On 11/13/2012 03:37 PM, Livnat Peer wrote:
On 13/11/12 15:19, Itamar Heim wrote:
On 11/13/2012 12:45 PM, Livnat Peer wrote:
Interesting point, I think that if a user has permission to create a VM
from a specific template we should give him permission to use the
template networks on this VM implicitly upon the VM creation.
having a permission to a template does not mean a permission to the
default network of that VM, especially as we'll use templates more as
instance types.
Another alternative is to require permission on the network as well as
the template.
I must say I don't really like it, although I agree with your comment,
we require too many operations for enabling a user to create a VM from
template (permission on the template, quota on the storage, permissions
on the network, next we'll require a PHD ;)).
Anyone has a better idea?
I assume most networks would be given either to 'everyone' or groups of
users, not per user (and if the network is per user/tenant, then it must
be done per user.
i may not remember correctly, but i thought when giving quota to user we
also give some permissions with it (on cluster and storage)?
_______________________________________________
Engine-devel mailing list
Engine-devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-devel
