This removes the pool-account model association and related view/controller logic.
You will need to rebuild your database after applying this patch. In order to create instances, you will need the follow-on patch that handles the required changes for import/mapping of images and hardware profiles, since these will no longer be pool-specific. Signed-off-by: Scott Seago <[email protected]> --- src/app/controllers/cloud_accounts_controller.rb | 27 --------------- src/app/controllers/pool_controller.rb | 29 ---------------- src/app/models/cloud_account.rb | 3 +- src/app/models/pool.rb | 19 ++++++++-- src/app/models/pool_account.rb | 29 ---------------- src/app/models/privilege.rb | 16 ++------- src/app/models/provider.rb | 2 +- src/app/models/quota.rb | 2 +- src/app/services/registration_service.rb | 2 +- src/app/views/pool/accounts.html.erb | 30 ---------------- src/app/views/pool/accounts_for_pool.html.erb | 36 -------------------- src/app/views/pool/show.html.erb | 1 - .../20090801045212_create_cloud_accounts.rb | 1 + src/db/migrate/20090803141507_create_pools.rb | 1 - src/db/migrate/20091008153046_create_privileges.rb | 2 +- src/db/migrate/20091008153058_create_roles.rb | 22 +----------- .../migrate/20091215182906_create_pool_accounts.rb | 36 -------------------- src/spec/controllers/pool_controller_spec.rb | 9 ----- src/spec/controllers/users_controller_spec.rb | 2 +- src/spec/fixtures/roles.yml | 16 ++------ src/test/fixtures/roles.yml | 10 ++---- 21 files changed, 33 insertions(+), 262 deletions(-) delete mode 100644 src/app/models/pool_account.rb delete mode 100644 src/app/views/pool/accounts.html.erb delete mode 100644 src/app/views/pool/accounts_for_pool.html.erb delete mode 100644 src/db/migrate/20091215182906_create_pool_accounts.rb diff --git a/src/app/controllers/cloud_accounts_controller.rb b/src/app/controllers/cloud_accounts_controller.rb index 05e024e..ea0a34a 100644 --- a/src/app/controllers/cloud_accounts_controller.rb +++ b/src/app/controllers/cloud_accounts_controller.rb @@ -31,14 +31,6 @@ class CloudAccountsController < ApplicationController } end - def new_from_pool - @pool = Pool.find(params[:pool_id]) - require_privilege(Privilege::ACCOUNT_ADD,@pool) - @cloud_account = CloudAccount.new - @providers = Provider.all - end - - def create @cloud_account = CloudAccount.new(params[:cloud_account]) @provider = Provider.find(params[:provider][:id]) @@ -47,25 +39,6 @@ class CloudAccountsController < ApplicationController @cloud_account.save! end - def create_from_pool - @pool = Pool.find(params[:pool][:id]) - require_privilege(Privilege::ACCOUNT_ADD,@pool) - Pool.transaction do - @cloud_account = CloudAccount.new(params[:cloud_account]) - @provider = Provider.find(params[:provider][:id]) - @cloud_account.provider = @provider - @cloud_account.save! - @pool.cloud_accounts << @cloud_account unless @pool.cloud_accounts.map{|x| x.id}.include?(@cloud_account.id) - @pool.save! - @pool.populate_realms_and_images([...@cloud_account]) - perm = Permission.new(:user => @current_user, - :role => Role.find_by_name("Account Administrator"), - :permission_object => @cloud_account) - perm.save! - end - redirect_to :controller => "pool", :action => 'show', :id => @pool.id - end - def edit @cloud_account = CloudAccount.find(params[:id]) @provider = @cloud_account.provider diff --git a/src/app/controllers/pool_controller.rb b/src/app/controllers/pool_controller.rb index cf751e0..2ae0988 100644 --- a/src/app/controllers/pool_controller.rb +++ b/src/app/controllers/pool_controller.rb @@ -44,11 +44,6 @@ class PoolController < ApplicationController require_privilege(Privilege::POOL_VIEW, @pool) end - def accounts - @pool = Pool.find(params[:id]) - require_privilege(Privilege::ACCOUNT_VIEW,@pool) - end - def realms @pool = Pool.find(params[:id]) @realm_names = @pool.realms @@ -58,7 +53,6 @@ class PoolController < ApplicationController def new require_privilege(Privilege::POOL_MODIFY) @pool = Pool.new - @account = CloudAccount.new end def create @@ -89,27 +83,4 @@ class PoolController < ApplicationController require_privilege(Privilege::POOL_VIEW, @pool) end - def accounts_for_pool - @pool = Pool.find(params[:pool_id]) - require_privilege(Privilege::ACCOUNT_VIEW,@pool) - @cloud_accounts = [] - all_accounts = CloudAccount.list_for_user(@current_user, Privilege::ACCOUNT_ADD) - all_accounts.each {|account| - @cloud_accounts << account unless @pool.cloud_accounts.map{|x| x.id}.include?(account.id) - } - end - - def add_account - @pool = Pool.find(params[:pool]) - @cloud_account = CloudAccount.find(params[:cloud_account]) - require_privilege(Privilege::ACCOUNT_ADD,@pool) - require_privilege(Privilege::ACCOUNT_ADD,@cloud_account) - Pool.transaction do - @pool.cloud_accounts << @cloud_account unless @pool.cloud_accounts.map{|x| x.id}.include?(@cloud_account.id) - @pool.save! - @pool.populate_realms_and_images([...@cloud_account]) - end - redirect_to :action => 'show', :id => @pool.id - end - end diff --git a/src/app/models/cloud_account.rb b/src/app/models/cloud_account.rb index 1d6b3e9..f3dc317 100644 --- a/src/app/models/cloud_account.rb +++ b/src/app/models/cloud_account.rb @@ -22,8 +22,7 @@ class CloudAccount < ActiveRecord::Base include PermissionedObject belongs_to :provider - has_many :pool_accounts, :dependent => :destroy - has_many :pools, :through => :pool_accounts + belongs_to :quota has_many :instances # what form does the account quota take? diff --git a/src/app/models/pool.rb b/src/app/models/pool.rb index c97e03f..5b89a6b 100644 --- a/src/app/models/pool.rb +++ b/src/app/models/pool.rb @@ -21,10 +21,9 @@ class Pool < ActiveRecord::Base include PermissionedObject - has_many :pool_accounts, :dependent => :destroy - has_many :cloud_accounts, :through => :pool_accounts has_many :instances, :dependent => :destroy belongs_to :owner, :class_name => "User", :foreign_key => "owner_id" + belongs_to :quota has_many :images, :dependent => :destroy has_many :hardware_profiles, :dependent => :destroy @@ -40,9 +39,20 @@ class Pool < ActiveRecord::Base :include => [:role], :order => "permissions.id ASC" + def cloud_accounts + accounts = [] + instances.each do |instance| + if instance.cloud_account and !accounts.include?(instance.cloud_account) + accounts << instance.cloud_account + end + end + end + + #FIXME: do we still allow explicit cloud/account choice via realm selection? + #FIXME: How is account list for realm defined without explicit pool-account relationship? def realms realm_list = [] - cloud_accounts.each do |cloud_account| + CloudAccount.all.each do |cloud_account| prefix = cloud_account.account_prefix_for_realm realm_list << prefix cloud_account.provider.realms.each do |realm| @@ -54,7 +64,8 @@ class Pool < ActiveRecord::Base end # FIXME: for already-mapped accounts, update rather than add new - def populate_realms_and_images(accounts=cloud_accounts) + # FIXME: this needs to be revised to handle the removal of the account-pool association + def populate_realms_and_images(accounts=CloudAccount.all) accounts.each do |cloud_account| client = cloud_account.connect realms = client.realms diff --git a/src/app/models/pool_account.rb b/src/app/models/pool_account.rb deleted file mode 100644 index 1bb5429..0000000 --- a/src/app/models/pool_account.