[jira] [Commented] (CLOUDSTACK-6533) IAM - Templates - Public templates do not have permissions to be used by ROOT group.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13985283#comment-13985283 ] ASF subversion and git services commented on CLOUDSTACK-6533: - Commit 504bd0377d8053a911f9823e06ce288af057446b in cloudstack's branch refs/heads/4.4 from [~minchen07] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=504bd03 ] CLOUDSTACK-6533: IAM - Templates - Public templates do not have permissions to be used by ROOT group. IAM - Templates - Public templates do not have permissions to be used by ROOT group. Key: CLOUDSTACK-6533 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6533 Project: CloudStack Issue Type: Bug Security Level: Public(Anyone can view this level - this is the default.) Components: IAM Affects Versions: 4.4.0 Environment: Build from 4.4 Reporter: Sangeetha Hariharan Assignee: Min Chen Priority: Critical Fix For: 4.4.0 IAM - Templates - Public templates do not have permissions to be used by ROOT group. As regular user create a public template. In iam_policy_permission policy we do not have permission for Admin group. mysql select * from iam_policy_permission where scope_id = 206; +--+---+---++--+--+-++---+-+-+ | id | policy_id | action| resource_type | scope_id | scope| access_type | permission | recursive | removed | created | +--+---+---++--+--+-++---+-+-+ | 4949 | 3 | listTemplates | VirtualMachineTemplate | 206 | RESOURCE | UseEntry| Allow | 0 | NULL| 2014-04-29 11:03:52 | | 4950 | 1 | listTemplates | VirtualMachineTemplate | 206 | RESOURCE | UseEntry| Allow | 0 | NULL| 2014-04-29 11:03:52 | mysql select * from vm_template where id=206; +-+--++--++--+--+-+--+-++-+-++--+-+-+---+-+--+-+-+-+-++--+--+-++--+-+--+ | id | unique_name | name | uuid | public | featured | type | hvm | bits | url | format | created | removed | account_id | checksum | display_text| enable_password | enable_sshkey | guest_os_id | bootable | prepopulate | cross_zones | extractable | hypervisor_type | source_template_id | template_tag | sort_key | size| state | update_count | updated | dynamically_scalable | +-+--++--++--+--+-+--+-++-+-++--+-+-+---+-+--+-+-+-+-++--+--+-++--+-+--+ | 206 | 206-318-179129bc-531f-31fe-a21d-23a8aa7b666f | Public_featured_d2a-G3GJQW | 265192c9-88d3-41d4-b435-6d3c3e5d256a | 1 | 1 | USER | 1 | 64 | http://10.223.110.232:/test.vhd | VHD| 2014-04-29 11:03:52 | NULL|318 | NULL | public and feature Template | 0 | 0 | 12 |1 | 0 | 0 | 1 | Simulator | NULL | NULL |0 | 5242880 | Active |0 | NULL| 0 |
[jira] [Commented] (CLOUDSTACK-6533) IAM - Templates - Public templates do not have permissions to be used by ROOT group.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13984665#comment-13984665 ] ASF subversion and git services commented on CLOUDSTACK-6533: - Commit b2b59ed83a566762c960371717b7998b4719ba70 in cloudstack's branch refs/heads/4.4-forward from [~minchen07] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=b2b59ed ] CLOUDSTACK-6533: IAM - Templates - Public templates do not have permissions to be used by ROOT group. IAM - Templates - Public templates do not have permissions to be used by ROOT group. Key: CLOUDSTACK-6533 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6533 Project: CloudStack Issue Type: Bug Security Level: Public(Anyone can view this level - this is the default.) Components: IAM Affects Versions: 4.4.0 Environment: Build from 4.4 Reporter: Sangeetha Hariharan Assignee: Min Chen Priority: Critical Fix For: 4.4.0 IAM - Templates - Public templates do not have permissions to be used by ROOT group. As regular user create a public template. In iam_policy_permission policy we do not have permission for Admin group. mysql select * from iam_policy_permission where scope_id = 206; +--+---+---++--+--+-++---+-+-+ | id | policy_id | action| resource_type | scope_id | scope| access_type | permission | recursive | removed | created | +--+---+---++--+--+-++---+-+-+ | 4949 | 3 | listTemplates | VirtualMachineTemplate | 206 | RESOURCE | UseEntry| Allow | 0 | NULL| 2014-04-29 11:03:52 | | 4950 | 1 | listTemplates | VirtualMachineTemplate | 206 | RESOURCE | UseEntry| Allow | 0 | NULL| 2014-04-29 11:03:52 | mysql select * from vm_template where id=206; +-+--++--++--+--+-+--+-++-+-++--+-+-+---+-+--+-+-+-+-++--+--+-++--+-+--+ | id | unique_name | name | uuid | public | featured | type | hvm | bits | url | format | created | removed | account_id | checksum | display_text| enable_password | enable_sshkey | guest_os_id | bootable | prepopulate | cross_zones | extractable | hypervisor_type | source_template_id | template_tag | sort_key | size| state | update_count | updated | dynamically_scalable | +-+--++--++--+--+-+--+-++-+-++--+-+-+---+-+--+-+-+-+-++--+--+-++--+-+--+ | 206 | 206-318-179129bc-531f-31fe-a21d-23a8aa7b666f | Public_featured_d2a-G3GJQW | 265192c9-88d3-41d4-b435-6d3c3e5d256a | 1 | 1 | USER | 1 | 64 | http://10.223.110.232:/test.vhd | VHD| 2014-04-29 11:03:52 | NULL|318 | NULL | public and feature Template | 0 | 0 | 12 |1 | 0 | 0 | 1 | Simulator | NULL | NULL |0 | 5242880 | Active |0 | NULL| 0 |