-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi all,
works !! ;) Seems that there is some caching in User Portal. But there is still a question how could I remove user from the role everyone ? For example I want to assign only specific vNIC Profiles, Storage Domains, ... Peter On 16/05/2018 14:57, Aziz wrote: > Hi All, > > Thank you Roy, this is working now as expected, however, I think > the Edit button, should be removed for this user, there is no need > to display the edit button if the user cannot use it to perform > any operation, am I missing something ? > > > Best regards > > On Wed, May 16, 2018 at 9:12 AM, Peter Hudec <phu...@cnc.sk > <mailto:phu...@cnc.sk>> wrote: > > I have found 2 related bug, a little bit older > > https://bugzilla.redhat.com/show_bug.cgi?id=1209505 > <https://bugzilla.redhat.com/show_bug.cgi?id=1209505> > https://bugzilla.redhat.com/show_bug.cgi?id=1225274 > <https://bugzilla.redhat.com/show_bug.cgi?id=1225274> > > But these are related only to DiskProfile. > > I haven't found any work about 'Everyone' group in documentation, > so I'm little bit confused why there is such a group. > > Peter > > On 15/05/2018 23:02, Peter Hudec wrote: >> Hi, > >> I'm fancing the same problem. > >> The steps are - create user /tester/ using the >> ovirt-aaa-jdbc-tool - login as admin into admin portal - add >> tester user in Administation -> Users - choose one VM and add >> UserRole role > >> - login as testr into User Potal - user could see all VM.. > >> The problem could be, that the user is part of the group >> Everyone and this group could be found in Administration -> >> Configure > System Permissions. When you check the group >> permisson, it seems to be automatically populated by engine. > >> In my case I[m using default DC, default cluster and 'internal' >> profile . > >> Seems that all engine object is included in Everyone group. > >> regards Peter > >> On 15/05/2018 22:03, Roy Golan wrote: > > >>> On Tue, 15 May 2018 at 21:47 Aziz <azizgst...@gmail.com > <mailto:azizgst...@gmail.com> >>> <mailto:azizgst...@gmail.com <mailto:azizgst...@gmail.com>>> >>> wrote: > >>> Hi Roy, > >>> Thanks for your feedback, I'm unable to remove the user from >>> the cluster, I used the command "|ovirt-aaa-jdbc-tool user >>> add|" to add the new user, and it seems that by default it took >>> all permissions over the cluster. Is there any document >>> describing this feature in details ? > > > >>> In the webadmin go to Administration -> Configure > System >>> Permissions. If the user is there, remove him. Then search for >>> the VM and add permissions to the user on the VM Check your >>> end result in the 'permisions' section of the VM to see who >>> has permissions on it. > >>> This should be helpful, quite long though >>> > https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles/ > <https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles/ > > > >>> >>> > >> This is for the tool itself >>> > https://www.ovirt.org/develop/release-management/features/infra/aaa-j > <https://www.ovirt.org/develop/release-management/features/infra/aaa-j > > > d > >>> >>> > bc/ > > > > >>> Thanks > >>> On Tue, May 15, 2018 at 6:31 PM, Roy Golan <rgo...@redhat.com > <mailto:rgo...@redhat.com> >>> <mailto:rgo...@redhat.com <mailto:rgo...@redhat.com>>> wrote: > >>> 1. Make sure your users use the VM portal 2. Assign permission >>> on VM to a certain user to make sure it apears in the portal. >>> The Role should be VmOperator afaik. > >>> Permission set on objects higher in the hierarchy are >>> cascading, i.e a user with permission on a cluster would have >>> the permission on the all the vm in cluster. > > >>> On Tue, 15 May 2018 at 20:59 Aziz <azizgst...@gmail.com > <mailto:azizgst...@gmail.com> >>> <mailto:azizgst...@gmail.com <mailto:azizgst...@gmail.com>>> >>> wrote: > >>> Hi list, > >>> I'm trying to remove the default "everyone" user from Ovirt, >>> so that each user can have access to its own interface to >>> manage a unique VM. I wonder if this is possible, because so >>> far I'm unable to remove everyone user. > >>> Thank you > > >>> _______________________________________________ Users mailing >>> list -- users@ovirt.org <mailto:users@ovirt.org> > <mailto:users@ovirt.org <mailto:users@ovirt.org>> To unsubscribe >>> send an email to users-le...@ovirt.org > <mailto:users-le...@ovirt.org> >>> <mailto:users-le...@ovirt.org <mailto:users-le...@ovirt.org>> > > > > >>> _______________________________________________ Users mailing >>> list -- users@ovirt.org <mailto:users@ovirt.org> To >>> unsubscribe > send an email to >>> users-le...@ovirt.org <mailto:users-le...@ovirt.org> > > > > > > _______________________________________________ Users mailing list > -- users@ovirt.org <mailto:users@ovirt.org> To unsubscribe send an > email to users-le...@ovirt.org <mailto:users-le...@ovirt.org> > > - -- *Peter Hudec* Infraštruktúrny architekt phu...@cnc.sk <mailto:phu...@cnc.sk> *CNC, a.s.* Borská 6, 841 04 Bratislava Recepcia: +421 2 35 000 100 Mobil:+421 905 997 203 *www.cnc.sk* <http:///www.cnc.sk> -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEqSUbhuEwhryifNeVQnvVWOJ35BAFAlr8ML4ACgkQQnvVWOJ3 5BAvRQ/+IJqGA6TT/+Pwti39tBHVkXioVUWIIe7RQ2qUgd+OpZJbM/vedrZlqNdj pStroH9s6eRjDDGxkumGnRyf6vz/hlCdCySg7ge7WHiz+7j2t7rypknO/z4TewTj bqbUnYwoLH3D9eYBFwB6z8qY2ZfIhZWaylENfsMvt0u/n42ZKUJKUDJcHOD0qG0T C8E3VMO8tav/feJMrMp9LPBwDe3cgcQimbrgd7TtKJd0XcYgIANsTOpLQI3Sj/ZX plCO5FyGmHvD1/I3wuF0q2zAz1LqfcGXa+onwt2Jwt6a2wtVGcQFpaiIUkMamL4z OMtBThQGr9a0C8+gcJzGBK9hGLI/Fxgp9UOpisCt3EoB6+psVP2x0M1jQrbfDYIL bFRlewJZufy6RsCxvgqAuA60RhkrAUAG8nmaanA2BTIaYtGn5J+REnyvLLUjnrRg Pva28ld0cW5FoIWasQRRED0MchojgYWFHjURrSLT/i51DlWVRs4cOfphAMJC/ogd aNDOvUNBO2+WbTGI9xESadMbFO8GNbAlH9b6X16v0OSa0ngh7dykFzz13aQ5e5/0 SRTlE8+LvfXcM4Ehs8LxB/G9juVjo2AvTw16B7p4zFZKaWFf7GUzg1hzTh9muip5 jHRMxzy5YsegWka9AEmjKsGP4rpCgYPidk4AJAdnHyj+bbdK3Mk= =vcPj -----END PGP SIGNATURE----- _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org