Re: [ovirt-users] seem that SuperUser role isn't super.
But admin can't even edit own profile in admin UI, using links at top(specially designed for that), it looks like a bug) -- Wednesday, February 8, 2017, 00:31:19: > Hi Sergey, > One thing that confused me when I first started was the difference between > Admin permissions and User permissions. They are, apparently, two > separate sets, and which set gets looked at depends on which portal you're > using. If you give someone a User permission they can't use the admin > functions (even if those admin functions require the same permission), and > vice-versa (and admin role can't use the user functions). > This bit me early on. > -derek > On Tue, February 7, 2017 4:26 pm, Sergey Kulikov wrote: >> >> I've tried to add publickey to user, that have SuperUser role defined >> (tried as admin@internal, and as another user with SuperUser role), >> But UI says, that no permission for logged in user, finally I was able to >> add publickey only after assigning UserProfileEditor role to that users. >> >> oVirt 4.1 >> engine log: >> 2017-02-08 00:09:27,525+03 INFO >> [org.ovirt.engine.core.bll.AddUserProfileCommand] (default task-3) >> [e64e31a3-5fdd-414a-a882-737a638162a7] No permission found for user >> '002c-002c-002c-002c-018a' or one of the groups he is member >> of, when running action 'AddUserProfile', Required permissions are: Action >> type: 'USER' Action group: 'EDIT_PROFILE' Object type: 'System' Object >> ID: '002c-002c-002c-002c-018a'. >> >> -- >> >> ___ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] seem that SuperUser role isn't super.
And also it seems strange, that user can't edit own profile, or it was designed that way? If user disallowed to edit own profile there is even no way for admin to manage user keys, I can't find such options in UI for editing user profiles, only for assigning permissions. or maybe I need to add global role for everyone to allow editing own profile? -- Wednesday, February 8, 2017, 00:26:00: > I've tried to add publickey to user, that have SuperUser role > defined (tried as admin@internal, and as another user with SuperUser role), > But UI says, that no permission for logged in user, finally I was > able to add publickey only after assigning UserProfileEditor role to that > users. > oVirt 4.1 > engine log: > 2017-02-08 00:09:27,525+03 INFO > [org.ovirt.engine.core.bll.AddUserProfileCommand] (default task-3) > [e64e31a3-5fdd-414a-a882-737a638162a7] No permission found for user > '002c-002c-002c-002c-018a' or one of the groups he is > member of, when running action 'AddUserProfile', Required > permissions are: Action type: 'USER' Action group: 'EDIT_PROFILE' > Object type: 'System' Object ID: > '002c-002c-002c-002c-018a'. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] seem that SuperUser role isn't super.
Hi Sergey, One thing that confused me when I first started was the difference between Admin permissions and User permissions. They are, apparently, two separate sets, and which set gets looked at depends on which portal you're using. If you give someone a User permission they can't use the admin functions (even if those admin functions require the same permission), and vice-versa (and admin role can't use the user functions). This bit me early on. -derek On Tue, February 7, 2017 4:26 pm, Sergey Kulikov wrote: > > I've tried to add publickey to user, that have SuperUser role defined > (tried as admin@internal, and as another user with SuperUser role), > But UI says, that no permission for logged in user, finally I was able to > add publickey only after assigning UserProfileEditor role to that users. > > oVirt 4.1 > engine log: > 2017-02-08 00:09:27,525+03 INFO > [org.ovirt.engine.core.bll.AddUserProfileCommand] (default task-3) > [e64e31a3-5fdd-414a-a882-737a638162a7] No permission found for user > '002c-002c-002c-002c-018a' or one of the groups he is member > of, when running action 'AddUserProfile', Required permissions are: Action > type: 'USER' Action group: 'EDIT_PROFILE' Object type: 'System' Object > ID: '002c-002c-002c-002c-018a'. > > -- > > ___ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > -- Derek Atkins 617-623-3745 de...@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] seem that SuperUser role isn't super.
I've tried to add publickey to user, that have SuperUser role defined (tried as admin@internal, and as another user with SuperUser role), But UI says, that no permission for logged in user, finally I was able to add publickey only after assigning UserProfileEditor role to that users. oVirt 4.1 engine log: 2017-02-08 00:09:27,525+03 INFO [org.ovirt.engine.core.bll.AddUserProfileCommand] (default task-3) [e64e31a3-5fdd-414a-a882-737a638162a7] No permission found for user '002c-002c-002c-002c-018a' or one of the groups he is member of, when running action 'AddUserProfile', Required permissions are: Action type: 'USER' Action group: 'EDIT_PROFILE' Object type: 'System' Object ID: '002c-002c-002c-002c-018a'. -- ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users