weizhouapache commented on pull request #4200: URL: https://github.com/apache/cloudstack/pull/4200#issuecomment-902608970
> > there is another example, when create a shared network by root admin (networks are more important than service offerings, right ?), acltype and domain/account are optional not required. if root admin forgets to pass acltype, the created network will be visible by all users. is it more risky ? > > So from your statement, we agree that not requiring admins to be specific is risky. So then remove the _risk_ from shared network creation. Don't add risk to service offering creation. > > > if a change has no risk but make life a little bit easier, why not accept it ? > > As your shared network example demonstrates, it **does** add risk. The upside seems minuscule to me. So why the desperation to do it? @PaulAngus domain admin can only create service offering which are visible for accounts under his domain. is it risky ? I do not think so. it is much more risky to create share networks without acltype and we accept the risk. why not accept the change on a much less risky resource (service offering v.s. network) and limited impaction (in domain admin's domain v.s. whole platform) ? I cannot understand, to be honest. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