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Copyright (C) 2010 Red Hat, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -# MA 02110-1301, USA. A copy of the GNU General Public License is -# also available at http://www.gnu.org/copyleft/gpl.html. - -# Filters added to this controller apply to all controllers in the application. -# Likewise, all the methods added will be available for all controllers. -class PoolAccount < ActiveRecord::Base - belongs_to :cloud_account - belongs_to :pool - belongs_to :quota - - validates_presence_of :cloud_account_id - validates_presence_of :pool_id - -end diff --git a/src/app/models/privilege.rb b/src/app/models/privilege.rb index 9e085c4..0117c5c 100644 --- a/src/app/models/privilege.rb +++ b/src/app/models/privilege.rb @@ -43,26 +43,16 @@ class Privilege < ActiveRecord::Base STATS_VIEW = "stats_view" # can view monitoring data for # instances - # to create(i.e. import) an account on a provider (but not added to - # a pool) needs ACCOUNT_MODIFY on the provider. - # to add a new provider account (i.e. import) to a pool needs - # ACCOUNT_ADD on the pool - # to add an existing provider account to a pool needs ACCOUNT_ADD - # on the pool _and_ ACCOUNT_ADD on the account. + # to create(i.e. import) an account on a provider needs ACCOUNT_MODIFY on the + # provider. ACCOUNT_MODIFY = "account_modify" # can create or modify cloud accounts ACCOUNT_VIEW = "account_view" # can view cloud accounts - ACCOUNT_ADD = "account_add" # can add an account to a pool - # pool privileges normally checked at the provider level - # (and at the account level for choosing which accounts are visible on the - # new pool form), although - # pool-specific overrides could be a future enhancement. POOL_MODIFY = "pool_modify" # can create or modify a pool POOL_VIEW = "pool_view" # can view a pool # quota privileges normally checked at the pool or account level, # depending on which quota level we're dealing with - # (account level for cloud-imposed quota, pool level for aggregator quota) QUOTA_MODIFY = "quota_modify" # can create or modify a quota QUOTA_VIEW = "quota_view" # can view a quota @@ -81,7 +71,7 @@ class Privilege < ActiveRecord::Base FULL_PRIVILEGE_LIST = [PERM_SET, PERM_VIEW, INSTANCE_MODIFY, INSTANCE_CONTROL, INSTANCE_VIEW, STATS_VIEW, - ACCOUNT_MODIFY, ACCOUNT_ADD, ACCOUNT_VIEW, + ACCOUNT_MODIFY, ACCOUNT_VIEW, POOL_MODIFY, POOL_VIEW, QUOTA_MODIFY, QUOTA_VIEW, PROVIDER_MODIFY, PROVIDER_VIEW, diff --git a/src/app/models/provider.rb b/src/app/models/provider.rb index e45b8cc..4e4e3b7 100644 --- a/src/app/models/provider.rb +++ b/src/app/models/provider.rb @@ -66,7 +66,7 @@ class Provider < ActiveRecord::Base end def pools - cloud_accounts.collect {|account| account.pools}.flatten + cloud_accounts.collect {|account| account.pools}.flatten.uniq end # TODO: implement or remove - this is meant to contain a hash of diff --git a/src/app/models/quota.rb b/src/app/models/quota.rb index 21205b5..23f9aee 100644 --- a/src/app/models/quota.rb +++ b/src/app/models/quota.rb @@ -21,5 +21,5 @@ class Quota < ActiveRecord::Base has_one :pool - has_one :pool_account + has_one :cloud_account end diff --git a/src/app/services/registration_service.rb b/src/app/services/registration_service.rb index e414c6a..b2de097 100644 --- a/src/app/services/registration_service.rb +++ b/src/app/services/registration_service.rb @@ -11,7 +11,7 @@ class RegistrationService @user.save! @pool = Pool.create!({ :name => @user.login, :owner => @user}) Permission.create!({:user => @user, - :role => Role.find_by_name("Self-service Pool User"), + :role => Role.find_by_name("Instance Creator and User"), :permission_object => @pool}) end rescue diff --git a/src/app/views/pool/accounts.html.erb b/src/app/views/pool/accounts.html.erb deleted file mode 100644 index 96c4e2d..0000000 --- a/src/app/views/pool/accounts.html.erb +++ /dev/null @@ -1,30 +0,0 @@ -<% if @pool.cloud_accounts.size == 0 %> -<h1>There are no accounts to display</h1> -<% else %> - <table> - <thead> - <tr> - <th scope="col">Provider</th> - <th scope="col">Username</th> - <th scope="col">Actions</th> - </tr> - </thead> - <tbody> - <%[email protected]_accounts.each {|account| %> - <tr> - <td><%= account.provider.name %></td> - <td><%= account.username %></td> - <td> - <%= link_to "User access", - {:controller => "permissions", - :action => "list", - :cloud_account_id => account.id}, - :class=>"actionlink" if has_view_perms?