Itamar Heim has posted comments on this change. Change subject: webadmin: Restrict destination host parameter for administrator only ......................................................................
Patch Set 1: Omer wrote: "hough this might work, this approach is different from the MLA approach used all over the engine. i think that in case (different) host was sent to run on, we need to ask if the user has specific permission on the vm, or use "EDIT_VM_PROPERTIES" which makes sense to me (if user can update the vm and change the default host, he can change it on the run..). my opinion is that using isAdmin is misleading and limited" I think the check should be that user has EDIT_VM_PROPERTIES from a user role, or, we need to add to admin EDIT_ADMIN_VM_PROPERTIES and check for that. -- To view, visit http://gerrit.ovirt.org/11303 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I5294854d24b235f2c50fa7f3d4e7472cf7598b53 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Libor Spevak <[email protected]> Gerrit-Reviewer: Einav Cohen <[email protected]> Gerrit-Reviewer: Gilad Chaplik <[email protected]> Gerrit-Reviewer: Itamar Heim <[email protected]> Gerrit-Reviewer: Libor Spevak <[email protected]> Gerrit-Reviewer: Michael Pasternak <[email protected]> Gerrit-Reviewer: Omer Frenkel <[email protected]> Gerrit-Reviewer: Tomas Jelinek <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
