On 10/29/2015 03:56 PM, Ondra Machacek wrote:
On 10/28/2015 11:29 AM, Jorick Astrego wrote:
On 10/26/2015 03:14 PM, Jorick Astrego wrote:
On 10/26/2015 02:57 PM, Ondra Machacek wrote:
On 10/26/2015 02:53 PM, Jorick Astrego wrote:
Hi,
Currently I'm trying to add an ovirt compute resource in forman
that is limited to the VM's of the user.
When I give this user the PowerUser role, I cannot access the api:
query execution failed due to insufficient permissions
Are you sending header 'Filter: true' with the request ?
If your user is not admin(PowerUserRole is not admin role),
you have to use this header.
Hmm, not much response on foreman-users..
I checked the code of fog in my foreman install (
/opt/rh/ruby193/root/usr/share/gems/gems/fog-1.32.0/lib/fog/ovirt/compute.rb
) and it appears to have the correct option merged:
connection_opts[:filtered_api] =
options[:ovirt_filtered_api]
But I don't know what url the foreman actually generates, is there
any way to capture the login string? I tried setting some DEBUG
logging but don't get the output I'm looking for.
<logger category="org.ovirt.engine.core.bll.SearchQuery">
<level name="DEBUG"/>
</logger>
<logger
category="org.ovirt.engine.core.bll.aaa.LoginUserCommand">
<level name="DEBUG"/>
</logger>
<logger
category="org.ovirt.engine.api.restapi.resource.AbstractBackendResource">
<level name="DEBUG"/>
</logger>
It depends what url foreman client access. But you can set:
<logger category="org.ovirt.engine.core.bll">
<level name="ALL"/>
</logger>
And then you will see what commands was queried with or without the
filtered API.
2015-10-29 15:45:45,436 TRACE
[org.ovirt.engine.core.bll.GetAllVmsQuery] (ajp-/127.0.0.1:8702-1) []
START, GetAllVmsQuery(VdcQueryParametersBase:{refresh='true',
filtered='true'}), log id: 53b3c8b9
^^ This is example of running 'Filter: true' on /api/vms (you can see
filtered='true').
But maybe it would be easier to use tcpdump, or some apache module to
dump headers.
Met vriendelijke groet, With kind regards,
Jorick Astrego
*
Netbulae Virtualization Experts *
------------------------------------------------------------------------
Tel: 053 20 30 270 i...@netbulae.eu Staalsteden 4-3A KvK
08198180
Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW
NL821234584B01
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users