(account) %> - </td> - </tr> - <% } %> - </tbody> - </table> -<% end %> -<%= link_to "View/Add Existing Cloud Accounts", {:controller => "pool",:action => "accounts_for_pool", :pool_id => @pool}, :class=>"actionlink" %> -<%= link_to "Add a New Cloud Account", {:controller => "cloud_accounts",:action => "new_from_pool", :pool_id => @pool}, :class=>"actionlink" %><br/> diff --git a/src/app/views/pool/accounts_for_pool.html.erb b/src/app/views/pool/accounts_for_pool.html.erb deleted file mode 100644 index fc4e5cb..0000000 --- a/src/app/views/pool/accounts_for_pool.html.erb +++ /dev/null @@ -1,36 +0,0 @@ -<% if @pool.cloud_accounts.size > 0 %> -<h1>These Cloud Accounts are already attached to this pool</h1> -<table> -<thead> -<tr> -<th scope="col">Provider Name</th> -<th scope="col">Cloud Account User Name</th> -</tr> -<% @pool.cloud_accounts.each {|a| %> -<tr> -<td><%= a.provider.name %></td> -<td><%= a.username %></td> -</tr> -<% } %> -</table> -<% end %> - -<% if @cloud_accounts.size == 0 %> -<h1>There are no existing Cloud Accounts available to add</h1> -<% else %> -<h1>These Cloud Accounts are available to add</h1> -<table> -<thead> -<tr> -<th scope="col">Provider Name</th> -<th scope="col">Cloud Account User Name</th> -</tr> -<% @cloud_accounts.each {|a| %> -<tr> -<td><%= a.provider.name %></td> -<td><%= a.username %> <%= link_to "Add this account", {:controller=> "pool", - :action => "add_account", :pool => @pool, :cloud_account => a}, :class => "actionlink" %></td> -</tr> -<% } %> -</table> -<% end %> diff --git a/src/app/views/pool/show.html.erb b/src/app/views/pool/show.html.erb index 015f13b..ef637f1 100644 --- a/src/app/views/pool/show.html.erb +++ b/src/app/views/pool/show.html.erb @@ -36,7 +36,6 @@ </table> <% end %> <%= link_to "Add a new instance", {:controller => "instance", :action => "new", :id => @pool}, :class=>"actionlink"%> -<%= link_to "Back end Accounts", {:action => "accounts", :id => @pool.id}, :class=>"actionlink"%> <%= link_to "User access", {:controller => "permissions", :action => "list", :pool_id => @pool.id}, :class=>"actionlink" if has_view_perms? %> <%= link_to "Hardware Profiles", {:action => "hardware_profiles", :id => @pool.id}, :class=>"actionlink"%> <%=link_to "View Images", {:controller => "pool", :action => "images", :id => @pool}, :class => "actionlink" %> diff --git a/src/db/migrate/20090801045212_create_cloud_accounts.rb b/src/db/migrate/20090801045212_create_cloud_accounts.rb index 933ef0e..316de87 100644 --- a/src/db/migrate/20090801045212_create_cloud_accounts.rb +++ b/src/db/migrate/20090801045212_create_cloud_accounts.rb @@ -25,6 +25,7 @@ class CreateCloudAccounts < ActiveRecord::Migration t.string :username, :null => false t.string :password, :null => false t.integer :provider_id, :null => false + t.integer :quota_id t.integer :lock_version, :default => 0 t.timestamps end diff --git a/src/db/migrate/20090803141507_create_pools.rb b/src/db/migrate/20090803141507_create_pools.rb index 5552869..f35021a 100644 --- a/src/db/migrate/20090803141507_create_pools.rb +++ b/src/db/migrate/20090803141507_create_pools.rb @@ -33,7 +33,6 @@ class CreatePools < ActiveRecord::Migration end def self.down - drop_table :cloud_accounts_pools drop_table :pools end end diff --git a/src/db/migrate/20091008153046_create_privileges.rb b/src/db/migrate/20091008153046_create_privileges.rb index 12d94c6..74932b0 100644 --- a/src/db/migrate/20091008153046_create_privileges.rb +++ b/src/db/migrate/20091008153046_create_privileges.rb @@ -30,7 +30,7 @@ class CreatePrivileges < ActiveRecord::Migration privileges = ["set_perms", "view_perms", "instance_modify", "instance_control", "instance_view", "stats_view", - "account_modify", "account_add", "account_view", + "account_modify", "account_view", "pool_modify", "pool_view", "quota_modify", "quota_view", "provider_modify", "provider_view", diff --git a/src/db/migrate/20091008153058_create_roles.rb b/src/db/migrate/20091008153058_create_roles.rb index 5234c90..74cf519 100644 --- a/src/db/migrate/20091008153058_create_roles.rb +++ b/src/db/migrate/20091008153058_create_roles.rb @@ -53,18 +53,6 @@ class CreateRoles < ActiveRecord::Migration "quota_view", "set_perms", "view_perms"]}, - "Self-service Pool User" => - {:role_scope => "Pool", - :privileges => ["instance_control", - "instance_view", - "pool_view", - "stats_view", - "instance_modify", - "quota_view", - "set_perms", - "view_perms", - "account_view", - "account_add"]}, "Pool Creator" => {:role_scope => "Provider", :privileges => ["provider_view", @@ -78,9 +66,6 @@ class CreateRoles < ActiveRecord::Migration "pool_view", "quota_view", "quota_modify", - "account_view", - "account_add", - "account_modify", "set_perms", "view_perms"]}, "Provider Administrator" => @@ -93,13 +78,9 @@ class CreateRoles < ActiveRecord::Migration {:role_scope => "CloudAccount", :privileges => ["set_perms", "view_perms", + "stats_view", "account_view", - "account_add", "account_modify"]}, - "Account User" => - {:role_scope => "CloudAccount", - :privileges => ["account_view", - "account_add"]}, "Account Viewer" => {:role_scope => "CloudAccount", :privileges => ["account_view"]}, @@ -112,7 +93,6 @@ class CreateRoles < ActiveRecord::Migration :privileges => ["provider_modify", "provider_view", "account_modify", - "account_add", "account_view", "user_modify", "user_view", diff --git a/src/db/migrate/20091215182906_create_pool_accounts.rb b/src/db/migrate/20091215182906_create_pool_accounts.rb deleted file mode 100644 index aa71c09..0000000 --- a/src/db/migrate/20091215182906_create_pool_accounts.rb +++ /dev/null @@ -1,36 +0,0 @@ -# -# Copyright (C) 2009 Red Hat, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -# MA 02110-1301, USA. A copy of the GNU General Public License is -# also available at http://www.gnu.org/copyleft/gpl.html. - -# Filters added to this controller apply to all controllers in the application. -# Likewise, all the methods added will be available for all controllers. - -class CreatePoolAccounts < ActiveRecord::Migration - def self.up - create_table :pool_accounts do |t| - t.integer :cloud_account_id, :null => false - t.integer :pool_id, :null => false - t.integer :quota_id - t.integer :lock_version, :default => 0 - t.timestamps - end - end - - def self.down - drop_table :pool_accounts - end -end diff --git a/src/spec/controllers/pool_controller_spec.rb b/src/spec/controllers/pool_controller_spec.rb index 7917ed3..3daed93 100644 --- a/src/spec/controllers/pool_controller_spec.rb +++ b/src/spec/controllers/pool_controller_spec.rb @@ -39,15 +39,6 @@ describe PoolController do response.should render_template("hardware_profiles") end - it "should get cloud accounts" do - @pool = Factory :tpool - UserSession.create(@admin) - get :accounts, :id => @pool.id - response.should be_success - response.should render_template("accounts") - @pool.should_not == nil - end - it "should provide ui to view realms" do UserSession.create(@admin) pool = Factory :tpool diff --git a/src/spec/controllers/users_controller_spec.rb b/src/spec/controllers/users_controller_spec.rb index 1189294..231a533 100644 --- a/src/spec/controllers/users_controller_spec.rb +++ b/src/spec/controllers/users_controller_spec.rb @@ -35,7 +35,7 @@ describe UsersController do p.name.should == "tuser2" p.permissions.size.should == 1 p.permissions.any? { - |perm| perm.role.name.eql?('Self-service Pool User') + |perm| perm.role.name.eql?