[Engine-patches] Change in ovirt-engine[master]: core: WIP: is_inheritable property to MLA entities

Sun, 20 May 2012 00:38:24 -0700 

Allon Mureinik has posted comments on this change.

Change subject: core: WIP: is_inheritable property to MLA entities
......................................................................


Patch Set 5: (5 inline comments)

Agreed with the comment on the CREATE_HOST permission - will upload a new 
patchset.

Replied to the rest of the comments - your feedback is welcome.

....................................................
File 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/businessentities/ActionGroup.java
Line 11:     CREATE_VM(1, RoleType.USER, VdcObjectType.VM, false),
Yes. As part of the create vm command, VmOwner is given to the user that 
created it.

Line 37:     CREATE_HOST(100, RoleType.ADMIN, VdcObjectType.VDS, false),
fair enough.

It isn't difficult to create a HostOwner role, but you're right - this is 
pointless for admin roles.

Line 49:     CREATE_VM_POOL(300, RoleType.USER, VdcObjectType.VmPool, true),
It's used in uicommon.
Could track down exactly where (if) the user-portal uses it, but think was not 
intentional - it's an error of ommission.

If a non-admin can conceivably create a vm pool, it should have false.

Line 77:     CONFIGURE_QUOTA(900, RoleType.ADMIN, VdcObjectType.Quota, true),
Adding quota uses the CONFIGURE_QUOTA permission, which is an admin permission.

It can be separated into two permissons, but this adding/updating/deleting 
quotas is an admin permission in it's nature, this will be redundant in this 
stage.

Line 81:     CREATE_GLUSTER_VOLUME(1000, RoleType.ADMIN, 
VdcObjectType.GlusterVolume, true),
Like with hosts - this is an admin permission.

--
To view, visit http://gerrit.ovirt.org/4484
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I8732306c515bade05db5cb95b9d571003fdec177
Gerrit-PatchSet: 5
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Allon Mureinik <[email protected]>
Gerrit-Reviewer: Allon Mureinik <[email protected]>
Gerrit-Reviewer: Eli Mesika <[email protected]>
Gerrit-Reviewer: Itamar Heim <[email protected]>
Gerrit-Reviewer: Omer Frenkel <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to