Hi All, Thank you Roy, this is working now as expected, however, I think the Edit button, should be removed for this user, there is no need to display the edit button if the user cannot use it to perform any operation, am I missing something ?
Best regards On Wed, May 16, 2018 at 9:12 AM, Peter Hudec <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > I have found 2 related bug, a little bit older > > https://bugzilla.redhat.com/show_bug.cgi?id=1209505 > https://bugzilla.redhat.com/show_bug.cgi?id=1225274 > > But these are related only to DiskProfile. > > I haven't found any work about 'Everyone' group in documentation, so > I'm little bit confused why there is such a group. > > Peter > > On 15/05/2018 23:02, Peter Hudec wrote: > > Hi, > > > > I'm fancing the same problem. > > > > The steps are - create user /tester/ using the ovirt-aaa-jdbc-tool > > - login as admin into admin portal - add tester user in > > Administation -> Users - choose one VM and add UserRole role > > > > - login as testr into User Potal - user could see all VM.. > > > > The problem could be, that the user is part of the group Everyone > > and this group could be found in Administration -> Configure > > > System Permissions. When you check the group permisson, it seems > > to be automatically populated by engine. > > > > In my case I[m using default DC, default cluster and 'internal' > > profile . > > > > Seems that all engine object is included in Everyone group. > > > > regards Peter > > > > On 15/05/2018 22:03, Roy Golan wrote: > > > > > >> On Tue, 15 May 2018 at 21:47 Aziz <[email protected] > >> <mailto:[email protected]>> wrote: > > > >> Hi Roy, > > > >> Thanks for your feedback, I'm unable to remove the user from the > >> cluster, I used the command "|ovirt-aaa-jdbc-tool user add|" to > >> add the new user, and it seems that by default it took all > >> permissions over the cluster. Is there any document describing > >> this feature in details ? > > > > > > > >> In the webadmin go to Administration -> Configure > System > >> Permissions. If the user is there, remove him. Then search for > >> the VM and add permissions to the user on the VM Check your end > >> result in the 'permisions' section of the VM to see who has > >> permissions on it. > > > >> This should be helpful, quite long though > >> https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles/ > > > >> > >> > > > > This is for the tool itself > >> https://www.ovirt.org/develop/release-management/features/infra/aaa-j > d > > > >> > >> > bc/ > > > > > > > > > >> Thanks > > > >> On Tue, May 15, 2018 at 6:31 PM, Roy Golan <[email protected] > >> <mailto:[email protected]>> wrote: > > > >> 1. Make sure your users use the VM portal 2. Assign permission on > >> VM to a certain user to make sure it apears in the portal. The > >> Role should be VmOperator afaik. > > > >> Permission set on objects higher in the hierarchy are cascading, > >> i.e a user with permission on a cluster would have the permission > >> on the all the vm in cluster. > > > > > >> On Tue, 15 May 2018 at 20:59 Aziz <[email protected] > >> <mailto:[email protected]>> wrote: > > > >> Hi list, > > > >> I'm trying to remove the default "everyone" user from Ovirt, so > >> that each user can have access to its own interface to manage a > >> unique VM. I wonder if this is possible, because so far I'm > >> unable to remove everyone user. > > > >> Thank you > > > > > >> _______________________________________________ Users mailing > >> list -- [email protected] <mailto:[email protected]> To unsubscribe > >> send an email to [email protected] > >> <mailto:[email protected]> > > > > > > > > > >> _______________________________________________ Users mailing > >> list -- [email protected] To unsubscribe send an email to > >> [email protected] > > > > > > > > > > - -- > *Peter Hudec* > Infraštruktúrny architekt > [email protected] <mailto:[email protected]> > > *CNC, a.s.* > Borská 6, 841 04 Bratislava > Recepcia: +421 2 35 000 100 > > Mobil:+421 905 997 203 > *www.cnc.sk* <http:///www.cnc.sk> > > -----BEGIN PGP SIGNATURE----- > > iQIzBAEBCgAdFiEEqSUbhuEwhryifNeVQnvVWOJ35BAFAlr79fIACgkQQnvVWOJ3 > 5BBGXxAAsa0Rhs+bCisRfnD665bvRpA81yoRRJQFVYSnDZOqWVZzzTsnY4CtBAOM > MG4CTvbvHXHCL304O0a4xBqpwINzcXSieyx2Vqbcxe2Fq+VRqRgq+z+3wm1L26Eb > 6KraPpTlieXmbvYD2Wfu8PcGS1JFwS37FnV98EadiPCahPO7JQUBRLaErQZvi986 > BZ7x/qUZWk5C4sEkP+eCM/94u3ZaMB4LSLXJqvHLpRYEGs1aOc4xhrxWVO2HLc4t > aaVveS40rufogjjHzV0E++fx9XFpHpIHwfG8DsVZsIz5yyq9qQz+mt0gmvM7A81m > myJQit/bQ/9j/ew/7pJNKtmv4fOB4hkCrn9tgLyhc9JIvRGmG9zymMloXdSAWvqr > eKSsVOcInmgb+gsKS0upIR+Ow3zGeUzwkHdqTJAtNtyg66DpNKvT2B010t86vO9z > 4ggTVcMG/+Y2c3Zu78yCSSI+0rO/R+kSTL/v8QlCk5ke4OW5iXNEIFhuUZY8905U > OesB27XqXdJtZibaL6YGNG3f8GcaQgNhkGPmzVxIge+KQNwLOyV4VIJaYEFAiJgz > H2OIGzKKk97OhWmRm68NUYebdyG6Pi6SL2M3fhzb0Qn/YiUCr/GygQfd455ok81e > tF5UxMz1mHSN9UQV30GaPy+pR70bh3AF83E4vmjznKAmhspBB68= > =7qJi > -----END PGP SIGNATURE----- > _______________________________________________ > Users mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected]