('Instance Creator and User') }.should be_true id = User.find(:first, :conditions => ['login = ?', "tuser2"]).id response.should redirect_to("http://test.host/users/show/#{id}";) diff --git a/src/spec/fixtures/roles.yml b/src/spec/fixtures/roles.yml index 5c72efb..9a4c550 100644 --- a/src/spec/fixtures/roles.yml +++ b/src/spec/fixtures/roles.yml @@ -17,10 +17,6 @@ instance_creator_and_user: name: Instance Creator and User scope: Pool privileges: instance_control, instance_view, pool_view, stats_view, instance_modify, quota_view, set_perms, view_perms -self_service_pool_user: - name: Self-service Pool User - scope: Pool - privileges: instance_control, instance_view, pool_view, stats_view, instance_modify, quota_view, set_perms, view_perms, account_add pool_creator: name: Pool Creator scope: Provider @@ -28,19 +24,15 @@ pool_creator: pool_administrator: name: Pool Administrator scope: Provider - privileges: provider_view, pool_modify, pool_view, quota_modify, quota_view, account_modify, account_add, account_view, stats_view, set_perms, view_perms + privileges: provider_view, pool_modify, pool_view, quota_modify, quota_view, stats_view, set_perms, view_perms provider_administrator: name: Provider Administrator scope: Provider - privileges: provider_modify, provider_view, account_modify, account_view + privileges: provider_modify, provider_view, account_modify, account_view, stats_view account_administrator: name: Account Administrator scope: CloudAccount - privileges: account_modify, account_view, stats_view, set_perms, view_perms, account_add -account_user: - name: Account User - scope: CloudAccount - privileges: account_view, account_add + privileges: account_modify, account_view, stats_view, set_perms, view_perms account_viewer: name: Account Viewer scope: CloudAccount @@ -52,4 +44,4 @@ provider_creator: administrator: name: Administrator scope: BasePermissionObject - privileges: provider_modify, provider_view, account_modify, account_add, account_view, user_modify, user_view, set_perms, view_perms, pool_modify, pool_view, quota_modify, quota_view, stats_view, instance_modify, instance_control, instance_view + privileges: provider_modify, provider_view, account_modify, account_view, user_modify, user_view, set_perms, view_perms, pool_modify, pool_view, quota_modify, quota_view, stats_view, instance_modify, instance_control, instance_view diff --git a/src/test/fixtures/roles.yml b/src/test/fixtures/roles.yml index 5ec515b..99df4b7 100644 --- a/src/test/fixtures/roles.yml +++ b/src/test/fixtures/roles.yml @@ -17,10 +17,6 @@ instance_creator_and_user: name: Instance Creator and User scope: Pool privileges: instance_control, instance_view, pool_view, stats_view, instance_modify, quota_view, set_perms, view_perms -self_service_pool_user: - name: Self-service Pool User - scope: Pool - privileges: instance_control, instance_view, pool_view, stats_view, instance_modify, quota_view, set_perms, view_perms, account_modify pool_creator: name: Pool Creator scope: Provider @@ -28,19 +24,19 @@ pool_creator: pool_administrator: name: Pool Administrator scope: Provider - privileges: provider_view, pool_modify, pool_view, quota_modify, quota_view, account_modify, account_view, stats_view, set_perms, view_perms + privileges: provider_view, pool_modify, pool_view, quota_modify, quota_view, stats_view, set_perms, view_perms account_administrator: name: Account Administrator scope: CloudAccount privileges: account_modify, account_view, stats_view, set_perms, view_perms -account_user: +account_viewer: name: Account User scope: CloudAccount privileges: account_view provider_administrator: name: Provider Administrator scope: BasePermissionObject - privileges: provider_modify, provider_view, stats_view + privileges: provider_modify, provider_view, account_modify, account_view, stats_view site_administrator: name: Site Administrator scope: BasePermissionObject -- 1.6.2.5 _______________________________________________ deltacloud-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/deltacloud-devel
