events when starting a task and if we receive an error we can
bubble that up to the user letting them know that they need to
either get the right permission or accept that they won't get
messages in the oVirt log while the task completes.
Eli - not that the design includes checking for permissions on
objects,
why wouldn't we add this permission (ActionGroup) to other admin
roles
as well?
You mean in DB upgrade , right ?
well, in design, but then yes, as part of upgrade to fix the relevant
pre-defined roles
this is only for admin roles, not user roles. what's the risk in
allowing admins to inject external events?
IIUC , you are right , no risk
_______________________________________________
Engine-devel mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-devel
