On Wed, Dec 14, 2016 at 9:54 AM, Michal Skrivanek < [email protected]> wrote:
> > On 9 Dec 2016, at 16:53, Bill Bill <[email protected]> wrote: > > Hello, > > There seems to be an issue with assigning permissions. When creating a > user, if the user has “create” functionality for a VM, they can also delete > the VM even if “delete” is not checked. Is this by design or perhaps > something that was overlooked? Essentially, I want a user that can > add/modify but not delete. > > > it is probably a bug. worth filing a bug (ovirt-engine, virt) > It's not a bug. This is by design. When user has 'create_vm' permission and he is using UserPortal or filtered REST API, then he will get UserVmManager permission on newly created VM and with this permission you can delete that VM, but not any other vm, only the one you've created. > there’s likely no easy workaround…you can try to create your own role with > only the create permission, but…unlikely > > Thanks, > michal > > _______________________________________________ > Users mailing list > [email protected] > http://lists.phx.ovirt.org/mailman/listinfo/users > > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.phx.ovirt.org/mailman/listinfo/users > >
_______________________________________________ Users mailing list [email protected] http://lists.phx.ovirt.org/mailman/listinfo/users
